envoyproxy/envoy

Add jitter support for HTTP max_connection_duration

Open

#42410 opened on Dec 4, 2025

View on GitHub
 (1 comment) (2 reactions) (0 assignees)C++ (27,997 stars) (5,373 forks)batch import
area/http_connection_managerenhancementhelp wanted

Description

Title: Add jitter support for HTTP max_connection_duration

Description: Currently, Envoy supports jitter for TCP max_connection_duration (implemented in #40686), but not for HTTP connections. This causes synchronised connection draining when many HTTP/2 connections reach the same max_connection_duration simultaneously, leading to thundering herd problems.

Use Case / Problem Statement

We are running a production Istio service mesh with approximately x number of HTTP/2 SIDECAR_INBOUND connections** using max_connection_duration: 7200s (2 hours).

Observed Behavior

When all connections hit the 2-hour mark simultaneously:

  1. Synchronised draining: All connections shutdown at the same time
  2. Service disruption: Incoming requests receive 503 errors during the drain window
  3. Response flags: Metrics show extensive UC (Upstream Connection Termination) flags in Istio telemetry

Evidence

From Istio/Envoy metrics during drain cycles:

istio_requests_total{response_code="503",response_flags="UC"} [high counts]
istio_requests_total{response_code="503",response_flags="UC"} 
istio_requests_total{response_code="503",response_flags="UC"}

This is a classic thundering herd problem caused by synchronised connection lifecycle management.

We need to implement connection duration limits for compliance and security reasons but cannot do so with the current behavior. The synchronised draining creates service disruptions. Kindly help with the feature. Expecting the existing TCP jitter implementation (from #40686) to HTTP connection durations, allowing connections to be closed in a staggered manner.

Contributor guide

Tech stack
cpp
Domain
backendperformance
Issue type
feature
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
4
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
over 1 week
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
fresh
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
clear
Prerequisites
C++Envoy internalsHTTP/2 connection handlingPrior TCP jitter implementation #40686
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
15
Research direction
Study the TCP jitter implementation in #40686 to understand the pattern. Identify the HTTP connection duration handling in source/common/http/conn manager impl.cc or similar. Propose a design to add a jitter parameter and apply it when closing HTTP connections. Check existing config for max connection duration in HTTP connection manager.