istio icon indicating copy to clipboard operation
istio copied to clipboard
verified publisher icon istio

default idleTimeout for passthrough cluster has been changed

Open fatedier opened this issue 3 years ago • 0 comments

Bug Description

Someone's feedback:

Hi folks, we’re experiencing a weird issue with TCP connections leak on the PassthroughCluster. The client is a redis client (raw TCP) and it could be the leak is in the app itself. But the weird thing is we noticed it after the 1.13 -> 1.15 upgrade and reverting to 1.13 fixes (or hiding) the issue. I don’t see anything in 1.13 to 1.15 changelog that could affect this. Any ideas?

I think the default value is changed in https://github.com/istio/istio/pull/38422 .

From envoy docs, If not set, the default value in envoy is 1h. If set to 0s, the timeout will be disabled.

And it also says

Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP FIN packets, etc.

Version

Since istio 1.14

Additional Information

No response

fatedier avatar Sep 22 '22 14:09 fatedier