respondingTimeouts for applications
Malte Starostik edited this page Apr 20, 2024
·
6 revisions
Due to CVE-2024-28869 there have been changes made to the long standing behaviour of Traefik as a mitigation for the risk posed. Because of this, applications or services provided via Traefik will be impacted. The readTimeout documentation shows (currently) a default of 60 seconds may work for many applications out of the box, but you may need to adapt accordingly.
| Application | readTimeout | Notes |
|---|---|---|
| Odoo | 0 | Open-source ERP. Constant connection for real-time updates; no timeout. |
| Portainer | 0 | Container management tool; needs a constant connection for monitoring. |
| PostgreSQL | 0 | Database; often requires persistent connections for transactions. |
| Redis | 0 | In-memory data structure store; benefits from persistent connections. |
| Dovecot | 0 | IMAP/POP3 server. Clients reading many and/or large messages easily hit any timeout |
| NGINX | 60s | Web server and reverse proxy. Default timeout is usually adequate. |
| Apache HTTP Server | 60s | Popular web server; can usually handle the default timeout setting. |
| Node.js | 120s | Runtime environment for JavaScript applications; timeout will need to be adjusted for your app. |
| Jenkins | 300s | Automation server for CI/CD; may require longer timeouts for builds. |
| Elasticsearch | 0 | Search engine; benefits from persistent connections for continuous queries. |
| RabbitMQ | 0 | Message broker; requires persistent connections for message streaming. |
| Kafka | 0 | Distributed event streaming platform that uses long-lived connections. |
| Grafana | 300s | Analytics and monitoring platform; may need longer timeouts for queries. |
| Audiobookshelf | 0 | App constantly reconnects, is unable to reliably save a book on the device unless set to zero. |
| Home Assistant | 300 | Frontend app constantly reconnects, is unable to reliably see camera feed or status of a device. |
I've tried setting it to 300 but some of our swarm applications take longer than this to deploy. Portainer does still seem to run the task completely when set to 300 but the UI shows errors.
Seems to work with 300, but seeing some issues with chat.