News New Look, Same Vision: KrakenD’s Website Redesign

You are viewing a previous version of KrakenD Enterprise Edition (v2.1), go to the latest version

Document updated on Jan 18, 2022

Advanced HTTP Transport settings

When KrakenD communicates using http, it implements a concurrent-safe round tripper that supports HTTP, HTTPS, and HTTP proxies, and it caches connections for future re-use. This may leave many open connections when accessing many hosts. You can change the behavior of the transport layer using several settings presented below.

If you want to customize any of the settings below, they must be written at the top level of the configuration.

Fields of "false"
* required fields

allow_insecure_connections boolean
By default, KrakenD verifies every SSL connection. This option allows you to connect to backends considered insecure, for instance when you are using self-signed certificates
Defaults to false
dialer_fallback_delay string
Specifies the length of time to wait before spawning a RFC 6555 Fast Fallback connection. If zero, a default delay of 300ms is used.
Specify units using ns (nanoseconds), us or µs (microseconds), ms (milliseconds), s (seconds), m (minutes), or h (hours).
Defaults to "300ms"
dialer_keep_alive string
The interval between keep-alive probes for an active network connection. If zero, keep-alive probes are sent with a default value (currently 15 seconds), if supported by the protocol and operating system. Network protocols or operating systems that do not support keep-alives ignore this field. If negative, keep-alive probes are disabled.
Specify units using ns (nanoseconds), us or µs (microseconds), ms (milliseconds), s (seconds), m (minutes), or h (hours).
Defaults to "15s"
dialer_timeout string
The timeout of the dial function for creating connections.The default is no timeout. With or without a timeout, the operating system may impose its own earlier timeout.
Specify units using ns (nanoseconds), us or µs (microseconds), ms (milliseconds), s (seconds), m (minutes), or h (hours).
Defaults to "0s"
disable_compression boolean
When true prevents requesting compression with an Accept-Encoding: gzip request header when the Request contains no existing Accept-Encoding value. If the Transport requests gzip on its own and gets a gzipped response, it’s transparently decoded. However, if the user explicitly requested gzip it is not automatically uncompressed.
Defaults to false
disable_keep_alives boolean
When true it disables HTTP keep-alives and will only use the connection to the server for a single HTTP request.
Defaults to false
disable_rest boolean
Only RESTful URL patterns are valid to access backends. Set to true if your backends aren’t RESTful, e.g.: /url.{some_variable}.json
Defaults to false
expect_continue_timeout string
If non-zero, specifies the amount of time to wait for a server’s first response headers after fully writing the request headers if the request has an Expect: 100-continue header. Zero means no timeout and causes the body to be sent immediately, without waiting for the server to approve. This time does not include the time to send the request header.
Specify units using ns (nanoseconds), us or µs (microseconds), ms (milliseconds), s (seconds), m (minutes), or h (hours).
Defaults to "0s"
idle_connection_timeout string
The maximum number of idle (keep-alive) connections across all hosts. Zero means no limit.
Specify units using ns (nanoseconds), us or µs (microseconds), ms (milliseconds), s (seconds), m (minutes), or h (hours).
Defaults to "0s"
max_idle_connections integer
The maximum number of idle (keep-alive) connections across all hosts. Zero means no limit.
Defaults to 0
max_idle_connections_per_host integer
If non-zero, controls the maximum idle (keep-alive) connections to keep per-host. If zero, 250 is used instead.
Defaults to 250
response_header_timeout string
If non-zero, specifies the amount of time to wait for a server’s response headers after fully writing the request (including its body, if any). This time does not include the time to read the response body.
Specify units using ns (nanoseconds), us or µs (microseconds), ms (milliseconds), s (seconds), m (minutes), or h (hours).
Defaults to "0s"

Finally, the TLS Handshake Timeout is hardcoded to 10 seconds and cannot be changed.

Override settings using environment vars

When you declare in the configuration file any of the HTTP server or transport settings declared above, you can override its value through environment variables when starting the server.

All the environment variables have the same name as the settings above in uppercase and with the KRAKEND_ prefix. The following env vars are available:

  • KRAKEND_ALLOW_INSECURE_CONNECTIONS
  • KRAKEND_DIALER_TIMEOUT
  • KRAKEND_DIALER_KEEP_ALIVE
  • KRAKEND_DIALER_FALLBACK_DELAY
  • KRAKEND_DISABLE_COMPRESSION
  • KRAKEND_DISABLE_KEEP_ALIVES
  • KRAKEND_MAX_IDLE_CONNECTIONS
  • KRAKEND_MAX_IDLE_CONNECTIONS_PER_HOST
  • KRAKEND_IDLE_CONNECTION_TIMEOUT
  • KRAKEND_RESPONSE_HEADER_TIMEOUT
  • KRAKEND_EXPECT_CONTINUE_TIMEOUT

You can start KrakenD with the desired variables to override what you have in the configuration:

Term 

$KRAKEND_MAX_IDLE_CONNECTIONS_PER_HOST=200 krakend run -c krakend.json

Or

Connect using self-signed certificates 

$KRAKEND_ALLOW_INSECURE_CONNECTIONS=true krakend run -c krakend.json

Max IDLE connections

Having a high number of IDLE connections to every backend affects directly to the performance of the proxy layer. This is why you can control the number using the max_idle_connections setting. For instance:

{
	"version": 3,
	"max_idle_connections": 150
}

KrakenD will close connections sitting idle in a “keep-alive” state when max_idle_connections is reached. If no value is set in the configuration file, KrakenD will use 250 by default.

Every ecosystem needs its own setting, have this in mind:

  • If you set a number very high for max_idle_connections you might exhaust your system’s port limit.
  • If you set a number very low, new connections will be frequently created and a low rate of connection reuse will take place.
Scarf

Unresolved issues?

The documentation is only a piece of the help you can get! Whether you are looking for Open Source or Enterprise support, see more support channels that can help you.

See all support channels