Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Service based deny list to throttle state store usage #61

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
sandeep-paliwal merged 6 commits into from
Oct 31, 2022
Merged

Service based deny list to throttle state store usage #61

sandeep-paliwal merged 6 commits into from
Oct 31, 2022

Conversation

@sandeep-paliwal
Copy link
Contributor

@sandeep-paliwal sandeep-paliwal commented Sep 2, 2022

Stopgap fix to throttle State Store DB usage

Description

  • Add a service based deny list validation for TVM
  • TVM will fetch the deny list from denyListUrl ( if its set in params). Each service impl will process deny list in its own way to provide enough flexibility.
  • Deny list will be cached in memory to improve performance.
  • TVM will make sure not to use any deny list beyond its expiry.
  • Changed Cosmos DB token expiration to 10 mins. This will enable to throttle any excessive usage of State Store for a given Namespace

Related Issue

Motivation and Context

How Has This Been Tested?

Manual Testing against TVM deployment
unit tests

Screenshots (if appropriate):

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • I have signed the Adobe Open Source CLA.
  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

sandeep-paliwal and others added 5 commits August 23, 2022 23:04
@sandeep-paliwal @purplecabbage
nit: do not allow this package to be published to npm, this is a serv…
584cbe5 
…ice (#60)

Co-authored-by: Jesse MacFadyen <[email protected]>
@sandeep-paliwal
Add a service based deny list validation for TVM
b50006e 
TVM will fetch the deny list from denyListUrl if its set
Each service impl will have its own deny list processing to provide enough flexibility
Deny list will be cached in memory to improve performance. TVM will make sure not to use any deny list beyond its expiry.
Changed Cosmos DB token expiration to 10 mins. This will enable to throttle any excessive usage of State Store for a given Namespace
@sandeep-paliwal
Add error code to throttling error
e8a25a9
@sandeep-paliwal
Fix 429 error handling and message within TVM
e3e3092
@sandeep-paliwal
unit test code cleanup
a059a3f
@codecov
Copy link

codecov bot commented Sep 2, 2022
edited
Loading

Codecov Report

Merging #61 (5a856e2) into master (98c6eb8) will not change coverage.
The diff coverage is 100.00%.

@@            Coverage Diff            @@
##            master       #61   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           12        12           
  Lines          345       387   +42     
  Branches        28        37    +9     
=========================================
+ Hits           345       387   +42
Impacted Files Coverage Δ
lib/Tvm.js 100.00% <100.00%> (ø)
lib/impl/AzureCosmosTvm.js 100.00% <100.00%> (ø)

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

moritzraho
moritzraho reviewed Sep 5, 2022
View reviewed changes
Copy link
Member

@moritzraho moritzraho left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The logic lgtm but I feel like we are rushing an abstraction over all services to support a denylist and I am not a fan of fetching the denylist file when calling the files or cdn tvm, although they don't implement denylist. Would it be acceptable to move the logic to the cosmos tvm file for now?

If we still want to go for the one fit all solution I would favor having an enable/disable denylist param for every endpoint. And have the processDenyList function be the same for all.

But I might have missed somethings, feel free to debate ;)

lib/Tvm.js
this._validationSchema = {
/// deployment params - should not be setable by request - deployed as final
expirationDuration: joi.number().integer().min(900).max(18000).required(),
expirationDuration: joi.number().integer().min(600).max(18000).required(),
Copy link
Member

@moritzraho moritzraho Sep 5, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we change this to be cosmos specific ? I don't remember exactly but maybe 900 was a minimum for aws s3 or azure blob, if not then it's fine

Copy link
Contributor Author

@sandeep-paliwal sandeep-paliwal Sep 5, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let me check this. I don't think 10 mins would hit azure blob minimum, but I will reconfirm this.

Copy link
Member

@moritzraho moritzraho Sep 5, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sure also need to check for aws s3

@sandeep-paliwal
Copy link
Contributor Author

sandeep-paliwal commented Sep 5, 2022
edited
Loading

The logic lgtm but I feel like we are rushing an abstraction over all services to support a denylist and I am not a fan of fetching the denylist file when calling the files or cdn tvm, although they don't implement denylist. Would it be acceptable to move the logic to the cosmos tvm file for now?

If we still want to go for the one fit all solution I would favor having an enable/disable denylist param for every endpoint. And have the processDenyList function be the same for all.

But I might have missed somethings, feel free to debate ;)

I feel there is no harm to have a generic solution rather than a very specific cosmos related fix. We can easily extend the same design for other services. And each service gets to decide how it processes its own denylist.
Coming to the question of denylist itself, right now thats the best option available for us. Its least intrusive and totally optional. Plus using the inMemory cache we make sure that we don't run into any performance issues.

@moritzraho
Copy link
Member

moritzraho commented Sep 6, 2022

lgtm, thanks for the additional details.

@sandeep-paliwal sandeep-paliwal merged commit 1e14f62 into master Oct 31, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@moritzraho moritzraho moritzraho approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sandeep-paliwal @moritzraho