Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
throttles the number of simultaneous kerberos library invocations during authentication #536
Changes proposed in this PR
Why are we making these changes?
This prevents a router from crashing due to too many concurrent calls to the GSS library. The concurrency level controls the number of threads present in the Thread pool and hence throttles the number of concurrent calls to the GSS library. Using the custom thread pool also offloads the relatively expensive native GSS calls to not block the
The Semaphore based solution looks much simpler but can potentially block async threads waiting on the
7 times, most recently
Dec 17, 2018
4 times, most recently
Dec 26, 2018
left a comment
I'm okay adding an additional step to keep the queue size in limit. I think we still need the throttle as the previous issue we ran into was because of the rate at which we were making Kerberos API calls (not sure if there was any sizable queue build-up when the error occurred).