Increase IAM refresh rate to every 10 mins (#14661)

Add timing information for IAM init and refresh
This commit is contained in:
Aditya Manthramurthy 2022-03-30 17:02:59 -07:00 committed by GitHub
parent ba17d46f15
commit fc9668baa5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 18 additions and 3 deletions

View File

@ -102,7 +102,7 @@ const (
GlobalStaleUploadsCleanupInterval = time.Hour * 6 // 6 hrs. GlobalStaleUploadsCleanupInterval = time.Hour * 6 // 6 hrs.
// Refresh interval to update in-memory iam config cache. // Refresh interval to update in-memory iam config cache.
globalRefreshIAMInterval = 30 * time.Minute globalRefreshIAMInterval = 10 * time.Minute
// Limit of location constraint XML for unauthenticated PUT bucket operations. // Limit of location constraint XML for unauthenticated PUT bucket operations.
maxLocationConstraintSize = 3 * humanize.MiByte maxLocationConstraintSize = 3 * humanize.MiByte

View File

@ -199,6 +199,8 @@ func (sys *IAMSys) Load(ctx context.Context) error {
// Init - initializes config system by reading entries from config/iam // Init - initializes config system by reading entries from config/iam
func (sys *IAMSys) Init(ctx context.Context, objAPI ObjectLayer, etcdClient *etcd.Client, iamRefreshInterval time.Duration) { func (sys *IAMSys) Init(ctx context.Context, objAPI ObjectLayer, etcdClient *etcd.Client, iamRefreshInterval time.Duration) {
iamInitStart := time.Now()
sys.Lock() sys.Lock()
defer sys.Unlock() defer sys.Unlock()
@ -269,6 +271,8 @@ func (sys *IAMSys) Init(ctx context.Context, objAPI ObjectLayer, etcdClient *etc
break break
} }
iamLoadStart := time.Now()
// Load IAM data from storage. // Load IAM data from storage.
for { for {
if err := sys.Load(retryCtx); err != nil { if err := sys.Load(retryCtx); err != nil {
@ -334,7 +338,8 @@ func (sys *IAMSys) Init(ctx context.Context, objAPI ObjectLayer, etcdClient *etc
sys.printIAMRoles() sys.printIAMRoles()
logger.Info("Finished loading IAM sub-system.") now := time.Now()
logger.Info("Finished loading IAM sub-system (took %.1fs of %.1fs to load data).", now.Sub(iamLoadStart).Seconds(), now.Sub(iamInitStart).Seconds())
} }
// Prints IAM role ARNs. // Prints IAM role ARNs.
@ -373,15 +378,25 @@ func (sys *IAMSys) watch(ctx context.Context) {
return return
} }
var maxRefreshDurationSecondsForLog float64 = 10
// Fall back to loading all items periodically // Fall back to loading all items periodically
ticker := time.NewTicker(sys.iamRefreshInterval) ticker := time.NewTicker(sys.iamRefreshInterval)
defer ticker.Stop() defer ticker.Stop()
for { for {
select { select {
case <-ticker.C: case <-ticker.C:
refreshStart := time.Now()
if err := sys.Load(ctx); err != nil { if err := sys.Load(ctx); err != nil {
logger.LogIf(ctx, fmt.Errorf("Failure in periodic refresh for IAM: %v", err)) logger.LogIf(ctx, fmt.Errorf("Failure in periodic refresh for IAM (took %.2fs): %v", time.Since(refreshStart).Seconds(), err))
} else {
took := time.Since(refreshStart).Seconds()
if took > maxRefreshDurationSecondsForLog {
// Log if we took a lot of time to load.
logger.Info("IAM refresh took %.2fs", took)
} }
}
case <-ctx.Done(): case <-ctx.Done():
return return
} }