From f8e745315f3efb3fcdab6f88752c77547f48bcd4 Mon Sep 17 00:00:00 2001 From: Kyle Havlovitz Date: Thu, 6 Oct 2022 10:22:07 -0700 Subject: [PATCH] Update docs and add tcp_keepalive_probes setting --- .changelog/14800.txt | 3 +++ agent/xds/clusters.go | 3 +++ agent/xds/clusters_test.go | 1 + agent/xds/config.go | 1 + .../mesh-gateway-tcp-keepalives.latest.golden | 3 +++ .../content/docs/connect/proxies/envoy.mdx | 19 +++++++++++++++++++ 6 files changed, 30 insertions(+) create mode 100644 .changelog/14800.txt diff --git a/.changelog/14800.txt b/.changelog/14800.txt new file mode 100644 index 000000000..5a06b00a8 --- /dev/null +++ b/.changelog/14800.txt @@ -0,0 +1,3 @@ +```release-note:improvement +connect: Added gateway options to Envoy proxy config for enabling tcp keepalives on upstream connections to mesh gateways in remote datacenters. +``` \ No newline at end of file diff --git a/agent/xds/clusters.go b/agent/xds/clusters.go index 91089a38a..8add00ba2 100644 --- a/agent/xds/clusters.go +++ b/agent/xds/clusters.go @@ -1545,6 +1545,9 @@ func (s *ResourceGenerator) makeGatewayCluster(snap *proxycfg.ConfigSnapshot, op if cfg.TcpKeepaliveInterval != 0 { cluster.UpstreamConnectionOptions.TcpKeepalive.KeepaliveInterval = makeUint32Value(cfg.TcpKeepaliveInterval) } + if cfg.TcpKeepaliveProbes != 0 { + cluster.UpstreamConnectionOptions.TcpKeepalive.KeepaliveProbes = makeUint32Value(cfg.TcpKeepaliveProbes) + } } // If none of the service instances are addressed by a hostname we provide the endpoint IP addresses via EDS diff --git a/agent/xds/clusters_test.go b/agent/xds/clusters_test.go index 22f27c8a1..d1a978dd1 100644 --- a/agent/xds/clusters_test.go +++ b/agent/xds/clusters_test.go @@ -419,6 +419,7 @@ func TestClustersFromSnapshot(t *testing.T) { ns.Proxy.Config["envoy_mesh_gateway_tcp_enable_keepalive"] = true ns.Proxy.Config["envoy_mesh_gateway_tcp_keepalive_time"] = 120 ns.Proxy.Config["envoy_mesh_gateway_tcp_keepalive_interval"] = 60 + ns.Proxy.Config["envoy_mesh_gateway_tcp_keepalive_probes"] = 7 }, nil) }, }, diff --git a/agent/xds/config.go b/agent/xds/config.go index 288eb8d0d..9db93714a 100644 --- a/agent/xds/config.go +++ b/agent/xds/config.go @@ -138,6 +138,7 @@ type GatewayConfig struct { TcpKeepaliveEnable bool `mapstructure:"envoy_mesh_gateway_tcp_enable_keepalive"` TcpKeepaliveTime int `mapstructure:"envoy_mesh_gateway_tcp_keepalive_time"` TcpKeepaliveInterval int `mapstructure:"envoy_mesh_gateway_tcp_keepalive_interval"` + TcpKeepaliveProbes int `mapstructure:"envoy_mesh_gateway_tcp_keepalive_probes"` } // ParseGatewayConfig returns the GatewayConfig parsed from an opaque map. If an diff --git a/agent/xds/testdata/clusters/mesh-gateway-tcp-keepalives.latest.golden b/agent/xds/testdata/clusters/mesh-gateway-tcp-keepalives.latest.golden index 60f7c6a01..b2204c59a 100644 --- a/agent/xds/testdata/clusters/mesh-gateway-tcp-keepalives.latest.golden +++ b/agent/xds/testdata/clusters/mesh-gateway-tcp-keepalives.latest.golden @@ -36,6 +36,7 @@ }, "upstreamConnectionOptions": { "tcpKeepalive": { + "keepaliveProbes": 7, "keepaliveTime": 120, "keepaliveInterval": 60 } @@ -74,6 +75,7 @@ }, "upstreamConnectionOptions": { "tcpKeepalive": { + "keepaliveProbes": 7, "keepaliveTime": 120, "keepaliveInterval": 60 } @@ -112,6 +114,7 @@ }, "upstreamConnectionOptions": { "tcpKeepalive": { + "keepaliveProbes": 7, "keepaliveTime": 120, "keepaliveInterval": 60 } diff --git a/website/content/docs/connect/proxies/envoy.mdx b/website/content/docs/connect/proxies/envoy.mdx index 88f996f12..c000702e9 100644 --- a/website/content/docs/connect/proxies/envoy.mdx +++ b/website/content/docs/connect/proxies/envoy.mdx @@ -441,6 +441,25 @@ will continue to be supported. addressed by a hostname, such as a managed database. It also applies to mesh gateways, such as when gateways in other Consul datacenters are behind a load balancer that is addressed by a hostname. +- `envoy_mesh_gateway_tcp_enable_keepalive` - Enables TCP keepalive settings on mesh gateway upstream connections + to remote datacenters. Defaults to `false`. Must be one of `true` or `false`. Details for this feature are available in + the [Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-tcpkeepalive). + +- `envoy_mesh_gateway_tcp_keepalive_time` - The number of seconds a connection needs to + be idle before keep-alive probes start being sent. For more information, see the + [Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-tcpkeepalive). + This option only applies to mesh gateway upstream connections to remote datacenters. + +- `envoy_mesh_gateway_tcp_keepalive_interval` - The number of seconds between keep-alive probes. + For more information, see the + [Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-tcpkeepalive). + This option only applies to mesh gateway upstream connections to remote datacenters. + +- `envoy_mesh_gateway_tcp_keepalive_probes` - Maximum number of keepalive probes to send without + response before deciding the connection is dead. For more information, see the + [Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-tcpkeepalive). + This option only applies to mesh gateway upstream connections to remote datacenters. + ## Advanced Configuration To support more flexibility when configuring Envoy, several "lower-level" options exist