Limit number of sessions that are created by same client ip and same user for each graphd

[carrey-feng]

What type of PR is this?

• bug
• feature
• enhancement

What problem(s) does this PR solve?

Issue(s) number:

Description:
#3696 provides the ability to delete sessions offline after too sessions are created. It is too late to ensure cluster availability, I think that we should do something to avoid too many session being created. Now there is already max_allowed_connections to limit total number of sessions in cluster to make sure the cluster does not crash because there are too many sessions. But it is not unfair to users who correctly use clusters.
So I add max_sessions_per_ip_per_user configuration to limit the number of sessions that are created by same client ip and same user on a graphd service . The default value is 300, You can set it in nebula-graphd.conf file.

How do you solve it?

So I add max_sessions_per_ip_per_user configuration to limit the number of sessions that are created by same client ip and same user on a graphd service . The default value is 300, You can set it in nebula-graphd.conf file.

Special notes for your reviewer, ex. impact of this fix, design document, etc:

Checklist:

Tests:

• Unit test(positive and negative cases)
• Function test
• Performance test
• N/A

Affects:

• Documentation affected (Please add the label if documentation needs to be modified.)
• Incompatibility (If it breaks the compatibility, please describe it and add the label.）
• If it's needed to cherry-pick (If cherry-pick to some branches is required, please label the destination version(s).)
• Performance impacted: Consumes more CPU/Memory

Release notes:

Please confirm whether to be reflected in release notes and how to describe:

ex. Fixed the bug .....

[CLAassistant]

All committers have signed the CLA.

[carrey-feng]

Limiting the number of individual user connections is required in a multi tenant cluster. It can prevent one user's mistake from affecting all other users

[Hera-han]

@CPWstatic this PR has been open for a long time, please take a look and give feedback. thanks

[CPWstatic]

LGTM.

[Aiee]

Sorry for being back late, and thank you for addressing this problem.
Please take a look at the comments.

[Aiee]

LGTM.
Please fix the format reported in https://github.com/vesoft-inc/nebula/runs/5461460167?check_suite_focus=true

[carrey-feng]

LGTM. Please fix the format reported in https://github.com/vesoft-inc/nebula/runs/5461460167?check_suite_focus=true

I have fixed the format reported, I find that there is not any whitespace at line ending in code. Why did they report an error?

[Aiee]

LGTM. Please fix the format reported in https://github.com/vesoft-inc/nebula/runs/5461460167?check_suite_focus=true

I have fixed the format reported, I find that there is not any whitespace at line ending in code. Why did they report an error?

You could use clang-format to format the code. The style config file .clang-format is located at the root of the directory.

Ref: https://clang.llvm.org/docs/ClangFormat.html

[carrey-feng]

@Aiee I have formated code by clang-format. Please approve running workflows thanks

[Aiee]

@Aiee I have formated code by clang-format. Please approve running workflows thanks

Please check https://github.com/vesoft-inc/nebula/runs/5489976984?check_suite_focus=true
We are using 2 spaces as the indent.

[carrey-feng]

BTW, you need to add 冯亮(26011345) to your GitHub account so that all committers could sign the CLA
冯亮(26011345) is my company's system account, I forget to change the Git configuration when I sometimes submitted.

Good job! Thank you for your contribution.

Thank you for your patience and help

You are welcome! :D We look forward to seeing you in the community again! BTW, you need to add 冯亮(26011345) to your GitHub account so that all committers could sign the CLA

冯亮(26011345) is my system account in my company , I forget to change the Git configuration when I submitted. It is not a github account, can we ignore it?

[Aiee]

BTW, you need to add 冯亮(26011345) to your GitHub account so that all committers could sign the CLA
冯亮(26011345) is my company's system account, I forget to change the Git configuration when I sometimes submitted.

Good job! Thank you for your contribution.

Thank you for your patience and help

You are welcome! :D We look forward to seeing you in the community again! BTW, you need to add 冯亮(26011345) to your GitHub account so that all committers could sign the CLA

冯亮(26011345) is my system account in my company , I forget to change the Git configuration when I submitted. It is not a github account, can we ignore it?

Unfortunately, it is mandatory to sign the CLA. You could add the email address used for this commit to your account and may remove your working email later.

[carrey-feng]

@Aiee
This problem has been resolved

[Aiee]

@a516072575 Please take a look at the failed pytest case. You could run the test locally before pushing the commit.

[Sophie-Xie]

@a516072575 Please take a look at the failed pytest case. You could run the test locally before pushing the commit.

https://github.com/vesoft-inc/nebula/runs/5533203149?check_suite_focus=true

E nebula3.Exception.AuthFailedException: b"Create Session failed: Too many sessions created from 127.0.0.1 by user root. the threshold is 1. You can change it by modifying 'max_sessions_per_ip_per_user' in nebula-graphd.conf"

[CPWstatic]

Please add max_sessions_per_ip_per_user to nebula-graphd.conf.production file.

[carrey-feng]

E nebula3.Exception.AuthFailedException: b"Create Session failed: Too many sessions created from 127.0.0.1 by user root. the threshold is 1. You can change it by modifying 'max_sessions_per_ip_per_user' in nebula-graphd.conf"

I will complete it as soon as possible

[carrey-feng]

@a516072575 Please take a look at the failed pytest case. You could run the test locally before pushing the commit.

https://github.com/vesoft-inc/nebula/runs/5533203149?check_suite_focus=true

E nebula3.Exception.AuthFailedException: b"Create Session failed: Too many sessions created from 127.0.0.1 by user root. the threshold is 1. You can change it by modifying 'max_sessions_per_ip_per_user' in nebula-graphd.conf"

I will fix it today

[Aiee]

We made it!