From github-return-1406-archive-asf-public=cust-asf.ponee.io@trafficserver.apache.org Tue Jun 30 20:04:12 2020 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by mx-eu-01.ponee.io (Postfix) with SMTP id 20D11180643 for ; Tue, 30 Jun 2020 22:04:12 +0200 (CEST) Received: (qmail 11432 invoked by uid 500); 30 Jun 2020 20:04:11 -0000 Mailing-List: contact github-help@trafficserver.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: github@trafficserver.apache.org Delivered-To: mailing list github@trafficserver.apache.org Received: (qmail 11418 invoked by uid 99); 30 Jun 2020 20:04:11 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 Jun 2020 20:04:11 +0000 From: =?utf-8?q?GitBox?= To: github@trafficserver.apache.org Subject: =?utf-8?q?=5BGitHub=5D_=5Btrafficserver=5D_sudheerv_opened_a_new_pull_reques?= =?utf-8?q?t_=236968=3A_RateLimiting_and_Connection_Config_changes?= Message-ID: Date: Tue, 30 Jun 2020 20:04:11 -0000 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit sudheerv opened a new pull request #6968: URL: https://github.com/apache/trafficserver/pull/6968 Link to related talk during ATS Spring'20 Summit https://cwiki.apache.org/confluence/download/attachments/158863592/ATS%20Concurrency%20Limiter.pdf?version=1&modificationDate=1592327600000&api=v2 Email to dev/users@ ``` Re: Connection and Timeout Tuning, config name changes in 9.x Yahoo / Sent Sudheer Vinukonda To: dev@trafficserver.apache.org Cc: Users , Leif Hedstrom , SUSAN HINRICHS Sat, May 16 at 10:41 AM Thanks, Bryan! Based on the discussion with Bryan on slack, below is the newer proposed config changes: 1) Rename "proxy.config.net.max_active_connections_in" to "proxy.config.net.max_requests_in" 2) Rename "proxy.config.http.server_max_connections" to "proxy.config.net.max_connections_out" 3) "proxy.config.net.max_connections_in" - This config will stay put to limit the max number of in-flight requests (concurrency) + idle (socket) connections 4) "proxy.config.net.connections_throttle" - This config will stay put to limit the max number of open connections (FD, rlimits etc), but eventually will be deprecated and replaced with {{ "proxy.config.net.max_connections_in" + "proxy.config.net.max_connections_out" }} Please provide any feedback/comments/concerns. Thanks, Sudheer On Friday, May 15, 2020, 11:11:53 AM PDT, Bryan Call wrote: After seeing the GitHub PR I think we should keep proxy.config.net.max_connections_in since it is the number of socket connections (active + idle) and then rename proxy.config.net.max_active_connections_in, as you suggested in your email, to proxy.config.net.max_active_requests_in or proxy.config.net.max_requests_in (as Sudheer suggested on Slack). I would like to see us get rid of proxy.config.net.connections_throttle in the long term and use max_connections_in/out if possible. -Bryan > On May 12, 2020, at 5:17 PM, Sudheer Vinukonda wrote: > > 9.x (re)introduces a feature (it was accidentally "lost" during some unrelated refactoring) that will allow to configure limits on max "active" connections that can be allowed at any given time (https://github.com/apache/trafficserver/pull/6754) > Given that this feature is based on tracking "active connections", it should work very well with HTTP/1.1 traffic (where, 1 active connection = 1 request). However, with HTTP/2 and stream multiplexing, this is no longer true and it isn't nearly as effective. One can still use an average number of concurrent streams/connection to configure the limits, but, ideally, what would work for both HTTP/1.1 and HTTP/2 (and going forward with QUIC/HTTP/3) would be to track and (rate) limit request level concurrency. There is some ongoing work on this and to align better with that work, we are proposing to make the below changes to existing configs with 9.x > > 1) Rename "proxy.config.net.max_connections_in" to "proxy.config.net.max_requests_in" > 2) Rename "proxy.config.net.max_active_connections_in" to "proxy.config.net.max_active_requests_in" > 3) proxy.config.net.connections_throttle - This config will stay put to limit the max number of open connections (FD, rlimits etc) > > More context on the new changes - > > > The idea is to tune active connections that can be handled (based on the available resources/capacity (CPU, Memory, Network bandwidth) and minimize/remove dependency on having to tune connection timeouts (active/inactive/keep-alive etc) which are very hard to tune. > > The primary goal is to limit the max active connections allowed at any given instant. The resource requirement for an idle/inactive vs active connections are completely different - For e.g an idle connection really only consumes memory resource, while an active connection consumes CPU, network besides memory. And allowing to tune/cap the max active connections based on the deployed capacity for the resources available, would make timeout tuning almost redundant and no op. Otherwise, we'd have to tune the timeouts to estimate throughput which is very hard as it's hard to justify how large or small we want the active timeout to be or keep alive timeout to be. For e.g in a non-peak hour, we could let the active timeout be much higher than the default, while during peak hour, we'd want to limit it to ensure we are not starving resources on one connection. > Note: there's one little TODO item here. PluginVC's connections are not tracked in the NetVC's active queue because these are bogus internal connections. However, for some users, internal traffic is significant (e.g sideways calls, or background fetches etc) and does consume plenty of resources. Since these internal requests don't impact ingress network, and have a slightly different resource requirements than client originated requests, it might be better to track these using a separate config for internal requests. Will follow that part up with a separate PR. > > ``` ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: users@infra.apache.org