-
Notifications
You must be signed in to change notification settings - Fork 76
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nsfs command: simple auth + fix forks flag + fix read_account perf + warmup before buffer pool reads #7307
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Need to fix the lint, deepscan, DCO, and squash
Other than that, LGTM.
1c41453
to
02043c6
Compare
@@ -216,7 +217,7 @@ async function authorize_request_policy(req) { | |||
return; | |||
} | |||
|
|||
const account = await req.object_sdk.rpc_client.account.read_account({}); | |||
const account = req.object_sdk.requesting_account; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jackyalbo @romayalon FYI - this is the fix we discussed, instead of read_account, it reuses the same account_cache that object_sdk uses to check the signatures.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
by default AFM will fetch the 4M block that includes this byte, so if you need 8M we need to set the chunck size for AFM to 12M, the other option is to set the offset to the first byte of the 4M block, in that case we can set the chunck size to 8M, this assume the block size is 4M and that NooBaa is checking for the block size.
src/sdk/namespace_fs.js
Outdated
// Our buffer pool keeps large buffers and we want to avoid spending | ||
// all our large buffers and then have them waiting for high latency calls | ||
// such as reading from archive/on-demand cache files. | ||
// Instead, we detect the case where a file is "sparse", | ||
// and then use just a small buffer to wait for a tiny read, | ||
// which will recall the file from archive or load from remote into cache, | ||
// and once it returns we can continue to the full fledged read. | ||
if (is_sparse_file(stat)) { | ||
dbg.log0('NamespaceFS: read_object_stream - warmup sparse file', { | ||
file_path, pos, size: stat.size, blocks: stat.blocks, | ||
}); | ||
await file.read(fs_context, this.warmup_buffer, 0, 1, pos); | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@eshelmarc This is the logic to improve buffer pool usage -
I only read 1 byte on the current pos, so it assumes that prefetching will get a whole 8MB.
…warmup before buffer pool reads 1. Add simple auth with single access_key secret_key to nsfs command. Previously the nsfs command had no authentication. This adds a single auth for single-tenancy which is the first step. Next the plan is to follow with multi-tenant configuration from a config file, and then integrate with user mapping DBs such as AD. 2. Add --forks flag option (only had an env ENDPOINTS_FORKS option so far), and also fix a bug that prevented from forks to work properly (primary had to return and not listen on same ports). 3. Fix performance regression for small requests caused by read_account() being called every request by authorize_request_policy. Instead, use the accounts_cache which we already maintained for the signature checking. (CC @jackyalbo @romayalon). 4. NSFS reads into warmup buffer to prefetch archived/cached files which are identified by being sparse (CC @eshelmarc) Signed-off-by: Guy Margalit <guymguym@gmail.com>
Explain the changes
Add simple auth with single access_key secret_key to nsfs command. Previously the nsfs command had no authentication. This adds a single auth for single-tenancy which is the first step. Next the plan is to follow with multi-tenant configuration from a config file, and then integrate with user mapping DBs such as AD.
Add --forks flag option (only had an env ENDPOINTS_FORKS option so far), and also fix a bug that prevented from forks to work properly (primary had to return and not listen on same ports).
Fix performance regression for small requests caused by read_account() being called every request by authorize_request_policy. Instead, use the accounts_cache which we already maintained for the signature checking. (CC @jackyalbo @romayalon).
NSFS reads into warmup buffer to prefetch archived/cached files which are identified by being sparse (CC @eshelmarc)
Issues: Fixed #xxx / Gap #xxx
Testing Instructions:
npm -- run nsfs .
npm -- run nsfs --access_key 123 --secret_key XXX .
npm -- run nsfs --forks 4 .