Kuma Star

Careful!

You are browsing documentation for a version of Kuma that is not the latest release.

Mesh Timeout

This policy uses new policy matching algorithm. Do not combine with Timeout policy.

TargetRef support matrix

TargetRef type top level to from
Mesh
MeshSubset
MeshService
MeshServiceSubset

To learn more about the information in this table, see the matching docs.

Configuration

This policy enables Kuma to set timeouts on the inbound and outbound connections depending on the protocol. Using this policy you can configure TCP and HTTP timeouts. Timeout configuration is split into two sections: common configuration and HTTP configuration. Common config is applied to both HTTP and TCP communication. HTTP timeout are only applied when service is marked as http. More on this in protocol support section.

MeshTimeout policy lets you configure multiple timeouts:

  • connectionTimeout
  • idleTimeout
  • http.requestTimeout
  • http.streamIdleTimeout
  • http.maxStreamDuration
  • http.maxConnectionDuration

Timeouts explained

Connection timeout

Connection timeout specifies the amount of time DP will wait for a TCP connection to be established.

Idle timeout

For TCP connections idle timeout is the amount of time that the DP will allow a connection to exist with no inbound or outbound activity. On the other hand when connection in HTTP time at which an inbound or outbound connection will be terminated if there are no active streams

HTTP request timeout

Request timeout lets you configure how long the data plane proxy should wait for the full response. In details, it spans between the point at which the entire request has been processed by DP and when the response has been completely processed by DP.

HTTP stream idle timeout

Stream idle timeout is the amount of time that the data plane proxy will allow an HTTP/2 stream to exist with no inbound or outbound activity. This timeout is strongly recommended for all requests (not just streaming requests/responses) as it additionally defends against a peer that does not open the stream window once an entire response has been buffered to be sent to a downstream client.

Stream timeouts apply even when you are only using HTTP/1.1 in you services. This is because every connection between data plane proxies is upgraded to HTTP/2.

HTTP max stream duration

Max stream duration is the maximum time that a stream’s lifetime will span. You can use this functionality when you want to reset HTTP request/response streams periodically.

HTTP max connection duration

Max connection duration is the time after which an inbound or outbound connection will be drained and/or closed, starting from when it was first established. If there are no active streams, the connection will be closed. If there are any active streams, the drain sequence will kick-in, and the connection will be force-closed after 5 seconds.

Examples

Simple outbound HTTP configuration

This configuration will be applied to all data plane proxies inside of Mesh.

apiVersion: kuma.io/v1alpha1
kind: MeshTimeout
metadata:
  name: timeout-global
  namespace: kuma-system
  labels:
    kuma.io/mesh: default
spec:
  targetRef:
    kind: Mesh
  to:
  - targetRef:
      kind: Mesh
    default:
      idleTimeout: 20s
      connectionTimeout: 2s
      http:
        requestTimeout: 2s

Simple TCP configuration

apiVersion: kuma.io/v1alpha1
kind: MeshTimeout
metadata:
  name: tcp-timeout
  namespace: kuma-system
  labels:
    kuma.io/mesh: default
spec:
  targetRef:
    kind: Mesh
  to:
  - targetRef:
      kind: Mesh
    default:
      idleTimeout: 20s
      connectionTimeout: 2s

Simple configuration for inbound applied to specific service

This configuration will be applied to backend service inbound.

apiVersion: kuma.io/v1alpha1
kind: MeshTimeout
metadata:
  name: inbound-timeout
  namespace: kuma-system
  labels:
    kuma.io/mesh: default
spec:
  targetRef:
    kind: MeshSubset
    tags:
      app: backend
  from:
  - targetRef:
      kind: Mesh
    default:
      idleTimeout: 20s
      connectionTimeout: 2s

Full config applied to inbound and outbound of specific service

This timeout configuration will be applied to all inbound connections to frontend and outbound connections from frontend to backend service

apiVersion: kuma.io/v1alpha1
kind: MeshTimeout
metadata:
  name: inbound-timeout
  namespace: kuma-system
  labels:
    kuma.io/mesh: default
spec:
  targetRef:
    kind: MeshSubset
    tags:
      app: frontend
  from:
  - targetRef:
      kind: Mesh
    default:
      idleTimeout: 60s
      connectionTimeout: 2s
      http:
        requestTimeout: 10s
        streamIdleTimeout: 1h
        maxStreamDuration: 30m
        maxConnectionDuration: 30m
  to:
  - targetRef:
      kind: MeshService
      name: backend_kuma-demo_svc_3001
    default:
      idleTimeout: 60s
      connectionTimeout: 1s
      http:
        requestTimeout: 5s
        streamIdleTimeout: 1h
        maxStreamDuration: 30m
        maxConnectionDuration: 30m

Defaults

Property default
idleTimeout 1h
connectionTimeout 5s
http.requestTimeout 15s
http.streamIdleTimeout 30m
http.maxStreamDuration 0s
http.maxConnectionDuration 0s

All policy options

Spec is the specification of the Kuma MeshTimeout resource.

Type: object

Properties

  • from
    • From list makes a match between clients and corresponding configurations
    • Type: array
      • Items
      • Type: object
      • Properties
        • default
          • Default is a configuration specific to the group of clients referenced in 'targetRef'
          • Type: object
          • Properties
            • connectionTimeout
              • ConnectionTimeout specifies the amount of time proxy will wait for an TCP connection to be established. Default value is 5 seconds. Cannot be set to 0.
              • Type: string
            • http
              • Http provides configuration for HTTP specific timeouts
              • Type: object
              • Properties
                • maxConnectionDuration
                  • MaxConnectionDuration is the time after which a connection will be drained and/or closed, starting from when it was first established. Setting this timeout to 0 will disable it. Disabled by default.
                  • Type: string
                • maxStreamDuration
                  • MaxStreamDuration is the maximum time that a stream’s lifetime will span. Setting this timeout to 0 will disable it. Disabled by default.
                  • Type: string
                • requestTimeout
                  • RequestTimeout The amount of time that proxy will wait for the entire request to be received. The timer is activated when the request is initiated, and is disarmed when the last byte of the request is sent, OR when the response is initiated. Setting this timeout to 0 will disable it. Default is 15s.
                  • Type: string
                • streamIdleTimeout
                  • StreamIdleTimeout is the amount of time that proxy will allow a stream to exist with no activity. Setting this timeout to 0 will disable it. Default is 30m
                  • Type: string
            • idleTimeout
              • IdleTimeout is defined as the period in which there are no bytes sent or received on connection Setting this timeout to 0 will disable it. Be cautious when disabling it because it can lead to connection leaking. Default value is 1h.
              • Type: string
        • targetRef required
          • TargetRef is a reference to the resource that represents a group of clients.
          • Type: object
          • Properties
            • kind
              • Kind of the referenced resource
              • Type: string
              • The value is restricted to the following:
                1. "Mesh"
                2. "MeshSubset"
                3. "MeshService"
                4. "MeshServiceSubset"
                5. "MeshGatewayRoute"
            • mesh
              • Mesh is reserved for future use to identify cross mesh resources.
              • Type: string
            • name
              • Name of the referenced resource. Can only be used with kinds: MeshService, MeshServiceSubset and MeshGatewayRoute
              • Type: string
            • tags
              • Tags used to select a subset of proxies by tags. Can only be used with kinds MeshSubset and MeshServiceSubset
              • Type: object
              • This schema accepts additional properties.
              • Properties
  • targetRef required
    • TargetRef is a reference to the resource the policy takes an effect on. The resource could be either a real store object or virtual resource defined inplace.
    • Type: object
    • Properties
      • kind
        • Kind of the referenced resource
        • Type: string
        • The value is restricted to the following:
          1. "Mesh"
          2. "MeshSubset"
          3. "MeshService"
          4. "MeshServiceSubset"
          5. "MeshGatewayRoute"
      • mesh
        • Mesh is reserved for future use to identify cross mesh resources.
        • Type: string
      • name
        • Name of the referenced resource. Can only be used with kinds: MeshService, MeshServiceSubset and MeshGatewayRoute
        • Type: string
      • tags
        • Tags used to select a subset of proxies by tags. Can only be used with kinds MeshSubset and MeshServiceSubset
        • Type: object
        • This schema accepts additional properties.
        • Properties
  • to
    • To list makes a match between the consumed services and corresponding configurations
    • Type: array
      • Items
      • Type: object
      • Properties
        • default
          • Default is a configuration specific to the group of destinations referenced in 'targetRef'
          • Type: object
          • Properties
            • connectionTimeout
              • ConnectionTimeout specifies the amount of time proxy will wait for an TCP connection to be established. Default value is 5 seconds. Cannot be set to 0.
              • Type: string
            • http
              • Http provides configuration for HTTP specific timeouts
              • Type: object
              • Properties
                • maxConnectionDuration
                  • MaxConnectionDuration is the time after which a connection will be drained and/or closed, starting from when it was first established. Setting this timeout to 0 will disable it. Disabled by default.
                  • Type: string
                • maxStreamDuration
                  • MaxStreamDuration is the maximum time that a stream’s lifetime will span. Setting this timeout to 0 will disable it. Disabled by default.
                  • Type: string
                • requestTimeout
                  • RequestTimeout The amount of time that proxy will wait for the entire request to be received. The timer is activated when the request is initiated, and is disarmed when the last byte of the request is sent, OR when the response is initiated. Setting this timeout to 0 will disable it. Default is 15s.
                  • Type: string
                • streamIdleTimeout
                  • StreamIdleTimeout is the amount of time that proxy will allow a stream to exist with no activity. Setting this timeout to 0 will disable it. Default is 30m
                  • Type: string
            • idleTimeout
              • IdleTimeout is defined as the period in which there are no bytes sent or received on connection Setting this timeout to 0 will disable it. Be cautious when disabling it because it can lead to connection leaking. Default value is 1h.
              • Type: string
        • targetRef required
          • TargetRef is a reference to the resource that represents a group of destinations.
          • Type: object
          • Properties
            • kind
              • Kind of the referenced resource
              • Type: string
              • The value is restricted to the following:
                1. "Mesh"
                2. "MeshSubset"
                3. "MeshService"
                4. "MeshServiceSubset"
                5. "MeshGatewayRoute"
            • mesh
              • Mesh is reserved for future use to identify cross mesh resources.
              • Type: string
            • name
              • Name of the referenced resource. Can only be used with kinds: MeshService, MeshServiceSubset and MeshGatewayRoute
              • Type: string
            • tags
              • Tags used to select a subset of proxies by tags. Can only be used with kinds MeshSubset and MeshServiceSubset
              • Type: object
              • This schema accepts additional properties.
              • Properties

Generated with json-schema-md-doc Wed Apr 02 2025 12:04:05 GMT+0000 (Coordinated Universal Time)