From 7f74906d332942093ddbc1596497e9e2dd8eb7c2 Mon Sep 17 00:00:00 2001
From: Matthew Mosesohn <matthew.mosesohn@gmail.com>
Date: Thu, 5 Sep 2019 10:32:51 +0300
Subject: [PATCH] Make haproxy/nginx client timeout configurable (#5140)

Change-Id: I61319a06eb33d9fc868e19941924f387088b856b
---
 roles/kubernetes/node/defaults/main.yml                     | 2 ++
 roles/kubernetes/node/templates/loadbalancer/haproxy.cfg.j2 | 2 +-
 roles/kubernetes/node/templates/loadbalancer/nginx.conf.j2  | 2 +-
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/roles/kubernetes/node/defaults/main.yml b/roles/kubernetes/node/defaults/main.yml
index 3b549da86..af441ffa9 100644
--- a/roles/kubernetes/node/defaults/main.yml
+++ b/roles/kubernetes/node/defaults/main.yml
@@ -46,6 +46,8 @@ kubelet_status_update_frequency: 10s
 loadbalancer_apiserver_memory_requests: 32M
 loadbalancer_apiserver_cpu_requests: 25m
 
+loadbalancer_apiserver_keepalive_timeout: 5m
+
 # kube_api_runtime_config:
 #   - extensions/v1beta1/daemonsets=true
 #   - extensions/v1beta1/deployments=true
diff --git a/roles/kubernetes/node/templates/loadbalancer/haproxy.cfg.j2 b/roles/kubernetes/node/templates/loadbalancer/haproxy.cfg.j2
index 6c467bda2..ef3269fc8 100644
--- a/roles/kubernetes/node/templates/loadbalancer/haproxy.cfg.j2
+++ b/roles/kubernetes/node/templates/loadbalancer/haproxy.cfg.j2
@@ -13,7 +13,7 @@ defaults
     timeout http-request    5m
     timeout queue           5m
     timeout connect         30s
-    timeout client          15m
+    timeout client          {{ loadbalancer_apiserver_keepalive_timeout }}
     timeout server          15m
     timeout http-keep-alive 30s
     timeout check           30s
diff --git a/roles/kubernetes/node/templates/loadbalancer/nginx.conf.j2 b/roles/kubernetes/node/templates/loadbalancer/nginx.conf.j2
index 862a7c6db..6361a6f39 100644
--- a/roles/kubernetes/node/templates/loadbalancer/nginx.conf.j2
+++ b/roles/kubernetes/node/templates/loadbalancer/nginx.conf.j2
@@ -32,7 +32,7 @@ http {
   tcp_nopush on;
   tcp_nodelay on;
 
-  keepalive_timeout 75s;
+  keepalive_timeout {{ loadbalancer_apiserver_keepalive_timeout }};
   keepalive_requests 100;
   reset_timedout_connection on;
   server_tokens off;
-- 
GitLab