-
Notifications
You must be signed in to change notification settings - Fork 620
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Number of threads created in Gateway for blocking identity calls causing "too many concurrent streams" error #23853
Comments
@npepinpe If I'm getting it right, a potential workaround could be scaling the Zeebe Gateway to handle the throughput? Until you need to scale the identity deployment itself as well. |
that would mitigate it, but could just push the problem downstream. worth a try |
imo we should fix it, and the error message should reflect the possible actions to take. ultimately it can also mean identity backend is not fast enough to handle the load |
ℹ️ If scaling up the gateways doesn't help, it could be that Identity is the bottleneck - in which case more gateways means more requests hitting it, and they will all block fairly fast. So you may also need to scale up your Identity pods, whether vertically or horizontally (or a combination of both). |
We will schedule this and attempt to get it into the next wave of patches in November (though it's a very tight deadline). |
Solution approach proposal by @npepinpe , within the identity SDK
|
@koevskinikola will block a time slot next week. @npepinpe can you offer pairing on this to make this slot most effective potentially creating a fix? |
@koevskinikola please schedule anything on my calendar 🙃 |
Solution plan:
The idea behind this solution proposal is that:
Technical plan:
|
## Description <!-- Describe the goal and purpose of this PR. --> Fixes an issue where too many tenant requeststo Identity cause the service to fail with an `IOException` due to too many concurrent requests. ## Checklist <!--- Please delete options that are not relevant. Boxes should be checked by reviewer. --> - [ ] for CI changes: - [ ] structural/foundational changes signed off by [CI DRI](https://github.com/cmur2) - [ ] [ci.yml](https://github.com/camunda/camunda/blob/main/.github/workflows/ci.yml) modifications comply with ["Unified CI" requirements](https://github.com/camunda/camunda/wiki/CI-&-Automation#workflow-inclusion-criteria) ## Related issues closes #23853
# Description Backport of #24196 to `stable/8.4`. relates to #23853 original author: @koevskinikola
# Description Backport of #24196 to `stable/8.5`. relates to #23853 original author: @koevskinikola
@koevskinikola - can we close this? |
Yup, thanks for the ping. |
Describe the bug
After upgrading from Camunda 8.5.2 to Camunda 8.6.2, a customer started to see frequent 500 errors coming from Identity. The error message is
java.io.IOException: too many concurrent streams
caused by Identity SDK's http client. The error message is originated from Zeebe gateway.This is due to switching to use virtual threads instead of a configured number of threads in a thread pool for Zeebe Gateway (see #18697). That means now we allow creating unlimited number of threads per blocking identity call. Since Zeebe gateway doesn't limit number of threads created for execution, identity SDK can now create unlimited number of streams but Identity SDK's HttpClient itself fails to handle it.
Expected behavior
Identity SDK's Http client shouldn't fail with
too many concurrent streams
.Log/Stacktrace
Full Stacktrace
Related support case: SUPPORT-24047
The text was updated successfully, but these errors were encountered: