Skip to content

Commit

Permalink
ROX-20122: set gRPC max concurrent streams to 100 (#1287)
Browse files Browse the repository at this point in the history
  • Loading branch information
vladbologa authored Oct 13, 2023
1 parent c017a55 commit 6361a63
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 1 deletion.
14 changes: 13 additions & 1 deletion api/grpc/grpc.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (
grpcprometheus "github.com/grpc-ecosystem/go-grpc-prometheus"
"github.com/grpc-ecosystem/grpc-gateway/runtime"
log "github.com/sirupsen/logrus"
"github.com/stackrox/scanner/pkg/env"
"github.com/stackrox/scanner/pkg/mtls"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials/insecure"
Expand All @@ -26,6 +27,14 @@ func init() {
grpcprometheus.EnableHandlingTimeHistogram()
}

func maxGrpcConcurrentStreams() uint32 {
if env.MaxGrpcConcurrentStreams.Int() <= 0 {
return env.DefaultMaxGrpcConcurrentStreams
}

return uint32(env.MaxGrpcConcurrentStreams.Int())
}

// NewAPI creates a new gRPC API instantiation
func NewAPI(opts ...ConfigOpts) API {
var config Config
Expand Down Expand Up @@ -60,7 +69,10 @@ func (a *apiImpl) connectToLocalEndpoint() (*grpc.ClientConn, error) {
}

func (a *apiImpl) Start() {
grpcServer := grpc.NewServer(grpc.ChainUnaryInterceptor(a.config.UnaryInterceptors...))
grpcServer := grpc.NewServer(
grpc.ChainUnaryInterceptor(a.config.UnaryInterceptors...),
grpc.MaxConcurrentStreams(maxGrpcConcurrentStreams()),
)
for _, serv := range a.apiServices {
serv.RegisterServiceServer(grpcServer)
}
Expand Down
8 changes: 8 additions & 0 deletions pkg/env/list.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,11 @@ package env

import "time"

const (
// DefaultMaxGrpcConcurrentStreams is the minimum value for concurrent streams recommended by the HTTP/2 spec
DefaultMaxGrpcConcurrentStreams = 100
)

var (
// LanguageVulns enables language vulnerabilities.
LanguageVulns = RegisterBooleanSetting("ROX_LANGUAGE_VULNS", true, AllowWithoutRox())
Expand Down Expand Up @@ -38,4 +43,7 @@ var (
// ActiveVulnMgmt is the same flag in Central that determines if active vulnerability management should be
// enabled and executables should be pulled from the database
ActiveVulnMgmt = RegisterBooleanSetting("ROX_ACTIVE_VULN_MGMT", false)

// MaxGrpcConcurrentStreams configures the maximum number of HTTP/2 streams to use with gRPC
MaxGrpcConcurrentStreams = RegisterIntegerSetting("ROX_GRPC_MAX_CONCURRENT_STREAMS", DefaultMaxGrpcConcurrentStreams)
)

0 comments on commit 6361a63

Please sign in to comment.