feat(server): support listener passed by systemd for socket activation

This patch adds support for server to be used with systemd's socket activation by expecting an open file descriptor to be announced using environment variables. To make use of this set either HTTPListenNetwork or GRPCListenNetwork to "sd_listen_fd" and HTTPListenAddress or GRPCListenAddress either to an ASCII string passed as the "FileDescriptorName" from a systemd.socket unit or "LISTEN_FD_$n", where $n is the file descriptor number. By default, when using "sd_listen_fd", the address will be "LISTEN_FD_3". This patch makes use of the coreos/go-systemd/v22/activation library (which was already included as an indirect dependency). Unfortunately their implementation doesn't allow call sites to get a view of the listeners both by file descriptor number and file descriptor name, as the highlevel helpers cannot be used. See https://www.freedesktop.org/software/systemd/man/latest/systemd.socket.html#FileDescriptorName=
grafana · Oct 9, 2024 · 5207101 · 5207101
1 parent f52de24
commit 5207101
Show file tree

Hide file tree

Showing 3 changed files with 51 additions and 11 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,6 @@
 ## Changelog
 
+* [ENHANCEMENT] Implement `sd_listen_fds` (socket activation) support for gRPC and HTTP listeners. #589
 * [CHANGE] Roll back the gRPC dependency to v1.65.0 to allow downstream projects to avoid a performance regression and maybe a bug in v1.66.0. #581
 * [CHANGE] Update the gRPC dependency to v1.66.0 and deprecate the `grpc_server_recv_buffer_pools_enabled` option that is no longer supported by it. #580
 * [CHANGE] `ring.DoBatchWithOptions` (and `ring.DoBatch`) reports the cancelation cause when the context is canceled instead of `context.Canceled`.

diff --git a/go.mod b/go.mod
@@ -8,6 +8,7 @@ require (
 	github.com/armon/go-metrics v0.3.10
 	github.com/aws/aws-sdk-go v1.44.321
 	github.com/cespare/xxhash/v2 v2.3.0
+	github.com/coreos/go-systemd/v22 v22.5.0
 	github.com/cristalhq/hedgedhttp v0.9.1
 	github.com/davecgh/go-spew v1.1.1
 	github.com/facette/natsort v0.0.0-20181210072756-2cd4dd1e2dcb
@@ -61,7 +62,6 @@ require (
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd // indirect
 	github.com/coreos/go-semver v0.3.0 // indirect
-	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
 	github.com/fatih/color v1.13.0 // indirect
 	github.com/fsnotify/fsnotify v1.6.0 // indirect

diff --git a/server/server.go b/server/server.go
@@ -13,6 +13,7 @@ import (
 	"net"
 	"net/http"
 	_ "net/http/pprof" // anonymous import to get the pprof handler registered
+	"os"
 	"strconv"
 	"strings"
 	"time"
@@ -38,6 +39,8 @@ import (
 	"github.com/grafana/dskit/log"
 	"github.com/grafana/dskit/middleware"
 	"github.com/grafana/dskit/signals"
+
+	"github.com/coreos/go-systemd/v22/activation"
 )
 
 // Listen on the named network
@@ -47,6 +50,13 @@ const (
 	DefaultNetwork = "tcp"
 	// NetworkTCPV4 for IPV4 only
 	NetworkTCPV4 = "tcp4"
+	// NetworkSystemdListenFd for using a passed open file descriptor
+	NetworkSystemdListenFd = "sd_listen_fd"
+)
+
+const (
+	// See `SD_LISTEN_FDS(3)`
+	NetworkSystemdListenFdsStart = 3
 )
 
 // SignalHandler used by Server.
@@ -248,6 +258,40 @@ func NewWithMetrics(cfg Config, metrics *Metrics) (*Server, error) {
 	return newServer(cfg, metrics)
 }
 
+func listen(network string, address string, port int, systemdListenFiles []*os.File) (net.Listener, error) {
+	if network == "" {
+		network = DefaultNetwork
+	}
+
+	switch network {
+	case DefaultNetwork, NetworkTCPV4:
+		return net.Listen(network, net.JoinHostPort(address, strconv.Itoa(port)))
+	case NetworkSystemdListenFd:
+		if address == "" {
+			address = "LISTEN_FD_" + strconv.Itoa(NetworkSystemdListenFdsStart)
+		}
+
+		listeners := map[string]net.Listener{}
+		for index, file := range systemdListenFiles {
+			if listener, err := net.FileListener(file); err == nil {
+				listeners[file.Name()] = listener
+				listeners["LISTEN_FD_"+strconv.Itoa(index+NetworkSystemdListenFdsStart)] = listener
+				file.Close()
+			}
+		}
+
+		listener, hasListener := listeners[address]
+
+		if !hasListener {
+			return nil, fmt.Errorf("could not listen on 'sd_listen_fd', no file descriptor given for name '%s'", address)
+		}
+
+		return listener, nil
+	default:
+		return nil, fmt.Errorf("cannot listen on unknown network '%s'", network)
+	}
+}
+
 func newServer(cfg Config, metrics *Metrics) (*Server, error) {
 	// If user doesn't supply a logging implementation, by default instantiate go-kit.
 	logger := cfg.Log
@@ -260,15 +304,14 @@ func newServer(cfg Config, metrics *Metrics) (*Server, error) {
 		gatherer = prometheus.DefaultGatherer
 	}
 
-	network := cfg.HTTPListenNetwork
-	if network == "" {
-		network = DefaultNetwork
-	}
+	systemdListenFiles := activation.Files(true)
+
 	// Setup listeners first, so we can fail early if the port is in use.
-	httpListener, err := net.Listen(network, net.JoinHostPort(cfg.HTTPListenAddress, strconv.Itoa(cfg.HTTPListenPort)))
+	httpListener, err := listen(cfg.HTTPListenNetwork, cfg.HTTPListenAddress, cfg.HTTPListenPort, systemdListenFiles)
 	if err != nil {
 		return nil, err
 	}
+
 	httpListener = middleware.CountingListener(httpListener, metrics.TCPConnections.WithLabelValues("http"))
 	if cfg.HTTPLogClosedConnectionsWithoutResponse {
 		httpListener = middleware.NewZeroResponseListener(httpListener, level.Warn(logger))
@@ -279,11 +322,7 @@ func newServer(cfg Config, metrics *Metrics) (*Server, error) {
 		httpListener = netutil.LimitListener(httpListener, cfg.HTTPConnLimit)
 	}
 
-	network = cfg.GRPCListenNetwork
-	if network == "" {
-		network = DefaultNetwork
-	}
-	grpcListener, err := net.Listen(network, net.JoinHostPort(cfg.GRPCListenAddress, strconv.Itoa(cfg.GRPCListenPort)))
+	grpcListener, err := listen(cfg.GRPCListenNetwork, cfg.GRPCListenAddress, cfg.GRPCListenPort, systemdListenFiles)
 	if err != nil {
 		return nil, err
 	}