kafka-jira mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] [kafka] d8tltanc commented on a change in pull request #9485: KAKFA-10619: Idempotent producer will get authorized once it has a WRITE access to at least one topic
Date Mon, 30 Nov 2020 03:21:09 GMT

d8tltanc commented on a change in pull request #9485:
URL: https://github.com/apache/kafka/pull/9485#discussion_r532327775



##########
File path: core/src/main/scala/kafka/security/authorizer/AclAuthorizer.scala
##########
@@ -550,6 +660,31 @@ class AclAuthorizer extends Authorizer with Logging {
   }
 
   private def updateCache(resource: ResourcePattern, versionedAcls: VersionedAcls): Unit
= {
+    val currentAces: Set[AccessControlEntry] = aclCache.get(resource) match {

Review comment:
       commit 230ee36b9147a11d7ce299aa9fcbb590324faf68
   Added the authorizeByResourceType() API to the benchmark and simulate the worst case: every
allow ACL on the same resource has a dominant deny ACL.
   Adjust the `resourceCount` parameter to "10000", "40000", "80000" since each cluster is
unlikely to have more than 10k resources. Also, since we are testing against the worst case
mentioned above, I think the "10000" cases are adequate for us.
   Performance result here: https://paste.ubuntu.com/p/k8kV3w6fvF/




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



Mime
View raw message