daemon, fqdn: Add flag to control FQDN regex LRU size #19383
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
christarazi
added
area/daemon
maintainer-s-little-helper
bot
added
dont-merge/needs-release-note-label
aanm
approved these changes
Apr 9, 2022
christarazi
commented
Apr 11, 2022
Comment on lines
+1048
to
+1053
| b.Skip() | ||
|
|
||
| bb, err := ioutil.ReadFile("testdata/cnps-large.yaml") | ||
| if err != nil { | ||
| b.Fatal(err) | ||
| } |
There was a problem hiding this comment.
For now this benchmark will be skipped until we have a proper fixture for CNPs checked in.
aanm
approved these changes
Apr 11, 2022
|
/test Job 'Cilium-PR-K8s-1.21-kernel-5.4' failed: Click to show.Test NameFailure OutputIf it is a flake and a GitHub issue doesn't already exist to track it, comment Edit:
|
|
/test-1.23-net-next Job 'Cilium-PR-K8s-GKE' failed: Click to show.Test NameFailure OutputIf it is a flake and a GitHub issue doesn't already exist to track it, comment Edit: hit #16159 |
jibi
approved these changes
Apr 26, 2022
|
/test-1.21-5.4 |
|
Will push short to resolve conflict. Noting that CI has passed besides known flakes. |
Advanced users can configure the LRU size for the cache holding the
compiled regex expressions of FQDN match{Pattern,Name}. This is useful
if users are experiencing high memory usage spikes with many FQDN
policies that have repeated matchPattern or matchName across many
different policies.
Signed-off-by: Chris Tarazi <chris@isovalent.com>
When comparing efficieny of increasing the LRU size from 128 to 1024 with ~22k CNPs, we see the following results: ``` \# LRU size 128. $ go test -tags privileged_tests -v -run '^$' -bench Benchmark_perEPAllow_setPortRulesForID_large -benchmem -benchtime 1x -memprofile memprofile.out ./pkg/fqdn/dnsproxy > old.txt \# LRU size 1024. $ go test -tags privileged_tests -v -run '^$' -bench Benchmark_perEPAllow_setPortRulesForID_large -benchmem -benchtime 1x -memprofile memprofile.out ./pkg/fqdn/dnsproxy > new.txt $ benchcmp old.txt new.txt benchcmp is deprecated in favor of benchstat: https://pkg.go.dev/golang.org/x/perf/cmd/benchstat benchmark old ns/op new ns/op delta Benchmark_perEPAllow_setPortRulesForID_large-8 3954101340 3010934555 -23.85% benchmark old allocs new allocs delta Benchmark_perEPAllow_setPortRulesForID_large-8 26480632 24167742 -8.73% benchmark old bytes new bytes delta Benchmark_perEPAllow_setPortRulesForID_large-8 2899811832 1824062992 -37.10% ``` Here's the raw test run with LRU size at 128: ``` Before (N=1) Alloc = 31 MiB HeapInuse = 45 MiB Sys = 1260 MiB NumGC = 15 After (N=1) Alloc = 445 MiB HeapInuse = 459 MiB Sys = 1260 MiB NumGC = 40 ``` Here's the raw test run with LRU size at 1024: ``` Before (N=1) Alloc = 31 MiB HeapInuse = 48 MiB Sys = 1177 MiB NumGC = 17 After (N=1) Alloc = 78 MiB HeapInuse = 93 MiB Sys = 1177 MiB NumGC = 53 ``` We can see that it's saving ~300MB. Furthermore, if we compare the memprofiles from the benchmark run via ``` go tool pprof -http :8080 -diff_base memprofile.out memprofile.1024.out ``` we see an ~800MB reduction in the regex compilation. Signed-off-by: Chris Tarazi <chris@isovalent.com>
Following the previous commit's benchmark result, let's update the LRU default size to be 1024, given that it only results in a few 10's of MBs increase when the cache nears full. Signed-off-by: Chris Tarazi <chris@isovalent.com>
christarazi
force-pushed
the
pr/christarazi/fqdn-regex-lru-flag
branch
from
c8cb648
to
676e87c
Compare
|
Travis passed as a sanity check for the rebase. Marking ready to merge given #19383 (comment). |
christarazi
added
the
ready-to-merge
maintainer-s-little-helper
bot
moved this from Needs backport from master
to Backport pending to v1.10
in 1.11.5
maintainer-s-little-helper
bot
moved this from Needs backport from master
to Backport pending to v1.10
in 1.11.5
aditighag
added
backport-done/1.11
maintainer-s-little-helper
bot
moved this from Backport pending to v1.10
to Backport done to v1.11
in 1.11.5
maintainer-s-little-helper
bot
moved this from Backport pending to v1.10
to Backport done to v1.11
in 1.11.5
odinuge
added a commit
to odinuge/cilium
that referenced
this pull request
Jun 28, 2022
Previously, the printed memory values depended greatly on both the size of the loaded CNPs in memory, as well as when the gc ran for the last time. That favored solutions that allocated a lot of memory in the start of the test (but still inside the actual testing section), while solution allocating a lot of memory in the end, even if they removed all the referneces to it, were punished due the fact that we printed the memory stats before forcing a gc. For heap, the diff between the "Before Setup" and "After Test" should be inspected, since "Before Test" has all the CNPs in memory. When we hit "After test", those CNPs have been garbage collected. New output: root@10fc3f693c5d:/code# go test -tags privileged_tests -v -run '^$' -bench Benchmark_perEPAllow_setPortRulesForID_large -benchmem -benchtime 1x ./pkg/fqdn/dnsproxy goos: linux goarch: amd64 pkg: github.com/cilium/cilium/pkg/fqdn/dnsproxy cpu: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Benchmark_perEPAllow_setPortRulesForID_large Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 5 MiB Sys = 20 MiB NumGC = 6 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 50 MiB Sys = 987 MiB NumGC = 16 After Test (N=1,EPs=20,cache=128) Alloc = 341 MiB HeapInuse = 374 MiB Sys = 987 MiB NumGC = 38 Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 6 MiB Sys = 987 MiB NumGC = 40 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 56 MiB Sys = 1020 MiB NumGC = 49 After Test (N=1,EPs=20,cache=128) Alloc = 344 MiB HeapInuse = 378 MiB Sys = 1020 MiB NumGC = 71 Benchmark_perEPAllow_setPortRulesForID_large-7 1 4301736800 ns/op 3047525016 B/op 26526920 allocs/op PASS ok github.com/cilium/cilium/pkg/fqdn/dnsproxy 20.796s Fixes: cilium#19383 Fixes: 38c0036 ("dnsproxy: Add benchmark for large FQDN-based CNPs") Signed-off-by: Odin Ugedal <ougedal@palantir.com>
6 tasks
aanm
pushed a commit
that referenced
this pull request
Jul 8, 2022
Previously, the printed memory values depended greatly on both the size of the loaded CNPs in memory, as well as when the gc ran for the last time. That favored solutions that allocated a lot of memory in the start of the test (but still inside the actual testing section), while solution allocating a lot of memory in the end, even if they removed all the referneces to it, were punished due the fact that we printed the memory stats before forcing a gc. For heap, the diff between the "Before Setup" and "After Test" should be inspected, since "Before Test" has all the CNPs in memory. When we hit "After test", those CNPs have been garbage collected. New output: root@10fc3f693c5d:/code# go test -tags privileged_tests -v -run '^$' -bench Benchmark_perEPAllow_setPortRulesForID_large -benchmem -benchtime 1x ./pkg/fqdn/dnsproxy goos: linux goarch: amd64 pkg: github.com/cilium/cilium/pkg/fqdn/dnsproxy cpu: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Benchmark_perEPAllow_setPortRulesForID_large Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 5 MiB Sys = 20 MiB NumGC = 6 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 50 MiB Sys = 987 MiB NumGC = 16 After Test (N=1,EPs=20,cache=128) Alloc = 341 MiB HeapInuse = 374 MiB Sys = 987 MiB NumGC = 38 Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 6 MiB Sys = 987 MiB NumGC = 40 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 56 MiB Sys = 1020 MiB NumGC = 49 After Test (N=1,EPs=20,cache=128) Alloc = 344 MiB HeapInuse = 378 MiB Sys = 1020 MiB NumGC = 71 Benchmark_perEPAllow_setPortRulesForID_large-7 1 4301736800 ns/op 3047525016 B/op 26526920 allocs/op PASS ok github.com/cilium/cilium/pkg/fqdn/dnsproxy 20.796s Fixes: #19383 Fixes: 38c0036 ("dnsproxy: Add benchmark for large FQDN-based CNPs") Signed-off-by: Odin Ugedal <ougedal@palantir.com>
ldelossa
pushed a commit
to ldelossa/cilium
that referenced
this pull request
Jul 13, 2022
[ upstream commit 6c0cc03 ] Previously, the printed memory values depended greatly on both the size of the loaded CNPs in memory, as well as when the gc ran for the last time. That favored solutions that allocated a lot of memory in the start of the test (but still inside the actual testing section), while solution allocating a lot of memory in the end, even if they removed all the referneces to it, were punished due the fact that we printed the memory stats before forcing a gc. For heap, the diff between the "Before Setup" and "After Test" should be inspected, since "Before Test" has all the CNPs in memory. When we hit "After test", those CNPs have been garbage collected. New output: root@10fc3f693c5d:/code# go test -tags privileged_tests -v -run '^$' -bench Benchmark_perEPAllow_setPortRulesForID_large -benchmem -benchtime 1x ./pkg/fqdn/dnsproxy goos: linux goarch: amd64 pkg: github.com/cilium/cilium/pkg/fqdn/dnsproxy cpu: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Benchmark_perEPAllow_setPortRulesForID_large Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 5 MiB Sys = 20 MiB NumGC = 6 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 50 MiB Sys = 987 MiB NumGC = 16 After Test (N=1,EPs=20,cache=128) Alloc = 341 MiB HeapInuse = 374 MiB Sys = 987 MiB NumGC = 38 Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 6 MiB Sys = 987 MiB NumGC = 40 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 56 MiB Sys = 1020 MiB NumGC = 49 After Test (N=1,EPs=20,cache=128) Alloc = 344 MiB HeapInuse = 378 MiB Sys = 1020 MiB NumGC = 71 Benchmark_perEPAllow_setPortRulesForID_large-7 1 4301736800 ns/op 3047525016 B/op 26526920 allocs/op PASS ok github.com/cilium/cilium/pkg/fqdn/dnsproxy 20.796s Fixes: cilium#19383 Fixes: 38c0036 ("dnsproxy: Add benchmark for large FQDN-based CNPs") Signed-off-by: Odin Ugedal <ougedal@palantir.com> Signed-off-by: Louis DeLosSantos <louis.delos@isovalent.com>
aanm
pushed a commit
that referenced
this pull request
Jul 14, 2022
[ upstream commit 6c0cc03 ] Previously, the printed memory values depended greatly on both the size of the loaded CNPs in memory, as well as when the gc ran for the last time. That favored solutions that allocated a lot of memory in the start of the test (but still inside the actual testing section), while solution allocating a lot of memory in the end, even if they removed all the referneces to it, were punished due the fact that we printed the memory stats before forcing a gc. For heap, the diff between the "Before Setup" and "After Test" should be inspected, since "Before Test" has all the CNPs in memory. When we hit "After test", those CNPs have been garbage collected. New output: root@10fc3f693c5d:/code# go test -tags privileged_tests -v -run '^$' -bench Benchmark_perEPAllow_setPortRulesForID_large -benchmem -benchtime 1x ./pkg/fqdn/dnsproxy goos: linux goarch: amd64 pkg: github.com/cilium/cilium/pkg/fqdn/dnsproxy cpu: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Benchmark_perEPAllow_setPortRulesForID_large Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 5 MiB Sys = 20 MiB NumGC = 6 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 50 MiB Sys = 987 MiB NumGC = 16 After Test (N=1,EPs=20,cache=128) Alloc = 341 MiB HeapInuse = 374 MiB Sys = 987 MiB NumGC = 38 Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 6 MiB Sys = 987 MiB NumGC = 40 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 56 MiB Sys = 1020 MiB NumGC = 49 After Test (N=1,EPs=20,cache=128) Alloc = 344 MiB HeapInuse = 378 MiB Sys = 1020 MiB NumGC = 71 Benchmark_perEPAllow_setPortRulesForID_large-7 1 4301736800 ns/op 3047525016 B/op 26526920 allocs/op PASS ok github.com/cilium/cilium/pkg/fqdn/dnsproxy 20.796s Fixes: #19383 Fixes: 38c0036 ("dnsproxy: Add benchmark for large FQDN-based CNPs") Signed-off-by: Odin Ugedal <ougedal@palantir.com> Signed-off-by: Louis DeLosSantos <louis.delos@isovalent.com>
gandro
pushed a commit
to gandro/cilium
that referenced
this pull request
Aug 4, 2022
[ upstream commit 6c0cc03 ] Previously, the printed memory values depended greatly on both the size of the loaded CNPs in memory, as well as when the gc ran for the last time. That favored solutions that allocated a lot of memory in the start of the test (but still inside the actual testing section), while solution allocating a lot of memory in the end, even if they removed all the referneces to it, were punished due the fact that we printed the memory stats before forcing a gc. For heap, the diff between the "Before Setup" and "After Test" should be inspected, since "Before Test" has all the CNPs in memory. When we hit "After test", those CNPs have been garbage collected. New output: root@10fc3f693c5d:/code# go test -tags privileged_tests -v -run '^$' -bench Benchmark_perEPAllow_setPortRulesForID_large -benchmem -benchtime 1x ./pkg/fqdn/dnsproxy goos: linux goarch: amd64 pkg: github.com/cilium/cilium/pkg/fqdn/dnsproxy cpu: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Benchmark_perEPAllow_setPortRulesForID_large Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 5 MiB Sys = 20 MiB NumGC = 6 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 50 MiB Sys = 987 MiB NumGC = 16 After Test (N=1,EPs=20,cache=128) Alloc = 341 MiB HeapInuse = 374 MiB Sys = 987 MiB NumGC = 38 Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 6 MiB Sys = 987 MiB NumGC = 40 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 56 MiB Sys = 1020 MiB NumGC = 49 After Test (N=1,EPs=20,cache=128) Alloc = 344 MiB HeapInuse = 378 MiB Sys = 1020 MiB NumGC = 71 Benchmark_perEPAllow_setPortRulesForID_large-7 1 4301736800 ns/op 3047525016 B/op 26526920 allocs/op PASS ok github.com/cilium/cilium/pkg/fqdn/dnsproxy 20.796s Fixes: cilium#19383 Fixes: 38c0036 ("dnsproxy: Add benchmark for large FQDN-based CNPs") Signed-off-by: Odin Ugedal <ougedal@palantir.com> Signed-off-by: Louis DeLosSantos <louis.delos@isovalent.com> Signed-off-by: Michi Mutsuzaki <michi@isovalent.com>
nbusseneau
pushed a commit
to nbusseneau/cilium
that referenced
this pull request
Aug 9, 2022
[ upstream commit 6c0cc03 ] Previously, the printed memory values depended greatly on both the size of the loaded CNPs in memory, as well as when the gc ran for the last time. That favored solutions that allocated a lot of memory in the start of the test (but still inside the actual testing section), while solution allocating a lot of memory in the end, even if they removed all the referneces to it, were punished due the fact that we printed the memory stats before forcing a gc. For heap, the diff between the "Before Setup" and "After Test" should be inspected, since "Before Test" has all the CNPs in memory. When we hit "After test", those CNPs have been garbage collected. New output: root@10fc3f693c5d:/code# go test -tags privileged_tests -v -run '^$' -bench Benchmark_perEPAllow_setPortRulesForID_large -benchmem -benchtime 1x ./pkg/fqdn/dnsproxy goos: linux goarch: amd64 pkg: github.com/cilium/cilium/pkg/fqdn/dnsproxy cpu: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Benchmark_perEPAllow_setPortRulesForID_large Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 5 MiB Sys = 20 MiB NumGC = 6 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 50 MiB Sys = 987 MiB NumGC = 16 After Test (N=1,EPs=20,cache=128) Alloc = 341 MiB HeapInuse = 374 MiB Sys = 987 MiB NumGC = 38 Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 6 MiB Sys = 987 MiB NumGC = 40 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 56 MiB Sys = 1020 MiB NumGC = 49 After Test (N=1,EPs=20,cache=128) Alloc = 344 MiB HeapInuse = 378 MiB Sys = 1020 MiB NumGC = 71 Benchmark_perEPAllow_setPortRulesForID_large-7 1 4301736800 ns/op 3047525016 B/op 26526920 allocs/op PASS ok github.com/cilium/cilium/pkg/fqdn/dnsproxy 20.796s Fixes: cilium#19383 Fixes: 38c0036 ("dnsproxy: Add benchmark for large FQDN-based CNPs") Signed-off-by: Odin Ugedal <ougedal@palantir.com> Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
dezmodue
pushed a commit
to dezmodue/cilium
that referenced
this pull request
Aug 10, 2022
Previously, the printed memory values depended greatly on both the size of the loaded CNPs in memory, as well as when the gc ran for the last time. That favored solutions that allocated a lot of memory in the start of the test (but still inside the actual testing section), while solution allocating a lot of memory in the end, even if they removed all the referneces to it, were punished due the fact that we printed the memory stats before forcing a gc. For heap, the diff between the "Before Setup" and "After Test" should be inspected, since "Before Test" has all the CNPs in memory. When we hit "After test", those CNPs have been garbage collected. New output: root@10fc3f693c5d:/code# go test -tags privileged_tests -v -run '^$' -bench Benchmark_perEPAllow_setPortRulesForID_large -benchmem -benchtime 1x ./pkg/fqdn/dnsproxy goos: linux goarch: amd64 pkg: github.com/cilium/cilium/pkg/fqdn/dnsproxy cpu: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Benchmark_perEPAllow_setPortRulesForID_large Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 5 MiB Sys = 20 MiB NumGC = 6 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 50 MiB Sys = 987 MiB NumGC = 16 After Test (N=1,EPs=20,cache=128) Alloc = 341 MiB HeapInuse = 374 MiB Sys = 987 MiB NumGC = 38 Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 6 MiB Sys = 987 MiB NumGC = 40 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 56 MiB Sys = 1020 MiB NumGC = 49 After Test (N=1,EPs=20,cache=128) Alloc = 344 MiB HeapInuse = 378 MiB Sys = 1020 MiB NumGC = 71 Benchmark_perEPAllow_setPortRulesForID_large-7 1 4301736800 ns/op 3047525016 B/op 26526920 allocs/op PASS ok github.com/cilium/cilium/pkg/fqdn/dnsproxy 20.796s Fixes: cilium#19383 Fixes: 38c0036 ("dnsproxy: Add benchmark for large FQDN-based CNPs") Signed-off-by: Odin Ugedal <ougedal@palantir.com>
tklauser
pushed a commit
that referenced
this pull request
Aug 11, 2022
[ upstream commit 6c0cc03 ] Previously, the printed memory values depended greatly on both the size of the loaded CNPs in memory, as well as when the gc ran for the last time. That favored solutions that allocated a lot of memory in the start of the test (but still inside the actual testing section), while solution allocating a lot of memory in the end, even if they removed all the referneces to it, were punished due the fact that we printed the memory stats before forcing a gc. For heap, the diff between the "Before Setup" and "After Test" should be inspected, since "Before Test" has all the CNPs in memory. When we hit "After test", those CNPs have been garbage collected. New output: root@10fc3f693c5d:/code# go test -tags privileged_tests -v -run '^$' -bench Benchmark_perEPAllow_setPortRulesForID_large -benchmem -benchtime 1x ./pkg/fqdn/dnsproxy goos: linux goarch: amd64 pkg: github.com/cilium/cilium/pkg/fqdn/dnsproxy cpu: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Benchmark_perEPAllow_setPortRulesForID_large Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 5 MiB Sys = 20 MiB NumGC = 6 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 50 MiB Sys = 987 MiB NumGC = 16 After Test (N=1,EPs=20,cache=128) Alloc = 341 MiB HeapInuse = 374 MiB Sys = 987 MiB NumGC = 38 Before Setup (N=1,EPs=20,cache=128) Alloc = 3 MiB HeapInuse = 6 MiB Sys = 987 MiB NumGC = 40 Before Test (N=1,EPs=20,cache=128) Alloc = 32 MiB HeapInuse = 56 MiB Sys = 1020 MiB NumGC = 49 After Test (N=1,EPs=20,cache=128) Alloc = 344 MiB HeapInuse = 378 MiB Sys = 1020 MiB NumGC = 71 Benchmark_perEPAllow_setPortRulesForID_large-7 1 4301736800 ns/op 3047525016 B/op 26526920 allocs/op PASS ok github.com/cilium/cilium/pkg/fqdn/dnsproxy 20.796s Fixes: #19383 Fixes: 38c0036 ("dnsproxy: Add benchmark for large FQDN-based CNPs") Signed-off-by: Odin Ugedal <ougedal@palantir.com> Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Advanced users can configure the LRU size for the cache holding the
compiled regex expressions of FQDN match{Pattern,Name}. This is useful
if users are experiencing high memory usage spikes with many FQDN
policies that have repeated matchPattern or matchName across many
different policies.
Please see second commit msg for the performance benchmark results.
Signed-off-by: Chris Tarazi chris@isovalent.com
Related: #17224