If your server can't do 20 qps because its CPU is busy with, say, bcrypt but your load testing tool (which? you don't say.) keeps generating new connections, I would expect it to fail like this.

I'm not sure there's anything to do here.

I am using the artillery to run the tests:

artillery quick -d 60 -r 20 http://localhost:9000/auth

Well, the load testing tool has taught you something: you now know what your server can't do. Binary search on the -r value a bit and find the server's limit.

What do you want me to do with this bug?

caddy suggests to up the ulimit on fd's for production use. It seems to me like an OS config issue and not a bug in Go or it's std lib

Hi @ecavalcanti .

You should:

• Increase ulimit of fd's in production environment. You can find fd limit running cat /proc/sys/fs/file-max.
• Disable the keep alive of the net/http server.
• Set Read and Write deadline timeouts.
• Make sure that you closed all fd's in request handler.

The solution should look like this:

package main

import (
	"log"
	"net/http"
	"time"

	"golang.org/x/crypto/bcrypt"
)

func main() {
	srv := &http.Server{
		Addr:         ":9000",
		ReadTimeout:  5 * time.Second,
		WriteTimeout: 10 * time.Second,
	}

	srv.SetKeepAlivesEnabled(false)

	http.HandleFunc("/auth", func(w http.ResponseWriter, r *http.Request) {
		w.Header().Set("Connection", "close")

		defer r.Body.Close()

		log.Printf("/auth")
		if err := bcrypt.CompareHashAndPassword([]byte("$2y$10$MWTmFsLIM3jHVNiDDZH/U.qkpebJ/z02phdclx9rEcz5B7/cbujcy"), []byte("test")); err != nil {
			log.Printf("Error on check key and secret. (%v)", err.Error())
			w.WriteHeader(http.StatusUnauthorized)
			return
		}

		w.WriteHeader(http.StatusOK)
	})
	log.Printf("Listening on port 9000")
	log.Fatal(srv.ListenAndServe())
}