OSDOCS-16473 Ingress controller route timeout configurable variables … #106920
+57
−0
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| // Module included in the following assemblies: | ||
| // | ||
| // * networking/ingress-operator.adoc | ||
|
|
||
| :_mod-docs-content-type: REFERENCE | ||
| [id="ingress-controller-router-timeout_{context}"] | ||
| = Ingress Controller router timeout variables | ||
|
|
||
| [role="_abstract"] | ||
| To manage connection durations and optimize performance of your Ingress Controller, you can configure router timeout variables. These variables control how long the router waits for client responses, server data, or established connections before closing them. | ||
|
|
||
| .Configuring a router timeout | ||
|
Collaborator
There was a problem hiding this comment. 🤖 [error] AsciiDocDITA.TaskTitle: Unsupported titles cannot be mapped to DITA tasks.
Collaborator
There was a problem hiding this comment. 🤖 [error] AsciiDocDITA.BlockTitle: Block titles can only be assigned to examples, figures, and tables in DITA. |
||
| `TimeUnits` are represented by a number followed by the unit: `us` *(microseconds), `ms` (milliseconds, default), `s` (seconds), `m` (minutes), `h` *(hours), `d` (days). | ||
|
|
||
| The regular expression is: [1-9][0-9]*(`us`|`ms`|`s`|`m`|`h`|`d`). | ||
|
|
||
| .Router timeout variables | ||
| [cols="2,1,2a", options="header"] | ||
| |=== | ||
| |Variable | Default | Description | ||
| | `ROUTER_BACKEND_CHECK_INTERVAL` | `5000ms` | Length of time between subsequent liveness checks on back ends. | ||
| | `ROUTER_CLIENT_FIN_TIMEOUT` | `1s` | Controls the TCP FIN timeout period for the client connecting to the route. If the FIN sent to close the connection does not answer within the given time, HAProxy closes the connection. This is harmless if set to a low value and uses fewer resources on the router. | ||
| | `ROUTER_DEFAULT_CLIENT_TIMEOUT` | `30s` | Length of time that a client has to acknowledge or send data. | ||
| | `ROUTER_DEFAULT_CONNECT_TIMEOUT` | `5s` | The maximum connection time. | ||
| | `ROUTER_DEFAULT_SERVER_FIN_TIMEOUT` | `1s` | Controls the TCP FIN timeout from the router to the pod backing the route. | ||
| | `ROUTER_DEFAULT_SERVER_TIMEOUT` | `30s` | Length of time that a server has to acknowledge or send data. | ||
| | `ROUTER_DEFAULT_TUNNEL_TIMEOUT` | `1h` | Length of time for TCP or WebSocket connections to remain open. This timeout period resets whenever HAProxy reloads. | ||
| | `ROUTER_SLOWLORIS_HTTP_KEEPALIVE` | `300s` | Set the maximum time to wait for a new HTTP request to appear. If this is set too low, it can cause problems with browsers and applications not expecting a small `keepalive` value. | ||
|
|
||
| Some effective timeout values can be the sum of certain variables, rather than the specific expected timeout. For example, `ROUTER_SLOWLORIS_HTTP_KEEPALIVE` adjusts `timeout http-keep-alive`. It is set to `300s` by default, but HAProxy also waits on `tcp-request inspect-delay`, which is set to `5s`. In this case, the overall timeout would be `300s` plus `5s`. | ||
| | `ROUTER_SLOWLORIS_TIMEOUT` | `10s` | Length of time the transmission of an HTTP request can take. | ||
| | `RELOAD_INTERVAL` | `5s` | Allows the minimum frequency for the router to reload and accept new changes. | ||
| | `ROUTER_METRICS_HAPROXY_TIMEOUT` | `5s` | Timeout for the gathering of HAProxy metrics. | ||
|
|
||
| |=== | ||
|
|
||
| .A route setting custom timeout | ||
|
Collaborator
There was a problem hiding this comment. 🤖 [error] AsciiDocDITA.TaskTitle: Unsupported titles cannot be mapped to DITA tasks. |
||
| [source,yaml] | ||
| ---- | ||
| apiVersion: route.openshift.io/v1 | ||
| kind: Route | ||
| metadata: | ||
| annotations: | ||
| haproxy.router.openshift.io/timeout: 5500ms <1> | ||
| ... | ||
| ---- | ||
| <1> Specifies the new timeout with HAProxy supported units (`us`, `ms`, `s`, `m`, `h`, `d`). If the unit is not provided, `ms` is the default. | ||
|
Collaborator
There was a problem hiding this comment. 🤖 [error] AsciiDocDITA.CalloutList: Callouts are not supported in DITA. |
||
|
|
||
| [NOTE] | ||
| ==== | ||
| Setting a server-side timeout value for passthrough routes too low can cause | ||
| WebSocket connections to timeout frequently on that route. | ||
| ==== | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🤖 [error] AsciiDocDITA.TaskContents: The '.Procedure' block title is missing.