Production
This document describes recommended configuration options for operating Flipt in Production.
Flipt’s default setup is designed to help you get up and running quickly. To run Flipt successfully in a production environment, you will likely need to modify a few configuration options.
Some of the configuration options and tips to consider when operating Flipt in production are as follows:
Database Connection Limits
By default, the Go database/sql
client will have MaxOpenConn
equal to 0 (unlimited), and MaxIdleConn
equal to 2.
With the databases that listen over a network (MySQL, Postgres, CockroachDB), there are default server limits for the number of open connections it supports.
In high burst traffic scenarios, this can lead to the too many open connections
error server side.
You should tweak that number to be above 0, and to whatever fits your use case. This can be altered either via the Flipt configuration file or environment variables:
The Go documentation states:
Keep in mind that tuning MaxOpenConn
may lead to tuning MaxIdleConn
as well.
Prepared Statements
By default, all queries are run as prepared statements. This could pose a problem in some environments.
For instance, PGBouncer doesn’t support prepared statements in its transaction pooling mode.
You can disable prepared statements for the database client using:
Debug Logging
Debug logging can be useful if you are actively developing or trying to fix problems in an environment, but can have the adverse effect of eating up CPU time under load. Enabling debug logging can end up mixing useful logs with non-useful ones.
It’s recommended to disable Flipt’s debug logging in a production environment by increasing the log level:
Profiling
Flipt exposes profiling endpoints (/debug/pprof
) that can be useful for debugging and troubleshooting. However, these endpoints can be a security risk if exposed to the public internet.
You can disable these endpoints by setting the following configuration options:
Prometheus Metrics
If your instance uses Prometheus as the storage engine for analytical data, Flipt will expose a metrics endpoint (/metrics
) that can be scraped by Prometheus.
Ensure that this endpoint is not publicly accessible, for example, by configuring your Istio Ingress setup appropriately.
Was this page helpful?