github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-08 20:50:24 +00:00
Code Issues Projects Releases Wiki Activity

Randomize apiserver watch timeouts

Browse Source
This commit is contained in:
Prashanth Balasubramanian
2015-05-11 19:41:13 -07:00
parent d9d12fd3f7
commit 8a5445d3db
5 changed files with 131 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/kube-apiserver/apiserver.go
View File

@@ -20,8 +20,10 @@ package main
import (
"fmt"
"math/rand"
"os"
"runtime"
"time"
"github.com/GoogleCloudPlatform/kubernetes/cmd/kube-apiserver/app"
"github.com/GoogleCloudPlatform/kubernetes/pkg/util"
@@ -32,6 +34,8 @@ import (
func main() {
runtime.GOMAXPROCS(runtime.NumCPU())
rand.Seed(time.Now().UTC().UnixNano())
s := app.NewAPIServer()
s.AddFlags(pflag.CommandLine)

19
cmd/kube-apiserver/app/server.go
View File

@@ -46,6 +46,12 @@ import (
"github.com/spf13/pflag"
)
const (
// Maximum duration before timing out read/write requests
// Set to a value larger than the timeouts in each watch server.
ReadWriteTimeout = time.Minute * 60
)
// APIServer runs a kubernetes api server.
type APIServer struct {
InsecureBindAddress util.IP
@@ -393,8 +399,8 @@ func (s *APIServer) Run(_ []string) error {
readOnlyServer := &http.Server{
Addr: roLocation,
Handler: apiserver.MaxInFlightLimit(sem, longRunningRE, apiserver.RecoverPanics(apiserver.ReadOnly(apiserver.RateLimit(rl, m.InsecureHandler)))),
ReadTimeout: 5 * time.Minute,
WriteTimeout: 5 * time.Minute,
ReadTimeout: ReadWriteTimeout,
WriteTimeout: ReadWriteTimeout,
MaxHeaderBytes: 1 << 20,
}
glog.Infof("Serving read-only insecurely on %s", roLocation)
@@ -413,8 +419,8 @@ func (s *APIServer) Run(_ []string) error {
secureServer := &http.Server{
Addr: secureLocation,
Handler: apiserver.MaxInFlightLimit(sem, longRunningRE, apiserver.RecoverPanics(m.Handler)),
ReadTimeout: 5 * time.Minute,
WriteTimeout: 5 * time.Minute,
ReadTimeout: ReadWriteTimeout,
WriteTimeout: ReadWriteTimeout,
MaxHeaderBytes: 1 << 20,
TLSConfig: &tls.Config{
// Change default from SSLv3 to TLSv1.0 (because of POODLE vulnerability)
@@ -454,12 +460,11 @@ func (s *APIServer) Run(_ []string) error {
}
}()
}
http := &http.Server{
Addr: insecureLocation,
Handler: apiserver.RecoverPanics(m.InsecureHandler),
ReadTimeout: 5 * time.Minute,
WriteTimeout: 5 * time.Minute,
ReadTimeout: ReadWriteTimeout,
WriteTimeout: ReadWriteTimeout,
MaxHeaderBytes: 1 << 20,
}
glog.Infof("Serving insecurely on %s", insecureLocation)