New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RFE-3360: add httpRequestTimeout to IngressController CRD #867
RFE-3360: add httpRequestTimeout to IngressController CRD #867
Conversation
This helps to better tune slowloris defensive actions. Setting this parameter was possible with the IngressController shipped with OCP3/Origin but we missed it somehow when the OCP4/OKD4 swithc took place.
Hi @EmmanuelKasper. Thanks for your PR. I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
For this to work, if I get correctly we need before:
Is that correct ? |
Will follow up on the RFE 3360 , which is a duplicate of a rejected RFE 1284 |
@EmmanuelKasper https://issues.redhat.com//browse/RFE-3360 is currently on our backlog. In order for us to consider accepting it, we kindly ask you to demonstrate that this change 1) solves the original problem for this customer, and 2) doesn't cause any new performance issues with the router. Benchmark a series of documented performance tests without the change, and then compare it to the same tests with the change. |
@@ -563,6 +563,9 @@ func desiredRouterDeployment(ci *operatorv1.IngressController, ingressController | |||
if ci.Spec.TuningOptions.ClientTimeout != nil && ci.Spec.TuningOptions.ClientTimeout.Duration > 0*time.Second { | |||
env = append(env, corev1.EnvVar{Name: "ROUTER_DEFAULT_CLIENT_TIMEOUT", Value: durationToHAProxyTimespec(ci.Spec.TuningOptions.ClientTimeout.Duration)}) | |||
} | |||
if ci.Spec.TuningOptions.httpRequestTimeout != nil && ci.Spec.TuningOptions.ClientTimeout.Duration > 0*time.Second { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if ci.Spec.TuningOptions.httpRequestTimeout != nil && ci.Spec.TuningOptions.ClientTimeout.Duration > 0*time.Second { | |
if ci.Spec.TuningOptions.HTTPRequestTimeout != nil && ci.Spec.TuningOptions.HTTPRequestTimeout.Duration > 0*time.Second { |
@@ -563,6 +563,9 @@ func desiredRouterDeployment(ci *operatorv1.IngressController, ingressController | |||
if ci.Spec.TuningOptions.ClientTimeout != nil && ci.Spec.TuningOptions.ClientTimeout.Duration > 0*time.Second { | |||
env = append(env, corev1.EnvVar{Name: "ROUTER_DEFAULT_CLIENT_TIMEOUT", Value: durationToHAProxyTimespec(ci.Spec.TuningOptions.ClientTimeout.Duration)}) | |||
} | |||
if ci.Spec.TuningOptions.httpRequestTimeout != nil && ci.Spec.TuningOptions.ClientTimeout.Duration > 0*time.Second { | |||
env = append(env, corev1.EnvVar{Name: "ROUTER_SLOWLORIS_TIMEOUT", Value: durationToHAProxyTimespec(ci.Spec.TuningOptions.httpRequestTimeout.Duration)}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
env = append(env, corev1.EnvVar{Name: "ROUTER_SLOWLORIS_TIMEOUT", Value: durationToHAProxyTimespec(ci.Spec.TuningOptions.httpRequestTimeout.Duration)}) | |
env = append(env, corev1.EnvVar{Name: "ROUTER_SLOWLORIS_TIMEOUT", Value: durationToHAProxyTimespec(ci.Spec.TuningOptions.HTTPRequestTimeout.Duration)}) |
RFE-3360 has now been accepted, but we have not received any response on this PR nor has the RFE been assigned. @mcurry-rh how is this handled? |
Issues go stale after 90d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle stale |
Stale issues rot after 30d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle rotten |
Rotten issues close after 30d of inactivity. Reopen the issue by commenting /close |
@openshift-bot: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
This helps to better tune slowloris defensive actions. Setting this parameter was possible with the IngressController shipped with OCP3/Origin but we missed it somehow when the OCP4/OKD4 swithc took place.