node: increase batch limits for auth rpc API (#27924)
This raises the JSON-RPC batch request limits significantly for the engine API endpoint. The limits are now also hard-coded, so users won't get them wrong. I have chosen these limits: maximum batch items: 2000 maximum batch response size: 250MB While it would also be possible to disable batch limits completely for the engine API, I think having some limits is a good safety net against misbehaving CLs. Since this isn't configurable, we really want to ensure this limit will never become an issue in the CL/EL communication, so I set them quite high. --------- Signed-off-by: jsvisa <delweng@gmail.com> Co-authored-by: Felix Lange <fjl@twurst.com>
This commit is contained in:
parent
a16d757cd4
commit
386cba15b5
|
@ -36,6 +36,13 @@ const (
|
||||||
DefaultAuthPort = 8551 // Default port for the authenticated apis
|
DefaultAuthPort = 8551 // Default port for the authenticated apis
|
||||||
)
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
// Engine API batch limits: these are not configurable by users, and should cover the
|
||||||
|
// needs of all CLs.
|
||||||
|
engineAPIBatchItemLimit = 2000
|
||||||
|
engineAPIBatchResponseSizeLimit = 250 * 1000 * 1000
|
||||||
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
DefaultAuthCors = []string{"localhost"} // Default cors domain for the authenticated apis
|
DefaultAuthCors = []string{"localhost"} // Default cors domain for the authenticated apis
|
||||||
DefaultAuthVhosts = []string{"localhost"} // Default virtual hosts for the authenticated apis
|
DefaultAuthVhosts = []string{"localhost"} // Default virtual hosts for the authenticated apis
|
||||||
|
|
|
@ -449,8 +449,11 @@ func (n *Node) startRPC() error {
|
||||||
if err := server.setListenAddr(n.config.AuthAddr, port); err != nil {
|
if err := server.setListenAddr(n.config.AuthAddr, port); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
sharedConfig := rpcConfig
|
sharedConfig := rpcEndpointConfig{
|
||||||
sharedConfig.jwtSecret = secret
|
jwtSecret: secret,
|
||||||
|
batchItemLimit: engineAPIBatchItemLimit,
|
||||||
|
batchResponseSizeLimit: engineAPIBatchResponseSizeLimit,
|
||||||
|
}
|
||||||
if err := server.enableRPC(allAPIs, httpConfig{
|
if err := server.enableRPC(allAPIs, httpConfig{
|
||||||
CorsAllowedOrigins: DefaultAuthCors,
|
CorsAllowedOrigins: DefaultAuthCors,
|
||||||
Vhosts: n.config.AuthVirtualHosts,
|
Vhosts: n.config.AuthVirtualHosts,
|
||||||
|
|
Loading…
Reference in New Issue