Optimize policy iterators (#5184)

* Optimize policy iterators (go1.23) This modifies (*Options).GetAllPolicies() to use a go 1.23 iterator instead of copying all policies on every call, which can be extremely expensive. All existing usages of this function were updated as necessary. Additionally, a new (*Options).NumPolicies() method was added which quickly computes the number of policies that would be given by GetAllPolicies(), since there were several usages where only the number of policies was needed. * Fix race condition when assigning default envoy opts to a policy
2025-08-04 09:19:39 +02:00 · 2024-08-20 12:35:10 -04:00 · 2024-08-20 12:35:10 -04:00 · 56ba07e53e
commit 56ba07e53e
parent 3961098681
16 changed files with 136 additions and 87 deletions
--- a/internal/autocert/manager.go
+++ b/internal/autocert/manager.go
@ -471,14 +471,12 @@ func configureTrustedRoots(acmeMgr *certmagic.ACMEIssuer, opts config.AutocertOp
 }

 func sourceHostnames(cfg *config.Config) []string {
-	policies := cfg.Options.GetAllPolicies()
-
-	if len(policies) == 0 {
+	if cfg.Options.NumPolicies() == 0 {
 		return nil
 	}

 	dedupe := map[string]struct{}{}
-	for _, p := range policies {
+	for p := range cfg.Options.GetAllPolicies() {
 		if u, _ := urlutil.ParseAndValidateURL(p.From); u != nil && !strings.Contains(u.Host, "*") {
 			dedupe[u.Hostname()] = struct{}{}
 		}
--- a/internal/databroker/config_source.go
+++ b/internal/databroker/config_source.go
@ -199,8 +199,8 @@ func (src *ConfigSource) buildPolicyFromProto(_ context.Context, routepb *config
 }

 func (src *ConfigSource) addPolicies(ctx context.Context, cfg *config.Config, policies []*config.Policy) {
-	seen := make(map[uint64]struct{})
-	for _, policy := range cfg.Options.GetAllPolicies() {
+	seen := make(map[uint64]struct{}, len(policies)+cfg.Options.NumPolicies())
+	for policy := range cfg.Options.GetAllPolicies() {
 		id, err := policy.RouteID()
 		if err != nil {
 			log.Ctx(ctx).Err(err).Str("policy", policy.String()).Msg("databroker: error getting route id")
@ -209,7 +209,7 @@ func (src *ConfigSource) addPolicies(ctx context.Context, cfg *config.Config, po
 		seen[id] = struct{}{}
 	}

-	var additionalPolicies []config.Policy
+	additionalPolicies := make([]config.Policy, 0, len(policies))
 	for _, policy := range policies {
 		if policy == nil {
 			continue
--- a/internal/httputil/reproxy/reproxy.go
+++ b/internal/httputil/reproxy/reproxy.go
@ -29,13 +29,13 @@ type Handler struct {
 	mu       sync.RWMutex
 	key      []byte
 	options  *config.Options
-	policies map[uint64]config.Policy
+	policies map[uint64]*config.Policy
 }

 // New creates a new Handler.
 func New() *Handler {
 	h := new(Handler)
-	h.policies = make(map[uint64]config.Policy)
+	h.policies = make(map[uint64]*config.Policy)
 	return h
 }

@ -120,7 +120,7 @@ func (h *Handler) Middleware(next http.Handler) http.Handler {

 		h := stdhttputil.NewSingleHostReverseProxy(&dst)
 		h.ErrorLog = stdlog.New(log.Logger(), "", 0)
-		h.Transport = config.NewPolicyHTTPTransport(options, &policy, disableHTTP2)
+		h.Transport = config.NewPolicyHTTPTransport(options, policy, disableHTTP2)
 		h.ServeHTTP(w, r)
 		return nil
 	})
@ -133,8 +133,8 @@ func (h *Handler) Update(ctx context.Context, cfg *config.Config) {

 	h.key, _ = cfg.Options.GetSharedKey()
 	h.options = cfg.Options
-	h.policies = make(map[uint64]config.Policy)
-	for _, p := range cfg.Options.GetAllPolicies() {
+	h.policies = make(map[uint64]*config.Policy, cfg.Options.NumPolicies())
+	for p := range cfg.Options.GetAllPolicies() {
 		id, err := p.RouteID()
 		if err != nil {
 			log.Warn(ctx).Err(err).Msg("reproxy: error getting route id")