Open MrFoxTrot opened 3 weeks ago
Hi @MrFoxTrot thanks for the report.
Would it be possible for you to review and update the reproduction steps, so we are able to easily follow along internally? The more detail and copy/paste commands, the better. 😄
I have tried testing the 1.16.x
release branch (~1.16.4
) with a file
audit device and couldn't reproduce the issue. Are you finding it's only limited to socket
device types?
Does this also happen with 1.17.x
in your test environment? 1.17.0 from https://releases.hashicorp.com/vault/.
Unfortunately we are unlikely to offer a way to disable parts of the code as the changes were part of work to replace the underlying implementation that is used for audit (starting in 1.15.0
). Vault events
aren't connected to the changes to audit and so shouldn't have any impact.
Describe the bug Performance degradation after upgrading to 1.16.3
To Reproduce Steps to reproduce the behavior:
Expected behavior Same perfomance as was on previous version
Environment:
vault status
): 1.16.3vault version
): Vault v1.16.3, built 2024-05-29T14:28:42ZVault server configuration file(s):
Additional context After updating to version 1.16.3 with the audit device enabled, there has been a significant increase in CPU usage. I updated from version 1.15.4, and in the current configuration with an average of around 50 requests per secons (RPS), the system load was approximately 5-10% per core. Following the update, CPU usage across all cores spiked to around 80%. There are two audit devices enabled (file and UDP socket). Afterwards, I decided to check other versions released within that timeframe and found that the issue began to occur from version 1.15.5 and onwards. Judging by the code, significant changes related to AuditBroker and the introduction of event functionality were made, but since I am using the community version, I cannot utilize this functionality. Perhaps it would be worth adding settings related to disabling this feature.