About

Connection pools are typically set up for apps that must be accessed frequently, such as a web service. Without connection pools, every request to the web service requires a new connection to be opened. This setup might work if the web service is accessed occasionally. However, as clients scale and more requests are sent to the web service, opening a connection for each requests can get very expensive and easily overload the web service.

To prevent the upstream web service from being overloaded, you can use connection pool settings to determine the maximum number of connections that can be opened to your app and the maximum number of requests that can be sent per connection.

For more information, see the Gloo connection policy API docs.

Before you begin

  1. Complete the multicluster getting started guide to set up the following testing environment.

    • Three clusters along with environment variables for the clusters and their Kubernetes contexts.
    • The Gloo meshctl CLI, along with other CLI tools such as kubectl and istioctl.
    • The Gloo management server in the management cluster, and the Gloo agents in the workload clusters.
    • Istio installed in the workload clusters.
    • A simple Gloo workspace setup.
  2. Install Bookinfo and other sample apps.

Configure connection policies for HTTP destinations

You can apply a connection policy at the destination level. For more information, see Applying policies.

The following example applies HTTP connection pool settings to all virtual destinations in the bookinfo namespace.

  apiVersion: resilience.policy.gloo.solo.io/v2
kind: ConnectionPolicy
metadata:
  annotations:
    cluster.solo.io/cluster: ""
  name: http-connect
  namespace: bookinfo
spec:
  applyToDestinations:
  - kind: VIRTUAL_DESTINATION
    selector: {}
  config:
    http:
      idleTimeout: 2s
      maxRequestsPerConnection: 1
      maxRetries: 1
  

Review the following table to understand this configuration. For more information, see the API docs.

SettingDescription
applyToDestinationsUse labels to apply the policy to destinations. Destinations might be a Kubernetes service, VirtualDestination, or ExternalService (if supported by the policy). If you do not specify any destinations or routes, the policy applies to all destinations in the workspace by default. If you do not specify any destinations but you do specify a route, the policy applies to the route but to no destinations.
configConfigure the connection settings to apply to the selected destinations. To set connection pool settings for HTTP destinations, use http as the protocol. For TCP connection pool settings, use tcp. The connection policy in this guide shows how to configure connection pool settings for an HTTP destination. To find an example for a TCP connection policy, see Connection pool settings for TCP.
http.idleTimeoutThe time a connection can stay open without receiving any requests. By default, this value is set to 1 hour. If the idle time is reached, the connection is closed.
http.maxRequestsPerConnectionThe maximum number of requests that can be sent to a destination per connection. If you set this value to 1, you disable keep alive. By default, this value is set to 0, which equals unlimited, and allows a maximum of 2^29 requests per connection.
http.maxRetriesThe maximum number of retries that can be outstanding to all hosts in a cluster at a given time. Defaults to 2^32-1.

Verify connection policies

  1. Create a virtual destination for the ratings app.

      kubectl apply --context $REMOTE_CONTEXT1 -f- <<EOF
    apiVersion: networking.gloo.solo.io/v2
    kind: VirtualDestination
    metadata:
      name: ratings-global
      namespace: bookinfo
    spec:
      hosts:
      - ratings.global
      ports:
      - number: 80
        protocol: HTTP
        targetPort:
          name: http
      services:
      - labels:
          app: ratings
    EOF
      
  2. Apply the example connection policy for the ratings app.

      kubectl apply --context $REMOTE_CONTEXT1 -f- <<EOF
    apiVersion: resilience.policy.gloo.solo.io/v2
    kind: ConnectionPolicy
    metadata:
      annotations:
        cluster.solo.io/cluster: ""
      name: http-connect
      namespace: bookinfo
    spec:
      applyToDestinations:
      - kind: VIRTUAL_DESTINATION
        selector: {}
      config:
        http:
          idleTimeout: 2s
          maxRequestsPerConnection: 1
          maxRetries: 1
    EOF
      
  3. Verify that an Istio destination rule is created for the destination.

      kubectl get destinationrule --context $REMOTE_CONTEXT1 -n bookinfo
      

    Example output:

      NAME                                                              HOST             AGE
    ratings-global-virtual-destinat-2ab46384c8b40be3cfab9740ac8fb2c   ratings.global   11s
      
  4. Describe the Istio destination rule.

      kubectl describe --context $REMOTE_CONTEXT1 -n bookinfo destinationrule <destination-rule>
      

    In the output, verify that the Connection Pool settings include the http settings that your policy configures.

      ...
    Traffic Policy:
     Port Level Settings:
       Connection Pool:
         Http:
           Idle Timeout:                 2s
           Max Requests Per Connection:  1
           Max Retries:                  1
      

Cleanup

You can optionally remove the resources that you set up as part of this guide.
  kubectl -n bookinfo delete virtualdestination ratings-global --context $REMOTE_CONTEXT1
kubectl -n bookinfo delete ConnectionPolicy http-connect --context $REMOTE_CONTEXT1