Store qualified counters in dedicated capacity limited cache

[alexsnaps]

@didierofrivia here is what I am thinking...

[alexsnaps]

These are all the changes... By default, this now tries to use 70% of the available memory at server startup to store "qualified counters", it'll emit a WARNing level log if you don't explicitly set the cache's size using -c, like so:

[WARN  limitador_server] No cache size provided, aiming at 70% of 6019MB, i.e. 17259155 entries

[codecov-commenter]

Codecov Report

Merging #195 (c82a258) into main (0987560) will decrease coverage by 1.18%.
The diff coverage is 70.77%.

@@            Coverage Diff             @@
##             main     #195      +/-   ##
==========================================
- Coverage   74.32%   73.15%   -1.18%     
==========================================
  Files          30       30              
  Lines        4998     5048      +50     
==========================================
- Hits         3715     3693      -22     
- Misses       1283     1355      +72     

Files Changed	Coverage Δ
limitador-server/src/main.rs	6.50% <17.14%> (+0.04%)	⬆️
limitador/src/lib.rs	85.92% <61.53%> (-0.64%)	⬇️
limitador-server/src/config.rs	27.27% <75.00%> (+2.27%)	⬆️
limitador/src/storage/in_memory.rs	79.49% <88.50%> (-16.51%)	⬇️
limitador-server/src/envoy_rls/server.rs	90.55% <100.00%> (ø)
limitador/src/counter.rs	96.25% <100.00%> (+0.14%)	⬆️
limitador/src/storage/atomic_expiring_value.rs	93.91% <100.00%> (-5.17%)	⬇️
limitador/src/storage/mod.rs	91.35% <100.00%> (+1.45%)	⬆️

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[didierofrivia]

I'm missing how this work, but I don't understand why is this change needed? Shouldn't invoke the default set the expected cache_size?

[alexsnaps]

There is no more any implementation of Default for RateLimiter. I couldn't really make a case for it. Why would 10k be a valid value for something using the crate? I thought that I could do the magic of using the 70% within default() could be an option, but again... why would 70% be any more desirable than 10% in the context of the crate? So I decided to push this "up" in the server's code (and avoid adding a dependency to the crate too).

Finally, for some reason, adding a impl Default for RateLimiter that'd only be for config test somehow failed. So didn't investigate much and added the value in the tests themselves.

[didierofrivia]

isn't the 70% too much (or too little xD)

[alexsnaps]

Well... this math is "wrong", the size of the entries don't account for the overhead of the memory required by the cache itself... but most importantly don't account for the size of the variables data that's on the heap... i.e. all the entries of name/value pairs... we need some overhead for that.
Finally the "rest" also needs memory, i.e. the actix & tonic & all other plumbing (if only storing the Limits themselves... So for tiny amounts of sys.available_memory() 70% might actually be way too eager, while for large ones, probably on the overly cautious end... Which is why this will trigger a WARN level log.

[didierofrivia]

what we are finding here is the AtomicExpiringValue, do you think it makes sense to be explicit and rename counter with something like expiring_value ? I also understand it's a counter in the end

[didierofrivia]

Left some comments, nothing blocking TBH, feel free to address them if it makes sense or just comment :)

[alexsnaps]

Left some comments, nothing blocking TBH, feel free to address them if it makes sense or just comment :)

I don't think anything should be addressed, but feel free to disagree... One thing which might be useful is setting a hard limit on what we know would be limitador's memory requirement. But we don't as of now... I could open an issue for that so that we at some point measure and address that. But right now, 70% isn't any better or worse than the previously hardcoded value... it's as bad, just differently. But at least, now, someone can set it to something that makes sense to their use-case.