keter on openbsd 'Port in use' problem

[agreif]

Hi,

I already posted a related problem, on the yesod group, but Christopher asked me to create an issue here...

on openbsd 5.8 I installed keter and my yesod app. (both compiled on an other openbsd box and only the binaries transferred to the prod server)

the directory tructure is:

/opt/keter # tree
.
|-- bin
|   `-- keter
|-- etc
|   `-- keter-config.yaml
|-- incoming
|-- log
`-- temp

if I start keter now in foreground with /opt/keter # bin/keter etc/keter-config.yaml then the "Welcome to Keter The hostname you have provided, ... is not recognized" is served and an empty 'log/keter/current.log' is generated and I have no output in the shell I also see that the port 80 is bound well with 'netstat'

I leave keter running... and move my fileuploader.keter into incoming...

the app is extracted into temp:

/opt/keter # tree -L 2 temp/
temp/
`-- fileuploader-0
    |-- config
    |-- dist
    `-- static

But I get immediately the following in the shell:

keter: /opt/keter/incoming/: listDirectory: resource exhausted (Too many open files)

and the 'keter/curent.log' is written:

/opt/keter # ll log/keter/current.log
-rw-r--r--  1 root  wheel  587344 Jul 12 10:09 log/keter/current.log

with the following content:

2015-07-12 08:08:44.51: Watched file added: /opt/keter/incoming/fileuploader.keter
2015-07-12 08:08:44.51: Unpacking bundle '/opt/keter/incoming/fileuploader.keter'
2015-07-12 08:08:45.04: Sanity checks passed
2015-07-12 08:08:45.04: Port in use, removing from port pool: 43124
2015-07-12 08:08:45.04: Port in use, removing from port pool: 43125
2015-07-12 08:08:45.04: Port in use, removing from port pool: 43126
...
2015-07-12 08:08:45.13: Port in use, removing from port pool: 44320
2015-07-12 08:08:45.13: Port in use, removing from port pool: 28120
2015-07-12 08:08:45.13: Port in use, removing from port pool: 28121
...
2015-07-12 08:08:45.19: Port in use, removing from port pool: 29164
2015-07-12 08:08:45.19: Port in use, removing from port pool: 29165
2015-07-12 08:08:45.19: Port in use, removing from port pool: 29166
2015-07-12 08:08:45.19: Port in use, removing from port pool: 45967
2015-07-12 08:08:45.19: Port in use, removing from port pool: 45968
2015-07-12 08:08:45.19: Port in use, removing from port pool: 45969
2015-07-12 08:08:45.19: Port in use, removing from port pool: 45970
...
2015-07-12 08:08:45.56: Error occured when launching bundle fileuploader: etc/../temp/fileuploader-0: listDirectory: resource exhausted (Too many open files)

with 'netstat' I see that there are only ports 80, 22, 25 open. So the app did not start up behind keter.

until now I did not issue a browser request

When I now make a browser request now, I the same then the "Welcome to Keter The hostname you have provided, ... is not recognized" message. I also see this message if I use the correct subdomain URL that is defined in keter.yaml

here are my config files (urls changed)

/opt/keter # cat etc/keter-config.yaml |grep -v '^ *#'
root: ..
listeners:
    - host: "*4" # Listen on all IPv4 hosts
setuid: agreif

/opt/keter # cat temp/fileuploader-0/config/keter.yml  |grep -v '^ *#'
stanzas:
  - type: webapp
    exec: ../dist/build/fileuploader/fileuploader
    args: []
    hosts:
      - upload.example.com
    requires-secure: false
  - type: static-files
    hosts:
      - upload.example.com
    root: ../static

thanks, Alex.

[snoyberg]

You probably need to bump some ulimits for the user in question, though I don't know the right incantation on open BSD.

On Sun, Jul 12, 2015, 1:32 AM Alex Greif notifications@github.com wrote:

Hi,

I already posted a related problem, on the yesod group, but Christopher asked me to create an issue here...

on openbsd 5.8 I installed keter and my yesod app. (both compiled on an other openbsd box and only the binaries transferred to the prod server)

the directory tructure is:

/opt/keter # tree . |-- bin | -- keter |-- etc |-- keter-config.yaml |-- incoming |-- log `-- temp

if I start keter now in foreground with /opt/keter # bin/keter etc/keter-config.yaml then the "Welcome to Keter The hostname you have provided, ... is not recognized" is served and an empty 'log/keter/current.log' is generated and I have no output in the shell I also see that the port 80 is bound well with 'netstat'

I leave keter running... and move my fileuploader.keter into incoming...

the app is extracted into temp:

/opt/keter # tree -L 2 temp/ temp/ -- fileuploader-0 |-- config |-- dist -- static

But I get immediately the following in the shell:

keter: /opt/keter/incoming/: listDirectory: resource exhausted (Too many open files)

and the 'keter/curent.log' is written:

/opt/keter # ll log/keter/current.log -rw-r--r-- 1 root wheel 587344 Jul 12 10:09 log/keter/current.log

with the following content:

2015-07-12 08:08:44.51: Watched file added: /opt/keter/incoming/fileuploader.keter 2015-07-12 08:08:44.51: Unpacking bundle '/opt/keter/incoming/fileuploader.keter' 2015-07-12 08:08:45.04: Sanity checks passed 2015-07-12 08:08:45.04: Port in use, removing from port pool: 43124 2015-07-12 08:08:45.04: Port in use, removing from port pool: 43125 2015-07-12 08:08:45.04: Port in use, removing from port pool: 43126 ... 2015-07-12 08:08:45.13: Port in use, removing from port pool: 44320 2015-07-12 08:08:45.13: Port in use, removing from port pool: 28120 2015-07-12 08:08:45.13: Port in use, removing from port pool: 28121 ... 2015-07-12 08:08:45.19: Port in use, removing from port pool: 29164 2015-07-12 08:08:45.19: Port in use, removing from port pool: 29165 2015-07-12 08:08:45.19: Port in use, removing from port pool: 29166 2015-07-12 08:08:45.19: Port in use, removing from port pool: 45967 2015-07-12 08:08:45.19: Port in use, removing from port pool: 45968 2015-07-12 08:08:45.19: Port in use, removing from port pool: 45969 2015-07-12 08:08:45.19: Port in use, removing from port pool: 45970 ... 2015-07-12 08:08:45.56: Error occured when launching bundle fileuploader: etc/../temp/fileuploader-0: listDirectory: resource exhausted (Too many open files)

with 'netstat' I see that there are only ports 80, 22, 25 open. So the app did not start up behind keter.

until now I did not issue a browser request

When I now make a browser request now, I the same then the "Welcome to Keter The hostname you have provided, ... is not recognized" message. I also see this message if I use the correct subdomain URL that is defined in keter.yaml

here are my config files (urls changed)

/opt/keter # cat etc/keter-config.yaml |grep -v '^ _#' root: .. listeners:

• host: "_4" # Listen on all IPv4 hosts setuid: agreif

/opt/keter # cat temp/fileuploader-0/config/keter.yml |grep -v '^ *#' stanzas:

• type: webapp exec: ../dist/build/fileuploader/fileuploader args: [] hosts:
  • upload.example.com requires-secure: false
• type: static-files hosts:
  • upload.example.com root: ../static

thanks, Alex.

— Reply to this email directly or view it on GitHub https://github.com/snoyberg/keter/issues/112.

[creichert]

I've been thinking about this one and I'm not sure. My knowledge of OpenBSD is limited but the port allocation issue seems to be coming from the network library:

https://github.com/snoyberg/keter/blob/2e363780b6ee431469fc7be6340ccfb67dd5bb86/Keter/PortPool.hs#L41

https://github.com/haskell/network/blob/3a2335af756f0f94e2ff0f702fd7453c2232952d/Network.hs#L178

Do you have control over the machine? Would you be able to test if using setuid: root or raising the ulimits @snoyberg suggested works?

[agreif]

yes, I have full control over the server. I tried to start as root and also with normal user (with unlimited resources). Both had the same problem. I am not an openbsd guru, so I think, there is some switch that I still did not find.

starting the yesod app without keter works fine, so maybe it has something to do with the daemon itself.

I will investigate further...

Currently I have the yesod app behind a normal apache as reverse proxy, so this s an alternative, but I miss the deployment features of keter.