mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
Merge pull request #43146 from evol262/fix/ingress-namespace-performance
Apply peformance tuning to new sandboxes also
This commit is contained in:
commit
1aea4c2bbd
2 changed files with 27 additions and 20 deletions
|
@ -1082,6 +1082,14 @@ func (c *controller) NewSandbox(containerID string, options ...SandboxOption) (S
|
||||||
|
|
||||||
if sb.osSbox != nil {
|
if sb.osSbox != nil {
|
||||||
// Apply operating specific knobs on the load balancer sandbox
|
// Apply operating specific knobs on the load balancer sandbox
|
||||||
|
err := sb.osSbox.InvokeFunc(func() {
|
||||||
|
sb.osSbox.ApplyOSTweaks(sb.oslTypes)
|
||||||
|
})
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
logrus.Errorf("Failed to apply performance tuning sysctls to the sandbox: %v", err)
|
||||||
|
}
|
||||||
|
// Keep this just so performance is not changed
|
||||||
sb.osSbox.ApplyOSTweaks(sb.oslTypes)
|
sb.osSbox.ApplyOSTweaks(sb.oslTypes)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -31,24 +31,13 @@ func init() {
|
||||||
}
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
once sync.Once
|
once sync.Once
|
||||||
garbagePathMap = make(map[string]bool)
|
garbagePathMap = make(map[string]bool)
|
||||||
gpmLock sync.Mutex
|
gpmLock sync.Mutex
|
||||||
gpmWg sync.WaitGroup
|
gpmWg sync.WaitGroup
|
||||||
gpmCleanupPeriod = 60 * time.Second
|
gpmCleanupPeriod = 60 * time.Second
|
||||||
gpmChan = make(chan chan struct{})
|
gpmChan = make(chan chan struct{})
|
||||||
prefix = defaultPrefix
|
prefix = defaultPrefix
|
||||||
loadBalancerConfig = map[string]*kernel.OSValue{
|
|
||||||
// disables any special handling on port reuse of existing IPVS connection table entries
|
|
||||||
// more info: https://github.com/torvalds/linux/blob/master/Documentation/networking/ipvs-sysctl.txt#L25:1
|
|
||||||
"net.ipv4.vs.conn_reuse_mode": {Value: "0", CheckFn: nil},
|
|
||||||
// expires connection from the IPVS connection table when the backend is not available
|
|
||||||
// more info: https://github.com/torvalds/linux/blob/master/Documentation/networking/ipvs-sysctl.txt#L126:1
|
|
||||||
"net.ipv4.vs.expire_nodest_conn": {Value: "1", CheckFn: nil},
|
|
||||||
// expires persistent connections to destination servers with weights set to 0
|
|
||||||
// more info: https://github.com/torvalds/linux/blob/master/Documentation/networking/ipvs-sysctl.txt#L144:1
|
|
||||||
"net.ipv4.vs.expire_quiescent_template": {Value: "1", CheckFn: nil},
|
|
||||||
}
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// The networkNamespace type is the linux implementation of the Sandbox
|
// The networkNamespace type is the linux implementation of the Sandbox
|
||||||
|
@ -689,8 +678,18 @@ func setIPv6(path, iface string, enable bool) error {
|
||||||
func (n *networkNamespace) ApplyOSTweaks(types []SandboxType) {
|
func (n *networkNamespace) ApplyOSTweaks(types []SandboxType) {
|
||||||
for _, t := range types {
|
for _, t := range types {
|
||||||
switch t {
|
switch t {
|
||||||
case SandboxTypeLoadBalancer:
|
case SandboxTypeLoadBalancer, SandboxTypeIngress:
|
||||||
kernel.ApplyOSTweaks(loadBalancerConfig)
|
kernel.ApplyOSTweaks(map[string]*kernel.OSValue{
|
||||||
|
// disables any special handling on port reuse of existing IPVS connection table entries
|
||||||
|
// more info: https://github.com/torvalds/linux/blame/v5.15/Documentation/networking/ipvs-sysctl.rst#L32
|
||||||
|
"net.ipv4.vs.conn_reuse_mode": {Value: "0", CheckFn: nil},
|
||||||
|
// expires connection from the IPVS connection table when the backend is not available
|
||||||
|
// more info: https://github.com/torvalds/linux/blame/v5.15/Documentation/networking/ipvs-sysctl.rst#L133
|
||||||
|
"net.ipv4.vs.expire_nodest_conn": {Value: "1", CheckFn: nil},
|
||||||
|
// expires persistent connections to destination servers with weights set to 0
|
||||||
|
// more info: https://github.com/torvalds/linux/blame/v5.15/Documentation/networking/ipvs-sysctl.rst#L151
|
||||||
|
"net.ipv4.vs.expire_quiescent_template": {Value: "1", CheckFn: nil},
|
||||||
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue