mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-23 00:57:44 +01:00
perf: configurations for perf improvement (#15142)
Closes #15041 Signed-off-by: He Weiwei <hweiwei@vmware.com>
This commit is contained in:
parent
4997eea4c6
commit
72f1afe2cc
@ -38,10 +38,10 @@ database:
|
||||
# The password for the root user of Harbor DB. Change this before any production use.
|
||||
password: root123
|
||||
# The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.
|
||||
max_idle_conns: 50
|
||||
max_idle_conns: 100
|
||||
# The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.
|
||||
# Note: the default number of connections is 1024 for postgres of harbor.
|
||||
max_open_conns: 1000
|
||||
max_open_conns: 900
|
||||
|
||||
# The default data volume
|
||||
data_volume: /data
|
||||
|
@ -6,6 +6,15 @@ revision = '2.3.0'
|
||||
down_revisions = ['2.2.0']
|
||||
|
||||
def migrate(input_cfg, output_cfg):
|
||||
def db_conn_need_update(db_conf):
|
||||
if not db_conf:
|
||||
return False
|
||||
|
||||
max_idle_conns = db_conf.get('max_idle_conns', 0)
|
||||
max_open_conns = db_conf.get('max_open_conns', 0)
|
||||
|
||||
return max_idle_conns == 50 and max_open_conns == 1000
|
||||
|
||||
current_dir = os.path.dirname(__file__)
|
||||
tpl = Environment(
|
||||
loader=FileSystemLoader(current_dir),
|
||||
@ -16,5 +25,9 @@ def migrate(input_cfg, output_cfg):
|
||||
|
||||
config_dict = read_conf(input_cfg)
|
||||
|
||||
if db_conn_need_update(config_dict.get('database')):
|
||||
config_dict['database']['max_idle_conns'] = 100
|
||||
config_dict['database']['max_open_conns'] = 900
|
||||
|
||||
with open(output_cfg, 'w') as f:
|
||||
f.write(tpl.render(**config_dict))
|
||||
|
@ -73,16 +73,16 @@ database:
|
||||
# The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.
|
||||
max_idle_conns: {{ database.max_idle_conns }}
|
||||
# The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.
|
||||
# Note: the default number of connections is 100 for postgres.
|
||||
# Note: the default number of connections is 1024 for postgres of harbor.
|
||||
max_open_conns: {{ database.max_open_conns }}
|
||||
{% else %}
|
||||
# The password for the root user of Harbor DB. Change this before any production use.
|
||||
password: root123
|
||||
# The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.
|
||||
max_idle_conns: 50
|
||||
max_idle_conns: 100
|
||||
# The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.
|
||||
# Note: the default number of connections is 100 for postgres.
|
||||
max_open_conns: 100
|
||||
# Note: the default number of connections is 1024 for postgres of harbor.
|
||||
max_open_conns: 900
|
||||
{% endif %}
|
||||
|
||||
{% if data_volume is defined %}
|
||||
@ -432,4 +432,4 @@ metric:
|
||||
# enabled: false
|
||||
# port: 9090
|
||||
# path: /metric
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
@ -2,7 +2,7 @@ worker_processes auto;
|
||||
pid /tmp/nginx.pid;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
worker_connections 3096;
|
||||
use epoll;
|
||||
multi_accept on;
|
||||
}
|
||||
@ -76,7 +76,7 @@ http {
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
|
||||
|
||||
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
@ -98,7 +98,7 @@ http {
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
|
||||
|
||||
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
@ -120,7 +120,7 @@ http {
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
|
||||
|
||||
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
@ -142,7 +142,7 @@ http {
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
|
||||
|
||||
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
|
@ -2,7 +2,7 @@ worker_processes auto;
|
||||
pid /tmp/nginx.pid;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
worker_connections 3096;
|
||||
use epoll;
|
||||
multi_accept on;
|
||||
}
|
||||
@ -56,16 +56,16 @@ http {
|
||||
# SSL
|
||||
ssl_certificate {{ssl_cert}};
|
||||
ssl_certificate_key {{ssl_cert_key}};
|
||||
|
||||
|
||||
# Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
|
||||
ssl_protocols TLSv1.2;
|
||||
ssl_ciphers '!aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES:';
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
|
||||
|
||||
# disable any limits to avoid HTTP 413 for large image uploads
|
||||
client_max_body_size 0;
|
||||
|
||||
|
||||
# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
|
||||
chunked_transfer_encoding on;
|
||||
|
||||
@ -73,7 +73,7 @@ http {
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
|
||||
add_header X-Frame-Options DENY;
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
|
||||
|
||||
# customized location config file can place to /etc/nginx dir with prefix harbor.https. and suffix .conf
|
||||
include /etc/nginx/conf.d/harbor.https.*.conf;
|
||||
|
||||
@ -124,7 +124,7 @@ http {
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
|
||||
|
||||
location /api/ {
|
||||
{% if internal_tls.enabled %}
|
||||
proxy_pass https://core/api/;
|
||||
@ -144,7 +144,7 @@ http {
|
||||
proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
|
||||
|
||||
proxy_cookie_path / "/; Secure";
|
||||
|
||||
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
@ -168,7 +168,7 @@ http {
|
||||
proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
|
||||
|
||||
proxy_cookie_path / "/; Secure";
|
||||
|
||||
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
|
@ -29,6 +29,10 @@ redis:
|
||||
dialtimeout: 10s
|
||||
password: {{redis_password}}
|
||||
db: {{redis_db_index_reg}}
|
||||
pool:
|
||||
maxidle: 100
|
||||
maxactive: 500
|
||||
idletimeout: 60s
|
||||
http:
|
||||
{% if internal_tls.enabled %}
|
||||
addr: :5443
|
||||
@ -57,4 +61,4 @@ validation:
|
||||
disabled: true
|
||||
compatibility:
|
||||
schema1:
|
||||
enabled: true
|
||||
enabled: true
|
||||
|
Loading…
Reference in New Issue
Block a user