Upstream Connection Thrashing

warning

Connection ManagementUpdated Sep 7, 2025

Kong rapidly creates and destroys upstream connections when keepalive isn't working properly, causing CPU spikes and connection exhaustion. Default keepalive of 1000 connections × 20 upstreams = 20,000 open connections, overwhelming backend services.

Sources

Kong Gateway Performance Optimization - When Your API Gateway Becomes the Bottlenecktoolstac.com

Technologies:

Kong GatewaySymptoms of this issue are visible in Kong Gateway metrics and logs

kong.nginx.worker.cpu.utilization

kong.upstream.connections.active

kong.upstream.connections.idle

How to detect:

Monitor Kong CPU usage and upstream connection counts. If CPU spikes without proportional request volume increase, or if connection counts fluctuate rapidly, connection pooling is failing. Check for 502 Bad Gateway errors despite healthy backends. Use 'ss -tulpn | grep nginx' to track connection churn.

Recommended action:

Enable upstream connection pooling and adjust keepalive settings. Set upstream_keepalive_pool to handle expected concurrent connections (including WebSockets). Verify backend services aren't refusing connections due to their own limits. Check DNS resolution isn't triggering reconnections—use IP addresses or increase DNS TTL.