enhancement/ingress: add max connections tuning #1084
Conversation
Adds a new field to the IngressController API to allow the maximum number of simultaneous connections (i.e., maxconn) be configurable by cluster administrators: openshift/enhancements#1084
Adds a new field to the IngressController API to allow the maximum number of simultaneous connections (i.e., maxconn) be configurable by cluster administrators: openshift/enhancements#1084
|
|
||
| HAProxy builds its data structures ahead of time. If you specify a | ||
| large value for `spec.tuningOptions.maxConnections` then that memory | ||
| is allocated up-front when the process starts. It is never released. |
There was a problem hiding this comment.
I was curious and I confirmed this as well. 500 backend leastconn config with 20,000 maxconn was about ~280mB. Increased to 500,000 maxconn and it spiked to 366mB.
There was a problem hiding this comment.
Everything looks good to me. I think we discussed this quite a bit so I'm on board with everything you documented here. The "-1" for maxConn auto feels a bit awkward as a end-user, but I see your rational for a more strongly typed parameter. I'll yield to others
that know these datatypes better.
Adds a new field to the IngressController API to allow the maximum number of simultaneous connections (i.e., maxconn) be configurable by cluster administrators: openshift/enhancements#1084
Adds a new field to the IngressController API to allow the maximum number of simultaneous connections (i.e., maxconn) be configurable by cluster administrators: openshift/enhancements#1084
| queued clients will time out; 20000 is likely too small a value for | ||
| the majority of deployments. |
There was a problem hiding this comment.
Do we have any data to substantiate the "likely too small" statement?
There was a problem hiding this comment.
None. I will remove the comment as it is subjective.
| To do this, the administrator can configure | ||
| `spec.nodePlacement.nodeSelector` with labels that match the intended | ||
| node, as well as configuring `spec.tuningOptions.maxConnections`. |
There was a problem hiding this comment.
The administrator will probably also want to increase nbthread.
| within the container when HAProxy starts. The nature of HAProxy's | ||
| dynamic computation also takes into consideration what is configured | ||
| in `haproxy.config` at that time. |
There was a problem hiding this comment.
The nature of HAProxy's
dynamic computation also takes into consideration what is configured
inhaproxy.configat that time.
Can you elaborate on this point a little?
| router deployment roll out the new pods. | ||
|
|
||
| ```sh | ||
| $ oc patch ingresscontroller/default --type=merge --patch '{"spec":{"tuningOptions":{"maxConnections":-1}}}' -n openshift-ingress-operator |
There was a problem hiding this comment.
I hope curious administrators will use a test ingresscontroller and not the default one.
| 2. If you want an exact value then set a value that is improbably | ||
| large, heed the warning and the suggested fix, then configure a |
There was a problem hiding this comment.
I'm a little confused by the wording here. Is the "improbably large" value the one that the user actual wants to set? Is heeding the warning and suggested fix the same step as configuring the tuned profile?
Adds a new field to the IngressController API to allow the maximum number of simultaneous connections (i.e., maxconn) be configurable by cluster administrators: openshift/enhancements#1084
Adds a new field to the IngressController API to allow the maximum number of simultaneous connections (i.e., maxconn) be configurable by cluster administrators: openshift/enhancements#1084
Adds a new field to the IngressController API to allow the maximum number of simultaneous connections (i.e., maxconn) be configurable by cluster administrators: openshift/enhancements#1084
Adds a new field to the IngressController API to allow the maximum number of simultaneous connections (i.e., maxconn) be configurable by cluster administrators: openshift/enhancements#1084
Adds a new field to the IngressController API to allow the maximum number of simultaneous connections (i.e., maxconn) be configurable by cluster administrators: openshift/enhancements#1084
frobware
force-pushed
the
haproxy-max-connections
branch
from
459ab3f to
d5f8bf1
Compare
Adds a new field to the IngressController API to allow the maximum number of simultaneous connections (i.e., maxconn) be configurable by cluster administrators: openshift/enhancements#1084
This enhancement proposes a new field be added to the IngressController API to allow the maximum number of simultaneous connections (i.e., `maxconn`) be configurable by cluster administrators.
Co-authored-by: Miciah Dashiel Butler Masters <[email protected]>
Co-authored-by: Miciah Dashiel Butler Masters <[email protected]>
frobware
force-pushed
the
haproxy-max-connections
branch
2 times, most recently
from
d558dd7 to
5cf782d
Compare
frobware
force-pushed
the
haproxy-max-connections
branch
from
5cf782d to
dec25f2
Compare
|
@Miciah I addressed your feedback. Please could you take another look. |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: Miciah The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
/retest-required Please review the full test history for this PR and help us cut down flakes. |
|
The linter has a new requirement: This requirement is redundant because you already have detailed use-cases, and the requirement wasn't there when the PR was posted, so I'll try to override it. /override ci/prow/markdownlint |
|
@Miciah: Overrode contexts on behalf of Miciah: ci/prow/markdownlint DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@frobware: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
5 participants
This enhancement proposes a new field be added to the
IngressController API to allow the maximum number of simultaneous
connections (i.e.,
maxconn) be configurable by clusteradministrators.