From 8899d916c070d2b5f6b35eb69bb3997217881b0f Mon Sep 17 00:00:00 2001
From: Andrew Kim <taeyeonkim90@gmail.com>
Date: Mon, 16 Dec 2019 07:16:40 -0800
Subject: [PATCH 1/2] Improving load balancer performance

IPVS module used for swarm load balancer had a performance issue
under a high load situation. conn_reuse_mode=0 sysctl variable can
be set to handle the high load situation by reusing existing
connection entries in the IPVS table.

Under a high load, IPVS module was dropping tcp SYN packets whenever
a port reuse is detected with a connection in TIME_WAIT status forcing
clients to re-initiate tcp connections after request timeout events.
By setting conn_reuse_mode=0, IPVS module avoids special handling of
existing entries in the IPVS connection table.
Along with expire_nodest_conn=1, swarm load balancer can handle
a high load of requests and forward connections to newly joining
backend services.

Signed-off-by: Andrew Kim <taeyeonkim90@gmail.com>
---
 libnetwork/osl/namespace_linux.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/libnetwork/osl/namespace_linux.go b/libnetwork/osl/namespace_linux.go
index ed44311418..936f9a233d 100644
--- a/libnetwork/osl/namespace_linux.go
+++ b/libnetwork/osl/namespace_linux.go
@@ -38,6 +38,9 @@ var (
 	gpmChan            = make(chan chan struct{})
 	prefix             = defaultPrefix
 	loadBalancerConfig = map[string]*kernel.OSValue{
+		// disables any special handling on port reuse of existing IPVS connection table entries
+		// more info: https://github.com/torvalds/linux/blob/master/Documentation/networking/ipvs-sysctl.txt#L25:1
+		"net.ipv4.vs.conn_reuse_mode": {Value: "0", CheckFn: nil},
 		// expires connection from the IPVS connection table when the backend is not available
 		// more info: https://github.com/torvalds/linux/blob/master/Documentation/networking/ipvs-sysctl.txt#L126:1
 		"net.ipv4.vs.expire_nodest_conn": {Value: "1", CheckFn: nil},

From 9ced389e6e807d94f18852d7b16ebad2fd662ce5 Mon Sep 17 00:00:00 2001
From: akim01 <akim01@fortinet.com>
Date: Fri, 14 Feb 2020 13:24:06 -0800
Subject: [PATCH 2/2] Improving load balancer performance

Further improving load balancer performance by expiring
connections to servers with weights set to 0.

Signed-off-by: Andrew Kim <taeyeonkim90@gmail.com>
---
 libnetwork/osl/namespace_linux.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/libnetwork/osl/namespace_linux.go b/libnetwork/osl/namespace_linux.go
index 936f9a233d..89cf96454b 100644
--- a/libnetwork/osl/namespace_linux.go
+++ b/libnetwork/osl/namespace_linux.go
@@ -44,6 +44,9 @@ var (
 		// expires connection from the IPVS connection table when the backend is not available
 		// more info: https://github.com/torvalds/linux/blob/master/Documentation/networking/ipvs-sysctl.txt#L126:1
 		"net.ipv4.vs.expire_nodest_conn": {Value: "1", CheckFn: nil},
+		// expires persistent connections to destination servers with weights set to 0
+		// more info: https://github.com/torvalds/linux/blob/master/Documentation/networking/ipvs-sysctl.txt#L144:1
+		"net.ipv4.vs.expire_quiescent_template": {Value: "1", CheckFn: nil},
 	}
 )