-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug: nofile soft limit on EKS Fargate causes connection limits and crashes #71
Labels
bug
Something isn't working
Comments
Thanks for your patience, continuing to track this investigation as part of aws/aws-app-mesh-roadmap#489 |
axot
added a commit
to axot/amazon-ecs-service-connect-agent
that referenced
this issue
Mar 22, 2024
axot
added a commit
to axot/amazon-ecs-service-connect-agent
that referenced
this issue
Mar 22, 2024
Re-opening this issue since the fix hasn't been released yet. As an update, we experienced delays in our release and are currently working on a new release which will include this fix. Will share an update as soon as we have one. |
Close for aws/aws-app-mesh-roadmap#492 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
We have workloads running on EKS Fargate with an aws-appmesh-envoy sidecar injected by AWS App Mesh Controller.
The appnet agent process (PID 1) has a nofile soft limit of 65535, while the forked envoy process has a nofile soft limit of 1024 only.
This imposes a limits of max. ~480 possible TCP connections, since a file handle is created for each ingress/egress.
Reaching the limit causes the envoy process to crash and being restarted by the appnet agent (#181), which causes outage.
Steps to Reproduce
Please refer to support case 170713370901828 for this.
Are you currently working around this issue?
We are unable to workaround this issue, because the appnet agent seems to be closed source.
The text was updated successfully, but these errors were encountered: