Comments (6)
Hi @kostasrim,
Thank you, I changed the title of the issue accordingly. Makes sense, then this is something I can ignore in my code for now. Also I didn't think of disconnection after ACL modification.
FWIW, I think there's a better design about the connection management when ACLs are modified: why does DF have to abort all
connections given there's a way to select the relevant connections and abort only the modified ones? Overall this would then lead to client disconnect whenever user adds, deletes, modifies a user in the ACL file and it doesn't sound desirable to me for large clusters(with many users) with demanding uptime requirements for example.
from dragonfly.
I also fixed both of the issues you created so you won't see those incompatibility issues in the next release :)
from dragonfly.
Hi @safa-topal,
I don't think this is a bug because of ACL LOAD semantics: regardless of the user the server must kill all the currently open connections and then load the new users
. This is for security reasons, since we can't really know priory which of the users exist on the new acl file and therefore all connections must be killed.
I remember testing this with redis back when I implemented ACL but I double checked again today. The only difference I see, is that ACL LOAD
in redis does not print directly in redis-cli that the server closed the connection. This is because we kill the connections and never return to the client an OK
message which I agree is misleading
and I shall patch this soon
but if you check with ACL LIST
the acl file was loaded corrrectly. For redis-server, when I try to issue a new command in redis-cli after an acl-load it will complain with: Error: Server closed the connection
.
All in all,
- I shall fix that we don't return
OK
to the client. - Plz ignore this for now since there are no really functional changes other than the missing
OK
message
from dragonfly.
FWIW, I think there's a better design about the connection management when ACLs are modified: why does DF have to abort all connections given there's a way to select the relevant connections and abort only the modified ones?
Yes we do have a mechanism to filter out connections and I did think of this approach initially but that would:
- Break the spec and the compatibility with ACL in Redis. When a user is deleted or the aclfile is reloaded, all users are killed.
- Maybe it degrades the system because now for each user and connection you need to re-verify the passwords, so if I have 1k connections then I would need to check 1k passwords! Moreover, redis supports multiple passwords per user (which currently DF doesn't but we might extend) and that would also add an extra layer of checks.
Overall this would then lead to client disconnect whenever user adds, deletes, modifies a user in the ACL file and it doesn't sound desirable to me for large clusters(with many users) with demanding uptime requirements for example.
This is not true, if we update a user they won't disconnect. So for example, if I am user Kostas
and you decide as admin that my admin
tag should be revoked then you issue an ACL SETUSER -@admin
and voila, Kostas is no longer an admin (and my connections are not dropped). However, if I delete you or ACL LOAD
then the connection will die. So ACL LOAD
act as ACL DELUSER
for all users.
I am not saying this is optimal but it's there for compatibility reasons.
from dragonfly.
Overall this would then lead to client disconnect whenever user adds, deletes, modifies a user in the ACL file and it doesn't sound desirable to me for large clusters(with many users) with demanding uptime requirements for example.
This is not true, if we update a user they won't disconnect. So for example, if I am user Kostas and you decide as admin that my admin tag should be revoked then you issue an ACL SETUSER -@admin and voila, Kostas is no longer an admin (and my connections are not dropped). However, if I delete you or ACL LOAD then the connection will die. So ACL LOAD act as ACL DELUSER for all users.
OK I got your point, however it's still true for our use-case because we don't use SETUSER
, DELUSER
etc, we update the acl file and then issue ACL LOAD
command.
Overall, Redis way doing ACL LOAD
is not that good when it comes to connection management I think and I understand the concern to stay compatible with Redis behavior.
I also fixed both of the issues you created so you won't see those incompatibility issues in the next release :)
Much appreciated 💯
from dragonfly.
Overall, Redis way doing ACL LOAD is not that good when it comes to connection management I think and I understand the concern to stay compatible with Redis behavior.
Yep and I would be hesitant to provide an extension unless it's an absolute must (for obvious reasons, if we start extending commands for use cases we are drifting away from)
Anyway, let me know if something comes up :)
Best regards!
from dragonfly.
Related Issues (20)
- stable sync replication dcheck fails over long latency connections
- random crash on mimalloc when df was shut down via signal (ctrl+c) HOT 1
- Horizontal Scaling HOT 1
- fix mimalloc with 32MiB segments
- Running DragonFly on Mac M1 - getting error HOT 7
- cluster_fuzzymigration test failure
- FLUSHALL during slot migration causes assert failure HOT 1
- Memcached flags loses during load from snapshot
- implement CLIENT SETINFO
- Dragonfly (rarely) crashes on connection termination during migration HOT 1
- Search: Custom delimiter for tags HOT 2
- Search: FT.ALTER HOT 1
- Search: Escape sequences
- Keyspace notifications HOT 1
- acl smal compatibility changes
- Dragonfly sometimes fails with OOM even when `--cache_mode=true` HOT 1
- Implement OPTOUT and NOLOOP for CLIENT TRACKING
- When build the dockerfile from tools/package i am not able to build it successfully HOT 7
- GEOSEARCH still "PARTIALLY SUPPORTED" HOT 1
- segment_allocator.cc:24] address_table_ map is growing too large: 4129 HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dragonfly.