[ https://issues.apache.org/jira/browse/TC-44?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15817674#comment-15817674 ]
John Shen edited comment on TC-44 at 1/12/17 10:16 AM: ------------------------------------------------------- RC is that the certificate waiting loop blocks the threads which shall process the HTTP response from TM. Details: TR polls TM's CrConfig and CrState. They share the same AsyncHttpClient to send requests and receive responses. The requests and responses are async. And the AsyncHttpClient callback onCompleted() is processed by a thread pool to handle responses. When there is an HTTPS delivery service without cert/key configured, the onCompleted() will be blocked at ConfigHandler.processConfig() which is waiting for the availability of key/cert. Thus finally all the threads in the thread pool will be blocked, no thread is available to process the onCompleted() callback. So all the TCP connections will remain CLOSE_WAIT. was (Author: weifensh): RC is that the certificate waiting loop blocks the threads which shall process the HTTP response from TM. Details: TR polls TM's CrConfig and CrState. They share the same AsyncHttpClient to send requests and receive responses. The requests and responses are async. And the AsyncHttpClient callback onCompleted() is processed by a thread pool to handle responses. When there is an HTTPS delivery service without cert/key configured, the onCompleted() will be blocked by the ConfigHandler.processConfig() which is waiting for the availability of key/cert. Thus finally all the threads in the thread pool will be blocked, no thread is available to process the onCompleted() callback. So all the TCP connections will remain CLOSE_WAIT. > TR fd leak observed when new HTTPS DS is added without certificate > ------------------------------------------------------------------ > > Key: TC-44 > URL: https://issues.apache.org/jira/browse/TC-44 > Project: Traffic Control > Issue Type: Bug > Components: Traffic Router > Affects Versions: 1.7.0 > Reporter: John Shen > Assignee: John Shen > Fix For: 1.9.0 > > > In TC 1.7, when a new HTTPS DS (HTTP 302 routing) is added without > certificate, there will be fd leak observed on TR. The connections to TM stay > in CLOSE-WAIT, which begins to show ~20mins after a new DS without cert/key > is added. > And CrState appears to be blocked in ~20mins as well, i.e. no request from TR > to TM to fetch CrState. -- This message was sent by Atlassian JIRA (v6.3.4#6332)