apiserver-network-proxy icon indicating copy to clipboard operation
apiserver-network-proxy copied to clipboard

Published 20 hours ago verified publisher icon kubernetes-sigs

Expose gRPC `MaxConnectionIdle` configuration

Open tallclair opened this issue 3 years ago • 1 comments

The gRPC server KeepAlive params include

type ServerParameters struct {
	// MaxConnectionIdle is a duration for the amount of time after which an
	// idle connection would be closed by sending a GoAway. Idleness duration is
	// defined since the most recent time the number of outstanding RPCs became
	// zero or the connection establishment.
	MaxConnectionIdle time.Duration // The current default value is infinity.
	// ...
}

This could be a useful knob to expose through configuration for mitigating connection leaks.

tallclair avatar Aug 12 '22 23:08 tallclair

@tallclair I'm not sure if that would really help and it might hurt for long lived connections or need to close connections going through that one? I can't remember, but it might not be as easy (maybe it is, though!)

For example, that didn't help for any of the two leaks in #276. It didn't help for some other leaks either IIRC, and maybe due to the way tunneling is done maybe it is not very likely this will help? Unsure.

We can definitely think about this more and see if it makes sense or just try it.

rata avatar Aug 22 '22 14:08 rata

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Nov 20 '22 15:11 k8s-triage-robot

I think that with the current way we use gRPC this wouldn't do anything for us. My understanding that this would affect connections to the gRPC server when there aren't any open streams. However, we don't reuse gRPC connections (on the client or agent), so this doesn't get us anything.

tallclair avatar Dec 02 '22 18:12 tallclair