From fe07af9696d7f40ae0579614b52f1f34b68b3e6d Mon Sep 17 00:00:00 2001 From: "lena.larionova" Date: Fri, 26 Aug 2022 16:51:07 -0700 Subject: [PATCH 1/4] add missing ipv6only and so_keepalive options --- src/gateway/reference/configuration.md | 30 ++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/src/gateway/reference/configuration.md b/src/gateway/reference/configuration.md index 5acf6d492ca3..132d96521990 100644 --- a/src/gateway/reference/configuration.md +++ b/src/gateway/reference/configuration.md @@ -537,6 +537,16 @@ Some suffixes can be specified for each pair: parameter. In order for the larger `backlog` set here to take effect it is necessary to raise `net.core.somaxconn` at the same time to match or exceed the `backlog` number set. +- `ipv6only=on|off` whether an IPv6 socket listening on a wildcard address [::] + will accept only IPv6 connections or both IPv6 and IPv4 connections. +- `so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]` configures the + “TCP keepalive” behavior for the listening socket. If this parameter is + omitted then the operating system’s settings will be in effect for the socket. + If it is set to the value “on”, the SO_KEEPALIVE option is turned + on for the socket. If it is set to the value “off”, the SO_KEEPALIVE option + is turned off for the socket. Some operating systems support setting of + TCP keepalive parameters on a per-socket basis using the TCP_KEEPIDLE, + TCP_KEEPINTVL, and TCP_KEEPCNT socket options. This value can be set to `off`, thus disabling the HTTP/HTTPS proxy port for this node. @@ -612,6 +622,16 @@ Some suffixes can be specified for each pair: parameter. In order for the larger `backlog` set here to take effect it is necessary to raise `net.core.somaxconn` at the same time to match or exceed the `backlog` number set. +- `ipv6only=on|off` whether an IPv6 socket listening on a wildcard address [::] + will accept only IPv6 connections or both IPv6 and IPv4 connections. +- `so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]` configures the + “TCP keepalive” behavior for the listening socket. If this parameter is + omitted then the operating system’s settings will be in effect for the socket. + If it is set to the value “on”, the SO_KEEPALIVE option is turned + on for the socket. If it is set to the value “off”, the SO_KEEPALIVE option + is turned off for the socket. Some operating systems support setting of + TCP keepalive parameters on a per-socket basis using the TCP_KEEPIDLE, + TCP_KEEPINTVL, and TCP_KEEPCNT socket options. Examples: @@ -674,6 +694,16 @@ Some suffixes can be specified for each pair: parameter. In order for the larger `backlog` set here to take effect it is necessary to raise `net.core.somaxconn` at the same time to match or exceed the `backlog` number set. +- `ipv6only=on|off` whether an IPv6 socket listening on a wildcard address [::] + will accept only IPv6 connections or both IPv6 and IPv4 connections. +- `so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]` configures the + “TCP keepalive” behavior for the listening socket. If this parameter is + omitted then the operating system’s settings will be in effect for the socket. + If it is set to the value “on”, the SO_KEEPALIVE option is turned + on for the socket. If it is set to the value “off”, the SO_KEEPALIVE option + is turned off for the socket. Some operating systems support setting of + TCP keepalive parameters on a per-socket basis using the TCP_KEEPIDLE, + TCP_KEEPINTVL, and TCP_KEEPCNT socket options. This value can be set to `off`, thus disabling the Admin interface for this node, enabling a 'data-plane' mode (without configuration capabilities) pulling From 8764488356f9347a4dd401c942540cafdbc9e0f8 Mon Sep 17 00:00:00 2001 From: "lena.larionova" Date: Fri, 26 Aug 2022 17:06:30 -0700 Subject: [PATCH 2/4] add info on missing config options --- src/gateway/reference/configuration.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/gateway/reference/configuration.md b/src/gateway/reference/configuration.md index 132d96521990..791f277e1e02 100644 --- a/src/gateway/reference/configuration.md +++ b/src/gateway/reference/configuration.md @@ -1196,7 +1196,8 @@ block. Changes the limit on the maximum number of open files for worker processes. The special and default value of `auto` sets this value to `ulimit -n` with the -upper bound limited to 16384 as a measure to protect against excess memory use. +upper bound limited to 16384 as a measure to protect against excess memory use, +and the lower bound of 1024 as a good default. See http://nginx.org/en/docs/ngx_core_module.html#worker_rlimit_nofile @@ -1210,7 +1211,8 @@ Sets the maximum number of simultaneous connections that can be opened by a worker process. The special and default value of `auto` sets this value to `ulimit -n` with the -upper bound limited to 16384 as a measure to protect against excess memory use. +upper bound limited to 16384 as a measure to protect against excess memory use, +and the lower bound of 1024 as a good default. See http://nginx.org/en/docs/ngx_core_module.html#worker_connections From 82edcf17cd34bd9cab7fc6e06d29da7be244c071 Mon Sep 17 00:00:00 2001 From: lena-larionova <54370747+lena-larionova@users.noreply.github.com> Date: Mon, 29 Aug 2022 08:23:50 -0700 Subject: [PATCH 3/4] Apply suggestions from code review Co-authored-by: Angel --- src/gateway/reference/configuration.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/src/gateway/reference/configuration.md b/src/gateway/reference/configuration.md index 791f277e1e02..9fa76678cb47 100644 --- a/src/gateway/reference/configuration.md +++ b/src/gateway/reference/configuration.md @@ -542,11 +542,11 @@ Some suffixes can be specified for each pair: - `so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]` configures the “TCP keepalive” behavior for the listening socket. If this parameter is omitted then the operating system’s settings will be in effect for the socket. - If it is set to the value “on”, the SO_KEEPALIVE option is turned - on for the socket. If it is set to the value “off”, the SO_KEEPALIVE option + If it is set to the value `on`, the `SO_KEEPALIVE` option is turned + on for the socket. If it is set to the value `off`, the `SO_KEEPALIVE` option is turned off for the socket. Some operating systems support setting of - TCP keepalive parameters on a per-socket basis using the TCP_KEEPIDLE, - TCP_KEEPINTVL, and TCP_KEEPCNT socket options. + TCP keepalive parameters on a per-socket basis using the `TCP_KEEPIDLE`, + `TCP_KEEPINTVL`, and `TCP_KEEPCNT` socket options. This value can be set to `off`, thus disabling the HTTP/HTTPS proxy port for this node. @@ -625,12 +625,12 @@ Some suffixes can be specified for each pair: - `ipv6only=on|off` whether an IPv6 socket listening on a wildcard address [::] will accept only IPv6 connections or both IPv6 and IPv4 connections. - `so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]` configures the - “TCP keepalive” behavior for the listening socket. If this parameter is + `TCP keepalive` behavior for the listening socket. If this parameter is omitted then the operating system’s settings will be in effect for the socket. - If it is set to the value “on”, the SO_KEEPALIVE option is turned + If it is set to the value `on`, the `SO_KEEPALIVE` option is turned on for the socket. If it is set to the value “off”, the SO_KEEPALIVE option is turned off for the socket. Some operating systems support setting of - TCP keepalive parameters on a per-socket basis using the TCP_KEEPIDLE, + TCP keepalive parameters on a per-socket basis using the `TCP_KEEPIDLE`, TCP_KEEPINTVL, and TCP_KEEPCNT socket options. Examples: @@ -699,11 +699,11 @@ Some suffixes can be specified for each pair: - `so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]` configures the “TCP keepalive” behavior for the listening socket. If this parameter is omitted then the operating system’s settings will be in effect for the socket. - If it is set to the value “on”, the SO_KEEPALIVE option is turned - on for the socket. If it is set to the value “off”, the SO_KEEPALIVE option + If it is set to the value `on`, the `SO_KEEPALIVE` option is turned + on for the socket. If it is set to the value `off`, the `SO_KEEPALIVE` option is turned off for the socket. Some operating systems support setting of TCP keepalive parameters on a per-socket basis using the TCP_KEEPIDLE, - TCP_KEEPINTVL, and TCP_KEEPCNT socket options. + `TCP_KEEPINTVL`, and `TCP_KEEPCNT` socket options. This value can be set to `off`, thus disabling the Admin interface for this node, enabling a 'data-plane' mode (without configuration capabilities) pulling From 11946965612560b6e7ea907b4cf0718b1c0a9ac9 Mon Sep 17 00:00:00 2001 From: lena-larionova <54370747+lena-larionova@users.noreply.github.com> Date: Mon, 29 Aug 2022 08:24:22 -0700 Subject: [PATCH 4/4] Apply suggestions from code review Co-authored-by: Angel --- src/gateway/reference/configuration.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/gateway/reference/configuration.md b/src/gateway/reference/configuration.md index 9fa76678cb47..0dcb290e60ea 100644 --- a/src/gateway/reference/configuration.md +++ b/src/gateway/reference/configuration.md @@ -628,10 +628,10 @@ Some suffixes can be specified for each pair: `TCP keepalive` behavior for the listening socket. If this parameter is omitted then the operating system’s settings will be in effect for the socket. If it is set to the value `on`, the `SO_KEEPALIVE` option is turned - on for the socket. If it is set to the value “off”, the SO_KEEPALIVE option + on for the socket. If it is set to the value `off`, the `SO_KEEPALIVE` option is turned off for the socket. Some operating systems support setting of TCP keepalive parameters on a per-socket basis using the `TCP_KEEPIDLE`, - TCP_KEEPINTVL, and TCP_KEEPCNT socket options. + `TCP_KEEPINTVL`, and `TCP_KEEPCNT` socket options. Examples: @@ -702,7 +702,7 @@ Some suffixes can be specified for each pair: If it is set to the value `on`, the `SO_KEEPALIVE` option is turned on for the socket. If it is set to the value `off`, the `SO_KEEPALIVE` option is turned off for the socket. Some operating systems support setting of - TCP keepalive parameters on a per-socket basis using the TCP_KEEPIDLE, + TCP keepalive parameters on a per-socket basis using the `TCP_KEEPIDLE`, `TCP_KEEPINTVL`, and `TCP_KEEPCNT` socket options. This value can be set to `off`, thus disabling the Admin interface for this