From c8472418fb17c777a372a7a736a7dab7f83e08de Mon Sep 17 00:00:00 2001 From: jaskaransarkaria Date: Mon, 25 Mar 2024 10:29:37 +0000 Subject: [PATCH] =?UTF-8?q?perf:=20=E2=9A=A1=EF=B8=8F=20reduce=20keepalive?= =?UTF-8?q?=20time?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- main.tf | 22 ++++++++++++---------- templates/values.yaml.tpl | 1 + variables.tf | 6 ++++++ 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/main.tf b/main.tf index 496c3f2..3a415c0 100644 --- a/main.tf +++ b/main.tf @@ -50,16 +50,18 @@ resource "helm_release" "nginx_ingress" { version = "4.7.3" values = [templatefile("${path.module}/templates/values.yaml.tpl", { - metrics_namespace = "ingress-controllers" - external_dns_annotation = local.external_dns_annotation - replica_count = var.replica_count - default_cert = var.default_cert - controller_name = var.controller_name - controller_value = "k8s.io/ingress-${var.controller_name}" - enable_modsec = var.enable_modsec - enable_latest_tls = var.enable_latest_tls - enable_owasp = var.enable_owasp - keepalive = var.keepalive + metrics_namespace = "ingress-controllers" + external_dns_annotation = local.external_dns_annotation + replica_count = var.replica_count + default_cert = var.default_cert + controller_name = var.controller_name + controller_value = "k8s.io/ingress-${var.controller_name}" + enable_modsec = var.enable_modsec + enable_latest_tls = var.enable_latest_tls + enable_owasp = var.enable_owasp + keepalive = var.keepalive + # https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#upstream-keepalive-time + upstream_keepalive_time = var.upstream_keepalive_time proxy_response_buffering = var.proxy_response_buffering default = var.controller_name == "default" ? true : false name_override = "ingress-${var.controller_name}" diff --git a/templates/values.yaml.tpl b/templates/values.yaml.tpl index e44c2f2..68a9880 100644 --- a/templates/values.yaml.tpl +++ b/templates/values.yaml.tpl @@ -169,6 +169,7 @@ controller: proxy-body-size: "50m" keepalive: ${keepalive} proxy-buffering: "${proxy_response_buffering}" + upstream-keepalive-time: "${upstream_keepalive_time}" %{ if enable_latest_tls } ssl-protocols: "TLSv1.2 TLSv1.3" diff --git a/variables.tf b/variables.tf index 804d88f..010920a 100644 --- a/variables.tf +++ b/variables.tf @@ -74,6 +74,12 @@ variable "keepalive" { default = 320 } +variable "upstream_keepalive_time" { + description = "Limits the maximum time during which requests can be processed through one keepalive connection. After this time is reached, the connection is closed following the subsequent request processing." + type = string + default = "1h" +} + variable "proxy_response_buffering" { description = "nginx receives a response from the proxied server as soon as possible, saving it into the buffers set by the proxy_buffer_size and proxy_buffers directives. If the whole response does not fit into memory, a part of it can be saved to a temporary file on the disk. https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffering" type = string