MEDIUM: stktables: Limit the number of stick counters to 100

"tune.stick-counters" global parameter was accepting any positive integer
value. But the maximum value is incredibly high. Setting a huge value has
signitifcant impact on memory and CPU usage. To avoid any issue, this value
is now limited to 100. It should be greater enough to all usage.

It can be seen as a breaking change.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index c47af4fbcbd847ee814e527b67f7ae0c08dcc2a0..1f53e9bd6a193a5677cff49f8fbbd583cf9e80ec 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -5288,15 +5288,16 @@ tune.stick-counters <number>
   connection or a request via "track-sc*" actions in "tcp-request" or
   "http-request" rules. The default value is set at build time by the macro
   MAX_SESS_STK_CTR, and defaults to 3. With this setting it is possible to
-  change the value and ignore the one passed at build time. Increasing this
-  value may be needed when porting complex configurations to haproxy, but users
-  are warned against the costs: each entry takes 16 bytes per connection and
-  16 bytes per request, all of which need to be allocated and zeroed for all
-  requests even when not used. As such a value of 10 will inflate the memory
-  consumption per request by 320 bytes and will cause this memory to be erased
-  for each request, which does have measurable CPU impacts. Conversely, when
-  no "track-sc" rules are used, the value may be lowered (0 being valid to
-  entirely disable stick-counters).
+  change the value and ignore the one passed at build time, but it cannot be
+  set to a value greater than 100. Increasing this value may be needed when
+  porting complex configurations to haproxy, but users are warned against the
+  costs: each entry takes 16 bytes per connection and 16 bytes per request, all
+  of which need to be allocated and zeroed for all requests even when not
+  used. As such a value of 10 will inflate the memory consumption per request
+  by 320 bytes and will cause this memory to be erased for each request, which
+  does have measurable CPU impacts. Conversely, when no "track-sc" rules are
+  used, the value may be lowered (0 being valid to entirely disable
+  stick-counters).
 
 tune.takeover-other-tg-connections <value>
   By default, we won't attempt to use idle connections from other thread groups.

diff --git a/src/stick_table.c b/src/stick_table.c
index d8c5b4a55ff5f339d9b45900dc9bc328ab7929a7..06a91ea49fb7d229e53deadbceaac869dadc320e 100644 (file)
--- a/src/stick_table.c
+++ b/src/stick_table.c
@@ -5940,8 +5940,8 @@ static int stk_parse_stick_counters(char **args, int section_type, struct proxy
                return -1;
        }
 
-       if (counters < 0) {
-               memprintf(err, "%s: the number of stick-counters may not be negative (was %d)", args[0], counters);
+       if (counters < 0 || counters > 100) {
+               memprintf(err, "%s: the number of stick-counters must be between 1 and 100 (was %d)", args[0], counters);
                return -1;
        }