Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IP cache #53

Open
wants to merge 66 commits into
base: develop
Choose a base branch
from
Open

IP cache #53

wants to merge 66 commits into from

Conversation

mazhurin
Copy link
Collaborator

Local cache for the challenged IPs. Every challenge IP is cached in order to

  • prevent the extra challenge commands if this IP is still in the following batches
  • reference this IP from banjax report thread during the processing ip_failed_challenge or ip_passed_challenge banjax reports

@mazhurin
IPCache class added(WIP)
7d0974f
@mazhurin
ip_cache first experiment.
783f4ba
@mazhurin
Merge branch 'develop' into ip_cache
ddd8228
@mazhurin
ip_cache logs + single update()
ee9ba36
@mazhurin
ip_cache update() fix
0f7b001
@mazhurin
ip_cache log typo fix
0cbc3f6
@mazhurin
ip_cache persist added
b97ed33
@mazhurin
no counts in logging
4562e8c
@mazhurin
last count() in logging removed
843cb61
@mazhurin
spark ip_cache replaced with the local cache
6cf4d8d
@mazhurin
ip cache log message
99b0e01
@mazhurin
ip cache log message
fac8c39
@mazhurin
Full cache exception.
ab6fbf4
@mazhurin
Full cache warning instead of exception.
6bc8997
@mazhurin
IP cache persisting
9762959
@mazhurin
logs message corrected with total
e528a45
@mazhurin
creating ip cache folder if not exists
39addb2
@mazhurin
Thread safe singleton ip cache
0c5481e
@mazhurin
config fix in banjax_report
941107c
@mazhurin
banjax_report with cache experiment
ef69ce2
@mazhurin
banjax_report logs
6a7e961
@mazhurin
banjax_report logs type
0564307
@mazhurin
incrementing fails in ip_cache
8204a97
@mazhurin
logs if ip is not in the cache
0dc3507
@mazhurin
cache error handling
f966986
@mazhurin
cache error handling 2
05a1532
@mazhurin mazhurin requested a review from mkaranasou September 28, 2020 14:47
@mazhurin mazhurin changed the base branch from master to develop September 28, 2020 14:48
@mazhurin
num_fails = 1
288be2d
@mazhurin
White list fix.
0905262
@mazhurin
Empty challenge fix
a7082bd
@mazhurin
Sliding window fix.
54cb126
@mazhurin
White list fix. Challenged default zero fix.
4ec694c
@mazhurin
Low rate attack default zero fix.
47ddd3d
@mazhurin
Low rate attack default zero fix 2.
68beba2
@mazhurin
Low rate attack default zero fix 3.
f765d6d
@mazhurin
Banned/passed reports from banjax
d470e39
@mazhurin
Extra loggint removed
8ba115b
@mazhurin
Report processing is commented out for now.
2a95243
@mazhurin
Two ip caches: passed and pending
ca697d3
@mazhurin
a log removed
129d6a5
@mazhurin
Fix in ip_cache_passed processing
e4005b7
@mazhurin
Fix in return ip_cache_passed processing
fa28f7c
@mazhurin
Remove from pending if banned.
9b2cd9a
@mazhurin
Saving ip_passed cache in the file.
89570ad
@mazhurin
start report consumer even without -e
ca5416a
@mazhurin
Banjax thread moved into AttackDetectin task
a111070
@mazhurin
Unit test fix for permit in request_set_cache
b9369c9
mkaranasou
mkaranasou requested changes Oct 15, 2020
View reviewed changes
Copy link
Collaborator

@mkaranasou mkaranasou left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have many questions I think :P
Good job in general, many good ideas in here 👍

src/baskerville/models/banjax_report_consumer.py
try:
if num_fails >= self.config.engine.banjax_num_fails_to_ban:
self.ip_cache.ip_banned(ip)
sql = f'update request_sets set banned = 1 where ' \
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have you tested the performance of update? I think we could consider having a separate table for the banjax bans , since they will be a lot less rows than request sets.
Also, do you use sql strings because of better performance?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • No, I did not test the performance. Just monitor the performance of the postprocessing pipeline.
  • Not for performance. I was a bit concerned about that mysterious 1h shift issue and thought that SQL update with explicit time is solid and maybe more readable.

src/baskerville/models/engine.py Show resolved Hide resolved
src/baskerville/models/ip_cache.py Show resolved Hide resolved
src/baskerville/models/ip_cache.py Outdated Show resolved Hide resolved
src/baskerville/models/ip_cache.py Show resolved Hide resolved
src/baskerville/models/pipeline_tasks/tasks.py
@@ -1251,13 +1255,68 @@ def __init__(self, config, steps=()):
super().__init__(config, steps)
self.df_chunks = []
self.df_white_list = None
self.ip_cache = IPCache(config, self.logger)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will the IPCache be used in other steps? It could be a TaskWithIPCache task. Also I think that all the Banjax stuff should be in different tasks, as many of the methods in attack detection, like steps of AttackDetection. It would be more modular. I remember you've said that it was a bit tricky because of the difference in df needs but - whenever we have some time of course - we could figure it out.
Again, whenever we have some time :) We could rethink about this when doing performance tuning after the cluster set up, for example.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TaskWithIPCache looks like an overkill. If you need an IPCahe in other steps you just create an instance and use it. It's a singleton. But yes, we could rethink later. Now, at least, using this singleton does not block us to move in any direction.

src/baskerville/models/pipeline_tasks/tasks.py Outdated Show resolved Hide resolved
src/baskerville/util/helpers.py Show resolved Hide resolved
src/baskerville/util/singleton_thread_safe.py Show resolved Hide resolved
src/baskerville/models/pipeline_tasks/tasks.py Outdated
num_records = len(records)
if num_records > 0:
challenged_ips = self.spark.createDataFrame(records).withColumn('challenged', F.lit(1))
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have you tried with perist? If yes, does it help? This also goes for the whitelist df.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't remember. But this part is not a bottleneck. I tried persist for whitelisting. It did not help.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mkaranasou mkaranasou mkaranasou requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mazhurin @mkaranasou