/
Eureka Platform Timeouts Configuration

Eureka Platform Timeouts Configuration

Owned by Oleksii Kuzminov
Last updated: Feb 13, 2025 by Craig McNally
3 min read

The Eureka Platform includes various components for entitlement and module installation. To properly handle a series of requests and the necessary adjustments to the timeouts, it is crucial to understand the order in which components interact.

Entitlement Process

All incoming requests are managed by the KONG Gateway and forwarded to mgr-tenant-entitlement.

The mgr-tenant-entitlement component processes the requests and initiates the entitlement flow. During this flow, it makes calls to the module’s /_/tenant API via the sidecar.

The sequence of requests between components is as follows:

  1. KONG Gateway

  2. mgr-tenant-entitlement (flow execution timeout)

  3. Keycloak (authZ for entitlement operations)

  4. mgr-tenant-entitlement → calls module’s /_/tenant API (via HTTP Client)

  5. Sidecar

  6. Module

KONG Gateway Timeouts Setup

In Kong, request timeouts can be configured using environment variables when running Kong in a Dockerized or cloud-native environment. The relevant settings for request timeouts are:

Key Timeout Configuration Variables

  1. KONG_PROXY_READ_TIMEOUT – The timeout (in milliseconds) for reading a response from the upstream service.

  2. KONG_PROXY_CONNECT_TIMEOUT – The timeout (in milliseconds) for establishing a connection to the upstream service.

  3. KONG_PROXY_SEND_TIMEOUT – The timeout (in milliseconds) for sending a request to the upstream service.

Setting Timeout via Environment Variables

You can configure these timeouts by setting them as environment variables before running Kong. Example:

KONG_PROXY_READ_TIMEOUT=60000 # 60 seconds KONG_PROXY_CONNECT_TIMEOUT=5000 # 5 seconds KONG_PROXY_SEND_TIMEOUT=10000 # 10 seconds

Or if running Kong via Docker, pass them as environment variables:

docker run -e KONG_PROXY_READ_TIMEOUT=60000 \ -e KONG_PROXY_CONNECT_TIMEOUT=5000 \ -e KONG_PROXY_SEND_TIMEOUT=10000 \ folioci/folio-kong

NOTE: These global timeout values can be overridden on a per-service basis. Technically you can do this via the Kong Admin API (See https://docs.konghq.com/gateway/api/admin-oss/latest/#/Services/update-service), but it’s probably easier to use the Konga/Kong manager UI for this. Care should be taken to document if/when we do this, and revert the changes when the longer timeouts are no longer needed (e.g. temporarily increase the timeouts, perform entitlement or data loading, etc., then revert the changes).

image-20250213-154542.png

mgr-tenant-entitlements Timeouts Setup

To configure timeouts in the mgr-tenant-entitlements module, you can set the following environment variables:

  • FOLIO_CLIENT_CONNECT_TIMEOUT: Defines the timeout for establishing a connection using the Java HTTP client when making requests to Folio modules. The default value is 10s (10 seconds).

  • FOLIO_CLIENT_READ_TIMEOUT: Defines the timeout for reading responses using the Java HTTP client when making requests to Folio modules. The default value is 30s (30 seconds).

  • FLOW_ENGINE_EXECUTION_TIMEOUT: Defines the maximum execution time for entitlement execution in synchronous mode. If the execution exceeds this time, it will be terminated. The default value is 30m (30 minutes).

Setting Environment Variables

To configure these properties:

FOLIO_CLIENT_CONNECT_TIMEOUT=10s FOLIO_CLIENT_READ_TIMEOUT=30s FLOW_ENGINE_EXECUTION_TIMEOUT=30m

Or, if you’re using Docker:

docker run \ --name mgr-tenant-entitlements \ --link postgres:postgres \ -e DB_HOST=postgres \ -e okapi.url=http://okapi:9130 \ -e tenant.url=http://mgr-tenants:8081 \ -e am.url=http://mgr-applications:8081 \ -e okapi.token=${okapiToken} \ -e FOLIO_CLIENT_CONNECT_TIMEOUT=10s \ -e FOLIO_CLIENT_READ_TIMEOUT=30s \ -e FLOW_ENGINE_EXECUTION_TIMEOUT=30m \ -p 8081:8081 \ -d mgr-tenant-entitlements

Keycloak AuthZ Timeouts Setup

During the entitlement flow, mgr-tenant-entitlement can call various other components. All these calls are secured. Keycloak performs an authorization for each of these calls. By default, these values can be small or poorly set up. Each setting can be adjusted for each realm/tenant in Keycloak.

image-20250211-125049.png
image-20250211-125133.png

mgr-tenants

To automate this process, there are two environment variables in mgr-tenants. Default values are 600s for each realm/tenant, but it can be changed

KC_ACCESS_CODE_TTL=600 KC_PAR_REQUEST_URI_TTL=600

folio-module-sidecar Timeouts Setup

To configure timeouts in the folio-module-sidecar, you can set the following environment variable:

  • REQUEST_TIMEOUT: Defines the maximum time in milliseconds that a request can wait for a response. If no data is returned within this period, the request fails. The default value is 60000 milliseconds (60 seconds).

Setting Environment Variable

To configure this property:

REQUEST_TIMEOUT=60000

Or, if you’re using Docker:

docker run \ --name folio-module-sidecar \ -e REQUEST_TIMEOUT=60000 \ -p 8080:8080 \ -d folio-module-sidecar

Links

https://github.com/folio-org/mgr-tenant-entitlements/blob/master/README.md#environment-variables

https://github.com/folio-org/mgr-tenant-entitlements/blob/master/README.md#environment-variables

https://docs.konghq.com/mesh/latest/policies/timeout/

Related content