From 1fde4b18b806f72e479d87bf2e221d54c8b2ca6a Mon Sep 17 00:00:00 2001 From: Colin Adler Date: Wed, 24 Jan 2024 01:08:52 +0000 Subject: [PATCH] fix: disable keepalives in workspaceapps transport Connection caching causes requests to hit the wrong workspaces. See comment. --- coderd/externalauth/externalauth.go | 2 +- coderd/tailnet.go | 9 ++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/coderd/externalauth/externalauth.go b/coderd/externalauth/externalauth.go index 0c936743a0df5..d4d9f060e65d8 100644 --- a/coderd/externalauth/externalauth.go +++ b/coderd/externalauth/externalauth.go @@ -347,7 +347,7 @@ func (c *DeviceAuth) AuthorizeDevice(ctx context.Context) (*codersdk.ExternalAut case mediaType == "application/x-www-form-urlencoded": return nil, xerrors.Errorf("status_code=%d, payload response is form-url encoded, expected a json payload", resp.StatusCode) default: - return nil, fmt.Errorf("status_code=%d, mediaType=%s: %w", resp.StatusCode, mediaType, err) + return nil, xerrors.Errorf("status_code=%d, mediaType=%s: %w", resp.StatusCode, mediaType, err) } } if r.ErrorDescription != "" { diff --git a/coderd/tailnet.go b/coderd/tailnet.go index 086cd76866b1e..3f9a095afd2b7 100644 --- a/coderd/tailnet.go +++ b/coderd/tailnet.go @@ -103,7 +103,14 @@ func NewServerTailnet( transport: tailnetTransport.Clone(), } tn.transport.DialContext = tn.dialContext - tn.transport.MaxIdleConnsPerHost = 10 + + // Bugfix: for some reason all calls to tn.dialContext come from + // "localhost", causing connections to be cached and requests to go to the + // wrong workspaces. This disables keepalives for now until the root cause + // can be found. + tn.transport.MaxIdleConnsPerHost = -1 + tn.transport.DisableKeepAlives = true + tn.transport.MaxIdleConns = 0 // We intentionally don't verify the certificate chain here. // The connection to the workspace is already established and most