Timeouts for dynamic resolutions are not handled at the stream level but by
the resolvers themself. It means there is no connect, client and server
timeouts defined on the internal proxy used by a resolver.
While it is not an issue for DNS resolution over UDP, it can be a problem
for resolution over TCP. New sessions are automatically created when
required, and killed on excess. But only established connections are
considered. Connecting ones are never killed. Because there is no conncet
timeout, we rely on the kernel to report a connection error. And this may be
quite long.
Because resolutions are periodically triggered, this may lead to an excess
of unusable sessions in connecting state. This also prevents HAProxy to
quickly exit on soft-stop. It is annoying, especially because there is no
reason to not set a connect timeout.
So to mitigate the issue, we now use the "resolve" timeout as connect
timeout for the internal proxy attached to a resolver.
This patch should be backported as far as 2.4.
px->conn_retries = 1;
px->timeout.server = TICK_ETERNITY;
px->timeout.client = TICK_ETERNITY;
- px->timeout.connect = TICK_ETERNITY;
+ px->timeout.connect = 1000; // by default same than timeout.resolve
px->accept = NULL;
px->options2 |= PR_O2_INDEPSTR | PR_O2_SMARTCON;
}
}
if (args[1][2] == 't')
curr_resolvers->timeout.retry = tout;
- else
+ else {
curr_resolvers->timeout.resolve = tout;
+ curr_resolvers->px->timeout.connect = tout;
+ }
+
}
else {
ha_alert("parsing [%s:%d] : '%s' expects 'retry' or 'resolve' and <time> as arguments got '%s'.\n",
projects / thirdparty / haproxy.git / commitdiff
