Remove tcp fast-open support. Client support is dying

diff --git a/cookbooks/imagery/templates/default/nginx_default.conf.erb b/cookbooks/imagery/templates/default/nginx_default.conf.erb
index 3d9a5bf5cde9cbbc1613222df9b56dc6a82937d8..51670c71514eb2bdd996259980df7bbc62a7577b 100644 (file)
--- a/cookbooks/imagery/templates/default/nginx_default.conf.erb
+++ b/cookbooks/imagery/templates/default/nginx_default.conf.erb
@@ -1,6 +1,6 @@
 server {
-    listen 80 deferred backlog=16384 reuseport fastopen=2048 default_server;
-    listen 443 ssl deferred backlog=16384 reuseport fastopen=2048 http2; # No default_server here unless certificate specified here too.
+    listen 80 deferred backlog=16384 reuseport default_server;
+    listen 443 ssl deferred backlog=16384 reuseport http2; # No default_server here unless certificate specified here too.
 
     server_name  _;
     default_type text/html;

diff --git a/cookbooks/nominatim/templates/default/nginx.erb b/cookbooks/nominatim/templates/default/nginx.erb
index 4596d65e95fbfbec6f8592990f786360a1d94f21..2e851c517087020c659f677c8decab434d940c87 100644 (file)
--- a/cookbooks/nominatim/templates/default/nginx.erb
+++ b/cookbooks/nominatim/templates/default/nginx.erb
@@ -100,9 +100,9 @@ server {
 
 server {
     # IPv4
-    listen       443 ssl deferred backlog=16384 reuseport fastopen=2048 http2 default_server;
+    listen       443 ssl deferred backlog=16384 reuseport http2 default_server;
     # IPv6
-    listen       [::]:443 ssl deferred backlog=16384 reuseport fastopen=2048 http2 default_server;
+    listen       [::]:443 ssl deferred backlog=16384 reuseport http2 default_server;
     server_name  localhost;
 
     ssl_certificate /etc/ssl/certs/<%= node[:fqdn] %>.pem;

diff --git a/cookbooks/tilecache/templates/default/nginx_tile.conf.erb b/cookbooks/tilecache/templates/default/nginx_tile.conf.erb
index 9e214675ab7eadc51955b390712438b68aa13d55..0ea85d7550d01e0b551c376b1823a1674a3d94a9 100644 (file)
--- a/cookbooks/tilecache/templates/default/nginx_tile.conf.erb
+++ b/cookbooks/tilecache/templates/default/nginx_tile.conf.erb
@@ -192,11 +192,11 @@ map $tile_cache$http_referer$scheme$http_user_agent $deny_missing_referer {
 
 server {
     # IPv4
-    listen       80 deferred backlog=16384 reuseport fastopen=2048 default_server;
-    listen       443 ssl deferred backlog=16384 reuseport fastopen=2048 http2 default_server;
+    listen       80 deferred backlog=16384 reuseport default_server;
+    listen       443 ssl deferred backlog=16384 reuseport http2 default_server;
     # IPv6
-    listen       [::]:80 deferred backlog=16384 reuseport fastopen=2048 default_server;
-    listen       [::]:443 ssl deferred backlog=16384 reuseport fastopen=2048 http2 default_server;
+    listen       [::]:80 deferred backlog=16384 reuseport default_server;
+    listen       [::]:443 ssl deferred backlog=16384 reuseport http2 default_server;
     server_name  localhost;
 
     proxy_buffers 8 64k;

diff --git a/roles/imagery.rb b/roles/imagery.rb
index f243f44c0cbc8921804b75a8dbb32b51a81dd7d1..3cc42a71862aa892e9530364090fae7384f2db7d 100644 (file)
--- a/roles/imagery.rb
+++ b/roles/imagery.rb
@@ -26,12 +26,6 @@ default_attributes(
         "kernel.sched_min_granularity_ns" => 10000000,
         "kernel.sched_wakeup_granularity_ns" => 15000000
       }
-    },
-    :kernel_tfo_listen_enable => {
-      :comment => "Enable TCP Fast Open for listening sockets",
-      :parameters => {
-        "net.ipv4.tcp_fastopen" => 3
-      }
     }
   },
   :nginx => {

diff --git a/roles/tilecache.rb b/roles/tilecache.rb
index a78cac73d107b1ca67666fd469da117ccb45206e..4d79d848f59a4e457e0d264190d81420bf3344a6 100644 (file)
--- a/roles/tilecache.rb
+++ b/roles/tilecache.rb
@@ -46,12 +46,6 @@ default_attributes(
         "net.ipv4.tcp_tw_reuse" => 1
       }
     },
-    :kernel_tfo_listen_enable => {
-      :comment => "Enable TCP Fast Open for listening sockets",
-      :parameters => {
-        "net.ipv4.tcp_fastopen" => 3
-      }
-    },
     :squid_swappiness => {
       :comment => "Prefer not to swapout to free memory",
       :parameters => {