Expand description
Resolution of the three HTTP handler-pool knobs (issue #574 slice 5).
The values are configurable through the standard precedence chain used elsewhere in the boot path:
flag > red_config > env > built-in default
Built-in defaults reproduce the hard-coded values from slices 1+2:
- max_handlers = (2 * num_cpus).clamp(8, 256)
- handler_timeout = 30_000 ms
- retry_after_secs = 5
- max_inflight_per_principal = 64 (issue #934; 0 disables)
Each knob is validated at parse time and at resolution time so a stale red_config value cannot corrupt the running server.
Structs§
- Http
Limits CliInput - CLI-layer input. Each pair holds the already-validated value coming
from a flag and from an env var, respectively. The resolver applies
the
flag > red_config > env > defaultprecedence using these inputs plus a config-store lookup. - Http
Limits Resolved - Resolved values after applying the full precedence chain. Stamped
into both the
RedDBServerand the startup log line.
Constants§
- DEFAULT_
HANDLER_ TIMEOUT_ MS - DEFAULT_
MAX_ INFLIGHT_ PER_ PRINCIPAL - Built-in default for
max_inflight_per_principal(issue #934). Bounds any single principal’s concurrent in-flight requests at the async edge so one caller can’t drain the whole global handler cap and starve the rest.0disables the per-principal cap entirely; a single-tenant deployment can set it there to pay nothing. Chosen below the typical multi-core global cap (256) so it provides real fairness headroom, while sitting above the global cap on tiny boxes (where there is no abuse pressure) so it never trips spuriously. - DEFAULT_
RETRY_ AFTER_ SECS - MAX_
RETRY_ AFTER_ SECS - MIN_
HANDLER_ TIMEOUT_ MS - Lower bound for
handler_timeout_ms. Anything below this is so short the deadline trips on healthy requests; we reject the value. - MIN_
RETRY_ AFTER_ SECS - Inclusive bounds for
retry_after_secs. Below 1s means clients hammer the server; above 30s means a transient overload looks like a permanent outage to load balancers.
Functions§
- default_
max_ handlers - Built-in default for
max_handlers. MatchesHttpConnectionLimiter::with_default_cap. - resolve_
http_ limits - Apply the
flag > red_config > env > defaultchain. - validate_
handler_ timeout_ ms - validate_
max_ handlers - Validate a
max_handlerscandidate from any source. Returns the value unchanged on success. - validate_
max_ inflight_ per_ principal - Validate a
max_inflight_per_principalcandidate (issue #934). Everyusizeis acceptable: a positive value caps each principal’s concurrent in-flight requests, and0disables the per-principal cap. Present for symmetry with the other knobs so the CLI parser can run all four through the same validated-parse helper. - validate_
retry_ after_ secs