Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduce in-memory caching package #766

Merged
merged 1 commit into from
Jun 14, 2024
Merged

Conversation

souleb
Copy link
Member

@souleb souleb commented Apr 25, 2024

This PR will allow caching the authentication credentials retrieved by pkg/oci/auth. It should also enable future usage of the caching underlying mechanism.

Part of: #642

Store design

The store is K/V store that can store arbitrary objects. The store interface is a simplified version of client go store. If an object can be cached there, it should be in our store implementations. This is desirable, because the primary envisioned place for the store usage is during a reconciliation of custom resources retrieved from a shared informer cache.

The keys are generated dynamically with deterministic function. Accepting a function instead of key strings enables user to determine themselves the keys uniqueness constraint.

They store must be thread safe, it should support concurrent programs.

There are 2 main uses cases:

    1. cache authentication credentials. A credentials key is written, read and overwritten multiple times by a single goroutine. If we plan to store a credential and refresh it every 6 hours and read every 30 minutes(reconciliation interval), the read/write ratio is 12:1. This is a likely scenario. Authentication credentials are expirable.
    1. cache helm indexes. The new Store interface and underlying implementation should allow replacing https://github.com/fluxcd/source-controller/tree/main/internal/cache which is today used to cache helm indexes. A helm index is written, read and overwritten multiple times by multiple goroutines. Usually an index is stored and read multiple times (reconciliation of all dependent custom resources * interval) before being overwritten by a new version. It is read intensive. An index is read from local storage before being cached, if the cache is full, we could have several Custom Resources loading the same index in memory, in order to avoid that, we should evict older keys to make room.

Based on the two scenario above, the store should be optimized for reads.

We also have a scenario that needs keys to expirable and another that need them be evicted based on usage.

Hence two implementations are provided:

  • An expirable store for use case 1
  • An LRU cache for use case 2

@souleb souleb requested a review from a team as a code owner April 25, 2024 15:17
@souleb souleb marked this pull request as draft April 25, 2024 15:17
cache/cache.go Outdated Show resolved Hide resolved
cache/lru.go Outdated Show resolved Hide resolved
cache/metrics.go Outdated Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
@souleb souleb force-pushed the enable-cachin-auth-tokens branch from f79844e to f5a5a36 Compare May 3, 2024 13:27
@errordeveloper
Copy link
Contributor

errordeveloper commented May 8, 2024

Thanks for working on this, @souleb!

The store interface is a simplified version of client go store.

It would be handy to have a link in the code. At the moment this is only mentioned in a commit message and PR description.

What may need to be made more explicit is that the sore is persisted to a file.

@souleb
Copy link
Member Author

souleb commented May 18, 2024

Thanks for working on this, @souleb!

The store interface is a simplified version of client go store.

It would be handy to have a link in the code. At the moment this is only mentioned in a commit message and PR description.

What may need to be made more explicit is that the sore is persisted to a file.

There is a comment in store.go pointing to https://pkg.go.dev/k8s.io/client-go/tools/cache#Store.

Persisting to a file will be made in a follow up PR where we will outline the use case we have for it.

@souleb souleb force-pushed the enable-cachin-auth-tokens branch 4 times, most recently from 8eec6c2 to 4ddba8d Compare May 19, 2024 21:24
@souleb souleb marked this pull request as ready for review May 19, 2024 21:24
@souleb souleb force-pushed the enable-cachin-auth-tokens branch from 4ddba8d to a108669 Compare May 19, 2024 21:51
@stefanprodan stefanprodan changed the title Auth token caching Introduce in-memory caching package May 23, 2024
Copy link
Member

@stefanprodan stefanprodan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Thanks @souleb 🏅

cache/store.go Outdated Show resolved Hide resolved
cache/store.go Outdated Show resolved Hide resolved
cache/store.go Show resolved Hide resolved
cache/store.go Outdated Show resolved Hide resolved
cache/store.go Show resolved Hide resolved
cache/store.go Outdated Show resolved Hide resolved
cache/cache.go Show resolved Hide resolved
@souleb souleb force-pushed the enable-cachin-auth-tokens branch from a108669 to c6ec0fb Compare June 4, 2024 08:50
cache/cache.go Outdated Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
cache/cache_test.go Outdated Show resolved Hide resolved
cache/cache.go Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
cache/cache.go Show resolved Hide resolved
cache/lru.go Outdated Show resolved Hide resolved
@souleb souleb force-pushed the enable-cachin-auth-tokens branch from c6ec0fb to 6b7b355 Compare June 10, 2024 13:08
cache/cache.go Outdated Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
@souleb souleb force-pushed the enable-cachin-auth-tokens branch from 0e91350 to b5172d8 Compare June 12, 2024 11:25
@souleb souleb force-pushed the enable-cachin-auth-tokens branch 5 times, most recently from fb60104 to eae3ead Compare June 12, 2024 13:38
cache/cache.go Outdated Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
cache/cache.go Outdated Show resolved Hide resolved
@souleb souleb force-pushed the enable-cachin-auth-tokens branch from eae3ead to f133773 Compare June 12, 2024 15:44
cache/lru.go Outdated Show resolved Hide resolved
@souleb souleb force-pushed the enable-cachin-auth-tokens branch 3 times, most recently from 61b728f to fdefd65 Compare June 14, 2024 13:26
Copy link
Contributor

@darkowlzz darkowlzz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!
Thanks for all the clarifications and considerations.

The store interface is a simplified version of client go store. If an
object can be cached there, it should be in our store implementations.

We also provide a default way to generate keys, but we allow users to
provide their own function. This should enable all needed levels of
isolation.

The provided implementations are an expiring cache and a LRU cache.

The cache is self-instrumented.

Signed-off-by: Soule BA <[email protected]>
@souleb souleb force-pushed the enable-cachin-auth-tokens branch from fdefd65 to d838d8a Compare June 14, 2024 14:20
@souleb souleb merged commit 61276f4 into main Jun 14, 2024
11 checks passed
@souleb souleb deleted the enable-cachin-auth-tokens branch June 14, 2024 14:36
@errordeveloper
Copy link
Contributor

Exciting to see this merged! 🌟

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants