From 6cae72657af8e8e663fe8bcc0a519264fd5662d0 Mon Sep 17 00:00:00 2001 From: Russell Jones Date: Fri, 22 Nov 2024 16:47:10 -0800 Subject: [PATCH] Fix. --- api/defaults/defaults.go | 4 ---- lib/srv/app/transport.go | 16 +++++++--------- lib/utils/errors.go | 17 ++--------------- 3 files changed, 9 insertions(+), 28 deletions(-) diff --git a/api/defaults/defaults.go b/api/defaults/defaults.go index 35b006c0c497a..88624cd12ce1d 100644 --- a/api/defaults/defaults.go +++ b/api/defaults/defaults.go @@ -34,10 +34,6 @@ const ( // DefaultIdleTimeout is a default idle connection timeout. DefaultIdleTimeout = 30 * time.Second - // DefaultDialTimeout is the default time to wait for a connection to be - // established. - DefaultDialTimeout = 5 * time.Second - // KeepAliveCountMax is the number of keep-alive messages that can be sent // without receiving a response from the client before the client is // disconnected. The max count mirrors ClientAliveCountMax of sshd. diff --git a/lib/srv/app/transport.go b/lib/srv/app/transport.go index 314e17003e296..22472a1ce7274 100644 --- a/lib/srv/app/transport.go +++ b/lib/srv/app/transport.go @@ -29,11 +29,11 @@ import ( "path" "slices" "strings" + "time" "github.com/gravitational/trace" "github.com/gravitational/teleport" - apidefaults "github.com/gravitational/teleport/api/defaults" "github.com/gravitational/teleport/api/types" "github.com/gravitational/teleport/api/types/wrappers" "github.com/gravitational/teleport/lib" @@ -101,13 +101,6 @@ func newTransport(ctx context.Context, c *transportConfig) (*transport, error) { return nil, trace.Wrap(err) } - // Add a timeout to the dialer so failures to establish network connections - // don't cause requests to hang forever. - d := net.Dialer{ - Timeout: apidefaults.DefaultDialTimeout, - } - tr.DialContext = d.DialContext - tr.TLSClientConfig, err = configureTLS(c) if err != nil { return nil, trace.Wrap(err) @@ -156,7 +149,7 @@ func (t *transport) RoundTrip(r *http.Request) (*http.Response, error) { // Add a timeout to the request, so slow servers don't cause requests to // hang forever. - timeout, cancel := context.WithTimeout(r.Context(), apidefaults.DefaultIOTimeout) + timeout, cancel := context.WithTimeout(r.Context(), requestTimeout) defer cancel() r = r.WithContext(timeout) @@ -345,3 +338,8 @@ func charWrap(message string) string { } return sb.String() } + +const ( + // requestTimeout is the timeout to receive a response from the upstream server. + requestTimeout = 30 * time.Second +) diff --git a/lib/utils/errors.go b/lib/utils/errors.go index 018f2b3dc6ed0..a39a41af047bf 100644 --- a/lib/utils/errors.go +++ b/lib/utils/errors.go @@ -21,7 +21,6 @@ package utils import ( "context" "errors" - "fmt" "io" "net" "strings" @@ -30,7 +29,6 @@ import ( "github.com/gravitational/trace" "github.com/gravitational/teleport/api/constants" - "github.com/gravitational/teleport/api/defaults" ) // IsUseOfClosedNetworkError returns true if the specified error @@ -92,7 +90,6 @@ func IsUntrustedCertErr(err error) bool { // CanExplainNetworkError returns a simple to understand error message that can // be used to debug common network and/or protocol errors. func CanExplainNetworkError(err error) (string, bool) { - var oerr *net.OpError var derr *net.DNSError switch { @@ -124,23 +121,13 @@ func CanExplainNetworkError(err error) (string, bool) { return "Connection reset by peer. Run \"curl -v a.b.c.d\" on the Teleport " + "agent to verify the target application (or a load balancer in the " + "network path) is not abruptly closing the connection after accepting it.", true - // I/O timeouts can be reproduced by creating a server with a customer - // listener that will time.Sleep after Accept(). The raw error typically - // looks like the following: - // - // dial tcp 127.0.0.1:8000: i/o timeout - case errors.As(err, &oerr) && oerr.Timeout(): - return fmt.Sprintf("Network I/O timeout. Run \"nc -vz a.b.c.d\" on the "+ - "Teleport agent to verify the target application is accepting network "+ - "connections in under %v.", defaults.DefaultDialTimeout), true // Slow responses can be reprodued by creating a HTTP server that does a // time.Sleep before responding. The raw error typically looks like the following: // // context deadline exceeded case errors.Is(err, context.DeadlineExceeded): - return fmt.Sprintf("Timeout waiting for response. Run \"curl -v a.b.c.d\" on the "+ - "Teleport agent to verify the target application is responding to "+ - "requests in under %v.", defaults.DefaultIOTimeout), true + return "Timeout waiting for response. Run \"curl -v a.b.c.d\" on the " + + "Teleport agent to verify the target application is not under excessive load.", true // No such host errors can be reproduced by attempting to resolve a invalid // domain name. The raw error typically looks like the following: //