Expand description
Clock-agnostic concurrency limiter.
reliakit-bulkhead caps how many operations may be in flight at once. It
is a counting semaphore: you acquire a permit before starting work and
release it when the work finishes. When no permit is available the request is
rejected immediately so load is shed instead of piling up.
It does not block, sleep, spawn tasks, or read the clock — acquiring a permit
either succeeds now or fails now. That keeps it usable from synchronous code,
any async runtime, and no_std / embedded targets, with deterministic tests.
Where reliakit-ratelimit caps the
rate of operations over time, a Bulkhead caps the number running at
once. The two compose: a rate limiter decides how often to start work, a
bulkhead bounds how much runs concurrently.
§Example
use reliakit_bulkhead::Bulkhead;
// Allow at most two concurrent operations.
let mut bulkhead = Bulkhead::new(2);
assert!(bulkhead.try_acquire_one()); // 1 in flight
assert!(bulkhead.try_acquire_one()); // 2 in flight
assert!(!bulkhead.try_acquire_one()); // full: rejected, shed load
bulkhead.release_one(); // one operation finished
assert!(bulkhead.try_acquire_one()); // room again§Releasing permits
Every successful acquire must be matched by a release, including on the error
path, or the bulkhead will slowly fill and reject everything. The crate keeps
the model explicit (no RAII guard) so it stays Copy and no_std with no
borrowing constraints; pair acquire/release yourself, e.g. with a scopeguard
or a manual Drop wrapper in your own code.
Structs§
- Bulkhead
- A concurrency limiter: a counting semaphore that caps in-flight operations.