Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add max_parallel parameter to MySQL backend. #2760

Merged

Conversation

ikatson
Copy link
Contributor

@ikatson ikatson commented May 24, 2017

This limits the number of concurrent connections, so that vault does not die suddenly from "Too many connections".

This can happen when e.g. vault starts up, and tries to load all the existing leases in parallel. At the time of writing this, the value ExpirationRestoreWorkerCount is set to 64, meaning that if there are enough leases in the vault's DB, it will generate AT LEAST 64 concurrent connections to MySQL when loading the data during start-up. On certain configurations, e.g. smaller AWS RDS/Aurora instances, this will cause Vault to fail startup.

@jefferai
Copy link
Member

Is there a reason not to do this with the permit pool and max_parallel like most other backends?

This limits the number of concurrent connections, so that vault does not die
suddenly from "Too many connections".

This can happen when e.g. vault starts up, and tries to load all the
existing leases in parallel. At the time of writing this, the value
ExpirationRestoreWorkerCount in vault/helper/consts/const.go is set to
64, meaning that if there are enough leases in the vault's DB, it will
generate AT LEAST 64 concurrent connections to MySQL when loading the
data during start-up. On certain configurations, e.g. smaller AWS
RDS/Aurora instances, this will cause Vault to fail startup.
@ikatson ikatson force-pushed the mysql-backend-max-connections branch from d533acd to b5c2456 Compare May 24, 2017 16:17
@ikatson
Copy link
Contributor Author

ikatson commented May 24, 2017

@jefferai sure, didn't know about its existence. Reimplemented now with PermitTool and rebased.

Although it seems a little bit slower, probably the lock is coarser than internal db/mysql one.

@ikatson
Copy link
Contributor Author

ikatson commented May 24, 2017

That CI error does not seem related, seems like smth else in master is broken

command/generate-root_test.go:85: ui.OutputWriter.Bytes undefined (type *cli.syncBuffer has no field or method Bytes)
command/rekey_test.go:185: ui.OutputWriter.Bytes undefined (type *cli.syncBuffer has no field or method Bytes)
command/write_test.go:246: ui.OutputWriter.Bytes undefined (type *cli.syncBuffer has no field or method Bytes)
command/write_test.go:247: ui.OutputWriter.Bytes undefined (type *cli.syncBuffer has no field or method Bytes)

@ikatson ikatson changed the title Add max_connections parameter to MySQL backend. Add max_parallel parameter to MySQL backend. May 24, 2017
@@ -42,6 +42,9 @@ storage "mysql" {
- `tls_ca_file` `(string: "")` – Specifies the path to the CA certificate to
connect using TLS.

- `max_parallel` `(string: "128")` – Specifies The maximum number of concurrent
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/The/the

@ikatson
Copy link
Contributor Author

ikatson commented May 25, 2017

@jefferai made the changes, ready for another iteration. I can rebase into one commit when you think it's good enough.

Thanks @jefferai

@jefferai jefferai requested a review from calvn May 26, 2017 14:02
Copy link
Contributor

@briankassouf briankassouf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great!

Copy link
Contributor

@calvn calvn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM as well.

@briankassouf briankassouf merged commit 32c7efe into hashicorp:master Jun 1, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants