From b7f31936e21b109b5446c48513619cd87974be54 Mon Sep 17 00:00:00 2001
From: Alexey Tikhonov <atikhono@redhat.com>
Date: Tue, 31 Mar 2020 22:57:25 +0200
Subject: [PATCH 33/35] NSS: make memcache size configurable in megabytes
Memcache size was made configurable in megabytes and not in slots
to hide internal implementation from users.
Relates: https://github.com/SSSD/sssd/issues/5115
Reviewed-by: Sumit Bose <sbose@redhat.com>
---
src/config/SSSDConfig/sssdoptions.py | 6 ++---
src/man/sssd.conf.5.xml | 33 +++++++++++++---------------
src/responder/nss/nsssrv.c | 20 +++++++++--------
3 files changed, 29 insertions(+), 30 deletions(-)
diff --git a/src/config/SSSDConfig/sssdoptions.py b/src/config/SSSDConfig/sssdoptions.py
index 16d85cfa3..f57ad4b41 100644
--- a/src/config/SSSDConfig/sssdoptions.py
+++ b/src/config/SSSDConfig/sssdoptions.py
@@ -72,9 +72,9 @@ class SSSDOptions(object):
'shell_fallback': _('If a shell stored in central directory is allowed but not available, use this fallback'),
'default_shell': _('Shell to use if the provider does not list one'),
'memcache_timeout': _('How long will be in-memory cache records valid'),
- 'memcache_size_passwd': _('Number of slots in fast in-memory cache for passwd requests'),
- 'memcache_size_group': _('Number of slots in fast in-memory cache for group requests'),
- 'memcache_size_initgroups': _('Number of slots in fast in-memory cache for initgroups requests'),
+ 'memcache_size_passwd': _('Size (in megabytes) of the data table allocated inside fast in-memory cache for passwd requests'),
+ 'memcache_size_group': _('Size (in megabytes) of the data table allocated inside fast in-memory cache for group requests'),
+ 'memcache_size_initgroups': _('Size (in megabytes) of the data table allocated inside fast in-memory cache for initgroups requests'),
'homedir_substring': _('The value of this option will be used in the expansion of the override_homedir option '
'if the template contains the format string %H.'),
'get_domains_timeout': _('Specifies time in seconds for which the list of subdomains will be considered '
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index 9bc2e26e5..874a09c49 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -1076,7 +1076,7 @@ fallback_homedir = /home/%u
</listitem>
</varlistentry>
<varlistentry>
- <term>memcache_timeout (int)</term>
+ <term>memcache_timeout (integer)</term>
<listitem>
<para>
Specifies time in seconds for which records
@@ -1104,14 +1104,13 @@ fallback_homedir = /home/%u
<term>memcache_size_passwd (integer)</term>
<listitem>
<para>
- Number of slots allocated inside fast in-memory
- cache for passwd requests. Note that one entry
- in fast in-memory cache can occupy more than one slot.
- Setting the size to 0 will disable the passwd in-memory
- cache.
+ Size (in megabytes) of the data table allocated inside
+ fast in-memory cache for passwd requests.
+ Setting the size to 0 will disable the passwd
+ in-memory cache.
</para>
<para>
- Default: 200000
+ Default: 8
</para>
<para>
WARNING: Disabled or too small in-memory cache can
@@ -1130,14 +1129,13 @@ fallback_homedir = /home/%u
<term>memcache_size_group (integer)</term>
<listitem>
<para>
- Number of slots allocated inside fast in-memory
- cache for group requests. Note that one entry
- in fast in-memory cache can occupy more than one
- slot. Setting the size to 0 will disable the group
+ Size (in megabytes) of the data table allocated inside
+ fast in-memory cache for group requests.
+ Setting the size to 0 will disable the group
in-memory cache.
</para>
<para>
- Default: 150000
+ Default: 6
</para>
<para>
WARNING: Disabled or too small in-memory cache can
@@ -1156,14 +1154,13 @@ fallback_homedir = /home/%u
<term>memcache_size_initgroups (integer)</term>
<listitem>
<para>
- Number of slots allocated inside fast in-memory
- cache for initgroups requests. Note that one entry
- in fast in-memory cache can occupy more than one
- slot. Setting the size to 0 will disable the
- initgroups in-memory cache.
+ Size (in megabytes) of the data table allocated inside
+ fast in-memory cache for initgroups requests.
+ Setting the size to 0 will disable the initgroups
+ in-memory cache.
</para>
<para>
- Default: 250000
+ Default: 10
</para>
<para>
WARNING: Disabled or too small in-memory cache can
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c
index 42a63d9bb..741e94aaa 100644
--- a/src/responder/nss/nsssrv.c
+++ b/src/responder/nss/nsssrv.c
@@ -34,6 +34,7 @@
#include "util/util.h"
#include "util/sss_ptr_hash.h"
+#include "util/mmap_cache.h"
#include "responder/nss/nss_private.h"
#include "responder/nss/nss_iface.h"
#include "responder/nss/nsssrv_mmap_cache.h"
@@ -210,9 +211,10 @@ done:
static int setup_memcaches(struct nss_ctx *nctx)
{
/* Default memcache sizes */
- static const size_t SSS_MC_CACHE_PASSWD_SLOTS = 200000; /* 8mb */
- static const size_t SSS_MC_CACHE_GROUP_SLOTS = 150000; /* 6mb */
- static const size_t SSS_MC_CACHE_INITGROUP_SLOTS = 250000; /* 10mb */
+ static const size_t SSS_MC_CACHE_SLOTS_PER_MB = 1024*1024/MC_SLOT_SIZE;
+ static const size_t SSS_MC_CACHE_PASSWD_SIZE = 8;
+ static const size_t SSS_MC_CACHE_GROUP_SIZE = 6;
+ static const size_t SSS_MC_CACHE_INITGROUP_SIZE = 10;
int ret;
int memcache_timeout;
@@ -251,7 +253,7 @@ static int setup_memcaches(struct nss_ctx *nctx)
ret = confdb_get_int(nctx->rctx->cdb,
CONFDB_NSS_CONF_ENTRY,
CONFDB_NSS_MEMCACHE_SIZE_PASSWD,
- SSS_MC_CACHE_PASSWD_SLOTS,
+ SSS_MC_CACHE_PASSWD_SIZE,
&mc_size_passwd);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
@@ -263,7 +265,7 @@ static int setup_memcaches(struct nss_ctx *nctx)
ret = confdb_get_int(nctx->rctx->cdb,
CONFDB_NSS_CONF_ENTRY,
CONFDB_NSS_MEMCACHE_SIZE_GROUP,
- SSS_MC_CACHE_GROUP_SLOTS,
+ SSS_MC_CACHE_GROUP_SIZE,
&mc_size_group);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
@@ -275,7 +277,7 @@ static int setup_memcaches(struct nss_ctx *nctx)
ret = confdb_get_int(nctx->rctx->cdb,
CONFDB_NSS_CONF_ENTRY,
CONFDB_NSS_MEMCACHE_SIZE_INITGROUPS,
- SSS_MC_CACHE_INITGROUP_SLOTS,
+ SSS_MC_CACHE_INITGROUP_SIZE,
&mc_size_initgroups);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
@@ -290,7 +292,7 @@ static int setup_memcaches(struct nss_ctx *nctx)
ret = sss_mmap_cache_init(nctx, "passwd",
nctx->mc_uid, nctx->mc_gid,
SSS_MC_PASSWD,
- mc_size_passwd,
+ mc_size_passwd * SSS_MC_CACHE_SLOTS_PER_MB,
(time_t)memcache_timeout,
&nctx->pwd_mc_ctx);
if (ret) {
@@ -310,7 +312,7 @@ static int setup_memcaches(struct nss_ctx *nctx)
ret = sss_mmap_cache_init(nctx, "group",
nctx->mc_uid, nctx->mc_gid,
SSS_MC_GROUP,
- mc_size_group,
+ mc_size_group * SSS_MC_CACHE_SLOTS_PER_MB,
(time_t)memcache_timeout,
&nctx->grp_mc_ctx);
if (ret) {
@@ -330,7 +332,7 @@ static int setup_memcaches(struct nss_ctx *nctx)
ret = sss_mmap_cache_init(nctx, "initgroups",
nctx->mc_uid, nctx->mc_gid,
SSS_MC_INITGROUPS,
- mc_size_initgroups,
+ mc_size_initgroups * SSS_MC_CACHE_SLOTS_PER_MB,
(time_t)memcache_timeout,
&nctx->initgr_mc_ctx);
if (ret) {
--
2.21.3