Go HTTP Timeouts & Resilience Defaults

Sensible client/server timeouts, retries, and connection settings to keep Go services responsive.

May 12, 2025 · 4487 views

Client defaults

Set Timeout on http.Client; set Transport with DialContext timeout (e.g., 3s), TLSHandshakeTimeout (3s), ResponseHeaderTimeout (5s), IdleConnTimeout (90s), MaxIdleConns/MaxIdleConnsPerHost.
Retry only idempotent methods with backoff + jitter; cap attempts.
Use context.WithTimeout per request; cancel on exit.

Server defaults

ReadHeaderTimeout (e.g., 5s) to mitigate slowloris.
ReadTimeout/WriteTimeout to bound handler time (align with business SLAs).
IdleTimeout to recycle idle connections; prefer HTTP/2 when available.

Patterns

Wrap handlers with middleware for deadline + logging when timeouts hit.
For upstreams, expose metrics: connect latency, TLS handshake, TTFB, retries.
Prefer connection re-use; avoid per-request clients.

Checklist

Timeouts set on both client and server.
Retries limited to idempotent verbs with jitter.
Connection pooling tuned; idle conns reused.
Metrics for latency stages and timeouts.