Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Changing Kubernetes' node-proxy tcp keepalive time

Tags:

proxy

kubernetes

load-balancing

google-kubernetes-engine

How do I properly change the TCP keepalive time for node-proxy?

I am running Kubernetes in Google Container Engine and have set up an ingress backed by HTTP(S) Google Load Balancer. When I continuously make POST requests to the ingress, I get a 502 error exactly once every 80 seconds or so. backend_connection_closed_before_data_sent_to_client error in Cloud Logging, which is because GLB's tcp keepalive (600 seconds) is larger than node-proxy's keepalive (no clue what it is).

The logged error is detailed in https://cloud.google.com/compute/docs/load-balancing/http/.

Thanks!

like image 719
Akash Krishnan Avatar asked Jun 24 '17 05:06

Akash Krishnan

People also ask

How do I change my kube proxy mode?

You need to modify the control plane itself. Since you created your cluster with kubeadm, you can use that to enable ipvs. You'd add this to your config file for kube init. Here's an article from github.com/kubernetes with more detailed instructions.

What happens if kube proxy is down?

kube-proxy runs on every node and is responsible for regulating network traffic between the node and other entities inside and outside the cluster. If kube-proxy stops running for any reason, the node goes into a not ready state. Run kubectl get pods -n kube-system to show pods belonging to the Kubernetes system.

What is Kubeproxy in Kubernetes?

kube-proxy is a network proxy that runs on each node in your cluster, implementing part of the Kubernetes Service concept. kube-proxy maintains network rules on nodes. These network rules allow network communication to your Pods from network sessions inside or outside of your cluster.

1 Answers

You can use the custom resource BackendConfig that exist on each GKE cluster to configure timeouts and other parameters like CDN here is the documentacion

An example from here shows how to configure on the ingress

That is the BackendConfig definition:

apiVersion: cloud.google.com/v1beta1
kind: BackendConfig
metadata:
  name: my-bsc-backendconfig
spec:
  timeoutSec: 40
  connectionDraining:
    drainingTimeoutSec: 60

And this is how to use on the ingress definition through annotations

apiVersion: v1
kind: Service
metadata:
  name: my-bsc-service
  labels:
    purpose: bsc-config-demo
  annotations:
    beta.cloud.google.com/backend-config: '{"ports": {"80":"my-bsc-backendconfig"}}'
spec:
  type: NodePort
  selector:
    purpose: bsc-config-demo
  ports:
  - port: 80
    protocol: TCP
    targetPort: 8080
like image 62
wolmi Avatar answered Oct 05 '22 04:10

wolmi
Sign in to Comment

Related questions

DNS over proxy?
How to handle proxies in urllib3
Google Analytics proxy
Proxy server using Indy
SonarQube Proxy Configuration, Tricky
Usefulness of java dynamic proxies vs regular proxies
WebSocket through SSL with Apache reverse proxy
How to use HttpClientBuilder with Http proxy?
Best Practice for WCF Service Proxy lifetime?
squid proxy - howto allow tcp connect - getting TCP_DENIAL/400 with ERR_INVALID_DOMAIN
JHipster configure maven wrapper proxy
Jersey Client + set proxy
Java app behind proxy to use http_proxy variable in linux
Running selenium behind a proxy server
Webpack DevServer -> proxy HTTPS resource -> UNABLE_TO_VERIFY_LEAF_SIGNATURE
407 Authentication required npm
Nginx Proxy to Files on Local Disk or S3
Linux: how to set up proxy using pac script
Angular CLI Proxy with env variables
How to access dynamic proxies from eclipse network settings?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!