tephra-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Terence Yim (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (TEPHRA-269) Protect the Transaction Manager against misconfigured clients using rate limits
Date Mon, 02 Apr 2018 22:51:00 GMT

    [ https://issues.apache.org/jira/browse/TEPHRA-269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16423251#comment-16423251
] 

Terence Yim commented on TEPHRA-269:
------------------------------------

Thanks for the detailed design. I only have two comments.

 
 # Have we think about how does it work together with tx pruning? Some clients could be generating
invalid transaction at a fast rate due to the invalid tx list size is large (e.g. keep getting
out of memory after making the startTx() call, but unable to hold the tx list from the response),
hence getting throttled. In theory, reduction in the tx list size could up lift the throttle
and reduce the operation counts (not necessarily zero) to unblock the clients.
 # For the rate limiter API, I think it will be cleaner to have explicit methods for getting/clearing
the rate limits for all clients, instead of using empty Set as the indicator. 

> Protect the Transaction Manager against misconfigured clients using rate limits
> -------------------------------------------------------------------------------
>
>                 Key: TEPHRA-269
>                 URL: https://issues.apache.org/jira/browse/TEPHRA-269
>             Project: Tephra
>          Issue Type: New Feature
>          Components: core
>            Reporter: Poorna Chandra
>            Assignee: Poorna Chandra
>            Priority: Major
>             Fix For: 0.14.0-incubating
>
>         Attachments: Ensure QoS in Transaction Manager by rate limiting client requests.pdf
>
>
> We have seen cases where misconfigured clients can overwhelm the system by making expensive
requests (like invalidating transactions). By the time admins figure out there is a misconfigured
client and take corrective action, thousands of invalid transactions can be created in a very
short period of time. It would be useful to have a way to limit the number of invalid transactions
that a client can create in given time.
> I'll send out a design document for this soon.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message