Right now, backpressure goes to infinity as you approach the max value. However, it's possible to exceed max if you (1) start below max and (2) send a single job that pushes over the limit (e.g. a large write). If this happens, then we special-case a 1 hour backpressure delay.
All of this is kinda awkward.
This PR cleans it up:
There's an explicit delay_max stored in the backpressure configuration, which is both a clamp and the delay used if our counter exceeds max_value
Backpressure now has an explicit Saturated value, which is used if we exceed max_value
If backpressure is saturated, then we return an error to the guest immediately (instead of delaying the IO for 1 hour)
Right now, backpressure goes to infinity as you approach the
maxvalue. However, it's possible to exceedmaxif you (1) start belowmaxand (2) send a single job that pushes over the limit (e.g. a large write). If this happens, then we special-case a 1 hour backpressure delay.All of this is kinda awkward.
This PR cleans it up:
delay_maxstored in the backpressure configuration, which is both a clamp and the delay used if our counter exceedsmax_valueSaturatedvalue, which is used if we exceedmax_value