feat: reuse connections and limit the number of connections for prehe…

…ating Signed-off-by: Gaius <[email protected]>
dragonflyoss · Dec 6, 2024 · 30a63aa · 30a63aa
1 parent a97584a
commit 30a63aa
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 20 deletions.
diff --git a/client-rs b/client-rs
diff --git a/manager/console b/manager/console
diff --git a/manager/job/preheat.go b/manager/job/preheat.go
@@ -65,6 +65,14 @@ const (
 	PreheatFileType PreheatType = "file"
 )
 
+// defaultHTTPTransport is the default http transport.
+var defaultHTTPTransport = &http.Transport{
+	MaxIdleConns:        400,
+	MaxIdleConnsPerHost: 20,
+	MaxConnsPerHost:     50,
+	IdleConnTimeout:     120 * time.Second,
+}
+
 // accessURLPattern is the pattern of access url.
 var accessURLPattern, _ = regexp.Compile("^(.*)://(.*)/v2/(.*)/manifests/(.*)")
 
@@ -77,20 +85,34 @@ type Preheat interface {
 // preheat is an implementation of Preheat.
 type preheat struct {
 	job                *internaljob.Job
-	registryTimeout    time.Duration
-	rootCAs            *x509.CertPool
 	certificateChain   [][]byte
 	insecureSkipVerify bool
+	httpClient         *http.Client
 }
 
 // newPreheat creates a new Preheat.
 func newPreheat(job *internaljob.Job, registryTimeout time.Duration, rootCAs *x509.CertPool, insecureSkipVerify bool) (Preheat, error) {
-	var certificateChain [][]byte
+	p := &preheat{
+		job:                job,
+		insecureSkipVerify: insecureSkipVerify,
+		httpClient: &http.Client{
+			Timeout: registryTimeout,
+			Transport: &http.Transport{
+				DialContext:         nethttp.NewSafeDialer().DialContext,
+				TLSClientConfig:     &tls.Config{RootCAs: rootCAs, InsecureSkipVerify: insecureSkipVerify},
+				MaxIdleConns:        defaultHTTPTransport.MaxIdleConns,
+				MaxIdleConnsPerHost: defaultHTTPTransport.MaxIdleConnsPerHost,
+				MaxConnsPerHost:     defaultHTTPTransport.MaxConnsPerHost,
+				IdleConnTimeout:     defaultHTTPTransport.IdleConnTimeout,
+			},
+		},
+	}
+
 	if rootCAs != nil {
-		certificateChain = rootCAs.Subjects()
+		p.certificateChain = rootCAs.Subjects()
 	}
 
-	return &preheat{job, registryTimeout, rootCAs, certificateChain, insecureSkipVerify}, nil
+	return p, nil
 }
 
 // CreatePreheat creates a preheat job.
@@ -191,26 +213,20 @@ func (p *preheat) getImageLayers(ctx context.Context, args types.PreheatArgs) ([
 		return nil, err
 	}
 
-	opts := []imageAuthClientOption{
-		withHTTPClient(&http.Client{
-			Timeout: p.registryTimeout,
-			Transport: &http.Transport{
-				DialContext:     nethttp.NewSafeDialer().DialContext,
-				TLSClientConfig: &tls.Config{RootCAs: p.rootCAs, InsecureSkipVerify: p.insecureSkipVerify},
-			},
-		}),
+	options := []imageAuthClientOption{
+		withHTTPClient(p.httpClient),
 		withBasicAuth(args.Username, args.Password),
 	}
 	// Background:
-	//   Harbor uses the V1 preheat request and will carry the auth info in the headers.
+	// Harbor uses the V1 preheat request and will carry the auth info in the headers.
 	header := nethttp.MapToHeader(args.Headers)
 	if token := header.Get("Authorization"); len(token) > 0 {
-		opts = append(opts, withIssuedToken(token))
+		options = append(options, withIssuedToken(token))
 		header.Set("Authorization", token)
 	}
 
 	// Init docker auth client.
-	client, err := newImageAuthClient(image, opts...)
+	client, err := newImageAuthClient(image, options...)
 	if err != nil {
 		return nil, err
 	}
@@ -395,8 +411,11 @@ type imageAuthClient struct {
 
 // newImageAuthClient creates a new imageAuthClient.
 func newImageAuthClient(image *preheatImage, opts ...imageAuthClientOption) (*imageAuthClient, error) {
+	httpClient := http.DefaultClient
+	httpClient.Transport = defaultHTTPTransport
+
 	d := &imageAuthClient{
-		httpClient:              http.DefaultClient,
+		httpClient:              httpClient,
 		interceptorTokenHandler: newInterceptorTokenHandler(),
 	}
 

diff --git a/manager/job/preheat_test.go b/manager/job/preheat_test.go
@@ -2,6 +2,7 @@ package job
 
 import (
 	"context"
+	"net/http"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -42,7 +43,7 @@ func TestPreheat_getImageLayers(t *testing.T) {
 
 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
-			p := &preheat{}
+			p := &preheat{httpClient: http.DefaultClient}
 			layers, err := p.getImageLayers(context.Background(), tc.args)
 			if err != nil {
 				t.Fatal(err)
+6 −6		.github/workflows/release.yml
+251 −65		Cargo.lock
+11 −10		Cargo.toml
+0 −153		ci/dfdaemon.yaml
+3 −0		dragonfly-client-backend/Cargo.toml
+31 −2		dragonfly-client-backend/src/http.rs
+3 −0		dragonfly-client-backend/src/lib.rs
+4 −0		dragonfly-client-backend/src/object_storage.rs
+2 −3		dragonfly-client-config/src/dfdaemon.rs
+1 −0		dragonfly-client-core/Cargo.toml
+4 −0		dragonfly-client-core/src/error/mod.rs
+2 −24		dragonfly-client/Cargo.toml
+28 −4		dragonfly-client/src/bin/dfdaemon/main.rs
+21 −6		dragonfly-client/src/grpc/dfdaemon_download.rs
+20 −6		dragonfly-client/src/grpc/dfdaemon_upload.rs
+6 −4		dragonfly-client/src/grpc/health.rs
+50 −0		dragonfly-client/src/grpc/interceptor.rs
+5 −3		dragonfly-client/src/grpc/manager.rs
+1 −0		dragonfly-client/src/grpc/mod.rs
+12 −8		dragonfly-client/src/grpc/scheduler.rs
+18 −5		dragonfly-client/src/proxy/mod.rs
+1 −1		.github/workflows/e2e.yaml
+6 −2		src/components/circular-progress.tsx
+5 −1		src/components/clusters/index.tsx
+77 −19		src/components/clusters/show.tsx
+4 −0		src/components/job/task/clear/index.module.css
+9 −5		src/components/job/task/clear/index.tsx
+15 −17		src/components/rotation.tsx
+6 −13		tsconfig.json