Rate limiter #278
Rate limiter #278
Conversation
andrew4699
requested review from
jbonofre,
ashvina,
RussellSpitzer,
snazy,
vvcephei,
takidau and
jackye1995
as code owners
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/ClockImpl.java
Outdated
Show resolved
Hide resolved
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiter.java
Outdated
Show resolved
Hide resolved
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/OpenTelemetryClock.java
Outdated
Show resolved
Hide resolved
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiterFactory.java
Outdated
Show resolved
Hide resolved
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiterFactory.java
Outdated
Show resolved
Hide resolved
...ris-service/src/test/java/org/apache/polaris/service/ratelimiter/MockRateLimiterFactory.java
Outdated
Show resolved
Hide resolved
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiterFilter.java
Outdated
Show resolved
Hide resolved
...s-service/src/main/java/org/apache/polaris/service/ratelimiter/OpenTelemetryRateLimiter.java
Outdated
Show resolved
Hide resolved
...s-service/src/main/java/org/apache/polaris/service/ratelimiter/OpenTelemetryRateLimiter.java
Outdated
Show resolved
Hide resolved
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiterFilter.java
Outdated
Show resolved
Hide resolved
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiterFilter.java
Outdated
Show resolved
Hide resolved
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiterFilter.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Thanks for the contribution @andrew4699!
Adding protections to the service is a great thing! However, I see a couple of issues with the approach, added a couple of comments to this PR. It's mostly about concurrency and blocking behavior.
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiterFilter.java
Outdated
Show resolved
Hide resolved
...s-service/src/main/java/org/apache/polaris/service/ratelimiter/OpenTelemetryRateLimiter.java
Outdated
Show resolved
Hide resolved
polaris-service/src/test/java/org/apache/polaris/service/ratelimiter/AsyncFallbackTest.java
Show resolved
Hide resolved
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiterFactory.java
Outdated
Show resolved
Hide resolved
...-service/src/main/java/org/apache/polaris/service/ratelimiter/DefaultRateLimiterFactory.java
Outdated
Show resolved
Hide resolved
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/ClockImpl.java
Outdated
Show resolved
Hide resolved
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiterFilter.java
Show resolved
Hide resolved
...ris-service/src/main/java/org/apache/polaris/service/ratelimiter/NoOpRateLimiterFactory.java
Outdated
Show resolved
Hide resolved
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiterFilter.java
Show resolved
Hide resolved
andrew4699
force-pushed
the
aguterman-rate-limiter
branch
from
cb7f381
to
7ce9662
Compare
There was a problem hiding this comment.
Thanks for refactoring the CHM stuff - that's much cleaner and safer IMO.
I'm generally okay with this change.
Wonder though whether Guava's RateLimiter would fit the needs though - but I don't see it as a blocker for this PR.
I'll be somewhat unavailable in the next couple of days, so if there's anybody else who can review as well and happy with it, I'm okay with merging.
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiterFilter.java
Show resolved
Hide resolved
| * maximum amount of tokens. Each "acquire" costs 1 token. | ||
| */ | ||
| public class TokenBucketRateLimiter implements RateLimiter { | ||
| private final double tokensPerNano; |
There was a problem hiding this comment.
Those doubles could all be longs.
I wonder though whether com.google.common.util.concurrent.RateLimiter wouldn't satisfy the need as well. Using the Guava one could save some testing pain ;) OTOH it uses Guava's clock/watch stuff.
There was a problem hiding this comment.
I was looking into the different rate limiters that are already pulled in by our dependencies and did see that one, however it doesn't seem to support a custom window size. I had originally pulled in the OpenTelemetry one because it was basically equivalent to what I wanted, but didn't realize that it was an internal package. I figured since the implementation is small enough, it was better to just implement it than to try finding a new library for it.
There was a problem hiding this comment.
Updated most of the doubles to longs.
polaris-service/src/main/java/org/apache/polaris/service/ratelimiter/RateLimiter.java
Show resolved
Hide resolved
Description
Adds a rate limiter to protect against DoS-style attacks.
There are 3 implementations to choose from:
Implementations are dynamically discoverable through META-INF and there are interfaces so you can plug your own.
Type of change
How Has This Been Tested?
Checklist: