Currently there is no limit on how many v4 clients are supported
by the system. This can be a problem in systems with small memory
configuration to function properly when a very large number of
clients exist that creates memory shortage conditions.
This patch enforces a limit of 1024 NFSv4 clients, including courtesy
clients, per 1GB of system memory. When the number of the clients
reaches the limit, requests that create new clients are returned
with NFS4ERR_DELAY and the laundromat is kicked start to trim old
clients. Due to the overhead of the upcall to remove the client
record, the maximun number of clients the laundromat removes on
each run is limited to 128. This is done to ensure the laundromat
can still process the other tasks in a timely manner.
Since there is now a limit of the number of clients, the 24-hr
idle time limit of courtesy client is no longer needed and was
removed.
Signed-off-by: Dai Ngo <[email protected]>
---
fs/nfsd/netns.h | 1 +
fs/nfsd/nfs4state.c | 20 ++++++++++++++------
fs/nfsd/nfsctl.c | 6 ++++++
fs/nfsd/nfsd.h | 2 ++
4 files changed, 23 insertions(+), 6 deletions(-)
diff --git a/fs/nfsd/netns.h b/fs/nfsd/netns.h
index ce864f001a3e..ffe17743cc74 100644
--- a/fs/nfsd/netns.h
+++ b/fs/nfsd/netns.h
@@ -191,6 +191,7 @@ struct nfsd_net {
siphash_key_t siphash_key;
atomic_t nfs4_client_count;
+ int nfs4_max_clients;
};
/* Simple check to find out if a given net was properly initialized */
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
index 30e16d9e8657..19807f7f618d 100644
--- a/fs/nfsd/nfs4state.c
+++ b/fs/nfsd/nfs4state.c
@@ -2059,6 +2059,10 @@ static struct nfs4_client *alloc_client(struct xdr_netobj name,
struct nfs4_client *clp;
int i;
+ if (atomic_read(&nn->nfs4_client_count) >= nn->nfs4_max_clients) {
+ mod_delayed_work(laundry_wq, &nn->laundromat_work, 0);
+ return NULL;
+ }
clp = kmem_cache_zalloc(client_slab, GFP_KERNEL);
if (clp == NULL)
return NULL;
@@ -5796,9 +5800,12 @@ static void
nfs4_get_client_reaplist(struct nfsd_net *nn, struct list_head *reaplist,
struct laundry_time *lt)
{
+ unsigned int maxreap, reapcnt = 0;
struct list_head *pos, *next;
struct nfs4_client *clp;
+ maxreap = (atomic_read(&nn->nfs4_client_count) >= nn->nfs4_max_clients) ?
+ NFSD_CLIENT_MAX_TRIM_PER_RUN : 0;
INIT_LIST_HEAD(reaplist);
spin_lock(&nn->client_lock);
list_for_each_safe(pos, next, &nn->client_lru) {
@@ -5809,14 +5816,15 @@ nfs4_get_client_reaplist(struct nfsd_net *nn, struct list_head *reaplist,
break;
if (!atomic_read(&clp->cl_rpc_users))
clp->cl_state = NFSD4_COURTESY;
- if (!client_has_state(clp) ||
- ktime_get_boottime_seconds() >=
- (clp->cl_time + NFSD_COURTESY_CLIENT_TIMEOUT))
+ if (!client_has_state(clp))
goto exp_client;
- if (nfs4_anylock_blockers(clp)) {
+ if (!nfs4_anylock_blockers(clp))
+ if (reapcnt >= maxreap)
+ continue;
exp_client:
- if (!mark_client_expired_locked(clp))
- list_add(&clp->cl_lru, reaplist);
+ if (!mark_client_expired_locked(clp)) {
+ list_add(&clp->cl_lru, reaplist);
+ reapcnt++;
}
}
spin_unlock(&nn->client_lock);
diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c
index 547f4c4b9668..bbd251da86e4 100644
--- a/fs/nfsd/nfsctl.c
+++ b/fs/nfsd/nfsctl.c
@@ -1463,6 +1463,8 @@ static __net_init int nfsd_init_net(struct net *net)
{
int retval;
struct nfsd_net *nn = net_generic(net, nfsd_net_id);
+ u64 max_clients;
+ struct sysinfo si;
retval = nfsd_export_init(net);
if (retval)
@@ -1488,6 +1490,10 @@ static __net_init int nfsd_init_net(struct net *net)
seqlock_init(&nn->writeverf_lock);
atomic_set(&nn->nfs4_client_count, 0);
+ si_meminfo(&si);
+ max_clients = (u64)si.totalram * si.mem_unit / (1024 * 1024 * 1024);
+ max_clients *= NFS4_CLIENTS_PER_GB;
+ nn->nfs4_max_clients = max_t(int, max_clients, NFS4_CLIENTS_PER_GB);
return 0;
diff --git a/fs/nfsd/nfsd.h b/fs/nfsd/nfsd.h
index 847b482155ae..bbada18225b1 100644
--- a/fs/nfsd/nfsd.h
+++ b/fs/nfsd/nfsd.h
@@ -341,6 +341,8 @@ void nfsd_lockd_shutdown(void);
#define NFSD_LAUNDROMAT_MINTIMEOUT 1 /* seconds */
#define NFSD_COURTESY_CLIENT_TIMEOUT (24 * 60 * 60) /* seconds */
+#define NFSD_CLIENT_MAX_TRIM_PER_RUN 128
+#define NFS4_CLIENTS_PER_GB 1024
/*
* The following attributes are currently not supported by the NFSv4 server:
--
2.9.5
Hi Dai,
On Thu, 14 Jul 2022, Dai Ngo wrote:
> Currently there is no limit on how many v4 clients are supported
> by the system. This can be a problem in systems with small memory
> configuration to function properly when a very large number of
> clients exist that creates memory shortage conditions.
>
> This patch enforces a limit of 1024 NFSv4 clients, including courtesy
> clients, per 1GB of system memory. When the number of the clients
> reaches the limit, requests that create new clients are returned
> with NFS4ERR_DELAY and the laundromat is kicked start to trim old
> clients. Due to the overhead of the upcall to remove the client
> record, the maximun number of clients the laundromat removes on
> each run is limited to 128. This is done to ensure the laundromat
> can still process the other tasks in a timely manner.
>
> Since there is now a limit of the number of clients, the 24-hr
> idle time limit of courtesy client is no longer needed and was
> removed.
>
> Signed-off-by: Dai Ngo <[email protected]>
Thanks for your patch, which is now commit 05eaba9bd8c06580 ("NFSD:
limit the number of v4 clients to 1024 per 1GB of system memory")
in next-20220715.
[email protected] reports:
fs/nfsd/nfsctl.c:1504:24: error: 'NFS4_CLIENTS_PER_GB' undeclared (first use in this function)
> --- a/fs/nfsd/nfsctl.c
> +++ b/fs/nfsd/nfsctl.c
> @@ -1463,6 +1463,8 @@ static __net_init int nfsd_init_net(struct net *net)
> {
> int retval;
> struct nfsd_net *nn = net_generic(net, nfsd_net_id);
> + u64 max_clients;
> + struct sysinfo si;
>
> retval = nfsd_export_init(net);
> if (retval)
> @@ -1488,6 +1490,10 @@ static __net_init int nfsd_init_net(struct net *net)
Not protected by #ifdef CONFIG_NFSD_V4:
> seqlock_init(&nn->writeverf_lock);
>
> atomic_set(&nn->nfs4_client_count, 0);
> + si_meminfo(&si);
> + max_clients = (u64)si.totalram * si.mem_unit / (1024 * 1024 * 1024);
> + max_clients *= NFS4_CLIENTS_PER_GB;
> + nn->nfs4_max_clients = max_t(int, max_clients, NFS4_CLIENTS_PER_GB);
>
> return 0;
>
> diff --git a/fs/nfsd/nfsd.h b/fs/nfsd/nfsd.h
> index 847b482155ae..bbada18225b1 100644
> --- a/fs/nfsd/nfsd.h
> +++ b/fs/nfsd/nfsd.h
> @@ -341,6 +341,8 @@ void nfsd_lockd_shutdown(void);
Protected by #ifdef CONFIG_NFSD_V4:
>
> #define NFSD_LAUNDROMAT_MINTIMEOUT 1 /* seconds */
> #define NFSD_COURTESY_CLIENT_TIMEOUT (24 * 60 * 60) /* seconds */
> +#define NFSD_CLIENT_MAX_TRIM_PER_RUN 128
> +#define NFS4_CLIENTS_PER_GB 1024
>
> /*
> * The following attributes are currently not supported by the NFSv4 server:
> --
> 2.9.5
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [email protected]
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds