search

apache / dubbo

The java implementation of Apache Dubbo. An RPC and microservice framework.
https://dubbo.apache.org/
Apache License 2.0
40.54k stars 26.44k forks source link

[Bug] ProtocolSecurityWrapper WIP #14937

Open vio-lin opened 4 days ago

vio-lin commented 4 days ago

Pre-check

Search before asking

Apache Dubbo Component

Java SDK (apache/dubbo)

Dubbo Version

Dubbo 3.2.6 linux: Linux 5.15.80 i check code in branch 3.3

Steps to reproduce this issue

deploy a dubbo reference with 2000 providers for test .
It is a 10s addition time cost when i try to update config 'timeout' in client. these provider url when i use new code in 3.2.6 zookeeperRegistry used and last version of code.

// old code 
URL url = URL.valueOf(providerUrl)
// new code
URL url = new DubboServiceAddressURL(rawProvider.getUrlAddress(), rawProvider.getUrlParam(), copyOfConsumer, overrideUrl))

image

There are some reflection operation and do not be cached .
it is ok in export but refer process this cost will be long when 'proverider size' and 'methods length' grow

//  org.apache.dubbo.common.utils.SerializeSecurityConfigurator#registerInterface
 if (!autoTrustSerializeClass) {
            return;
        }

        Set<Type> markedClass = new HashSet<>();
        checkClass(markedClass, clazz);

        addToAllow(clazz.getName());

        Method[] methodsToExport = clazz.getMethods();

        for (Method method : methodsToExport) {
            Class<?>[] parameterTypes = method.getParameterTypes();
            for (Class<?> parameterType : parameterTypes) {
                checkClass(markedClass, parameterType);
            }

i want to know is it necessary to be fixed? and if i work on it should it is will to use existed service cache in dubbo like ‘watch org.apache.dubbo.rpc.model.ReflectionServiceDescriptor '
or some dependency like org.springframework.util.ReflectionUtils.

What you expected to happen

there are 2000 instance in registry。 when i change timeout config in config center。
client do refrer all client to repalace this url。

expected to happen : urls update in 10s when netty client do not changed actual : it takes more than 20 milites to update url

in my machine it take 5ms * 2000 times to process SerializeSecurityConfigurator addition

Anything else

No response

Are you willing to submit a pull request to fix on your own?

Code of Conduct

AlbumenJ commented 18 hours ago

We may can use cache here. ReflectionServiceDescriptor might be not detailed enough for security check.