[SERVER-82354] Support bypassing gRPC thread limits for priviledged usecases Created: 20/Oct/23  Updated: 07/Nov/23

Status: Backlog
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: Patrick Freed Assignee: Backlog - Service Architecture
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Service Arch
Participants:

 Description   

Today, it's possible to configure the server to accept connections from certain addresses even if the max number of connections has already been reached (net.maxIncomingConnectionsOverride option), for example to ensure that DB admins can always access the server to perform maintenance.

Currently, maxConnections doesn't apply to gRPC, but the net.grpc.maxThreads limit does, which will cause the server to reject any RPCs once that number has been hit, without any consideration for privileged usecases. We should explore options for how to address this.

A few ideas:

  • Introduce a new net.grpc.maxStreams option, and reuse the privileged users list from net.maxIncomingConnectionsOverride to determine whether an RPC can be permitted to run
  • Allow using a separate port for admin connections

Since ingress gRPC will be running alongside asio, the existing override can continue to be used, so there is a workaround for the time being.



 Comments   
Comment by Patrick Freed [ 07/Nov/23 ]

This isn't super high priority for now since privileged users can still connect via mongorpc. Sending to follow on work for now for further consideration later.

Generated at Thu Feb 08 06:48:59 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.