Conversation
* Added full terminal reset after ssh session exit (clears scrollback etc.) * Fixes randomly eaten first characters typed after ssh session exit (stdin race condition) * Fixed random duplicate typed characters (echo)
#1908) - Added `move` to the list of `apply-action` choices, which will move all returned users to a node - specified with `target-node` - Added `all` to the list of `status` choices, returning invited, active and locked users with `d=0` - Fixed an issue where the users updated with `apply-action` are not the same as those filtered with the `node` argument. - Fixed a potential unwanted behavior where the `node` argument returns a recursive node and subnodes search, preventing you from applying actions to a specific node if it has subnodes. By default, using the `node` argument will only return result from the specified node. - Added a `recursive` argument to replicate the old behavior with `node` filter.
* Implement convert-all command * Refactor Convert and Convert-all classes along with a ConvertHelper for common methods
… and control correction
…ttle storm Add thread-safe caching with 60s TTL to get_all_gateways() which calls keeperapp's pam/get_controllers endpoint. Under concurrent load, multiple threads sharing the same cached result instead of each making independent API calls. Prevents exceeding the server-side rate limit (10 req/10s) and the resulting cascading throttle loop. Cache is invalidated on gateway removal to prevent stale data.
maksimu
changed the title
| include_config_dict=True) | ||
|
|
||
| one_time_token = config_str_and_config_dict.get('config_str') | ||
|
|
Contributor
There was a problem hiding this comment.
Might be worth adding invalidate_gateway_cache() in create_gateway() as well, similar to remove_gateway().
In edit.py, get_all_gateways() is called at line 344 to check name uniqueness, which populates the cache. A new gateway is then created using create_gateway() at line 360, followed by another call to get_all_gateways() at line 376 to fetch the new gateway’s UID.
Since these calls happen back-to-back, the second call may hit stale cached data, causing the newly created gateway to not be found.
sk-keeper
force-pushed
the
release
branch
3 times, most recently
from
442d7af to
9ec9b7a
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
11 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add thread-safe caching (60s TTL) to
get_all_gateways()which calls keeperapp'spam/get_controllers. Under concurrent load, multiple service threads now share a single cached result instead of each making independent API calls - preventing the server-side rate limit (10 req/10s) from being exceeded and eliminating the cascading throttle loop.Context
When someone running Service Mode in Containers the calls might get throttled on
pam/get_controllers. When multiple PAM commands execute concurrently, each independently callsget_all_gateways(), overwhelming the rate limit. Throttled requests retry with 30s backoff, but the caller times out and retries sooner, spawning new threads that compound the problem.