convert --healthcheck-duration to time.Duration flag

also remove http2 support for TLS backends due to known issues with http2, increase TLS client cookie sessions to 100 for performance.
minio · May 6, 2022 · f805ef9 · f805ef9
1 parent 40c4cea
commit f805ef9
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 18 deletions.
diff --git a/go.mod b/go.mod
@@ -8,15 +8,14 @@ require (
 	github.com/gdamore/tcell/v2 v2.4.1-0.20210905002822-f057f0a857a1
 	github.com/gorilla/mux v1.8.0
 	github.com/minio/cli v1.22.0
-	github.com/minio/minio-go/v7 v7.0.21
+	github.com/minio/minio-go/v7 v7.0.24
 	github.com/minio/pkg v1.1.9
 	github.com/prometheus/client_golang v1.12.1
 	github.com/rivo/tview v0.0.0-20220129131435-1f7581b67bd1
 	github.com/rs/dnscache v0.0.0-20211102005908-e0241e321417
 	github.com/sirupsen/logrus v1.8.1
 	go.uber.org/atomic v1.9.0
 	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519
-	golang.org/x/net v0.0.0-20211020060615-d418f374d309
 	golang.org/x/sys v0.0.0-20220114195835-da31bd327af9
 )
 
@@ -46,6 +45,7 @@ require (
 	github.com/prometheus/procfs v0.7.3 // indirect
 	github.com/rivo/uniseg v0.2.0 // indirect
 	github.com/rs/xid v1.3.0 // indirect
+	golang.org/x/net v0.0.0-20211020060615-d418f374d309 // indirect
 	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
 	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
 	golang.org/x/text v0.3.7 // indirect

diff --git a/go.sum b/go.sum
@@ -226,8 +226,8 @@ github.com/minio/md5-simd v1.1.0/go.mod h1:XpBqgZULrMYD3R+M28PcmP0CkI7PEMzB3U77Z
 github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34=
 github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM=
 github.com/minio/minio-go/v7 v7.0.11-0.20210302210017-6ae69c73ce78/go.mod h1:mTh2uJuAbEqdhMVl6CMIIZLUeiMiWtJR4JB8/5g2skw=
-github.com/minio/minio-go/v7 v7.0.21 h1:xrc4BQr1Fa4s5RwY0xfMjPZFJ1bcYBCCHYlngBdWV+k=
-github.com/minio/minio-go/v7 v7.0.21/go.mod h1:ei5JjmxwHaMrgsMrn4U/+Nmg+d8MKS1U2DAn1ou4+Do=
+github.com/minio/minio-go/v7 v7.0.24 h1:HPlHiET6L5gIgrHRaw1xFo1OaN4bEP/082asWh3WJtI=
+github.com/minio/minio-go/v7 v7.0.24/go.mod h1:x81+AX5gHSfCSqw7jxRKHvxUXMlE5uKX0Vb75Xk5yYg=
 github.com/minio/pkg v1.1.9 h1:NJrcrQyFCSgyF+u6v7FbPXjjNV0oSnBuBevhsTKmA2U=
 github.com/minio/pkg v1.1.9/go.mod h1:32x/3OmGB0EOi1N+3ggnp+B5VFkSBBB9svPMVfpnf14=
 github.com/minio/sha256-simd v0.1.1/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM=

diff --git a/main.go b/main.go
@@ -40,7 +40,6 @@ import (
 	"github.com/rs/dnscache"
 	"github.com/sirupsen/logrus"
 	"golang.org/x/crypto/ssh/terminal"
-	"golang.org/x/net/http2"
 
 	"github.com/minio/cli"
 	"github.com/minio/pkg/console"
@@ -143,7 +142,7 @@ type Backend struct {
 	up                  int32
 	healthCheckPath     string
 	healthCheckPort     int
-	healthCheckDuration int
+	healthCheckDuration time.Duration
 	Stats               *BackendStats
 	cacheClient         *S3CacheClient
 }
@@ -251,7 +250,7 @@ func (b *Backend) healthCheck() {
 				logMsg(logMessage{Endpoint: b.endpoint, Error: err})
 			}
 			b.setOffline()
-			time.Sleep(time.Duration(b.healthCheckDuration) * time.Second)
+			time.Sleep(b.healthCheckDuration)
 			continue
 		}
 
@@ -294,7 +293,7 @@ func (b *Backend) healthCheck() {
 				httpInternalTrace(req, resp, reqTime, respTime, b)
 			}
 		}
-		time.Sleep(time.Duration(b.healthCheckDuration) * time.Second)
+		time.Sleep(b.healthCheckDuration)
 	}
 }
 
@@ -390,7 +389,7 @@ func (s *site) nextProxy() *Backend {
 // ServeHTTP - LoadBalancer implements http.Handler
 func (s *site) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	backend := s.nextProxy()
-	if backend != nil {
+	if backend != nil && backend.Online() {
 		cacheHandlerFn := func(w http.ResponseWriter, r *http.Request) {
 			if backend.cacheClient != nil {
 				cacheHandler(w, r, backend)(w, r)
@@ -518,11 +517,16 @@ func newProxyDialContext(dialTimeout time.Duration) DialContext {
 	}
 }
 
+// tlsClientSessionCacheSize is the cache size for TLS client sessions.
+const tlsClientSessionCacheSize = 100
+
 func clientTransport(ctx *cli.Context, enableTLS bool) http.RoundTripper {
 	tr := &http.Transport{
 		Proxy:                 http.ProxyFromEnvironment,
 		DialContext:           dialContextWithDNSCache(dnsCache, newProxyDialContext(10*time.Second)),
 		MaxIdleConnsPerHost:   1024,
+		WriteBufferSize:       32 << 10, // 32KiB moving up from 4KiB default
+		ReadBufferSize:        32 << 10, // 32KiB moving up from 4KiB default
 		IdleConnTimeout:       15 * time.Second,
 		TLSHandshakeTimeout:   15 * time.Second,
 		ExpectContinueTimeout: 15 * time.Second,
@@ -538,7 +542,6 @@ func clientTransport(ctx *cli.Context, enableTLS bool) http.RoundTripper {
 	if enableTLS {
 		// Keep TLS config.
 		tr.TLSClientConfig = &tls.Config{
-			NextProtos:         []string{"h2", "http/1.1"},
 			RootCAs:            getCertPool(ctx.GlobalString("cacert")),
 			Certificates:       getCertKeyPair(ctx.GlobalString("client-cert"), ctx.GlobalString("client-key")),
 			InsecureSkipVerify: ctx.GlobalBool("insecure"),
@@ -547,13 +550,10 @@ func clientTransport(ctx *cli.Context, enableTLS bool) http.RoundTripper {
 			// Can't use TLSv1.1 because of RC4 cipher usage
 			MinVersion:               tls.VersionTLS12,
 			PreferServerCipherSuites: true,
+			ClientSessionCache:       tls.NewLRUClientSessionCache(tlsClientSessionCacheSize),
 		}
 	}
 
-	if tr.TLSClientConfig != nil {
-		http2.ConfigureTransport(tr)
-	}
-
 	return tr
 }
 
@@ -563,7 +563,7 @@ func checkMain(ctx *cli.Context) {
 	}
 }
 
-func configureSite(ctx *cli.Context, siteNum int, siteStrs []string, healthCheckPath string, healthCheckPort int, healthCheckDuration int) *site {
+func configureSite(ctx *cli.Context, siteNum int, siteStrs []string, healthCheckPath string, healthCheckPort int, healthCheckDuration time.Duration) *site {
 	var endpoints []string
 
 	if ellipses.HasEllipses(siteStrs...) {
@@ -658,7 +658,7 @@ func sidekickMain(ctx *cli.Context) {
 	healthCheckPath := ctx.GlobalString("health-path")
 	healthReadCheckPath := ctx.GlobalString("read-health-path")
 	healthCheckPort := ctx.GlobalInt("health-port")
-	healthCheckDuration := ctx.GlobalInt("health-duration")
+	healthCheckDuration := ctx.GlobalDuration("health-duration")
 	addr := ctx.GlobalString("address")
 	globalLoggingEnabled = ctx.GlobalBool("log")
 	globalTrace = ctx.GlobalString("trace")
@@ -743,10 +743,10 @@ func main() {
 			Name:  "health-port",
 			Usage: "health check port",
 		},
-		cli.IntFlag{
+		cli.DurationFlag{
 			Name:  "health-duration, d",
 			Usage: "health check duration in seconds",
-			Value: 5,
+			Value: 5 * time.Second,
 		},
 		cli.BoolFlag{
 			Name:  "insecure, i",