help request: is apisix support nginx so_keepalive parameter?

[stubbornTanzhe]

Description

so_keepalive I found that apisix will not send tcp keepalive packet is there any chance that apisix enable so_keepalive when listen? support so_keepalive on/off is better.

in my case, k8s by ipvs mode, the client request the workload from apiserver(watch=true), apisix is the gateway which connect the client and apiserver if where is no data for a while(watch pod), then ipvs will timeout and send RST packet,which will be prevent if we enable tcp keepalive all the node on the chain.

Environment

• APISIX version (run apisix version): 1.13.2
• Operating system (run uname -a): centos8
• OpenResty / Nginx version (run openresty -V or nginx -V):
• etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info): 3.5.4
• APISIX Dashboard version, if relevant:
• Plugin runner version, for issues related to plugin runners:
• LuaRocks version, for installation issues (run luarocks --version):

[Miss-you]

Normally, tcp keepalive pkg should be sent by the client, not the gateway/Apache APISIX

If the client doesn't send messages to keepalive tcp till timeout, the link should be disconnected instead of keepalive.

[stubbornTanzhe]

Normally, tcp keepalive pkg should be sent by the client, not the gateway/Apache APISIX

If the client doesn't send messages to keepalive tcp till timeout, the link should be disconnected instead of keepalive.

I'm confused now, the client is keep sending tcp keepalive packet ,but I capture the packet from the apisix to apiserver(data upstream),and find that where is no tcp keepalive packet, which i think the apisix node should enable tcp keepalive when listen.

[monkeyDluffy6017]

Why don't you set SO_KEEPALIVE yourself, it's in ngx_tpl.lua. Like this

server {
    listen 127.0.0.1:3306 so_keepalive=on;
    proxy_pass 172.17.0.3:3306;

[stubbornTanzhe]

Why don't you set SO_KEEPALIVE yourself, it's in ngx_tpl.lua. Like this

server {
    listen 127.0.0.1:3306 so_keepalive=on;
    proxy_pass 172.17.0.3:3306;

it's a way, thank you~

[Miss-you]

Normally, tcp keepalive pkg should be sent by the client, not the gateway/Apache APISIX If the client doesn't send messages to keepalive tcp till timeout, the link should be disconnected instead of keepalive.

I'm confused now, the client is keep sending tcp keepalive packet ,but I capture the packet from the apisix to apiserver(data upstream),and find that where is no tcp keepalive packet, which i think the apisix node should enable tcp keepalive when listen.

I think it is more reasonable to adjust the timeout of the WATCH, and the timeout should be less than half of the TCP keepalive time.

1. IPVS does not forward the heartbeat pkg for TCP protocol, because it is a control pkg.
2. There will be no requests for a long time while watching, so it is important to set a proper timeout.
3. it is better not to modify the nginx.conf of the Apache APISIX

[tokers]

Normally, tcp keepalive pkg should be sent by the client, not the gateway/Apache APISIX If the client doesn't send messages to keepalive tcp till timeout, the link should be disconnected instead of keepalive.

I'm confused now, the client is keep sending tcp keepalive packet ,but I capture the packet from the apisix to apiserver(data upstream),and find that where is no tcp keepalive packet, which i think the apisix node should enable tcp keepalive when listen.

TCP is end to end, a keepalive packet won't be proxied.

[shreemaan-abhishek]

@stubbornTanzhe please reopen this issue if you have anymore questions.