I’m having an issue with a growing number of FIN_WAIT2 & CLOSE_WAIT sockets building up in my pods. I have a service that talks to an external service (via ServiceEntry) that is very flaky. It looks like sometimes the external service dies during a request and my app closes the connection, leaving envoy with a zombie connection…
(External IP is X.X.X.X:443)
/ # netstat -nat | egrep -E "(FIN_WAIT2|CLOSE_WAIT)"
tcp 0 0 10.2.2.26:40446 X.X.X.X:443 FIN_WAIT2
tcp 0 0 127.0.0.1:15001 10.2.2.26:40444 CLOSE_WAIT
...
Currently I have to kick the pods every so often to reset the sockets. Is there anything I can do to get envoy to kill these connections after a timeout of like 30 seconds…?
Istio version 1.1.7 on GKE