Merge pull request #1909 from Netflix/add_http_request_header_read_timeout_handler

Add a channel handler for HTTP request header read timeouts

Author: connorworley

zuul-core/src/main/java/com/netflix/zuul/netty/server/BaseServerStartup.java

@@ -166,6 +166,8 @@ protected void addChannelDependencies(
 
         channelDeps.set(ZuulDependencyKeys.sessionCtxDecorator, sessionCtxDecorator);
         channelDeps.set(ZuulDependencyKeys.requestCompleteHandler, reqCompleteHandler);
+        Counter httpRequestHeadersReadTimeoutCounter = registry.counter("server.http.request.headers.read.timeout");
+        channelDeps.set(ZuulDependencyKeys.httpRequestHeadersReadTimeoutCounter, httpRequestHeadersReadTimeoutCounter);
         Counter httpRequestReadTimeoutCounter = registry.counter("server.http.request.read.timeout");
         channelDeps.set(ZuulDependencyKeys.httpRequestReadTimeoutCounter, httpRequestReadTimeoutCounter);
         channelDeps.set(ZuulDependencyKeys.filterLoader, filterLoader);
@@ -189,6 +191,8 @@ protected void addChannelDependencies(
 
         channelDeps.set(ZuulDependencyKeys.sessionCtxDecorator, sessionCtxDecorator);
         channelDeps.set(ZuulDependencyKeys.requestCompleteHandler, reqCompleteHandler);
+        Counter httpRequestHeadersReadTimeoutCounter = registry.counter("server.http.request.headers.read.timeout");
+        channelDeps.set(ZuulDependencyKeys.httpRequestHeadersReadTimeoutCounter, httpRequestHeadersReadTimeoutCounter);
         Counter httpRequestReadTimeoutCounter = registry.counter("server.http.request.read.timeout");
         channelDeps.set(ZuulDependencyKeys.httpRequestReadTimeoutCounter, httpRequestReadTimeoutCounter);
         channelDeps.set(ZuulDependencyKeys.filterLoader, filterLoader);

zuul-core/src/main/java/com/netflix/zuul/netty/server/BaseZuulChannelInitializer.java

@@ -17,6 +17,7 @@
 package com.netflix.zuul.netty.server;
 
 import com.google.common.base.Preconditions;
+import com.netflix.config.CachedDynamicBooleanProperty;
 import com.netflix.config.CachedDynamicIntProperty;
 import com.netflix.netty.common.CloseOnIdleStateHandler;
 import com.netflix.netty.common.Http1ConnectionCloseHandler;
@@ -56,6 +57,7 @@
 import com.netflix.zuul.netty.insights.PassportStateHttpServerHandler;
 import com.netflix.zuul.netty.insights.ServerStateHandler;
 import com.netflix.zuul.netty.server.ssl.SslHandshakeInfoHandler;
+import com.netflix.zuul.netty.timeouts.HttpHeadersTimeoutHandler;
 import com.netflix.zuul.passport.PassportState;
 import io.netty.channel.Channel;
 import io.netty.channel.ChannelHandler;
@@ -88,6 +90,12 @@ public abstract class BaseZuulChannelInitializer extends ChannelInitializer<Chan
     public static final CachedDynamicIntProperty MAX_CHUNK_SIZE =
             new CachedDynamicIntProperty("server.http.decoder.maxChunkSize", 32768);
 
+    public static final CachedDynamicBooleanProperty HTTP_REQUEST_HEADERS_READ_TIMEOUT_ENABLED =
+            new CachedDynamicBooleanProperty("server.http.request.headers.read.timeout.enabled", false);
+
+    public static final CachedDynamicIntProperty HTTP_REQUEST_HEADERS_READ_TIMEOUT =
+            new CachedDynamicIntProperty("server.http.request.headers.read.timeout", 10000);
+
     /**
      * The port that the server intends to listen on.  Subclasses should NOT use this field, as it may not be set, and
      * may differ from the actual listening port.  For example:
@@ -128,6 +136,7 @@ public abstract class BaseZuulChannelInitializer extends ChannelInitializer<Chan
     // protected final RequestRejectedChannelHandler requestRejectedChannelHandler;
     protected final SessionContextDecorator sessionContextDecorator;
     protected final RequestCompleteHandler requestCompleteHandler;
+    protected final Counter httpRequestHeadersReadTimeoutCounter;
     protected final Counter httpRequestReadTimeoutCounter;
     protected final FilterLoader filterLoader;
     protected final FilterUsageNotifier filterUsageNotifier;
@@ -204,6 +213,7 @@ private BaseZuulChannelInitializer(
 
         this.sessionContextDecorator = channelDependencies.get(ZuulDependencyKeys.sessionCtxDecorator);
         this.requestCompleteHandler = channelDependencies.get(ZuulDependencyKeys.requestCompleteHandler);
+        this.httpRequestHeadersReadTimeoutCounter = channelDependencies.get(ZuulDependencyKeys.httpRequestHeadersReadTimeoutCounter);
         this.httpRequestReadTimeoutCounter = channelDependencies.get(ZuulDependencyKeys.httpRequestReadTimeoutCounter);
 
         this.filterLoader = channelDependencies.get(ZuulDependencyKeys.filterLoader);
@@ -249,6 +259,11 @@ protected HttpServerCodec createHttpServerCodec() {
     }
 
     protected void addHttpRelatedHandlers(ChannelPipeline pipeline) {
+        pipeline.addLast(new HttpHeadersTimeoutHandler.InboundHandler(
+            HTTP_REQUEST_HEADERS_READ_TIMEOUT_ENABLED::get,
+            HTTP_REQUEST_HEADERS_READ_TIMEOUT::get,
+            httpRequestHeadersReadTimeoutCounter
+        ));
         pipeline.addLast(new PassportStateHttpServerHandler.InboundHandler());
         pipeline.addLast(new PassportStateHttpServerHandler.OutboundHandler());
         if (httpRequestReadTimeout > -1) {

zuul-core/src/main/java/com/netflix/zuul/netty/server/ZuulDependencyKeys.java

@@ -48,6 +48,8 @@ public class ZuulDependencyKeys {
             new ChannelConfigKey<>("sessionCtxDecorator");
     public static final ChannelConfigKey<RequestCompleteHandler> requestCompleteHandler =
             new ChannelConfigKey<>("requestCompleteHandler");
+    public static final ChannelConfigKey<Counter> httpRequestHeadersReadTimeoutCounter =
+            new ChannelConfigKey<>("httpRequestHeadersReadTimeoutCounter");
     public static final ChannelConfigKey<Counter> httpRequestReadTimeoutCounter =
             new ChannelConfigKey<>("httpRequestReadTimeoutCounter");
     public static final ChannelConfigKey<FilterLoader> filterLoader = new ChannelConfigKey<>("filterLoader");

zuul-core/src/main/java/com/netflix/zuul/netty/timeouts/HttpHeadersTimeoutHandler.java

@@ -0,0 +1,99 @@
+/*
+ * Copyright 2018 Netflix, Inc.
+ *
+ *      Licensed under the Apache License, Version 2.0 (the "License");
+ *      you may not use this file except in compliance with the License.
+ *      You may obtain a copy of the License at
+ *
+ *          http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *      Unless required by applicable law or agreed to in writing, software
+ *      distributed under the License is distributed on an "AS IS" BASIS,
+ *      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *      See the License for the specific language governing permissions and
+ *      limitations under the License.
+ */
+
+package com.netflix.zuul.netty.timeouts;
+
+import java.util.concurrent.TimeUnit;
+import java.util.function.BooleanSupplier;
+import java.util.function.IntSupplier;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.netflix.spectator.api.Counter;
+
+import io.netty.channel.ChannelHandlerContext;
+import io.netty.channel.ChannelInboundHandlerAdapter;
+import io.netty.handler.codec.http.HttpMessage;
+import io.netty.handler.timeout.ReadTimeoutException;
+import io.netty.util.AttributeKey;
+import io.netty.util.concurrent.ScheduledFuture;
+
+public class HttpHeadersTimeoutHandler {
+        private static final Logger LOG = LoggerFactory.getLogger(HttpHeadersTimeoutHandler.class);
+
+        private static final AttributeKey<ScheduledFuture<Void>> HTTP_HEADERS_READ_TIMEOUT_FUTURE =
+            AttributeKey.newInstance("httpHeadersReadTimeoutFuture");
+
+        public static class InboundHandler extends ChannelInboundHandlerAdapter {
+            private final BooleanSupplier httpHeadersReadTimeoutEnabledSupplier;
+            private final IntSupplier httpHeadersReadTimeoutSupplier;
+
+            private final Counter httpHeadersReadTimeoutCounter;
+
+            private boolean closed = false;
+
+            public InboundHandler(BooleanSupplier httpHeadersReadTimeoutEnabledSupplier, IntSupplier httpHeadersReadTimeoutSupplier, Counter httpHeadersReadTimeoutCounter) {
+                this.httpHeadersReadTimeoutEnabledSupplier = httpHeadersReadTimeoutEnabledSupplier;
+                this.httpHeadersReadTimeoutSupplier = httpHeadersReadTimeoutSupplier;
+                this.httpHeadersReadTimeoutCounter = httpHeadersReadTimeoutCounter;
+            }
+
+            @Override
+            public void channelActive(ChannelHandlerContext ctx) throws Exception {
+                try {
+                    if (!httpHeadersReadTimeoutEnabledSupplier.getAsBoolean())
+                        return;
+                    int timeout = httpHeadersReadTimeoutSupplier.getAsInt();
+                    ctx.channel().attr(HTTP_HEADERS_READ_TIMEOUT_FUTURE).set(
+                        ctx.executor().schedule(
+                            () -> {
+                                if (!closed) {
+                                    ctx.fireExceptionCaught(ReadTimeoutException.INSTANCE);
+                                    ctx.close();
+                                    closed = true;
+                                    httpHeadersReadTimeoutCounter.increment();
+                                    LOG.debug("[{}] HTTP headers read timeout handler timed out", ctx.channel().id());
+                                }
+                                return null;
+                            },
+                            timeout,
+                            TimeUnit.MILLISECONDS
+                        )
+                    );
+                    LOG.debug("[{}] Adding HTTP headers read timeout handler: {}", ctx.channel().id(), timeout);
+                } finally {
+                    super.channelActive(ctx);
+                }
+            }
+
+            @Override
+            public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception {
+                try {
+                    if (msg instanceof HttpMessage) {
+                        ScheduledFuture<Void> future = ctx.channel().attr(HTTP_HEADERS_READ_TIMEOUT_FUTURE).get();
+                        if (future != null) {
+                            future.cancel(false);
+                            ctx.pipeline().remove(this);
+                            LOG.debug("[{}] Removing HTTP headers read timeout handler", ctx.channel().id());
+                        }
+                    }
+                } finally {
+                    super.channelRead(ctx, msg);
+                }
+            }
+        }
+}

zuul-integration-test/src/test/java/com/netflix/zuul/integration/IntegrationTest.java

@@ -51,6 +51,7 @@
 import java.io.InputStream;
 import java.net.HttpURLConnection;
 import java.net.ServerSocket;
+import java.net.Socket;
 import java.net.URL;
 import java.nio.charset.StandardCharsets;
 import java.time.Duration;
@@ -140,6 +141,10 @@ static void afterAll() {
 
     @BeforeEach
     void beforeEachTest() {
+        AbstractConfiguration config = ConfigurationManager.getConfigInstance();
+        config.setProperty("server.http.request.headers.read.timeout.enabled", false);
+        config.setProperty("server.http.request.headers.read.timeout", 10000);
+
         this.pathSegment = randomPathSegment();
 
         this.wireMock = wireMockExtension.getRuntimeInfo().getWireMock();
@@ -252,6 +257,63 @@ void httpGetFailsDueToOriginReadTimeout(
         verifyResponseHeaders(response);
     }
 
+    @ParameterizedTest
+    @MethodSource("arguments")
+    void httpGetHappyPathWithHeadersReadTimeout(
+            final String description,
+            final OkHttpClient okHttp,
+            final boolean requestBodyBuffering,
+            final boolean responseBodyBuffering)
+            throws Exception {
+        AbstractConfiguration config = ConfigurationManager.getConfigInstance();
+        config.setProperty("server.http.request.headers.read.timeout.enabled", true);
+
+        wireMock.register(get(anyUrl()).willReturn(ok().withBody("hello world")));
+
+        Request request = setupRequestBuilder(requestBodyBuffering, responseBodyBuffering)
+                .get()
+                .build();
+        Response response = okHttp.newCall(request).execute();
+        assertThat(response.code()).isEqualTo(200);
+        assertThat(response.body().string()).isEqualTo("hello world");
+        verifyResponseHeaders(response);
+    }
+
+    @ParameterizedTest
+    @MethodSource("arguments")
+    void httpPostHappyPathWithHeadersReadTimeout(
+            final String description,
+            final OkHttpClient okHttp,
+            final boolean requestBodyBuffering,
+            final boolean responseBodyBuffering)
+            throws Exception {
+        AbstractConfiguration config = ConfigurationManager.getConfigInstance();
+        config.setProperty("server.http.request.headers.read.timeout.enabled", true);
+
+        wireMock.register(post(anyUrl()).willReturn(ok().withBody("Thank you next")));
+
+        Request request = setupRequestBuilder(requestBodyBuffering, responseBodyBuffering)
+                .post(RequestBody.create("Simple POST request body".getBytes(StandardCharsets.UTF_8)))
+                .build();
+        Response response = okHttp.newCall(request).execute();
+        assertThat(response.code()).isEqualTo(200);
+        assertThat(response.body().string()).isEqualTo("Thank you next");
+        verifyResponseHeaders(response);
+    }
+
+    @Test
+    void httpGetFailsDueToHeadersReadTimeout() throws Exception {
+        AbstractConfiguration config = ConfigurationManager.getConfigInstance();
+        config.setProperty("server.http.request.headers.read.timeout.enabled", true);
+        config.setProperty("server.http.request.headers.read.timeout", 100);
+
+        Socket slowClient = new Socket("localhost", ZUUL_SERVER_PORT);
+        Thread.sleep(500);
+        // end of stream reached because zuul closed the connection
+        assertThat(slowClient.getInputStream().read()).isEqualTo(-1);
+        slowClient.close();
+    }
+
     @ParameterizedTest
     @MethodSource("arguments")
     void httpGetFailsDueToMalformedResponseChunk(