Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

spire-server: improve entry lookup for NewJWTSvid and BatchX509SVID requests #5819

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

spire-server: improve entry lookup for NewJWTSvid and BatchX509SVID requests #5819

wants to merge 1 commit into from

Conversation

sorindumitru
Copy link
Collaborator

Currently opening this a draft, to continue the discussion. Still requires some tests. Overall this seems to improve CPU usage substantially while not affecting other metrics, memory, network, etc.:

image

Pull Request check list

  • Commit conforms to CONTRIBUTING.md?
  • Proper tests/regressions included?
  • Documentation updated?

Affected functionality
NewJWTSVID and BatchX509SVID server APIs.

Description of change
Instead of fetching all authorized entries for a new SVID signing requests, only fetch the ones required. In the case of signign JWT-SVIDs, it's only one so there's a big improvement. In the case of X509-SVID, this is usually done in a batch so improvements will depend on batch size and the number of entries the agent is authorized for.

Which issue this PR fixes
#5801

@amartinezfayo amartinezfayo self-assigned this Jan 28, 2025
@sorindumitru sorindumitru force-pushed the lookup-authorized-entries branch 5 times, most recently from a55d656 to d8cc2ac Compare February 3, 2025 16:13
@sorindumitru
wip
5736cb7 
Signed-off-by: Sorin Dumitru <sdumitru@bloomberg.net>
@sorindumitru sorindumitru force-pushed the lookup-authorized-entries branch from d8cc2ac to 5736cb7 Compare February 3, 2025 19:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@evan2645 evan2645 Awaiting requested review from evan2645 evan2645 will be requested when the pull request is marked ready for review evan2645 is a code owner

@amartinezfayo amartinezfayo Awaiting requested review from amartinezfayo amartinezfayo will be requested when the pull request is marked ready for review amartinezfayo is a code owner

@MarcosDY MarcosDY Awaiting requested review from MarcosDY MarcosDY will be requested when the pull request is marked ready for review MarcosDY is a code owner

@rturner3 rturner3 Awaiting requested review from rturner3 rturner3 will be requested when the pull request is marked ready for review rturner3 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@amartinezfayo amartinezfayo

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sorindumitru @amartinezfayo