Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OIDC: Limit number of dynamic tenants #42804

Draft
wants to merge 4 commits into
base: main
Choose a base branch
from

Conversation

snazy
Copy link
Contributor

@snazy snazy commented Aug 27, 2024

Introduce a new configuration option quarkus.oidc.dynamic-tenant-limit as an opt-in to limit the number of active dynamic OIDC tenants. The default is no dynamic tenant limit.

This change adds the field volatile long TenantConfigContext.lastUsed, and removes the field TenantConfigContext.ready to keep the heap footprint the same. The lastUsed field is initially set to "now" and updated when the dynamic tenant is being accessed.

When a new dynamic tenant is about to be added to the dynamic tenants map, eviction runs, if there are more dynamic tenants than configured via dynami-tenant-limit. The eviction algo is built to iterate over the dynamic tenants only once - it may need to iterate more often, if one of the eviction candidates has been accessed in the mean time. There is no linked-list structure to form an LRU list/queue, as that likely causes more runtime overhead (pointer updates, synchronization) than the cost of iterating over the list once in a while. The assumption is that the map of dynamic tenants has not a lot of "churn".

Fixes #42803

Copy link

github-actions bot commented Aug 27, 2024

🎊 PR Preview 646c96b has been successfully built and deployed to https://quarkus-pr-main-42804-preview.surge.sh/version/main/guides/

  • Images of blog posts older than 3 months are not available.
  • Newsletters older than 3 months are not available.

@snazy snazy force-pushed the oidc-context-limit branch 2 times, most recently from 905ff84 to 919d339 Compare August 31, 2024 18:22
@snazy
Copy link
Contributor Author

snazy commented Sep 2, 2024

Marking this PR as draft, I'm reworking the changes. The current state is rather a preparation.

}
}

public TenantConfigContext getExistingTenantConfigContext(String tenantId) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd consider Dynamic instead of Existing

@sberyozkin
Copy link
Member

Hi @snazy Thanks, I've had a quick look, and it looks good

@snazy
Copy link
Contributor Author

snazy commented Sep 4, 2024

Hi @snazy Thanks, I've had a quick look, and it looks good

Okay, factored out the preparation into #43007 and leave this PR for the actual "limit change"

snazy added a commit to snazy/quarkus that referenced this pull request Sep 4, 2024
…enants

This is a prerequisite for quarkusio#42804 w/o any functional change. It moves the code to get/add tenants into the `TenantConfigBean`, so the limitation for the amount of dynamic tenants can be done there.
snazy added a commit to snazy/quarkus that referenced this pull request Sep 5, 2024
…enants

This is a prerequisite for quarkusio#42804 w/o any functional change. It moves the code to get/add tenants into the `TenantConfigBean`, so the limitation for the amount of dynamic tenants can be done there.
snazy added a commit to snazy/quarkus that referenced this pull request Sep 5, 2024
…enants

This is a prerequisite for quarkusio#42804 w/o any functional change. It moves the code to get/add tenants into the `TenantConfigBean`, so the limitation for the amount of dynamic tenants can be done there.
@snazy snazy force-pushed the oidc-context-limit branch from 919d339 to a41ea94 Compare September 7, 2024 17:07
@snazy snazy changed the title OIDC: Limit the number of active OIDC contexts by amount and duration OIDC: Limit the number of active dynamic OIDC tenant contexts Sep 7, 2024
@snazy snazy force-pushed the oidc-context-limit branch from a41ea94 to d0257dc Compare September 7, 2024 17:19
@snazy snazy changed the title OIDC: Limit the number of active dynamic OIDC tenant contexts OIDC: Limit number of dynamic tenants Sep 7, 2024
@snazy
Copy link
Contributor Author

snazy commented Sep 7, 2024

Here's an approach that limits the number of active dynamic tenants, if enabled. Updated the PR description accordingly.

Still in draft, because this PR depends on #43007 and #43110

@snazy snazy force-pushed the oidc-context-limit branch 2 times, most recently from 05f0d34 to cdfb3d1 Compare September 7, 2024 17:24
return new TenantConfigBean(staticTenantsConfig, defaultTenantContext, new LongSupplier() {
@Override
public long getAsLong() {
return System.nanoTime();
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could change to currentTimeMillis() - however not sure whether all OSes (looking at you, Windows...) work fine then.

Lets `TenantConfigBean` be the sole "owner" of the static/dynamic tenants maps, adds/changes accessor methods for tenants. Also introduces a functional interface to create tenants.

No functional change, only moving code around.

Also some minor code cleanups (reducing the amount of warnings in IntelliJ).
…ved public functions, simplify some more code
Introduce a new configuration option `quarkus.oidc.dynamic-tenant-limit` as an opt-in to limit the number of active dynamic OIDC tenants. The default is no dynamic tenant limit.

This change adds the field `volatile long TenantConfigContext.lastUsed`, and removes the field `TenantConfigContext.ready` to keep the heap footprint the same. The `lastUsed` field is initially set to "now" and updated when the dynamic tenant is being accessed.

When a new dynamic tenant is about to be added to the dynamic tenants map, eviction runs, if there are more dynamic tenants than configured via `dynami-tenant-limit`. The eviction algo is built to iterate over the dynamic tenants only once - it may need to iterate more often, if one of the eviction candidates has been accessed in the mean time. There is no linked-list structure to form an LRU list/queue, as that likely causes more runtime overhead (pointer updates, synchronization) than the cost of iterating over the list once in a while. The assumption is that the map of dynamic tenants has not a lot of "churn".
@sberyozkin
Copy link
Member

sberyozkin commented Sep 9, 2024

Thanks @snazy, I'll have a closer look once the PRs it depends on are merged.
One thing I forgot to mention, is that we have an in memory abstract cache implemenation which is used in 4 cases already.

For ex, look at the back channel logout cache and corresponding configuration properties in the Logout config group.
IMHO the same cache should be used here

Now that you have encapsulated the dynamic map nicely, I believe we should just have DynamicTenantsMap extending the abstract cache impl, instead of the dynamic tenants map, which should also terminate the optional Vertx timer on the shutdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

OIDC: Limit number of active dynamic tenants
2 participants