Struct rocket::config::Shutdown

source · 
pub struct Shutdown {
    pub ctrlc: bool,
    pub signals: HashSet<Sig>,
    pub grace: u32,
    pub mercy: u32,
    pub force: bool,
    /* private fields */
}
Expand description

Graceful shutdown configuration.

Summary

This structure configures when and how graceful shutdown occurs. The ctrlc and signals properties control when and the grace and mercy properties control how.

When a shutdown is triggered by an externally or internally initiated Shutdown::notify(), Rocket allows application I/O to make progress for at most grace seconds before initiating connection-level shutdown. Connection shutdown forcibly terminates application I/O, but connections are allowed an additional mercy seconds to shutdown before being forcefully terminated. This implies that a cooperating and active remote client maintaining an open connection can stall shutdown for at most grace seconds, while an uncooperative remote client can stall shutdown for at most grace + mercy seconds.

Triggers

All graceful shutdowns are initiated via Shutdown::notify(). Rocket can be configured to call Shutdown::notify() automatically on certain conditions, specified via the ctrlc and signals properties of this structure. More specifically, if ctrlc is true (the default), ctrl-c (SIGINT) initiates a server shutdown, and on Unix, signals specifies a list of IPC signals that trigger a shutdown (["term"] by default).

Grace Period

Once a shutdown is triggered, Rocket stops accepting new connections and waits at most grace seconds before initiating connection shutdown. Applications can await the Shutdown future to detect a shutdown and cancel any server-initiated I/O, such as from infinite responders, to avoid abrupt I/O cancellation.

Mercy Period

After the grace period has elapsed, Rocket initiates connection shutdown, allowing connection-level I/O termination such as TLS’s close_notify to proceed nominally. Rocket waits at most mercy seconds for connections to shutdown before forcefully terminating all connections.

Runaway I/O

If tasks are still executing after both periods and a Rocket configured async runtime is in use, Rocket waits an unspecified amount of time (not to exceed 1s) and forcefully terminates the asynchronous runtime. This guarantees that the server process terminates, prohibiting uncooperative, runaway I/O from preventing shutdown altogether.

A “Rocket configured runtime” is one started by the #[rocket::main] and #[launch] attributes. Rocket never forcefully terminates a custom runtime. A server that creates its own async runtime must take care to terminate itself if tasks it spawns fail to cooperate.

Under normal circumstances, forced termination should never occur. No use of “normal” cooperative I/O (that is, via .await or task::spawn()) should trigger abrupt termination. Instead, forced cancellation is intended to prevent buggy code, such as an unintended infinite loop or unknown use of blocking I/O, from preventing shutdown.

This behavior can be disabled by setting Shutdown::force to false.

Example

As with all Rocket configuration options, when using the default Config::figment(), Shutdown can be configured via a Rocket.toml file. As always, defaults are provided (documented below), and thus configuration only needs to provided to change defaults.

use rocket::Config;

// If these are the contents of `Rocket.toml`...
[default.shutdown]
ctrlc = false
signals = ["term", "hup"]
grace = 10
mercy = 5

// The config parses as follows:
assert_eq!(config.shutdown.ctrlc, false);
assert_eq!(config.shutdown.grace, 10);
assert_eq!(config.shutdown.mercy, 5);

use rocket::config::Sig;

assert_eq!(config.shutdown.signals.len(), 2);
assert!(config.shutdown.signals.contains(&Sig::Term));
assert!(config.shutdown.signals.contains(&Sig::Hup));

Or, as with all configuration options, programmatically:

use rocket::config::{Config, Shutdown};

#[cfg(unix)]
use rocket::config::Sig;

let config = Config {
    shutdown: Shutdown {
        ctrlc: false,
        #[cfg(unix)]
        signals: {
            let mut set = std::collections::HashSet::new();
            set.insert(Sig::Term);
            set.insert(Sig::Hup);
            set
        },
        grace: 10,
        mercy: 5,
        force: true,
        ..Default::default()
    },
    ..Config::default()
};

assert_eq!(config.shutdown.ctrlc, false);
assert_eq!(config.shutdown.grace, 10);
assert_eq!(config.shutdown.mercy, 5);
assert_eq!(config.shutdown.force, true);

#[cfg(unix)] {
    assert_eq!(config.shutdown.signals.len(), 2);
    assert!(config.shutdown.signals.contains(&Sig::Term));
    assert!(config.shutdown.signals.contains(&Sig::Hup));
}

Fields§

§ctrlc: bool

Whether ctrl-c (SIGINT) initiates a server shutdown.

default: true

§signals: HashSet<Sig>
Available on Unix only.

On Unix, a set of signal which trigger a shutdown. On non-Unix, this option is unavailable and silently ignored.

default: { Sig::Term }

§grace: u32

The grace period: number of seconds to continue to try to finish outstanding server I/O for before forcibly terminating it.

default: 2

§mercy: u32

The mercy period: number of seconds to continue to try to finish outstanding connection I/O for before forcibly terminating it.

default: 3

§force: bool

Whether to force termination of an async runtime that refuses to cooperatively shutdown.

Rocket never forcefully terminates a custom runtime, irrespective of this value. A server that creates its own async runtime must take care to terminate itself if it fails to cooperate.

Note: Rocket only reads this value from sources in the default provider.

default: true

Trait Implementations§

source§

impl Clone for Shutdown

source§

fn clone(&self) -> Shutdown

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for Shutdown

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Default for Shutdown

source§

fn default() -> Self

Returns the “default value” for a type. Read more
source§

impl<'de> Deserialize<'de> for Shutdown

source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
source§

impl Display for Shutdown

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl PartialEq<Shutdown> for Shutdown

source§

fn eq(&self, other: &Shutdown) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl Serialize for Shutdown

source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
source§

impl StructuralPartialEq for Shutdown

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<'a, T> AsTaggedExplicit<'a> for Twhere T: 'a,

§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self>

§

impl<'a, T> AsTaggedImplicit<'a> for Twhere T: 'a,

§

fn implicit( self, class: Class, constructed: bool, tag: u32 ) -> TaggedParser<'a, Implicit, Self>

source§

impl<T> Borrow<T> for Twhere T: ?Sized,

const: unstable · source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

const: unstable · source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

const: unstable · source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for Twhere U: From<T>,

const: unstable · source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> IntoCollection<T> for T

§

fn into_collection<A>(self) -> SmallVec<A>where A: Array<Item = T>,

Converts self into a collection.
§

fn mapped<U, F, A>(self, f: F) -> SmallVec<A>where F: FnMut(T) -> U, A: Array<Item = U>,

source§

impl<T> Same<T> for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for Twhere T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T> ToString for Twhere T: Display + ?Sized,

source§

default fn to_string(&self) -> String

Converts the given value to a String. Read more
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
const: unstable · source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
const: unstable · source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for Twhere V: MultiLane<T>,

§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

impl<T> DeserializeOwned for Twhere T: for<'de> Deserialize<'de>,