Bug 2063283
| Summary: | Ingress Operator is not closing TCP connections. | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | OpenShift BugZilla Robot <openshift-bugzilla-robot> |
| Component: | Networking | Assignee: | Andrew McDermott <amcdermo> |
| Networking sub component: | router | QA Contact: | Shudi Li <shudili> |
| Status: | CLOSED ERRATA | Docs Contact: | |
| Severity: | high | ||
| Priority: | high | CC: | amcdermo, aos-bugs, bmehra, bpickard, hongli, mmasters, vuberti |
| Version: | 4.7 | ||
| Target Milestone: | --- | ||
| Target Release: | 4.10.z | ||
| Hardware: | x86_64 | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
Cause:
Ingress Operator performs health checks against the ingress canary route. Once the health check is done Ingress Operator doesn't close the TCP Connection to the load balancer (LB) because keepalives are enabled on the connection. While performing the next health check a new connection is established to the LB instead of using the existing connection.
Consequence:
This causes the number connection to build upon the LB, overtime exhausting the number of connections on the LB.
Fix:
Disable keepalives when connecting to the canary route.
Result:
A new connection is made and closed each time the canary probe is run. With keepalives disabled there is no longer an accumulation of ESTABLISHED connections.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-03-28 12:03:50 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2037447 | ||
| Bug Blocks: | 2064586 | ||
|
Comment 6
errata-xmlrpc
2022-03-28 12:03:50 UTC
|