Ignore source port in pack-objects limiting (!5702) · Merge requests · GitLab.org / gitaly

Quang-Minh Nguyen requested to merge qmnguyen0711/parse-remote-ip-before-propagating into master Apr 27, 2023

After deployment, it turns out that remote IP baggage may consist of source port. Technically, this inclusion is not wrong. Apparently, the source ports are usually ephemeral ports of clients. It always rotates. Hence, it breaks the pack-objects limiting in such cases.

While we should fix the original data source, it makes sense for Gitaly to protect itself. We should not assume the data for this important feature is always valid.

This MR is to sanitize the remote IP before applying the limiter.

Verify scenario

Add the following configuration to gitaly.toml, then restart the server. It limits the concurrency of git-pack-objects to 1.

[pack_objects_limiting]
key = "remote_ip"
max_concurrency = 1
max_queue_length = 100
max_queue_wait = "10s"

Issue two pulls via SSH at the same time.
In master branch, as gitlab-shell includes the source port in the remote_ip field, the concurrency limiting is not enforced.

After this change, concurrency limiting works as expected.

Edited Apr 27, 2023 by Quang-Minh Nguyen

Ignore source port in pack-objects limiting

Verify scenario

Merge request reports