Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] DeprecationLogger - Unbounded memory usage #16702

Closed
rajiv-kv opened this issue Nov 22, 2024 · 9 comments · Fixed by #16724
Closed

[BUG] DeprecationLogger - Unbounded memory usage #16702

rajiv-kv opened this issue Nov 22, 2024 · 9 comments · Fixed by #16724
Labels
bug Something isn't working Other v2.19.0 Issues and PRs related to version 2.19.0 v3.0.0 Issues and PRs related to version 3.0.0

Comments

@rajiv-kv
Copy link
Contributor

rajiv-kv commented Nov 22, 2024

Describe the bug

DeprecationLogger dedupes messages that has been already logged based on value of X-Opaque-Id provided in request.
Keys set is maintained in DeprecatedMessage. The entries in set are unbounded and are appended based on the user provided header value X-Opaque-Id. In case the user ends up passing unique Opaque-Id per request it can result in OOM on node.

Related component

Other

To Reproduce

  1. Create a system index in cluster say system-test-index-1
  2. curl -H "X-Opaque-Id: <timestamp-in-milliis>" "https://<endpoint>/_all/_alias/test-alias"
  3. Repeat step 2 for 10K times and you will notice increased heap memory usage

Expected behavior

DeprecatdMessage#keys should be memory bounded and not result in out-of-memory.

Additional Details

Plugins
Please list all plugins currently enabled.

Screenshots
If applicable, add screenshots to help explain your problem.

Host/Environment (please complete the following information):

  • OS: [e.g. iOS]
  • Version [e.g. 22]

Additional context
Add any other context about the problem here.

@rajiv-kv rajiv-kv added bug Something isn't working untriaged labels Nov 22, 2024
@github-actions github-actions bot added the Other label Nov 22, 2024
@dblock
Copy link
Member

dblock commented Nov 22, 2024

@rajiv-kv Thanks for raising this, definitely an issue. Want to contribute a fix? Maybe a circuit breaker?

@rajiv-kv
Copy link
Contributor Author

@rajiv-kv Thanks for raising this, definitely an issue. Want to contribute a fix? Maybe a circuit breaker?

Sure @dblock - can explore.

@dblock
Copy link
Member

dblock commented Nov 25, 2024

This was introduced in #1660, @VachaShah @andrross we all missed this. I think the map should both have an expiration for its items and be capped in size (in bytes) + be adjustable.

@andrross
Copy link
Member

I think the map should both have an expiration for its items and be capped in size (in bytes) + be adjustable.

@dblock I think a fixed-sized LRU cache with no expiration would probably be fine? If you happen to fill up the cache then you start evicting the least recently accessed items, potentially leading to duplicated log messages for those keys. I'd definitely like to avoid the complexity of making it adjustable. We probably don't need to overthink this because the goal is to de-dupe most messages to avoid spamming the log.

@shwetathareja
Copy link
Member

@andrross Yes, the first thing is that it should be bounded so that it doesn't keep on growing. But, I would like to understand the logic behind opaque-id to be appended, if all requests have unique id it doesn't help at all.

@rajiv-kv
Copy link
Contributor Author

Is there a way for user to see the X-Opaque-Id in logs ? I am trying to understand if there is any downside if we track the messages at per feature (Key) rather than per request (KeyWithXOpaqueId).

@dblock
Copy link
Member

dblock commented Nov 26, 2024

I think a fixed-sized LRU cache with no expiration would probably be fine?

Totally. +1 on not overthinking it. I think the only concern may be with a high TPS, but in that case this whole logger may be pointless. Maybe a setting to turn it off? I'm overthinking it again ...

Is there a way for user to see the X-Opaque-Id in logs ? I am trying to understand if there is any downside if we track the messages at per feature (Key) rather than per request (KeyWithXOpaqueId).

Yes, the intent was to help the caller who has access to the logs to find where the deprecated requests are coming from, not for the operator to know that a deprecated API is called by someone. It shows this:

[2021-07-01T05:18:51,291][DEPRECATION][o.o.d.c.m.IndexNameExpressionResolver] [0e77307b90eb] this request accesses system indices: [.opendistro_security], but in a future major version, direct access to system indices will be prevented by default

andrross added a commit to andrross/documentation-website that referenced this issue Nov 26, 2024
A [bug][1] was recently identified related to this header that was partly
exascerbated by a misuse of the field. We have some documentation related to the
[Tasks][2] API for this field, but no general guidance on how to use it.

[1]: opensearch-project/OpenSearch#16702
[2]: https://opensearch.org/docs/latest/api-reference/tasks/#attaching-headers-to-tasks

Signed-off-by: Andrew Ross <[email protected]>
andrross added a commit to andrross/documentation-website that referenced this issue Nov 26, 2024
A [bug][1] was recently identified related to this header that was partly
exascerbated by a misuse of the field. We have some documentation related to the
[Tasks][2] API for this field, but no general guidance on how to use it.

[1]: opensearch-project/OpenSearch#16702
[2]: https://opensearch.org/docs/latest/api-reference/tasks/#attaching-headers-to-tasks

Signed-off-by: Andrew Ross <[email protected]>
@shwetathareja
Copy link
Member

@dblock @andrross Thanks for updating the documentation and stating the usage of X-Opaque-Id header. But this may not be enough, we need to audit all the official clients like OpenSearch-hadoop to ensure it is used correctly. In case, a user gets into trouble simply because the opensearch clients are mis-using the header, that's not good experience.

andrross added a commit to andrross/documentation-website that referenced this issue Nov 29, 2024
A [bug][1] was recently identified related to this header that was partly
exascerbated by a misuse of the field. We have some documentation related to the
[Tasks][2] API for this field, but no general guidance on how to use it.

[1]: opensearch-project/OpenSearch#16702
[2]: https://opensearch.org/docs/latest/api-reference/tasks/#attaching-headers-to-tasks

Signed-off-by: Andrew Ross <[email protected]>
@dblock
Copy link
Member

dblock commented Dec 2, 2024

There are many references to X-Opaque-Id, https://github.com/search?q=org%3Aopensearch-project%20X-Opaque-Id&type=code, anyone care to go through them to see if there's problems and open issues?

kolchfa-aws added a commit to opensearch-project/documentation-website that referenced this issue Dec 4, 2024
* Document the `X-Opaque-Id` header

A [bug][1] was recently identified related to this header that was partly
exascerbated by a misuse of the field. We have some documentation related to the
[Tasks][2] API for this field, but no general guidance on how to use it.

[1]: opensearch-project/OpenSearch#16702
[2]: https://opensearch.org/docs/latest/api-reference/tasks/#attaching-headers-to-tasks

Signed-off-by: Andrew Ross <[email protected]>

* Update _api-reference/common-parameters.md

Co-authored-by: kolchfa-aws <[email protected]>
Signed-off-by: Andrew Ross <[email protected]>

* Update _api-reference/common-parameters.md

Co-authored-by: kolchfa-aws <[email protected]>
Signed-off-by: Andrew Ross <[email protected]>

* Update _api-reference/common-parameters.md

Co-authored-by: kolchfa-aws <[email protected]>
Signed-off-by: Andrew Ross <[email protected]>

* Update _api-reference/common-parameters.md

Co-authored-by: Nathan Bower <[email protected]>
Signed-off-by: Andrew Ross <[email protected]>

* Update _api-reference/common-parameters.md

Co-authored-by: Nathan Bower <[email protected]>
Signed-off-by: Andrew Ross <[email protected]>

---------

Signed-off-by: Andrew Ross <[email protected]>
Co-authored-by: kolchfa-aws <[email protected]>
Co-authored-by: Nathan Bower <[email protected]>
opensearch-trigger-bot bot pushed a commit to opensearch-project/documentation-website that referenced this issue Dec 4, 2024
* Document the `X-Opaque-Id` header

A [bug][1] was recently identified related to this header that was partly
exascerbated by a misuse of the field. We have some documentation related to the
[Tasks][2] API for this field, but no general guidance on how to use it.

[1]: opensearch-project/OpenSearch#16702
[2]: https://opensearch.org/docs/latest/api-reference/tasks/#attaching-headers-to-tasks

Signed-off-by: Andrew Ross <[email protected]>

* Update _api-reference/common-parameters.md

Co-authored-by: kolchfa-aws <[email protected]>
Signed-off-by: Andrew Ross <[email protected]>

* Update _api-reference/common-parameters.md

Co-authored-by: kolchfa-aws <[email protected]>
Signed-off-by: Andrew Ross <[email protected]>

* Update _api-reference/common-parameters.md

Co-authored-by: kolchfa-aws <[email protected]>
Signed-off-by: Andrew Ross <[email protected]>

* Update _api-reference/common-parameters.md

Co-authored-by: Nathan Bower <[email protected]>
Signed-off-by: Andrew Ross <[email protected]>

* Update _api-reference/common-parameters.md

Co-authored-by: Nathan Bower <[email protected]>
Signed-off-by: Andrew Ross <[email protected]>

---------

Signed-off-by: Andrew Ross <[email protected]>
Co-authored-by: kolchfa-aws <[email protected]>
Co-authored-by: Nathan Bower <[email protected]>
(cherry picked from commit 1cd69cd)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@reta reta added v3.0.0 Issues and PRs related to version 3.0.0 v2.19.0 Issues and PRs related to version 2.19.0 labels Dec 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working Other v2.19.0 Issues and PRs related to version 2.19.0 v3.0.0 Issues and PRs related to version 3.0.0
Projects
None yet
5 participants