用HTTP方式調用gearman任務處理

原本覺得是個挺美好的東西，結果。。。

這樣的方式很是不安全，尤爲是假設暴露在公網地址，很是easy被攻擊，而且gearman的http服務遠沒有專業的webserver健壯。

攻擊方式很是easy：telnet host 8080，鏈接成功後，隨便輸入點內容，如：aaa，gearman日誌就不停的出現例如如下錯誤信息：

bad request line:aaa

簡直就是死循環，gearmand就頂不住了，系統內存也一會就被耗盡，說明http這塊實現的有BUG。

只是可以經過改動源代碼來修復這個BUG：

You can open file libgearman-server/plugins/protocol/http/protocol.cc , find 'bad request line:' and 'bad method:', then chang 'GEARMAND_SUCCESS' to 'GEARMAND_INVALID_PACKET' after them. This way is quick for this bug.

也可以下載如下的補丁，對源patch：

https://bugs.launchpad.net/gearmand/+bug/1348865/+attachment/4182968/+files/gearmand-1.1.12.patch

gearmand-1.1.12源代碼安裝文件夾下運行：patch -p0 < ../gearmand-1.1.12.patch

該補丁攻克了上面的錯誤，同一時候也添加了對get方法的支持

bug信息參見：https://bugs.launchpad.net/gearmand/+bug/1348865

原文：

This protocol plugin allows you to map HTTP requests to Gearman jobs. It only provides client job submission currently, but it may be extended to support other request types in the future. The plugin can handle both GET and POST data, the latter being used to send a workload to the job server. The URL being requested is translated into the function being called.

For example, the request:

POST /reverse HTTP/1.1
Content-Length: 12

Hello world!

Is translated into a job submission request for the function 「reverse」 and workload 「Hello world!」. This will respond with:

HTTP/1.0 200 OK
X-Gearman-Job-Handle: H:lap:4
Content-Length: 12
Server: Gearman/0.8

!dlrow olleH

The following headers can be passed to change the behavior of the job:

* X-Gearman-Unique: <unique key>
* X-Gearman-Background: true
* X-Gearman-Priority: <high|low>

For example, to run a low priority background job, the following request can be sent:

POST /reverse HTTP/1.1
Content-Length: 12
X-Gearman-Background: true
X-Gearman-Priority: low

Hello world!

The response for this request will not have any data associated with it since it was a background job:

HTTP/1.0 200 OK
X-Gearman-Job-Handle: H:lap:6
Content-Length: 0
Server: Gearman/0.8

The HTTP protocol should be considered experimental.

應用場景：

開啓gearman http監聽功能，讓前端以web api方式調用gearman job

起用方式：

在gearmand的起動參數中加上：

/usr/local/gearman/sbin/gearmand        \
-l /usr/local/gearman/log/trace.log     \
--verbose INFO -p 4730 -u root -d -t 4  \
--http-port 8080                        \
-r http

--http-port=8080 指定監聽端口號

-r http 起用http協議模塊

調用方式：

眼下http協議僅僅支持任務提交類接口，其餘類型的暫不支持。

按官方文檔上說，http支持GET和POS兩種方式調用，但是GET方式我還沒弄清楚如何攜帶數據，POST方式實驗過是可以的

http://172.16.18.116:8080/reverse

reverse就爲函數名，假如POST的數據內容爲：「Hello world!」，返回結果爲：「!dlrow olleH」

在http的header頭中可以設置一些任務參數：

* X-Gearman-Unique: <unique key>
* X-Gearman-Background: true
* X-Gearman-Priority: <high|low>

這樣的使用方式，實際上gearmand監聽着兩個端，原來的4730端仍是可以接收正常的gearman協議client的請求，另外的8080port則監聽着http協議的請求，兩種方式共同工做，http服務前端如移動端調用，gearman服務內部的其餘模塊的調用。