mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-05-04 12:41:00 +02:00
Code Issues Projects Releases Wiki Activity

MEDIUM: stktables: Limit the number of stick counters to 100

Browse Source 
"tune.stick-counters" global parameter was accepting any positive integer
value. But the maximum value is incredibly high. Setting a huge value has
signitifcant impact on memory and CPU usage. To avoid any issue, this value
is now limited to 100. It should be greater enough to all usage.

It can be seen as a breaking change.
This commit is contained in:
Christopher Faulet 2025-11-06 11:12:09 +01:00
parent 949199a2f4
commit 80edbad4f9
2 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
doc/configuration.txt
View File

@ -5288,15 +5288,16 @@ tune.stick-counters <number>
connection or a request via "track-sc*" actions in "tcp-request" or
"http-request" rules. The default value is set at build time by the macro
MAX_SESS_STK_CTR, and defaults to 3. With this setting it is possible to
change the value and ignore the one passed at build time. Increasing this
value may be needed when porting complex configurations to haproxy, but users
are warned against the costs: each entry takes 16 bytes per connection and
16 bytes per request, all of which need to be allocated and zeroed for all
requests even when not used. As such a value of 10 will inflate the memory
consumption per request by 320 bytes and will cause this memory to be erased
for each request, which does have measurable CPU impacts. Conversely, when
no "track-sc" rules are used, the value may be lowered (0 being valid to
entirely disable stick-counters).
change the value and ignore the one passed at build time, but it cannot be
set to a value greater than 100. Increasing this value may be needed when
porting complex configurations to haproxy, but users are warned against the
costs: each entry takes 16 bytes per connection and 16 bytes per request, all
of which need to be allocated and zeroed for all requests even when not
used. As such a value of 10 will inflate the memory consumption per request
by 320 bytes and will cause this memory to be erased for each request, which
does have measurable CPU impacts. Conversely, when no "track-sc" rules are
used, the value may be lowered (0 being valid to entirely disable
stick-counters).
tune.takeover-other-tg-connections <value>
By default, we won't attempt to use idle connections from other thread groups.

4
src/stick_table.c
View File

@ -5940,8 +5940,8 @@ static int stk_parse_stick_counters(char **args, int section_type, struct proxy
return -1;
}
if (counters < 0) {
memprintf(err, "%s: the number of stick-counters may not be negative (was %d)", args[0], counters);
if (counters < 0 || counters > 100) {
memprintf(err, "%s: the number of stick-counters must be between 1 and 100 (was %d)", args[0], counters);
return -1;
}