From 12955a4a1bb793381fca95eca54934eacffa866e Mon Sep 17 00:00:00 2001 From: Fernando Diaz Date: Wed, 10 Oct 2018 18:56:07 -0500 Subject: [PATCH 1/2] Allow Ability to Configure Upstream Keepalive Allows Upstream Keepalive values like keepalive_timeout and keepalive_requests to be configured via ConfigMap. Fixes #3099 --- .../nginx-configuration/configmap.md | 29 +++++++++++++++++-- internal/ingress/controller/config/config.go | 12 +++++++- rootfs/etc/nginx/template/nginx.tmpl | 3 ++ 3 files changed, 41 insertions(+), 3 deletions(-) diff --git a/docs/user-guide/nginx-configuration/configmap.md b/docs/user-guide/nginx-configuration/configmap.md index 664696aa7e..d4cdc16c2b 100644 --- a/docs/user-guide/nginx-configuration/configmap.md +++ b/docs/user-guide/nginx-configuration/configmap.md @@ -99,6 +99,8 @@ The following table shows a configuration option's name, type, and the default v |[variables-hash-bucket-size](#variables-hash-bucket-size)|int|128| |[variables-hash-max-size](#variables-hash-max-size)|int|2048| |[upstream-keepalive-connections](#upstream-keepalive-connections)|int|32| +|[upstream-keepalive-timeout](#upstream-keepalive-timeout)|int|60| +|[upstream-keepalive-requests](#upstream-keepalive-requests)|int|100| |[limit-conn-zone-variable](#limit-conn-zone-variable)|string|"$binary_remote_addr"| |[proxy-stream-timeout](#proxy-stream-timeout)|string|"600s"| |[proxy-stream-responses](#proxy-stream-responses)|int|1| @@ -573,12 +575,35 @@ _References:_ ## upstream-keepalive-connections -Activates the cache for connections to upstream servers. The connections parameter sets the maximum number of idle keepalive connections to upstream servers that are preserved in the cache of each worker process. When this -number is exceeded, the least recently used connections are closed. _**default:**_ 32 +Activates the cache for connections to upstream servers. The connections parameter sets the maximum number of idle +keepalive connections to upstream servers that are preserved in the cache of each worker process. When this number is +exceeded, the least recently used connections are closed. +_**default:**_ 32 _References:_ [http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive](http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive) + +## upstream-keepalive-timeout + +Sets a timeout during which an idle keepalive connection to an upstream server will stay open. + _**default:**_ 60 + +_References:_ +[http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive_timeout](http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive_timeout) + + +## upstream-keepalive-requests + +Sets the maximum number of requests that can be served through one keepalive connection. After the maximum number of +requests is made, the connection is closed. +_**default:**_ 100 + + +_References:_ +[http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive_requests](http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive_requests) + + ## limit-conn-zone-variable Sets parameters for a shared memory zone that will keep states for various keys of [limit_conn_zone](http://nginx.org/en/docs/http/ngx_http_limit_conn_module.html#limit_conn_zone). The default of "$binary_remote_addr" variable’s size is always 4 bytes for IPv4 addresses or 16 bytes for IPv6 addresses. diff --git a/internal/ingress/controller/config/config.go b/internal/ingress/controller/config/config.go index 528cb51970..74cfac4cfc 100644 --- a/internal/ingress/controller/config/config.go +++ b/internal/ingress/controller/config/config.go @@ -393,9 +393,17 @@ type Configuration struct { // upstream servers that are preserved in the cache of each worker process. When this // number is exceeded, the least recently used connections are closed. // http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive - // Default: 32 UpstreamKeepaliveConnections int `json:"upstream-keepalive-connections,omitempty"` + // Sets a timeout during which an idle keepalive connection to an upstream server will stay open. + // http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive_timeout + UpstreamKeepaliveTimeout int `json:"upstream-keepalive-timeout,omitempty"` + + // Sets the maximum number of requests that can be served through one keepalive connection. + // After the maximum number of requests is made, the connection is closed. + // http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive_requests + UpstreamKeepaliveRequests int `json:"upstream-keepalive-requests,omitempty"` + // Sets the maximum size of the variables hash table. // http://nginx.org/en/docs/http/ngx_http_map_module.html#variables_hash_max_size LimitConnZoneVariable string `json:"limit-conn-zone-variable,omitempty"` @@ -651,6 +659,8 @@ func NewDefault() Configuration { ProxyBuffering: "off", }, UpstreamKeepaliveConnections: 32, + UpstreamKeepaliveTimeout: 60, + UpstreamKeepaliveRequests: 100, LimitConnZoneVariable: defaultLimitConnZoneVariable, BindAddressIpv4: defBindAddress, BindAddressIpv6: defBindAddress, diff --git a/rootfs/etc/nginx/template/nginx.tmpl b/rootfs/etc/nginx/template/nginx.tmpl index 3688b6ed43..22db89b4db 100644 --- a/rootfs/etc/nginx/template/nginx.tmpl +++ b/rootfs/etc/nginx/template/nginx.tmpl @@ -416,6 +416,9 @@ http { {{ if (gt $cfg.UpstreamKeepaliveConnections 0) }} keepalive {{ $cfg.UpstreamKeepaliveConnections }}; + + keepalive_timeout {{ $cfg.UpstreamKeepaliveTimeout }}s; + keepalive_requests {{ $cfg.UpstreamKeepaliveRequests }}; {{ end }} } From 10d3d48a6ccfac7109752cfc77cf9b44f65ccc73 Mon Sep 17 00:00:00 2001 From: Fernando Diaz Date: Thu, 11 Oct 2018 20:47:00 -0500 Subject: [PATCH 2/2] Remove TCP/UDP ConfigMaps from Dev Removes unneeded ConfigMaps from the Development Environment which are causing ingress-nginx pods to crash Fixes #3223 --- deploy/mandatory.yaml | 24 ------------------------ deploy/tcp-services-configmap.yaml | 11 ----------- deploy/udp-services-configmap.yaml | 11 ----------- deploy/with-rbac.yaml | 2 -- 4 files changed, 48 deletions(-) delete mode 100644 deploy/tcp-services-configmap.yaml delete mode 100644 deploy/udp-services-configmap.yaml diff --git a/deploy/mandatory.yaml b/deploy/mandatory.yaml index 27d3d67a70..f8511d2cdd 100644 --- a/deploy/mandatory.yaml +++ b/deploy/mandatory.yaml @@ -16,28 +16,6 @@ metadata: --- -kind: ConfigMap -apiVersion: v1 -metadata: - name: tcp-services - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - ---- - -kind: ConfigMap -apiVersion: v1 -metadata: - name: udp-services - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - ---- - apiVersion: v1 kind: ServiceAccount metadata: @@ -215,8 +193,6 @@ spec: args: - /nginx-ingress-controller - --configmap=$(POD_NAMESPACE)/nginx-configuration - - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services - - --udp-services-configmap=$(POD_NAMESPACE)/udp-services - --publish-service=$(POD_NAMESPACE)/ingress-nginx - --annotations-prefix=nginx.ingress.kubernetes.io securityContext: diff --git a/deploy/tcp-services-configmap.yaml b/deploy/tcp-services-configmap.yaml deleted file mode 100644 index 464fba1cd4..0000000000 --- a/deploy/tcp-services-configmap.yaml +++ /dev/null @@ -1,11 +0,0 @@ -kind: ConfigMap -apiVersion: v1 -metadata: - name: tcp-services - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - ---- - diff --git a/deploy/udp-services-configmap.yaml b/deploy/udp-services-configmap.yaml deleted file mode 100644 index 3337910b08..0000000000 --- a/deploy/udp-services-configmap.yaml +++ /dev/null @@ -1,11 +0,0 @@ -kind: ConfigMap -apiVersion: v1 -metadata: - name: udp-services - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - ---- - diff --git a/deploy/with-rbac.yaml b/deploy/with-rbac.yaml index 636f178bc5..a9fda77108 100644 --- a/deploy/with-rbac.yaml +++ b/deploy/with-rbac.yaml @@ -28,8 +28,6 @@ spec: args: - /nginx-ingress-controller - --configmap=$(POD_NAMESPACE)/nginx-configuration - - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services - - --udp-services-configmap=$(POD_NAMESPACE)/udp-services - --publish-service=$(POD_NAMESPACE)/ingress-nginx - --annotations-prefix=nginx.ingress.kubernetes.io securityContext: