Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[9.0](backport #4402) Use chi/middleware.Throttle instead of custom conn limiter #4431

Merged
merged 1 commit into from
Feb 6, 2025
Merged

[9.0](backport #4402) Use chi/middleware.Throttle instead of custom conn limiter #4431

merged 1 commit into from
Feb 6, 2025

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Feb 6, 2025

What is the problem this PR solves?

fleet-server silently closes connections instead of returning a 429 when the connection limit is reached.

How does this PR solve the problem?

Use chi/middleware.Throttle to track in-flight requests and return a 429 response once the limit is reached.

This is different behaviour from our current implementation where the check occurs when the TCP connection is established, before the TLS handshake occurs.

Design Checklist

  • I have ensured my design is stateless and will work when multiple fleet-server instances are behind a load balancer.
  • I have or intend to scale test my changes, ensuring it will work reliably with 100K+ agents connected.
  • I have included fail safe mechanisms to limit the load on fleet-server: rate limiting, circuit breakers, caching, load shedding, etc.

Checklist

  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in ./changelog/fragments using the changelog tool

Related issues

@michel-laterman @mergify
Use chi/middleware.Throttle instead of custom conn limiter (#4402)
835eca0 
Use chi/middleware.Throttle to track in-flight requests and return a 429 response once the limit is reached.

This is different behaviour from the TCP listener based approach where the check occurs before the TLS handshake and if the limit is reached, the connection is silently closed.

(cherry picked from commit fbe3b2b)
@mergify mergify bot requested a review from a team as a code owner February 6, 2025 19:52
@mergify mergify bot added the backport label Feb 6, 2025
@mergify mergify bot requested review from michalpristas and blakerouse February 6, 2025 19:52
@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@michel-laterman michel-laterman merged commit ee4329e into 9.0 Feb 6, 2025
9 of 10 checks passed
@michel-laterman michel-laterman deleted the mergify/bp/9.0/pr-4402 branch February 6, 2025 21:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michel-laterman michel-laterman michel-laterman approved these changes

@michalpristas michalpristas Awaiting requested review from michalpristas michalpristas is a code owner automatically assigned from elastic/elastic-agent-control-plane

@blakerouse blakerouse Awaiting requested review from blakerouse blakerouse is a code owner automatically assigned from elastic/elastic-agent-control-plane

Assignees

@michel-laterman michel-laterman

Labels
backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@michel-laterman