Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tune haproxy configuration #740

Closed
wants to merge 1 commit into from
+3 −0
Closed

Tune haproxy configuration #740

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions pkg/internal/cluster/loadbalancer/config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,13 +33,16 @@ type ConfigData struct {
// DefaultConfigTemplate is the loadbalancer config template
const DefaultConfigTemplate = `# generated by kind
global
stats socket /var/run/haproxy.sock mode 600 level admin
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is useful for debugging, installint socat or netcat in the haproxy container, you can check the sessions status per example

/ # echo "show sess" | socat  /var/run/haproxy.sock stdio
0x5655011ce8a0: proto=tcpv4 src=172.17.0.1:35988 fe=control-plane be=kube-apiservers srv=ha-control-plane ts=00 age=14m54s calls=3 rate=0 cpu=0 lat=0 rq[f=848202h,i=0,an=00h,rx=45m11s,wx=,ax=] rp[f=80048202h,i=0,an=00h,rx=45m11s,wx=,ax=] s0=[8,200008h,fd=32,ex=] s1=[8,200018h,fd=33,ex=] exp=45m5s
0x5655011cd880: proto=unix_stream src=unix:1 fe=GLOBAL be=<NONE> srv=<none> ts=00 age=0s calls=2 rate=2 cpu=0 lat=0 rq[f=c4c220h,i=0,an=00h,rx=,wx=,ax=] rp[f=80008002h,i=0,an=00h,rx=,wx=,ax=] s0=[8,280008h,fd=34,ex=] s1=[8,204018h,fd=-1,ex=] exp=2m
```

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SGTM

stats timeout 2m
log /dev/log local0
log /dev/log local1 notice
daemon

defaults
log global
mode tcp
option tcpka
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm still seeing the same behavior with clitcpka and srvtcpka (equivalent to tcpka), without tweaking timeouts.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the tcpka avoids that the intermediate systems closes the connection (in our case iptables since we are doing docker port forwarding).
The kubectl commands will always die after the inactivity timeout we configure in haproxy if there is no packet between the server and the client.
To avoid this, kubectl should keep the connection open

Copy link
Contributor Author

@aojea aojea Jul 27, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤔 seems that TCP keep alive doesn't kick in until the connection has been idle for 2 hours. by default

🤷‍♂

cat /proc/sys/net/ipv4/tcp_keepalive_time
7200

option dontlognull
# TODO: tune these
timeout connect 5000
Expand Down