tproxy: Config for overall timeout for a connection

Dstack-TEE · Dec 15, 2024 · 075086d · 075086d
1 parent 8456790
commit 075086d
Show file tree

Hide file tree

Showing 5 changed files with 25 additions and 11 deletions.
diff --git a/tproxy/src/config.rs b/tproxy/src/config.rs
@@ -47,6 +47,8 @@ pub struct Timeouts {
     pub write: Duration,
     #[serde(with = "serde_duration")]
     pub shutdown: Duration,
+    #[serde(with = "serde_duration")]
+    pub total: Duration,
 }
 
 #[derive(Debug, Clone, Deserialize)]

diff --git a/tproxy/src/proxy.rs b/tproxy/src/proxy.rs
@@ -153,20 +153,30 @@ pub async fn run(config: &ProxyConfig, app_state: AppState) -> Result<()> {
     loop {
         match listener.accept().await {
             Ok((inbound, addr)) => {
-                info!("new connection from {addr}");
+                info!(%addr, "new connection received");
                 let app_state = app_state.clone();
                 let dotted_base_domain = dotted_base_domain.clone();
                 let tls_terminate_proxy = tls_terminate_proxy.clone();
                 tokio::spawn(async move {
-                    if let Err(e) = handle_connection(
-                        inbound,
-                        app_state,
-                        &dotted_base_domain,
-                        tls_terminate_proxy,
+                    let timeouts = &app_state.config.proxy.timeouts;
+                    let result = timeout(
+                        timeouts.total,
+                        handle_connection(
+                            inbound,
+                            app_state,
+                            &dotted_base_domain,
+                            tls_terminate_proxy,
+                        ),
                     )
-                    .await
-                    {
-                        error!("connection error: {e:?}");
+                    .await;
+                    match result {
+                        Ok(Ok(_)) => {}
+                        Ok(Err(e)) => {
+                            error!("connection error: {e:?}");
+                        }
+                        Err(_) => {
+                            info!(%addr, "connection kept too long");
+                        }
                     }
                 });
             }

diff --git a/tproxy/src/proxy/tls_passthough.rs b/tproxy/src/proxy/tls_passthough.rs
@@ -72,7 +72,7 @@ pub(crate) async fn proxy_to_app(
         TcpStream::connect((target_ip, port)),
     )
     .await
-    .context("connection timeout")?
+    .context("connecting timeout")?
     .context("failed to connect to tapp")?;
     outbound
         .write_all(&buffer)

diff --git a/tproxy/src/proxy/tls_terminate.rs b/tproxy/src/proxy/tls_terminate.rs
@@ -145,7 +145,7 @@ impl TlsTerminateProxy {
             TcpStream::connect((host.ip, port)),
         )
         .await
-        .map_err(|_| anyhow::anyhow!("connection timeout"))?
+        .map_err(|_| anyhow::anyhow!("connecting timeout"))?
         .context("failed to connect to app")?;
         bridge(
             IgnoreUnexpectedEofStream::new(tls_stream),

diff --git a/tproxy/tproxy.toml b/tproxy/tproxy.toml
@@ -49,6 +49,8 @@ idle = "10m"
 write = "5s"
 # Timeout for shutting down a connection.
 shutdown = "5s"
+# Timeout for total connection duration.
+total = "5h"
 
 [core.recycle]
 enabled = true