连接管理
Envoy 提供强大的连接管理功能,确保高效、可靠的网络连接。
连接池配置
HTTP 连接池
clusters:
- name: http_service
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
http2_protocol_options: {}
circuit_breakers:
thresholds:
- priority: DEFAULT
max_connections: 1024
max_pending_requests: 1024
max_requests: 1024
max_retries: 3
- priority: HIGH
max_connections: 2048
max_pending_requests: 2048
max_requests: 2048
max_retries: 5
load_assignment:
cluster_name: http_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: http-service
port_value: 8080
TCP 连接池
clusters:
- name: tcp_service
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
circuit_breakers:
thresholds:
- priority: DEFAULT
max_connections: 512
max_pending_requests: 512
load_assignment:
cluster_name: tcp_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: tcp-service
port_value: 9090
超时配置
连接超时
clusters:
- name: timeout_service
connect_timeout: 5s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
common_http_protocol_options:
idle_timeout: 300s
max_connection_duration: 3600s
max_stream_duration: 300s
load_assignment:
cluster_name: timeout_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: timeout-service
port_value: 8080
路由级别超时
route_config:
virtual_hosts:
- name: example_vhost
domains: ["*"]
routes:
- match:
prefix: "/slow"
route:
cluster: slow_service
timeout: 30s
idle_timeout: 60s
- match:
prefix: "/fast"
route:
cluster: fast_service
timeout: 5s
idle_timeout: 10s
缓冲区管理
上游缓冲区
clusters:
- name: buffer_service
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
buffer_limits:
max_connection_duration: 3600s
max_connection_idle: 300s
load_assignment:
cluster_name: buffer_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: buffer-service
port_value: 8080
监听器缓冲区
listeners:
- name: listener_0
address:
socket_address:
address: 0.0.0.0
port_value: 10000
buffer_limits:
max_connection_duration: 3600s
max_connection_idle: 300s
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
route_config:
name: local_route
virtual_hosts:
- name: local_service
domains: ["*"]
routes:
- match:
prefix: "/"
route:
cluster: some_service
连接健康检查
HTTP 健康检查
clusters:
- name: health_check_service
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
health_checks:
- timeout: 1s
interval: 10s
unhealthy_threshold: 3
healthy_threshold: 2
http_health_check:
path: "/health"
expected_statuses:
- start: 200
end: 299
load_assignment:
cluster_name: health_check_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: health-service
port_value: 8080
TCP 健康检查
clusters:
- name: tcp_health_service
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
health_checks:
- timeout: 1s
interval: 10s
unhealthy_threshold: 3
healthy_threshold: 2
tcp_health_check:
send:
text: "PING"
receive:
- text: "PONG"
load_assignment:
cluster_name: tcp_health_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: tcp-health-service
port_value: 9090
连接限制
最大连接数
clusters:
- name: limited_service
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
circuit_breakers:
thresholds:
- priority: DEFAULT
max_connections: 100
max_pending_requests: 100
max_requests: 100
max_retries: 3
track_remaining: true
load_assignment:
cluster_name: limited_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: limited-service
port_value: 8080
监听器连接限制
listeners:
- name: listener_0
address:
socket_address:
address: 0.0.0.0
port_value: 10000
connection_balance_config:
exact_balance: {}
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
route_config:
name: local_route
virtual_hosts:
- name: local_service
domains: ["*"]
routes:
- match:
prefix: "/"
route:
cluster: some_service
连接复用
HTTP/2 连接复用
clusters:
- name: http2_service
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
http2_protocol_options:
max_concurrent_streams: 100
initial_stream_window_size: 65536
initial_connection_window_size: 1048576
load_assignment:
cluster_name: http2_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: http2-service
port_value: 8080
连接保持
clusters:
- name: keepalive_service
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
common_http_protocol_options:
idle_timeout: 300s
max_connection_duration: 3600s
max_stream_duration: 300s
headers_with_underscores_action: REJECT_REQUEST
load_assignment:
cluster_name: keepalive_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: keepalive-service
port_value: 8080
最佳实践
1. 连接池优化
- 根据负载调整连接池大小
- 监控连接池使用情况
- 设置合理的超时时间
- 启用连接复用
2. 健康检查
- 配置适当的健康检查间隔
- 设置合理的阈值
- 监控健康检查状态
- 定期审查健康检查配置
3. 性能优化
- 使用 HTTP/2 提高效率
- 配置适当的缓冲区大小
- 监控连接性能
- 优化连接限制
注意事项
- 连接池大小影响内存使用
- 超时设置影响用户体验
- 健康检查增加系统开销
- 需要监控连接状态
连接管理是 Envoy 性能优化的关键,合理配置可以显著提高系统效率。