Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable http/grpc mux for etcd #8415

Closed
brandond opened this issue Sep 22, 2023 · 2 comments
Closed

Disable http/grpc mux for etcd #8415

brandond opened this issue Sep 22, 2023 · 2 comments
Assignees
@brandond @mdrahman-suse
Milestone
v1.28.3+k3s1

Comments

@brandond
Copy link
Member

Tracking issue for:

The etcd project has documented issues with watch stream starvation under load when http and grpc are muxed on the same TLS listener.

  • For embedded etcd, we need to enable http on a different port, enable to free the main client port for dedicated grpc use
  • For kine, we should investigate whether or not this same issue affects unencrypted unix sockets, or if it only applies to TCP/TLS listeners.
@brandond brandond self-assigned this Sep 22, 2023
@brandond brandond moved this from New to Peer Review in K3s Development Sep 22, 2023
@brandond brandond added this to the v1.28.3+k3s1 milestone Sep 22, 2023
This was referenced Sep 22, 2023
Merged
Closed
Closed
Closed
@mdrahman-suse
Copy link

mdrahman-suse commented Oct 6, 2023
edited
Loading

Validated on master branch with commit 00fc5a2

Environment Details

Infrastructure

  • Cloud
  • Hosted

Node(s) CPU architecture, OS, and Version:

Ubuntu 22.04.2 LTS (GNU/Linux 5.15.0-1031-aws x86_64)

Cluster Configuration:

1 server

Config.yaml:

write-kubeconfig-mode: 644
cluster-init: true
node-external-ip: <public-ip>

Testing Steps

  1. Copy config.yaml
$ sudo mkdir -p /etc/rancher/k3s && sudo cp config.yaml /etc/rancher/k3s
  1. Install k3s
  2. Wait for the cluster to be up and running
  3. Check the logs using: $ sudo journalctl -u k3s | grep "Running http"
  4. Ensure no error message is displayed

Replication Results:

  • k3s version used for replication:
$ k3s -v
k3s version v1.28.2+k3s1 (6330a5b4)
go version go1.20.8
  • Observed warn message in logs
$ sudo journalctl -u k3s | grep "Running http"
Oct 05 15:43:03 ip-xxx-xx-xx-174 k3s[1670]: {"level":"warn","ts":"2023-10-05T15:43:03.366688Z","caller":"embed/config.go:673","msg":"Running http and grpc server on single port. This is not recommended for production."}
Oct 05 15:43:03 ip-xxx-xx-xx-174 k3s[1670]: {"level":"warn","ts":"2023-10-05T15:43:03.366755Z","caller":"embed/config.go:673","msg":"Running http and grpc server on single port. This is not recommended for production."}

Validation Results:

  • k3s version used for validation:
$ k3s -v
k3s version v1.28.2+k3s-00fc5a23 (00fc5a23)
go version go1.20.8
  • Observed NO warn message in logs
$ sudo journalctl -u k3s | grep "Running http"
ubuntu@ip-xxx-xxx-xx-174:~$

@mdrahman-suse mdrahman-suse moved this from Peer Review to To Test in K3s Development Oct 6, 2023
@github-project-automation github-project-automation bot moved this from To Test to Done Issue in K3s Development Oct 6, 2023
This was referenced Oct 25, 2023
Closed
Merged
@jaysonsantos
Copy link

Hi there, for those who rely on this feature 🙈 on constrained systems, is there a way to enable it once more? After updating to 1.27.7 a small service stopped working because it uses lua with the http version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@brandond brandond

@mdrahman-suse mdrahman-suse

Labels
None yet
Projects
K3s Development
Archived in project
Milestone
v1.28.3+k3s1
Development

No branches or pull requests
3 participants
@jaysonsantos @brandond @mdrahman-suse