perf: configurations for perf improvement (#15142)

Closes #15041

Signed-off-by: He Weiwei <hweiwei@vmware.com>
This commit is contained in:
He Weiwei 2021-06-15 18:39:15 +08:00 committed by GitHub
parent 4997eea4c6
commit 72f1afe2cc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 38 additions and 21 deletions

View File

@ -38,10 +38,10 @@ database:
# The password for the root user of Harbor DB. Change this before any production use.
password: root123
# The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.
max_idle_conns: 50
max_idle_conns: 100
# The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.
# Note: the default number of connections is 1024 for postgres of harbor.
max_open_conns: 1000
max_open_conns: 900
# The default data volume
data_volume: /data

View File

@ -6,6 +6,15 @@ revision = '2.3.0'
down_revisions = ['2.2.0']
def migrate(input_cfg, output_cfg):
def db_conn_need_update(db_conf):
if not db_conf:
return False
max_idle_conns = db_conf.get('max_idle_conns', 0)
max_open_conns = db_conf.get('max_open_conns', 0)
return max_idle_conns == 50 and max_open_conns == 1000
current_dir = os.path.dirname(__file__)
tpl = Environment(
loader=FileSystemLoader(current_dir),
@ -16,5 +25,9 @@ def migrate(input_cfg, output_cfg):
config_dict = read_conf(input_cfg)
if db_conn_need_update(config_dict.get('database')):
config_dict['database']['max_idle_conns'] = 100
config_dict['database']['max_open_conns'] = 900
with open(output_cfg, 'w') as f:
f.write(tpl.render(**config_dict))

View File

@ -73,16 +73,16 @@ database:
# The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.
max_idle_conns: {{ database.max_idle_conns }}
# The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.
# Note: the default number of connections is 100 for postgres.
# Note: the default number of connections is 1024 for postgres of harbor.
max_open_conns: {{ database.max_open_conns }}
{% else %}
# The password for the root user of Harbor DB. Change this before any production use.
password: root123
# The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.
max_idle_conns: 50
max_idle_conns: 100
# The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.
# Note: the default number of connections is 100 for postgres.
max_open_conns: 100
# Note: the default number of connections is 1024 for postgres of harbor.
max_open_conns: 900
{% endif %}
{% if data_volume is defined %}
@ -432,4 +432,4 @@ metric:
# enabled: false
# port: 9090
# path: /metric
{% endif %}
{% endif %}

View File

@ -2,7 +2,7 @@ worker_processes auto;
pid /tmp/nginx.pid;
events {
worker_connections 1024;
worker_connections 3096;
use epoll;
multi_accept on;
}
@ -76,7 +76,7 @@ http {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
proxy_buffering off;
proxy_request_buffering off;
}
@ -98,7 +98,7 @@ http {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
proxy_buffering off;
proxy_request_buffering off;
}
@ -120,7 +120,7 @@ http {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
proxy_buffering off;
proxy_request_buffering off;
}
@ -142,7 +142,7 @@ http {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
proxy_buffering off;
proxy_request_buffering off;
}

View File

@ -2,7 +2,7 @@ worker_processes auto;
pid /tmp/nginx.pid;
events {
worker_connections 1024;
worker_connections 3096;
use epoll;
multi_accept on;
}
@ -56,16 +56,16 @@ http {
# SSL
ssl_certificate {{ssl_cert}};
ssl_certificate_key {{ssl_cert_key}};
# Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
ssl_protocols TLSv1.2;
ssl_ciphers '!aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES:';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
# disable any limits to avoid HTTP 413 for large image uploads
client_max_body_size 0;
# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding on;
@ -73,7 +73,7 @@ http {
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
add_header X-Frame-Options DENY;
add_header Content-Security-Policy "frame-ancestors 'none'";
# customized location config file can place to /etc/nginx dir with prefix harbor.https. and suffix .conf
include /etc/nginx/conf.d/harbor.https.*.conf;
@ -124,7 +124,7 @@ http {
proxy_buffering off;
proxy_request_buffering off;
}
location /api/ {
{% if internal_tls.enabled %}
proxy_pass https://core/api/;
@ -144,7 +144,7 @@ http {
proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
proxy_cookie_path / "/; Secure";
proxy_buffering off;
proxy_request_buffering off;
}
@ -168,7 +168,7 @@ http {
proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
proxy_cookie_path / "/; Secure";
proxy_buffering off;
proxy_request_buffering off;
}

View File

@ -29,6 +29,10 @@ redis:
dialtimeout: 10s
password: {{redis_password}}
db: {{redis_db_index_reg}}
pool:
maxidle: 100
maxactive: 500
idletimeout: 60s
http:
{% if internal_tls.enabled %}
addr: :5443
@ -57,4 +61,4 @@ validation:
disabled: true
compatibility:
schema1:
enabled: true
enabled: true