From faccf300da877152a73fea6217c962373f14ab4f Mon Sep 17 00:00:00 2001 From: Datong Sun Date: Thu, 7 Sep 2023 16:33:11 +0800 Subject: [PATCH] perf(template): use more reasonable default value for Nginx tuning (#11515) Bumped the default value of `upstream_keepalive_pool_size` to `512` and `upstream_keepalive_max_requests` to `1000`. FTI-4868 --- kong.conf.default | 50 +++++++++++++++---------- kong/templates/kong_defaults.lua | 9 +++-- spec/01-unit/04-prefix_handler_spec.lua | 2 +- 3 files changed, 36 insertions(+), 25 deletions(-) diff --git a/kong.conf.default b/kong.conf.default index 31aed4c0bc06..d7d4c5c050e3 100644 --- a/kong.conf.default +++ b/kong.conf.default @@ -964,26 +964,26 @@ # `text/html`, `application/json`, and # `application/xml`. -#upstream_keepalive_pool_size = 60 # Sets the default size of the upstream - # keepalive connection pools. - # Upstream keepalive connection pools - # are segmented by the `dst ip/dst - # port/SNI` attributes of a connection. - # A value of `0` will disable upstream - # keepalive connections by default, forcing - # each upstream request to open a new - # connection. - -#upstream_keepalive_max_requests = 100 # Sets the default maximum number of - # requests than can be proxied upstream - # through one keepalive connection. - # After the maximum number of requests - # is reached, the connection will be - # closed. - # A value of `0` will disable this - # behavior, and a keepalive connection - # can be used to proxy an indefinite - # number of requests. +#upstream_keepalive_pool_size = 512 # Sets the default size of the upstream + # keepalive connection pools. + # Upstream keepalive connection pools + # are segmented by the `dst ip/dst + # port/SNI` attributes of a connection. + # A value of `0` will disable upstream + # keepalive connections by default, forcing + # each upstream request to open a new + # connection. + +#upstream_keepalive_max_requests = 1000 # Sets the default maximum number of + # requests than can be proxied upstream + # through one keepalive connection. + # After the maximum number of requests + # is reached, the connection will be + # closed. + # A value of `0` will disable this + # behavior, and a keepalive connection + # can be used to proxy an indefinite + # number of requests. #upstream_keepalive_idle_timeout = 60 # Sets the default timeout (in seconds) # for which an upstream keepalive @@ -1141,6 +1141,16 @@ # It is recommended to set it to at least (number of regex paths * 2) # to avoid high CPU usages. +#nginx_http_keepalive_requests = 1000 # Sets the maximum number of client requests that can be served through one + # keep-alive connection. After the maximum number of requests are made, + # the connection is closed. + # Closing connections periodically is necessary to free per-connection + # memory allocations. Therefore, using too high maximum number of requests + # could result in excessive memory usage and not recommended. + # See: https://nginx.org/en/docs/http/ngx_http_core_module.html#keepalive_requests + + + #------------------------------------------------------------------------------ # DATASTORE #------------------------------------------------------------------------------ diff --git a/kong/templates/kong_defaults.lua b/kong/templates/kong_defaults.lua index de837bc4ac80..5580e9543245 100644 --- a/kong/templates/kong_defaults.lua +++ b/kong/templates/kong_defaults.lua @@ -68,8 +68,8 @@ status_ssl_cert_key = NONE headers = server_tokens, latency_tokens trusted_ips = NONE error_default_type = text/plain -upstream_keepalive_pool_size = 60 -upstream_keepalive_max_requests = 100 +upstream_keepalive_pool_size = 512 +upstream_keepalive_max_requests = 1000 upstream_keepalive_idle_timeout = 60 allow_debug_header = off @@ -90,6 +90,9 @@ nginx_http_ssl_prefer_server_ciphers = NONE nginx_http_ssl_dhparam = NONE nginx_http_ssl_session_tickets = NONE nginx_http_ssl_session_timeout = NONE +nginx_http_lua_regex_match_limit = 100000 +nginx_http_lua_regex_cache_max_entries = 8192 +nginx_http_keepalive_requests = 1000 nginx_stream_ssl_protocols = NONE nginx_stream_ssl_prefer_server_ciphers = NONE nginx_stream_ssl_dhparam = NONE @@ -99,8 +102,6 @@ nginx_proxy_real_ip_header = X-Real-IP nginx_proxy_real_ip_recursive = off nginx_admin_client_max_body_size = 10m nginx_admin_client_body_buffer_size = 10m -nginx_http_lua_regex_match_limit = 100000 -nginx_http_lua_regex_cache_max_entries = 8192 client_body_buffer_size = 8k real_ip_header = X-Real-IP diff --git a/spec/01-unit/04-prefix_handler_spec.lua b/spec/01-unit/04-prefix_handler_spec.lua index 299782379ecb..6c0649410124 100644 --- a/spec/01-unit/04-prefix_handler_spec.lua +++ b/spec/01-unit/04-prefix_handler_spec.lua @@ -1384,7 +1384,7 @@ describe("NGINX conf compiler", function() nil, true) assert.matches("daemon on;", contents, nil, true) assert.matches("listen 0.0.0.0:9000;", contents, nil, true) - assert.not_matches("keepalive", contents, nil, true) + assert.not_matches("keepalive%s+%d+", contents) end) end) end)