diff --git a/go.mod b/go.mod index d7c085a3b..72624d008 100644 --- a/go.mod +++ b/go.mod @@ -43,9 +43,9 @@ require ( google.golang.org/grpc v1.38.0 gopkg.in/natefinch/lumberjack.v2 v2.0.0 gopkg.in/square/go-jose.v2 v2.2.2 - k8s.io/api v0.0.0-20210806000318-c02a408946ed + k8s.io/api v0.0.0-20210806000319-499b6f90564c k8s.io/apimachinery v0.0.0-20210805051055-f7769293e6f1 - k8s.io/client-go v0.0.0-20210805080552-fa98c048508e + k8s.io/client-go v0.0.0-20210806000600-0f5acb8c39dd k8s.io/component-base v0.0.0-20210805120716-92bebfd2c985 k8s.io/klog/v2 v2.9.0 k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e @@ -56,8 +56,8 @@ require ( ) replace ( - k8s.io/api => k8s.io/api v0.0.0-20210806000318-c02a408946ed + k8s.io/api => k8s.io/api v0.0.0-20210806000319-499b6f90564c k8s.io/apimachinery => k8s.io/apimachinery v0.0.0-20210805051055-f7769293e6f1 - k8s.io/client-go => k8s.io/client-go v0.0.0-20210805080552-fa98c048508e + k8s.io/client-go => k8s.io/client-go v0.0.0-20210806000600-0f5acb8c39dd k8s.io/component-base => k8s.io/component-base v0.0.0-20210805120716-92bebfd2c985 ) diff --git a/go.sum b/go.sum index e59ce4316..609e21393 100644 --- a/go.sum +++ b/go.sum @@ -780,12 +780,12 @@ honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.0.0-20210806000318-c02a408946ed h1:U6TxkwwwxzupFa00nt11QxtHhIeSlZ9QpSEfjQLJmr8= -k8s.io/api v0.0.0-20210806000318-c02a408946ed/go.mod h1:9J6nkHavSazyXmPeuA4f1YO9Ztdjw7nDibPjT4P+wsY= +k8s.io/api v0.0.0-20210806000319-499b6f90564c h1:/TwdwBIiHSFv2VnETc8qgoi/skGGBo1qlXszp8N/BMo= +k8s.io/api v0.0.0-20210806000319-499b6f90564c/go.mod h1:9J6nkHavSazyXmPeuA4f1YO9Ztdjw7nDibPjT4P+wsY= k8s.io/apimachinery v0.0.0-20210805051055-f7769293e6f1 h1:cVpwhaGeh/tNPBeYbFff3tjx5AxwG5zwImhz+eusG3k= k8s.io/apimachinery v0.0.0-20210805051055-f7769293e6f1/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0= -k8s.io/client-go v0.0.0-20210805080552-fa98c048508e h1:0RaerCWCkguHMpXmdiPlW+wLFkV2oojh4F/QwThEqtI= -k8s.io/client-go v0.0.0-20210805080552-fa98c048508e/go.mod h1:MtYi0MQWcNfpAaLnshaWryCo9Le+5QnBH4dmBTOAQNc= +k8s.io/client-go v0.0.0-20210806000600-0f5acb8c39dd h1:rJtT7gZ4LkZG+xtM6/iJvnzOx5XW+fNicRxMOYT0u/w= +k8s.io/client-go v0.0.0-20210806000600-0f5acb8c39dd/go.mod h1:AptIKtgqoSsdZsOhDruqHKBn7GeBrnbH5CgVkI7tpYU= k8s.io/component-base v0.0.0-20210805120716-92bebfd2c985 h1:5AICcEUyTnjI3rCqtY3n7sjZRLrCtI8Ejt9jnY+24kQ= k8s.io/component-base v0.0.0-20210805120716-92bebfd2c985/go.mod h1:uuSJv3vcTE8Ays2CdTgQdaDyg2nYrkK3jVrLDSV3uAo= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= diff --git a/pkg/server/deprecated_insecure_serving.go b/pkg/server/deprecated_insecure_serving.go index 1de20682a..04375d1dd 100644 --- a/pkg/server/deprecated_insecure_serving.go +++ b/pkg/server/deprecated_insecure_serving.go @@ -45,6 +45,9 @@ func (s *DeprecatedInsecureServingInfo) Serve(handler http.Handler, shutdownTime Addr: s.Listener.Addr().String(), Handler: handler, MaxHeaderBytes: 1 << 20, + + IdleTimeout: 90 * time.Second, // matches http.DefaultTransport keep-alive timeout + ReadHeaderTimeout: 32 * time.Second, // just shy of requestTimeoutUpperBound } if len(s.Name) > 0 { diff --git a/pkg/server/secure_serving.go b/pkg/server/secure_serving.go index c706afb5f..5626cb3a9 100644 --- a/pkg/server/secure_serving.go +++ b/pkg/server/secure_serving.go @@ -157,6 +157,9 @@ func (s *SecureServingInfo) Serve(handler http.Handler, shutdownTimeout time.Dur Handler: handler, MaxHeaderBytes: 1 << 20, TLSConfig: tlsConfig, + + IdleTimeout: 90 * time.Second, // matches http.DefaultTransport keep-alive timeout + ReadHeaderTimeout: 32 * time.Second, // just shy of requestTimeoutUpperBound } // At least 99% of serialized resources in surveyed clusters were smaller than 256kb. @@ -164,7 +167,9 @@ func (s *SecureServingInfo) Serve(handler http.Handler, shutdownTimeout time.Dur // and small enough to allow a per connection buffer of this size multiplied by `MaxConcurrentStreams`. const resourceBody99Percentile = 256 * 1024 - http2Options := &http2.Server{} + http2Options := &http2.Server{ + IdleTimeout: 90 * time.Second, // matches http.DefaultTransport keep-alive timeout + } // shrink the per-stream buffer and max framesize from the 1MB default while still accommodating most API POST requests in a single frame http2Options.MaxUploadBufferPerStream = resourceBody99Percentile @@ -218,6 +223,9 @@ func (s *SecureServingInfo) ServeWithListenerStopped(handler http.Handler, shutd Handler: handler, MaxHeaderBytes: 1 << 20, TLSConfig: tlsConfig, + + IdleTimeout: 90 * time.Second, // matches http.DefaultTransport keep-alive timeout + ReadHeaderTimeout: 32 * time.Second, // just shy of requestTimeoutUpperBound } // At least 99% of serialized resources in surveyed clusters were smaller than 256kb. @@ -225,7 +233,9 @@ func (s *SecureServingInfo) ServeWithListenerStopped(handler http.Handler, shutd // and small enough to allow a per connection buffer of this size multiplied by `MaxConcurrentStreams`. const resourceBody99Percentile = 256 * 1024 - http2Options := &http2.Server{} + http2Options := &http2.Server{ + IdleTimeout: 90 * time.Second, // matches http.DefaultTransport keep-alive timeout + } // shrink the per-stream buffer and max framesize from the 1MB default while still accommodating most API POST requests in a single frame http2Options.MaxUploadBufferPerStream = resourceBody99Percentile