Per-user connection limit #607
Comments
|
You can do this via HTTP API today (poll and force close connections). However, I expected to see this after #500 and they have a lot of similarities. We won't be providing a channel limit per user but you can limit max number of channels per connection via |
michaelklishin
changed the title
|
@johnfoldager in your opinion, should this limit be global or scoped per vhost? We see a lot of interest in per-vhost connection limit (already done, #500) but there is no consensus on this one. |
|
We'd like to understand the use cases better before we spend more than a spike worth amount of time on this => clearing milestone. |
|
With the current setup, an application with a connection leak can crash RabbitMQ when it runs out of file descriptors. If a per-user connection limit could be enforced, it could be guaranteed that one application with a connection leak won't crash Rabbit (thus causing problems for all applications that use it). This would provide a more stable backend for systems that are developed rapidly enough that bugs occasionally sneak through. |
|
@wmoran-uatc we have introduced per-vhost connection limit in #500. However, we now fail to come up with a compelling use case for this per-user limit and there's no time to fit it into the |
|
While per-vhost is an excellent feature, it still fails to provide protection in the case where multiple teams are creating software that connects to the same vhost. With per-vhost, a single buggy app could eat up all the connections for a particular vhost, thus negatively impacting other applications that need to use that vhost. With per-user limits, each application could be limited independently of any other. |
|
@wmoran-uatc we will consider this feature for a future release, thank you. |
|
I would love to see rabbitmq to have this feature, I currently plan to let users connect to rabbitmq through Web STOMP. However, I just want to have only one connection per user to rabbitmq to prevent users from draining the resources(cpu, memory) on the rabbitmq node. Although, I might be able to do this by closing user connection when a user tries to login to our server, still, it would be great if rabbitmq support this feature. |
|
Is there any planning to include this feature in some RabbitMQ release? |
|
@jesferman not into 3.7.0, then we will see. |
|
What's going on? |
|
There are no updates on this feature. We still see relatively little demand for it, so at the moment it is not in the backlog for 3.8 or any other release. We will update this issue should that change. |
|
Having just experienced the scenario @wmoran-uatc described above - where a new single buggy app was leaking connections and caused us considerable grief in production - I'd like to reiterate that a per-user connection limit would be a very helpful mitigation strategy when the whole purpose of a given MQ cluster is supporting a single high volume vhost. |
|
I too would like to put my vote in for per-user level limits. We have several groups that will be connecting to the same vhost and we don't want one group to exhaust all resources on the machine. Limiting them to a few connections would be the right way to go. |
|
Locking since a couple of use cases for this have been explained to our team and we don't need any more |
|
In #2380, CloudAMQP and Erlang Solutions have contributed an implementation of this. |
|
#2380 has been merged manually and has a good change of getting into a future |
|
We will set the milestone when we decide when/if this should be backported. |
|
I recognize this comment is better suited for the mailing list (started here: https://groups.google.com/u/2/g/rabbitmq-users/c/DY_rqcV7mWU), but is it possible to interact with the user-level connections limits in 3.8 via the http auth backend? Is it better for us to have our own monitor running for these dynamic user connections? |
It would be really great if it was possible to limit the number of connections/channels for a specific user.
The text was updated successfully, but these errors were encountered: