github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 08:05:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #3138] [Feature Request] Add documentation to deploy in K8s, scaling parameters and resource consumption #2517

New issue
Closed
opened 2026-05-05 13:37:18 -06:00 by gitea-mirror · 9 comments
gitea-mirror commented 2026-05-05 13:37:18 -06:00
Owner
Copy link

Originally created by @isurulucky on GitHub (Oct 19, 2022).
Original GitHub issue: https://github.com/fatedier/frp/issues/3138

Describe the feature request

Hello there,

Since there are not much resources related to using frp in K8s, I went ahead and tried a POC with the usecase of exposing the services privately. I would like to get your feedback and see if we can include this information in the FRP documentation for the benefit of others. Particularly, I think we need:

  • A reference architecture
  • Parameters for scaling frps horizontally for a typical scenario
  • Security aspects
  • And any other relevant information.

This is the basic sample architecture I came up with:

frp-k8s drawio

Here, the external secret client visitor (or any external client in the general case) should use TLS to communicate with the ingress controller. In addition, the token based authentication can be used between the FRP client and the server. Any internal communication between FRPS and FRPC within the K8s cluster need not use TLS. In addition, the external client is using websocket protocol to communicate with FRPS as the community ingress controller supports websockets out of the box, whereas TCP is not properly supported (TCP with ingress controller requires a port per ingress if am not mistaken).
As next steps we would need to to figure out autoscaling resource (CPU and memory) requests and limits. Any idea on what would be a resource requirements in a general level?
Also, any other additional improvements for the suggested approach are welcome!

Describe alternatives you've considered

No response

Affected area

  • Docs
  • Installation
  • Performance and Scalability
  • Security
  • User Experience
  • Test and Release
  • Developer Infrastructure
  • Client Plugin
  • Server Plugin
  • Extensions
  • Others
Originally created by @isurulucky on GitHub (Oct 19, 2022). Original GitHub issue: https://github.com/fatedier/frp/issues/3138 ### Describe the feature request Hello there, Since there are not much resources related to using frp in K8s, I went ahead and tried a POC with the usecase of exposing the services privately. I would like to get your feedback and see if we can include this information in the FRP documentation for the benefit of others. Particularly, I think we need: - A reference architecture - Parameters for scaling frps horizontally for a typical scenario - Security aspects - And any other relevant information. This is the basic sample architecture I came up with: ![frp-k8s drawio](https://user-images.githubusercontent.com/2777052/196608755-4762deeb-d9bc-4a34-b58f-c99c3e1ed21e.png) Here, the external secret client visitor (or any external client in the general case) should use TLS to communicate with the ingress controller. In addition, the token based authentication can be used between the FRP client and the server. Any internal communication between FRPS and FRPC within the K8s cluster need not use TLS. In addition, the external client is using websocket protocol to communicate with FRPS as the community ingress controller supports websockets out of the box, whereas TCP is not properly supported (TCP with ingress controller requires a port per ingress if am not mistaken). As next steps we would need to to figure out autoscaling resource (CPU and memory) requests and limits. Any idea on what would be a resource requirements in a general level? Also, any other additional improvements for the suggested approach are welcome! ### Describe alternatives you've considered _No response_ ### Affected area - [X] Docs - [ ] Installation - [X] Performance and Scalability - [ ] Security - [ ] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others
gitea-mirror 2026-05-05 13:37:18 -06:00
gitea-mirror commented 2026-05-05 13:37:21 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Oct 19, 2022):

  1. From development-status , we are developing v2 to replace current version and won't put a lot of effort into adding features to the current version.
  2. frps is not scalable now based on the current architecture. It's not cloud native. You may encounter a lot of problems.
  3. You're welcome to ask me questions about your POC issues.
<!-- gh-comment-id:1283783699 --> @fatedier commented on GitHub (Oct 19, 2022): 1. From [development-status ](https://github.com/fatedier/frp#development-status), we are developing v2 to replace current version and won't put a lot of effort into adding features to the current version. 2. `frps` is not scalable now based on the current architecture. It's not cloud native. You may encounter a lot of problems. 3. You're welcome to ask me questions about your POC issues.
gitea-mirror commented 2026-05-05 13:37:22 -06:00
Author
Owner
Copy link

@isurulucky commented on GitHub (Oct 19, 2022):

Thanks for very much for the reply. I tried the POC out in a minimal K8s cluster, and it did seem to work. But my idea was to scale this based on need, such as when memory pressure increases etc., using the k8s autoscaling techniques. But if the current frp implementation does not support scaling, that would not work.
Would you be able to explain a bit why it won't scale as of now? And I assume the next version would address these shortcomings?

<!-- gh-comment-id:1283838746 --> @isurulucky commented on GitHub (Oct 19, 2022): Thanks for very much for the reply. I tried the POC out in a minimal K8s cluster, and it did seem to work. But my idea was to scale this based on need, such as when memory pressure increases etc., using the k8s autoscaling techniques. But if the current frp implementation does not support scaling, that would not work. Would you be able to explain a bit why it won't scale as of now? And I assume the next version would address these shortcomings?
gitea-mirror commented 2026-05-05 13:37:23 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Oct 19, 2022):

It's not stateless. All route configurations and frpc's meta infos are stored in memory.

When a request come in, frps will parse it and decide which frpc to forward by route configurations. If one frpc connect to frps A and you send requests to frps B, frps B will not know how to route this request.

<!-- gh-comment-id:1283899135 --> @fatedier commented on GitHub (Oct 19, 2022): It's not stateless. All route configurations and frpc's meta infos are stored in memory. When a request come in, frps will parse it and decide which frpc to forward by route configurations. If one frpc connect to frps A and you send requests to frps B, frps B will not know how to route this request.
gitea-mirror commented 2026-05-05 13:37:24 -06:00
Author
Owner
Copy link

@isurulucky commented on GitHub (Oct 19, 2022):

It's not stateless. All route configurations and frpc's meta infos are stored in memory.

When a request come in, frps will parse it and decide which frpc to forward by route configurations. If one frpc connect to frps A and you send requests to frps B, frps B will not know how to route this request.

I see, I think I get the idea. If we take the exposing a private service as an example, both secret client and secret client visitor connects to frps separately. Since its a point to point connection, even if another frps comes up, it will not know about the routing configuration.
So the only way to make it work is make sure that there are only one frps running.. as I see, scaling frpc is not an issue as the configurations are read from the frpc.ini file. I assume if we can guarantee that there is one frps running, this setup would work?

<!-- gh-comment-id:1283962732 --> @isurulucky commented on GitHub (Oct 19, 2022): > It's not stateless. All route configurations and frpc's meta infos are stored in memory. > > When a request come in, frps will parse it and decide which frpc to forward by route configurations. If one frpc connect to frps A and you send requests to frps B, frps B will not know how to route this request. I see, I think I get the idea. If we take the exposing a private service as an example, both secret client and secret client visitor connects to frps separately. Since its a point to point connection, even if another frps comes up, it will not know about the routing configuration. So the only way to make it work is make sure that there are only one frps running.. as I see, scaling frpc is not an issue as the configurations are read from the frpc.ini file. I assume if we can guarantee that there is one frps running, this setup would work?
gitea-mirror commented 2026-05-05 13:37:24 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Oct 19, 2022):

Yes.

<!-- gh-comment-id:1283979211 --> @fatedier commented on GitHub (Oct 19, 2022): Yes.
gitea-mirror commented 2026-05-05 13:37:25 -06:00
Author
Owner
Copy link

@isurulucky commented on GitHub (Oct 19, 2022):

Thanks @fatedier. Will close this.

<!-- gh-comment-id:1284038834 --> @isurulucky commented on GitHub (Oct 19, 2022): Thanks @fatedier. Will close this.
gitea-mirror commented 2026-05-05 13:37:25 -06:00
Author
Owner
Copy link

@isurulucky commented on GitHub (Oct 20, 2022):

Re-opening to discuss a point we missed to discuss - for FRPS and FRPC, how do we need to set resources (memory and CPU) in a K8s environment? This is not for scaling but for the initial scheduling of FRPS and FRPC pods.

<!-- gh-comment-id:1284778773 --> @isurulucky commented on GitHub (Oct 20, 2022): Re-opening to discuss a point we missed to discuss - for FRPS and FRPC, how do we need to set resources (memory and CPU) in a K8s environment? This is not for scaling but for the initial scheduling of FRPS and FRPC pods.
gitea-mirror commented 2026-05-05 13:37:26 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Oct 20, 2022):

It depends on your usage scenarios. Small resource is fine for your demo.

<!-- gh-comment-id:1284852034 --> @fatedier commented on GitHub (Oct 20, 2022): It depends on your usage scenarios. Small resource is fine for your demo.
gitea-mirror commented 2026-05-05 13:37:26 -06:00
Author
Owner
Copy link

@isurulucky commented on GitHub (Oct 21, 2022):

Thanks @fatedier. In a test running for a few hours, noted that all frp pods were consuming around 50MB memory and around couple of millicores of CPU. I think something around this should be a good starting point.

<!-- gh-comment-id:1286452268 --> @isurulucky commented on GitHub (Oct 21, 2022): Thanks @fatedier. In a test running for a few hours, noted that all frp pods were consuming around 50MB memory and around couple of millicores of CPU. I think something around this should be a good starting point.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#2517
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?