Update docs and add tcp_keepalive_probes setting

This commit is contained in:
Kyle Havlovitz 2022-10-06 10:22:07 -07:00
parent 2242d1ec4a
commit 2c569f6b9c
6 changed files with 30 additions and 0 deletions

3
.changelog/14800.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:improvement
connect: Added gateway options to Envoy proxy config for enabling tcp keepalives on upstream connections to mesh gateways in remote datacenters.
```

View File

@ -1545,6 +1545,9 @@ func (s *ResourceGenerator) makeGatewayCluster(snap *proxycfg.ConfigSnapshot, op
if cfg.TcpKeepaliveInterval != 0 {
cluster.UpstreamConnectionOptions.TcpKeepalive.KeepaliveInterval = makeUint32Value(cfg.TcpKeepaliveInterval)
}
if cfg.TcpKeepaliveProbes != 0 {
cluster.UpstreamConnectionOptions.TcpKeepalive.KeepaliveProbes = makeUint32Value(cfg.TcpKeepaliveProbes)
}
}
// If none of the service instances are addressed by a hostname we provide the endpoint IP addresses via EDS

View File

@ -419,6 +419,7 @@ func TestClustersFromSnapshot(t *testing.T) {
ns.Proxy.Config["envoy_mesh_gateway_tcp_enable_keepalive"] = true
ns.Proxy.Config["envoy_mesh_gateway_tcp_keepalive_time"] = 120
ns.Proxy.Config["envoy_mesh_gateway_tcp_keepalive_interval"] = 60
ns.Proxy.Config["envoy_mesh_gateway_tcp_keepalive_probes"] = 7
}, nil)
},
},

View File

@ -138,6 +138,7 @@ type GatewayConfig struct {
TcpKeepaliveEnable bool `mapstructure:"envoy_mesh_gateway_tcp_enable_keepalive"`
TcpKeepaliveTime int `mapstructure:"envoy_mesh_gateway_tcp_keepalive_time"`
TcpKeepaliveInterval int `mapstructure:"envoy_mesh_gateway_tcp_keepalive_interval"`
TcpKeepaliveProbes int `mapstructure:"envoy_mesh_gateway_tcp_keepalive_probes"`
}
// ParseGatewayConfig returns the GatewayConfig parsed from an opaque map. If an

View File

@ -36,6 +36,7 @@
},
"upstreamConnectionOptions": {
"tcpKeepalive": {
"keepaliveProbes": 7,
"keepaliveTime": 120,
"keepaliveInterval": 60
}
@ -74,6 +75,7 @@
},
"upstreamConnectionOptions": {
"tcpKeepalive": {
"keepaliveProbes": 7,
"keepaliveTime": 120,
"keepaliveInterval": 60
}
@ -112,6 +114,7 @@
},
"upstreamConnectionOptions": {
"tcpKeepalive": {
"keepaliveProbes": 7,
"keepaliveTime": 120,
"keepaliveInterval": 60
}

View File

@ -441,6 +441,25 @@ will continue to be supported.
addressed by a hostname, such as a managed database. It also applies to mesh gateways,
such as when gateways in other Consul datacenters are behind a load balancer that is addressed by a hostname.
- `envoy_mesh_gateway_tcp_enable_keepalive` - Enables TCP keepalive settings on mesh gateway upstream connections
to remote datacenters. Defaults to `false`. Must be one of `true` or `false`. Details for this feature are available in
the [Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-tcpkeepalive).
- `envoy_mesh_gateway_tcp_keepalive_time` - The number of seconds a connection needs to
be idle before keep-alive probes start being sent. For more information, see the
[Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-tcpkeepalive).
This option only applies to mesh gateway upstream connections to remote datacenters.
- `envoy_mesh_gateway_tcp_keepalive_interval` - The number of seconds between keep-alive probes.
For more information, see the
[Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-tcpkeepalive).
This option only applies to mesh gateway upstream connections to remote datacenters.
- `envoy_mesh_gateway_tcp_keepalive_probes` - Maximum number of keepalive probes to send without
response before deciding the connection is dead. For more information, see the
[Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-tcpkeepalive).
This option only applies to mesh gateway upstream connections to remote datacenters.
## Advanced Configuration
To support more flexibility when configuring Envoy, several "lower-level" options exist