control: Enforce timeouts on response stream #2587
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## main #2587 +/- ##
==========================================
- Coverage 68.02% 68.00% -0.02%
==========================================
Files 329 330 +1
Lines 14904 14989 +85
==========================================
+ Hits 10139 10194 +55
- Misses 4765 4795 +30
... and 2 files with indirect coverage changes Continue to review full report in Codecov by Sentry.
|
olix0r
force-pushed
the
ver/profile-timeout
branch
from
bffcb6f to
37bc6a1
Compare
When connecting to a control plane API, the API server can return an HTTP response long before it returns the first stream response. To bound this time, we now enforce timeouts so that failures may result in attempting to use an alternate controller instances. All controller response streams now use a generic gRPC middlware with initial, idle, and lifetime timeouts. When an initial timeout is encounterd, a DeadlineExceeded grpc status is synthesized. When the other timeouts are encountered, the stream terminates gracefully. These timeouts are configurable by the proxy injector. Timeouts are not enabled without configuration: * LINKERD2_PROXY_CONTROL_STREAM_INITIAL_TIMEOUT * LINKERD2_PROXY_CONTROL_STREAM_IDLE_TIMEOUT * LINKERD2_PROXY_CONTROL_STREAM_LIFETIME Each of these parameters is optional.
olix0r
force-pushed
the
ver/profile-timeout
branch
from
37bc6a1 to
2a3c234
Compare
olix0r
added a commit
to linkerd/linkerd2
that referenced
this pull request
Dec 27, 2023
linkerd/linkerd2-proxy#2587 adds configuration parameters that bound the lifetime and idle times of control plane streams. This change helps to mitigate imbalanced control plane replica usage and to generally prevent scenarios where a stream becomes "stuck," as has been observed when a control plane replica is unhealthy. This change adds helm values to control this behavior. Default values are provided.
olix0r
added a commit
to linkerd/linkerd2
that referenced
this pull request
Dec 27, 2023
linkerd/linkerd2-proxy#2587 adds configuration parameters that bound the lifetime and idle times of control plane streams. This change helps to mitigate imbalanced control plane replica usage and to generally prevent scenarios where a stream becomes "stuck," as has been observed when a control plane replica is unhealthy. This change adds helm values to control this behavior. Default values are provided.
olix0r
added a commit
to linkerd/linkerd2
that referenced
this pull request
Dec 27, 2023
When connecting to a control plane API, the API server can return an HTTP response long before it returns the first stream response. To bound this time, we now enforce timeouts so that failures may result in attempting to use an alternate controller instances. All controller response streams now use a generic gRPC middleware with initial, idle, and lifetime timeouts. When an initial timeout is encountered, a DeadlineExceeded grpc status is synthesized. When the other timeouts are encountered, the stream terminates gracefully. These timeouts are configurable by the proxy injector. Timeouts are not enabled without configuration: * LINKERD2_PROXY_CONTROL_STREAM_INITIAL_TIMEOUT * LINKERD2_PROXY_CONTROL_STREAM_IDLE_TIMEOUT * LINKERD2_PROXY_CONTROL_STREAM_LIFETIME Each of these parameters is optional. --- * build(deps): bump semver from 1.0.17 to 1.0.20 (linkerd/linkerd2-proxy#2576) * build(deps): bump memchr from 2.5.0 to 2.6.4 (linkerd/linkerd2-proxy#2577) * build(deps): bump arbitrary from 1.2.3 to 1.3.2 (linkerd/linkerd2-proxy#2578) * build(deps): bump data-encoding from 2.3.3 to 2.5.0 (linkerd/linkerd2-proxy#2579) * build(deps): bump tj-actions/changed-files from 40.2.3 to 41.0.1 (linkerd/linkerd2-proxy#2586) * build(deps): bump ahash from 0.8.5 to 0.8.6 (linkerd/linkerd2-proxy#2582) * build(deps): bump jemallocator from 0.5.0 to 0.5.4 (linkerd/linkerd2-proxy#2581) * build(deps): bump anyhow from 1.0.69 to 1.0.76 (linkerd/linkerd2-proxy#2583) * build(deps): bump symbolic-common from 12.6.0 to 12.8.0 (linkerd/linkerd2-proxy#2584) * build(deps): bump gimli from 0.28.0 to 0.28.1 (linkerd/linkerd2-proxy#2588) * build(deps): bump foreign-types-macros from 0.2.2 to 0.2.3 (linkerd/linkerd2-proxy#2590) * build(deps): bump symbolic-demangle from 12.6.0 to 12.8.0 (linkerd/linkerd2-proxy#2591) * control: Enforce timeouts on response stream (linkerd/linkerd2-proxy#2587) Signed-off-by: Oliver Gould <[email protected]>
olix0r
added a commit
to linkerd/linkerd2
that referenced
this pull request
Dec 27, 2023
When connecting to a control plane API, the API server can return an HTTP response long before it returns the first stream response. To bound this time, we now enforce timeouts so that failures may result in attempting to use an alternate controller instances. All controller response streams now use a generic gRPC middleware with initial, idle, and lifetime timeouts. When an initial timeout is encountered, a DeadlineExceeded grpc status is synthesized. When the other timeouts are encountered, the stream terminates gracefully. These timeouts are configurable by the proxy injector. Timeouts are not enabled without configuration: * LINKERD2_PROXY_CONTROL_STREAM_INITIAL_TIMEOUT * LINKERD2_PROXY_CONTROL_STREAM_IDLE_TIMEOUT * LINKERD2_PROXY_CONTROL_STREAM_LIFETIME Each of these parameters is optional. --- * build(deps): bump semver from 1.0.17 to 1.0.20 (linkerd/linkerd2-proxy#2576) * build(deps): bump memchr from 2.5.0 to 2.6.4 (linkerd/linkerd2-proxy#2577) * build(deps): bump arbitrary from 1.2.3 to 1.3.2 (linkerd/linkerd2-proxy#2578) * build(deps): bump data-encoding from 2.3.3 to 2.5.0 (linkerd/linkerd2-proxy#2579) * build(deps): bump tj-actions/changed-files from 40.2.3 to 41.0.1 (linkerd/linkerd2-proxy#2586) * build(deps): bump ahash from 0.8.5 to 0.8.6 (linkerd/linkerd2-proxy#2582) * build(deps): bump jemallocator from 0.5.0 to 0.5.4 (linkerd/linkerd2-proxy#2581) * build(deps): bump anyhow from 1.0.69 to 1.0.76 (linkerd/linkerd2-proxy#2583) * build(deps): bump symbolic-common from 12.6.0 to 12.8.0 (linkerd/linkerd2-proxy#2584) * build(deps): bump gimli from 0.28.0 to 0.28.1 (linkerd/linkerd2-proxy#2588) * build(deps): bump foreign-types-macros from 0.2.2 to 0.2.3 (linkerd/linkerd2-proxy#2590) * build(deps): bump symbolic-demangle from 12.6.0 to 12.8.0 (linkerd/linkerd2-proxy#2591) * control: Enforce timeouts on response stream (linkerd/linkerd2-proxy#2587) Signed-off-by: Oliver Gould <[email protected]>
olix0r
added a commit
to linkerd/linkerd2
that referenced
this pull request
Dec 28, 2023
linkerd/linkerd2-proxy#2587 adds configuration parameters that bound the lifetime and idle times of control plane streams. This change helps to mitigate imbalanced control plane replica usage and to generally prevent scenarios where a stream becomes "stuck," as has been observed when a control plane replica is unhealthy. This change adds helm values to control this behavior. Default values are provided.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When connecting to a control plane API, the API server can return an
HTTP response long before it returns the first stream response. To bound
this time, we now enforce timeouts so that failures may result in attempting
to use an alternate controller instances.
All controller response streams now use a generic gRPC middlware with
initial, idle, and lifetime timeouts. When an initial timeout is
encounterd, a DeadlineExceeded grpc status is synthesized. When the
other timeouts are encountered, the stream terminates gracefully.
These timeouts are configurable by the proxy injector. Timeouts are not
enabled without configuration:
Each of these parameters is optional.