Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

logging: make sync-writes false in default config for audit logs #58025

Closed
knz opened this issue Dec 17, 2020 · 2 comments · Fixed by #58995
Closed

logging: make sync-writes false in default config for audit logs #58025

knz opened this issue Dec 17, 2020 · 2 comments · Fixed by #58995
Labels
A-logging In and around the logging infrastructure. C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)

Comments

@knz
Copy link
Contributor

knz commented Dec 17, 2020

Requested / suggested by @bdarnell

i don't think i agree that fsyncing after every log entry is a requirement
i'm worried about the DoS possibilities of allowing attackers to consume a scarce resource like this, and about the SPOF of a single disk
(i feel the same way about our existing experimental audit logs, fwiw)
requiring synced writes to a single disk is just an awkward spot in the durability spectrum. if it's really important, it needs to be replicated

In other words, durability for audit logs should be achieved via network logging, not disk syncs.
@knz knz added C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception) A-logging In and around the logging infrastructure. labels Dec 17, 2020
@bdarnell
Copy link
Contributor

We should also solicit feedback from users of the audit log feature in its current experimental state - what level of durability do they require?

@knz
Copy link
Contributor Author

knz commented Dec 17, 2020
edited
Loading

@thtruo @piyush-singh can you investigate this?

@knz knz mentioned this issue Jan 14, 2021
Merged
@craig craig bot closed this as completed in 8451341 Jan 19, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-logging In and around the logging infrastructure. C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

util/log: stop syncing writes excessively knz/cockroach
2 participants
@bdarnell @knz