From 059e9f5c468d255f5cd3fca1e670e3cfd1df7f8b Mon Sep 17 00:00:00 2001 From: Ross Tannenbaum Date: Fri, 13 Oct 2023 09:47:50 -0700 Subject: [PATCH 1/2] chore: allow integer env vars (#1289) --- pkg/env/integersetting.go | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 pkg/env/integersetting.go diff --git a/pkg/env/integersetting.go b/pkg/env/integersetting.go new file mode 100644 index 000000000..2ea0f1bdf --- /dev/null +++ b/pkg/env/integersetting.go @@ -0,0 +1,33 @@ +package env + +import ( + "strconv" +) + +// IntegerSetting represents an environment variable which should be parsed into an integer. +type IntegerSetting interface { + Setting + Int() int +} + +type integerSetting struct { + Setting + defaultValue int +} + +// Int returns the int object represented by the environment variable. +func (s *integerSetting) Int() int { + v, err := strconv.Atoi(s.Value()) + if err != nil { + return s.defaultValue + } + return v +} + +// RegisterIntegerSetting globally registers and returns a new integer setting. +func RegisterIntegerSetting(envVar string, defaultValue int, opts ...SettingOption) IntegerSetting { + return &integerSetting{ + Setting: RegisterSetting(envVar, append(opts, WithDefault(strconv.Itoa(defaultValue)))...), + defaultValue: defaultValue, + } +} From fdc8eb0062b0cb3c78d6e68816194c54c5375547 Mon Sep 17 00:00:00 2001 From: Vlad Bologa Date: Fri, 13 Oct 2023 19:49:01 +0200 Subject: [PATCH 2/2] ROX-20122: set gRPC max concurrent streams to 100 (#1287) --- api/grpc/grpc.go | 14 +++++++++++++- pkg/env/list.go | 8 ++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/api/grpc/grpc.go b/api/grpc/grpc.go index e87e8d1db..ed583e1b9 100644 --- a/api/grpc/grpc.go +++ b/api/grpc/grpc.go @@ -13,6 +13,7 @@ import ( grpcprometheus "github.com/grpc-ecosystem/go-grpc-prometheus" "github.com/grpc-ecosystem/grpc-gateway/runtime" log "github.com/sirupsen/logrus" + "github.com/stackrox/scanner/pkg/env" "github.com/stackrox/scanner/pkg/mtls" "google.golang.org/grpc" "google.golang.org/grpc/credentials/insecure" @@ -26,6 +27,14 @@ func init() { grpcprometheus.EnableHandlingTimeHistogram() } +func maxGrpcConcurrentStreams() uint32 { + if env.MaxGrpcConcurrentStreams.Int() <= 0 { + return env.DefaultMaxGrpcConcurrentStreams + } + + return uint32(env.MaxGrpcConcurrentStreams.Int()) +} + // NewAPI creates a new gRPC API instantiation func NewAPI(opts ...ConfigOpts) API { var config Config @@ -60,7 +69,10 @@ func (a *apiImpl) connectToLocalEndpoint() (*grpc.ClientConn, error) { } func (a *apiImpl) Start() { - grpcServer := grpc.NewServer(grpc.ChainUnaryInterceptor(a.config.UnaryInterceptors...)) + grpcServer := grpc.NewServer( + grpc.ChainUnaryInterceptor(a.config.UnaryInterceptors...), + grpc.MaxConcurrentStreams(maxGrpcConcurrentStreams()), + ) for _, serv := range a.apiServices { serv.RegisterServiceServer(grpcServer) } diff --git a/pkg/env/list.go b/pkg/env/list.go index 986bbe998..71c62644b 100644 --- a/pkg/env/list.go +++ b/pkg/env/list.go @@ -2,6 +2,11 @@ package env import "time" +const ( + // DefaultMaxGrpcConcurrentStreams is the minimum value for concurrent streams recommended by the HTTP/2 spec + DefaultMaxGrpcConcurrentStreams = 100 +) + var ( // LanguageVulns enables language vulnerabilities. LanguageVulns = RegisterBooleanSetting("ROX_LANGUAGE_VULNS", true, AllowWithoutRox()) @@ -34,4 +39,7 @@ var ( // NodeScanningMaxBackoff is the upper boundary of backoff. Defaults to 5m in seconds, being 50% of Kubernetes restart policy stability timer. NodeScanningMaxBackoff = registerDurationSetting("ROX_NODE_SCANNING_MAX_BACKOFF", 300*time.Second) + + // MaxGrpcConcurrentStreams configures the maximum number of HTTP/2 streams to use with gRPC + MaxGrpcConcurrentStreams = RegisterIntegerSetting("ROX_GRPC_MAX_CONCURRENT_STREAMS", DefaultMaxGrpcConcurrentStreams) )