TUN-5128: Enforce maximum grace period

nmldiegues · nmldiegues · commit f985ed567f7c · 2021-09-21T16:48:37.000Z
This maximum grace period will be honored by Cloudflare edge such that
either side will close the connection after unregistration at most
by this time (3min as of this commit):
 - If the connection is unused, it is already closed as soon as possible.
 - If the connection is still used, it is closed on the cloudflared configured grace-period.

Even if cloudflared does not close the connection by the grace-period time,
the edge will do so.
diff --git a/cmd/cloudflared/tunnel/cmd.go b/cmd/cloudflared/tunnel/cmd.go
@@ -384,7 +384,11 @@ func StartServer(
 		observer.RegisterSink(app)
 	}
 
-	return waitToShutdown(&wg, cancel, errC, graceShutdownC, c.Duration("grace-period"), log)
+	gracePeriod, err := gracePeriod(c)
+	if err != nil {
+		return err
+	}
+	return waitToShutdown(&wg, cancel, errC, graceShutdownC, gracePeriod, log)
 }
 
 func waitToShutdown(wg *sync.WaitGroup,
diff --git a/cmd/cloudflared/tunnel/configuration.go b/cmd/cloudflared/tunnel/configuration.go
@@ -7,6 +7,7 @@ import (
 	"os"
 	"path/filepath"
 	"strings"
+	"time"
 
 	"github.com/google/uuid"
 	homedir "github.com/mitchellh/go-homedir"
@@ -260,9 +261,13 @@ func prepareTunnelConfig(
 	}
 
 	originProxy := origin.NewOriginProxy(ingressRules, warpRoutingService, tags, log)
+	gracePeriod, err := gracePeriod(c)
+	if err != nil {
+		return nil, ingress.Ingress{}, err
+	}
 	connectionConfig := &connection.Config{
 		OriginProxy:     originProxy,
-		GracePeriod:     c.Duration("grace-period"),
+		GracePeriod:     gracePeriod,
 		ReplaceExisting: c.Bool("force"),
 	}
 	muxerConfig := &connection.MuxerConfig{
@@ -300,6 +305,14 @@ func prepareTunnelConfig(
 	}, ingressRules, nil
 }
 
+func gracePeriod(c *cli.Context) (time.Duration, error) {
+	period := c.Duration("grace-period")
+	if period > connection.MaxGracePeriod {
+		return time.Duration(0), fmt.Errorf("grace-period must be equal or less than %v", connection.MaxGracePeriod)
+	}
+	return period, nil
+}
+
 func isWarpRoutingEnabled(warpConfig config.WarpRoutingConfig, isNamedTunnel bool) bool {
 	return warpConfig.Enabled && isNamedTunnel
 }
diff --git a/connection/connection.go b/connection/connection.go
@@ -18,6 +18,7 @@ import (
 const (
 	lbProbeUserAgentPrefix = "Mozilla/5.0 (compatible; Cloudflare-Traffic-Manager/1.0; +https://www.cloudflare.com/traffic-manager/;"
 	LogFieldConnIndex      = "connIndex"
+	MaxGracePeriod         = time.Minute * 3
 )
 
 var switchingProtocolText = fmt.Sprintf("%d %s", http.StatusSwitchingProtocols, http.StatusText(http.StatusSwitchingProtocols))

Original file line number	Diff line number	Diff line change
`@@ -384,7 +384,11 @@ func StartServer(`
`384`	`384`	`observer.RegisterSink(app)`
`385`	`385`	`}`
`386`	`386`
`387`		`- return waitToShutdown(&wg, cancel, errC, graceShutdownC, c.Duration("grace-period"), log)`
	`387`	`+ gracePeriod, err := gracePeriod(c)`
	`388`	`+ if err != nil {`
	`389`	`+ return err`
	`390`	`+ }`
	`391`	`+ return waitToShutdown(&wg, cancel, errC, graceShutdownC, gracePeriod, log)`
`388`	`392`	`}`
`389`	`393`
`390`	`394`	`func waitToShutdown(wg *sync.WaitGroup,`
Original file line number	Diff line number	Diff line change
`@@ -18,6 +18,7 @@ import (`
`18`	`18`	`const (`
`19`	`19`	`lbProbeUserAgentPrefix = "Mozilla/5.0 (compatible; Cloudflare-Traffic-Manager/1.0; +https://www.cloudflare.com/traffic-manager/;"`
`20`	`20`	`LogFieldConnIndex = "connIndex"`
	`21`	`+ MaxGracePeriod = time.Minute * 3`
`21`	`22`	`)`
`22`	`23`
`23`	`24`	`var switchingProtocolText = fmt.Sprintf("%d %s", http.StatusSwitchingProtocols, http.StatusText(http.StatusSwitchingProtocols))`