Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Define delayed event ratelimit category #18019

Open
wants to merge 2 commits into
base: develop
Choose a base branch
from

Conversation

AndrewFerr
Copy link
Member

@AndrewFerr AndrewFerr commented Dec 9, 2024

Apply ratelimiting on delayed event management separately from messages.

Pull Request Checklist

  • Pull request is based on the develop branch
  • Pull request includes a changelog file. The entry should:
    • Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from EventStore to EventWorkerStore.".
    • Use markdown where necessary, mostly for code blocks.
    • End with either a period (.) or an exclamation mark (!).
    • Start with a capital letter.
    • Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry.
  • Code style is correct
    (run the linters)

Apply ratelimiting on delayed event management separately from messages.
@AndrewFerr AndrewFerr requested a review from a team as a code owner December 9, 2024 20:18
@github-actions github-actions bot deployed to PR Documentation Preview December 9, 2024 20:19 Active
Copy link
Member

@hughns hughns left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please see question inline about the default value.

This is a ratelimiting option that ratelimits
attempts to restart, cancel, or view delayed events
based on the account the client is using.
It defaults to: `per_second: 10`, `burst_count: 100`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are the defaults so different from rc_message which is what is currently used? I expect the default for rc_delayed_event to be similar.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The default is more lax to permit refreshing delayed events often / in a loop without risk of ratelimiting, whereas "actual" messages are sent less frequently / not periodically and benefit from a stricter ratelimit.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@AndrewFerr could you put that justification in the config documentation? I think it would help sysadmins understand why they may want to configure this new ratelimit.

This is a ratelimiting option that ratelimits
attempts to restart, cancel, or view delayed events
based on the account the client is using.
It defaults to: `per_second: 10`, `burst_count: 100`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@AndrewFerr could you put that justification in the config documentation? I think it would help sysadmins understand why they may want to configure this new ratelimit.

@@ -227,6 +228,8 @@ async def add(
Raises:
SynapseError: if the delayed event fails validation checks.
"""
# Use standard request limiter for scheduling new delayed events.
# TODO: Instead apply rateliming based on the scheduled send time.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
# TODO: Instead apply rateliming based on the scheduled send time.
# TODO: Instead apply rateliming based on the scheduled send time.
# See https://github.com/element-hq/synapse/issues/18021

self.rc_delayed_event = RatelimitSettings.parse(
config,
"rc_delayed_event",
defaults={"per_second": 10, "burst_count": 100},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

10 per second seems quite high - may as well not have a rate-limit at all at that point?

The default for rc_message is 0.2/second. How often are you expecting to refresh delayed events? Would it help to have a rate-limit per-device instead of just per-user?

@unittest.override_config({"rc_delayed_event": {"per_second": 0.5, "burst_count": 1}})
def test_cancel_delayed_event_ratelimit(self) -> None:
delay_ids = []
for i in range(2):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
for i in range(2):
for _ in range(2):

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants