Is your feature request related to a problem? Please describe.
Hi,
My setup consists in hundreds (and probably thousands soon) of syslog clients which push their events to two Fluentd instances. The fluentd instances have been configured to use syslog_in plugin with TLS support enabled.
I'm very happy with this setup, but I have noticed there is a lot of dead TCP connections on Fluentd side. The issue is there's a firewall between syslog clients and Fluentd instances, and it kills idle TCP connections. I could have increased the TCP session TTL on the firewall side to workaround this issue, but syslog clients can stay for a very long time without sending events (in some cases, more than a day).
As of now I have to restart the Fluent instances once in a while to cleanup half-opened connections.
Describe the solution you'd like
I'd like to use TCP keepalive to prevent half-opened TCP connections.
Describe alternatives you've considered
Restarting Fluentd instances when the number of TCP connections exceeds a defined threshold (reported by monitoring).
Additional context
No response
Is your feature request related to a problem? Please describe.
Hi,
My setup consists in hundreds (and probably thousands soon) of syslog clients which push their events to two Fluentd instances. The fluentd instances have been configured to use syslog_in plugin with TLS support enabled.
I'm very happy with this setup, but I have noticed there is a lot of dead TCP connections on Fluentd side. The issue is there's a firewall between syslog clients and Fluentd instances, and it kills idle TCP connections. I could have increased the TCP session TTL on the firewall side to workaround this issue, but syslog clients can stay for a very long time without sending events (in some cases, more than a day).
As of now I have to restart the Fluent instances once in a while to cleanup half-opened connections.
Describe the solution you'd like
I'd like to use TCP keepalive to prevent half-opened TCP connections.
Describe alternatives you've considered
Restarting Fluentd instances when the number of TCP connections exceeds a defined threshold (reported by monitoring).
Additional context
No response