From b7f31936e21b109b5446c48513619cd87974be54 Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Tue, 31 Mar 2020 22:57:25 +0200 Subject: [PATCH 33/35] NSS: make memcache size configurable in megabytes Memcache size was made configurable in megabytes and not in slots to hide internal implementation from users. Relates: https://github.com/SSSD/sssd/issues/5115 Reviewed-by: Sumit Bose --- src/config/SSSDConfig/sssdoptions.py | 6 ++--- src/man/sssd.conf.5.xml | 33 +++++++++++++--------------- src/responder/nss/nsssrv.c | 20 +++++++++-------- 3 files changed, 29 insertions(+), 30 deletions(-) diff --git a/src/config/SSSDConfig/sssdoptions.py b/src/config/SSSDConfig/sssdoptions.py index 16d85cfa3..f57ad4b41 100644 --- a/src/config/SSSDConfig/sssdoptions.py +++ b/src/config/SSSDConfig/sssdoptions.py @@ -72,9 +72,9 @@ class SSSDOptions(object): 'shell_fallback': _('If a shell stored in central directory is allowed but not available, use this fallback'), 'default_shell': _('Shell to use if the provider does not list one'), 'memcache_timeout': _('How long will be in-memory cache records valid'), - 'memcache_size_passwd': _('Number of slots in fast in-memory cache for passwd requests'), - 'memcache_size_group': _('Number of slots in fast in-memory cache for group requests'), - 'memcache_size_initgroups': _('Number of slots in fast in-memory cache for initgroups requests'), + 'memcache_size_passwd': _('Size (in megabytes) of the data table allocated inside fast in-memory cache for passwd requests'), + 'memcache_size_group': _('Size (in megabytes) of the data table allocated inside fast in-memory cache for group requests'), + 'memcache_size_initgroups': _('Size (in megabytes) of the data table allocated inside fast in-memory cache for initgroups requests'), 'homedir_substring': _('The value of this option will be used in the expansion of the override_homedir option ' 'if the template contains the format string %H.'), 'get_domains_timeout': _('Specifies time in seconds for which the list of subdomains will be considered ' diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 9bc2e26e5..874a09c49 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -1076,7 +1076,7 @@ fallback_homedir = /home/%u - memcache_timeout (int) + memcache_timeout (integer) Specifies time in seconds for which records @@ -1104,14 +1104,13 @@ fallback_homedir = /home/%u memcache_size_passwd (integer) - Number of slots allocated inside fast in-memory - cache for passwd requests. Note that one entry - in fast in-memory cache can occupy more than one slot. - Setting the size to 0 will disable the passwd in-memory - cache. + Size (in megabytes) of the data table allocated inside + fast in-memory cache for passwd requests. + Setting the size to 0 will disable the passwd + in-memory cache. - Default: 200000 + Default: 8 WARNING: Disabled or too small in-memory cache can @@ -1130,14 +1129,13 @@ fallback_homedir = /home/%u memcache_size_group (integer) - Number of slots allocated inside fast in-memory - cache for group requests. Note that one entry - in fast in-memory cache can occupy more than one - slot. Setting the size to 0 will disable the group + Size (in megabytes) of the data table allocated inside + fast in-memory cache for group requests. + Setting the size to 0 will disable the group in-memory cache. - Default: 150000 + Default: 6 WARNING: Disabled or too small in-memory cache can @@ -1156,14 +1154,13 @@ fallback_homedir = /home/%u memcache_size_initgroups (integer) - Number of slots allocated inside fast in-memory - cache for initgroups requests. Note that one entry - in fast in-memory cache can occupy more than one - slot. Setting the size to 0 will disable the - initgroups in-memory cache. + Size (in megabytes) of the data table allocated inside + fast in-memory cache for initgroups requests. + Setting the size to 0 will disable the initgroups + in-memory cache. - Default: 250000 + Default: 10 WARNING: Disabled or too small in-memory cache can diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c index 42a63d9bb..741e94aaa 100644 --- a/src/responder/nss/nsssrv.c +++ b/src/responder/nss/nsssrv.c @@ -34,6 +34,7 @@ #include "util/util.h" #include "util/sss_ptr_hash.h" +#include "util/mmap_cache.h" #include "responder/nss/nss_private.h" #include "responder/nss/nss_iface.h" #include "responder/nss/nsssrv_mmap_cache.h" @@ -210,9 +211,10 @@ done: static int setup_memcaches(struct nss_ctx *nctx) { /* Default memcache sizes */ - static const size_t SSS_MC_CACHE_PASSWD_SLOTS = 200000; /* 8mb */ - static const size_t SSS_MC_CACHE_GROUP_SLOTS = 150000; /* 6mb */ - static const size_t SSS_MC_CACHE_INITGROUP_SLOTS = 250000; /* 10mb */ + static const size_t SSS_MC_CACHE_SLOTS_PER_MB = 1024*1024/MC_SLOT_SIZE; + static const size_t SSS_MC_CACHE_PASSWD_SIZE = 8; + static const size_t SSS_MC_CACHE_GROUP_SIZE = 6; + static const size_t SSS_MC_CACHE_INITGROUP_SIZE = 10; int ret; int memcache_timeout; @@ -251,7 +253,7 @@ static int setup_memcaches(struct nss_ctx *nctx) ret = confdb_get_int(nctx->rctx->cdb, CONFDB_NSS_CONF_ENTRY, CONFDB_NSS_MEMCACHE_SIZE_PASSWD, - SSS_MC_CACHE_PASSWD_SLOTS, + SSS_MC_CACHE_PASSWD_SIZE, &mc_size_passwd); if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, @@ -263,7 +265,7 @@ static int setup_memcaches(struct nss_ctx *nctx) ret = confdb_get_int(nctx->rctx->cdb, CONFDB_NSS_CONF_ENTRY, CONFDB_NSS_MEMCACHE_SIZE_GROUP, - SSS_MC_CACHE_GROUP_SLOTS, + SSS_MC_CACHE_GROUP_SIZE, &mc_size_group); if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, @@ -275,7 +277,7 @@ static int setup_memcaches(struct nss_ctx *nctx) ret = confdb_get_int(nctx->rctx->cdb, CONFDB_NSS_CONF_ENTRY, CONFDB_NSS_MEMCACHE_SIZE_INITGROUPS, - SSS_MC_CACHE_INITGROUP_SLOTS, + SSS_MC_CACHE_INITGROUP_SIZE, &mc_size_initgroups); if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, @@ -290,7 +292,7 @@ static int setup_memcaches(struct nss_ctx *nctx) ret = sss_mmap_cache_init(nctx, "passwd", nctx->mc_uid, nctx->mc_gid, SSS_MC_PASSWD, - mc_size_passwd, + mc_size_passwd * SSS_MC_CACHE_SLOTS_PER_MB, (time_t)memcache_timeout, &nctx->pwd_mc_ctx); if (ret) { @@ -310,7 +312,7 @@ static int setup_memcaches(struct nss_ctx *nctx) ret = sss_mmap_cache_init(nctx, "group", nctx->mc_uid, nctx->mc_gid, SSS_MC_GROUP, - mc_size_group, + mc_size_group * SSS_MC_CACHE_SLOTS_PER_MB, (time_t)memcache_timeout, &nctx->grp_mc_ctx); if (ret) { @@ -330,7 +332,7 @@ static int setup_memcaches(struct nss_ctx *nctx) ret = sss_mmap_cache_init(nctx, "initgroups", nctx->mc_uid, nctx->mc_gid, SSS_MC_INITGROUPS, - mc_size_initgroups, + mc_size_initgroups * SSS_MC_CACHE_SLOTS_PER_MB, (time_t)memcache_timeout, &nctx->initgr_mc_ctx); if (ret) { -- 2.21.3