nginx · soneillf5 · May 7, 2021 · Mar 23, 2021
diff --git a/deployments/common/crds/k8s.nginx.org_transportservers.yaml b/deployments/common/crds/k8s.nginx.org_transportservers.yaml
@@ -115,6 +115,8 @@ spec:
                             type: integer
                           timeout:
                             type: string
+                      maxConns:
+                        type: integer
                       maxFails:
                         type: integer
                       name:

diff --git a/deployments/helm-chart/crds/k8s.nginx.org_transportservers.yaml b/deployments/helm-chart/crds/k8s.nginx.org_transportservers.yaml
@@ -115,6 +115,8 @@ spec:
                             type: integer
                           timeout:
                             type: string
+                      maxConns:
+                        type: integer
                       maxFails:
                         type: integer
                       name:

diff --git a/docs-web/configuration/transportserver-resource.md b/docs-web/configuration/transportserver-resource.md
@@ -172,6 +172,7 @@ name: secure-app
 service: secure-app
 port: 8443
 maxFails: 3
+maxConns: 100
 failTimeout: 30s
 ```
 
@@ -199,6 +200,10 @@ failTimeout: 30s
      - Sets the `number <https://nginx.org/en/docs/stream/ngx_stream_upstream_module.html#max_fails>`_ of unsuccessful attempts to communicate with the server that should happen in the duration set by the failTimeout parameter to consider the server unavailable. The default ``1``.
      - ``int``
      - No
+   * - ``maxConns``
+     - Sets the `number <https://nginx.org/en/docs/stream/ngx_stream_upstream_module.html#max_conns>`_ of maximum connections to the proxied server. Default value is zero, meaning there is no limit. The default is ``0``.
+     - ``int``
+     - No
    * - ``failTimeout``
      - Sets the `time <https://nginx.org/en/docs/stream/ngx_stream_upstream_module.html#fail_timeout>`_ during which the specified number of unsuccessful attempts to communicate with the server should happen to consider the server unavailable and the period of time the server will be considered unavailable. The default is ``10s``.
      - ``string``

diff --git a/internal/configs/transportserver.go b/internal/configs/transportserver.go
@@ -172,13 +172,15 @@ func generateStreamUpstream(upstream *conf_v1alpha1.Upstream, upstreamNamer *ups
 
 	name := upstreamNamer.GetNameForUpstream(upstream.Name)
 	maxFails := generateIntFromPointer(upstream.MaxFails, 1)
+	maxConns := generateIntFromPointer(upstream.MaxConns, 0)
 	failTimeout := generateTimeWithDefault(upstream.FailTimeout, "10s")
 
 	for _, e := range endpoints {
 		s := version2.StreamUpstreamServer{
-			Address:     e,
-			MaxFails:    maxFails,
-			FailTimeout: failTimeout,
+			Address:        e,
+			MaxFails:       maxFails,
+			FailTimeout:    failTimeout,
+			MaxConnections: maxConns,
 		}
 
 		upsServers = append(upsServers, s)

diff --git a/internal/configs/transportserver_test.go b/internal/configs/transportserver_test.go
@@ -225,6 +225,94 @@ func TestGenerateTransportServerConfigForTCP(t *testing.T) {
 
 }
 
+func TestGenerateTransportServerConfigForTCPMaxConnections(t *testing.T) {
+	transportServerEx := TransportServerEx{
+		TransportServer: &conf_v1alpha1.TransportServer{
+			ObjectMeta: meta_v1.ObjectMeta{
+				Name:      "tcp-server",
+				Namespace: "default",
+			},
+			Spec: conf_v1alpha1.TransportServerSpec{
+				Listener: conf_v1alpha1.TransportServerListener{
+					Name:     "tcp-listener",
+					Protocol: "TCP",
+				},
+				Upstreams: []conf_v1alpha1.Upstream{
+					{
+						Name:        "tcp-app",
+						Service:     "tcp-app-svc",
+						Port:        5001,
+						MaxFails:    intPointer(3),
+						MaxConns:    intPointer(3),
+						FailTimeout: "40s",
+					},
+				},
+				UpstreamParameters: &conf_v1alpha1.UpstreamParameters{
+					ConnectTimeout: "30s",
+					NextUpstream:   false,
+				},
+				SessionParameters: &conf_v1alpha1.SessionParameters{
+					Timeout: "50s",
+				},
+				Action: &conf_v1alpha1.Action{
+					Pass: "tcp-app",
+				},
+			},
+		},
+		Endpoints: map[string][]string{
+			"default/tcp-app-svc:5001": {
+				"10.0.0.20:5001",
+			},
+		},
+	}
+
+	listenerPort := 2020
+
+	expected := &version2.TransportServerConfig{
+		Upstreams: []version2.StreamUpstream{
+			{
+				Name: "ts_default_tcp-server_tcp-app",
+				Servers: []version2.StreamUpstreamServer{
+					{
+						Address:        "10.0.0.20:5001",
+						MaxFails:       3,
+						FailTimeout:    "40s",
+						MaxConnections: 3,
+					},
+				},
+				UpstreamLabels: version2.UpstreamLabels{
+					ResourceName:      "tcp-server",
+					ResourceType:      "transportserver",
+					ResourceNamespace: "default",
+					Service:           "tcp-app-svc",
+				},
+			},
+		},
+		Server: version2.StreamServer{
+			Port:                     2020,
+			UDP:                      false,
+			StatusZone:               "tcp-listener",
+			ProxyPass:                "ts_default_tcp-server_tcp-app",
+			Name:                     "tcp-server",
+			Namespace:                "default",
+			ProxyConnectTimeout:      "30s",
+			ProxyNextUpstream:        false,
+			ProxyNextUpstreamTries:   0,
+			ProxyNextUpstreamTimeout: "0s",
+			ProxyTimeout:             "50s",
+			HealthCheck:              nil,
+			ServerSnippets:           []string{},
+		},
+		StreamSnippets: []string{},
+	}
+
+	result := generateTransportServerConfig(&transportServerEx, listenerPort, true)
+	if diff := cmp.Diff(expected, result); diff != "" {
+		t.Errorf("generateTransportServerConfig() mismatch (-want +got):\n%s", diff)
+	}
+
+}
+
 func TestGenerateTransportServerConfigForTLSPasstrhough(t *testing.T) {
 	transportServerEx := TransportServerEx{
 		TransportServer: &conf_v1alpha1.TransportServer{

diff --git a/internal/configs/version2/nginx-plus.transportserver.tmpl b/internal/configs/version2/nginx-plus.transportserver.tmpl
@@ -5,7 +5,7 @@ upstream {{ $u.Name }} {
     random two least_conn;
 
     {{ range $s := $u.Servers }}
-    server {{ $s.Address }} max_fails={{ $s.MaxFails }} fail_timeout={{ $s.FailTimeout }};
+    server {{ $s.Address }} max_fails={{ $s.MaxFails }} fail_timeout={{ $s.FailTimeout }} max_conns={{ $s.MaxConnections }};
     {{ end }}
 }
 {{ end }}

diff --git a/internal/configs/version2/nginx.transportserver.tmpl b/internal/configs/version2/nginx.transportserver.tmpl
@@ -5,7 +5,7 @@ upstream {{ $u.Name }} {
     random two least_conn;
 
     {{ range $s := $u.Servers }}
-    server {{ $s.Address }} max_fails={{ $s.MaxFails }} fail_timeout={{ $s.FailTimeout }};
+    server {{ $s.Address }} max_fails={{ $s.MaxFails }} fail_timeout={{ $s.FailTimeout }} max_conns={{ $s.MaxConnections }};
     {{ end }}
 }
 {{ end }}

diff --git a/internal/configs/version2/stream.go b/internal/configs/version2/stream.go
@@ -16,9 +16,10 @@ type StreamUpstream struct {
 
 // StreamUpstreamServer defines a stream upstream server.
 type StreamUpstreamServer struct {
-	Address     string
-	MaxFails    int
-	FailTimeout string
+	Address        string
+	MaxFails       int
+	FailTimeout    string
+	MaxConnections int
 }
 
 // StreamServer defines a server in the stream module.

diff --git a/pkg/apis/configuration/v1alpha1/types.go b/pkg/apis/configuration/v1alpha1/types.go
@@ -90,6 +90,7 @@ type Upstream struct {
 	Port        int          `json:"port"`
 	FailTimeout string       `json:"failTimeout"`
 	MaxFails    *int         `json:"maxFails"`
+	MaxConns    *int         `json:"maxConns"`
 	HealthCheck *HealthCheck `json:"healthCheck"`
 }
 

diff --git a/pkg/apis/configuration/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/configuration/v1alpha1/zz_generated.deepcopy.go
diff --git a/pkg/apis/configuration/validation/transportserver.go b/pkg/apis/configuration/validation/transportserver.go
@@ -164,7 +164,8 @@ func validateTransportServerUpstreams(upstreams []v1alpha1.Upstream, fieldPath *
 
 		allErrs = append(allErrs, validateServiceName(u.Service, idxPath.Child("service"))...)
 		allErrs = append(allErrs, validatePositiveIntOrZeroFromPointer(u.MaxFails, idxPath.Child("maxFails"))...)
-		allErrs = append(allErrs, validateTime((u.FailTimeout), idxPath.Child("failTimeout"))...)
+		allErrs = append(allErrs, validatePositiveIntOrZeroFromPointer(u.MaxFails, idxPath.Child("maxConns"))...)
+		allErrs = append(allErrs, validateTime(u.FailTimeout, idxPath.Child("failTimeout"))...)
 
 		for _, msg := range validation.IsValidPortNum(u.Port) {
 			allErrs = append(allErrs, field.Invalid(idxPath.Child("port"), u.Port, msg))

diff --git a/tests/data/transport-server-tcp-load-balance/max-connections-transport-server.yaml b/tests/data/transport-server-tcp-load-balance/max-connections-transport-server.yaml
@@ -0,0 +1,15 @@
+apiVersion: k8s.nginx.org/v1alpha1
+kind: TransportServer
+metadata:
+  name: transport-server
+spec:
+  listener:
+    name: tcp-server
+    protocol: TCP
+  upstreams:
+    - name: tcp-app
+      service: tcp-service
+      port: 3333
+      maxConns: 2
+  action:
+    pass: tcp-app
diff --git a/tests/data/transport-server-tcp-load-balance/standard/service_deployment.yaml b/tests/data/transport-server-tcp-load-balance/standard/service_deployment.yaml
@@ -14,7 +14,7 @@ spec:
     spec:
       containers:
         - name: tcp-service
-          image: seanoneillf5/tcp-server:1.0
+          image: seanoneillf5/tcp-server:1.1
           ports:
             - containerPort: 3333
               name: tcp-server