mirror of
https://github.com/ModernRelay/omnigraph.git
synced 2026-06-12 01:45:14 +02:00
17a1665002
PR 2 removes the global server `RwLock<Omnigraph>` (Step F). Without
admission control, one heavy actor would exhaust shared capacity
(Lance I/O threads, manifest churn, network) and starve other actors.
The WorkloadController bounds per-actor in-flight count + bytes and
provides a global rewrite-pool semaphore for compaction / index builds.
New file: `crates/omnigraph-server/src/workload.rs` (~250 LOC + 5 tests).
API:
- `WorkloadController::new(inflight_cap, byte_cap, rewrite_cap)` /
`from_env()` / `with_defaults()`.
- `try_admit(actor_id, est_bytes) -> Result<AdmissionGuard, RejectReason>`
acquires both an in-flight count permit and adds est_bytes to the
per-actor counter atomically; returns RejectReason on either gate.
- `try_admit_rewrite() -> Result<RewriteGuard, RejectReason>` for the
global rewrite pool (Step F maps RewriteGuard exhaustion to HTTP 503).
- `RejectReason::{InFlightCountExceeded, ByteBudgetExceeded,
GlobalRewriteExhausted}`.
Race-free admission via `tokio::sync::Semaphore::try_acquire_owned()`
for the count gate (master plan Finding 6: independent atomic
load+check+add lets two callers both pass a cap-N check; the Semaphore
gate is atomic). Bytes use `fetch_add` + decrement-on-rejection so the
cap is never exceeded even on rollback.
Defaults (override via env):
- OMNIGRAPH_PER_ACTOR_INFLIGHT_MAX=16
- OMNIGRAPH_PER_ACTOR_BYTES_MAX=4_294_967_296 (4 GiB)
- OMNIGRAPH_GLOBAL_REWRITE_MAX=4
Tests cover under-cap admission, byte-budget rollback, per-actor
isolation, global rewrite cap, and the load-bearing 32-concurrent-vs-
cap-16 race test (forces real contention via a broadcast release
channel so guards can't recycle permits task-by-task; pins the
master plan's race-free invariant).
Adds workspace dep `dashmap = "6"` for per-actor state.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
48 lines
1.6 KiB
TOML
48 lines
1.6 KiB
TOML
[package]
|
|
name = "omnigraph-server"
|
|
version = "0.4.1"
|
|
edition = "2024"
|
|
description = "HTTP server for the Omnigraph graph database."
|
|
license = "MIT"
|
|
repository = "https://github.com/ModernRelay/omnigraph"
|
|
homepage = "https://github.com/ModernRelay/omnigraph"
|
|
documentation = "https://docs.rs/omnigraph-server"
|
|
|
|
[[bin]]
|
|
name = "omnigraph-server"
|
|
path = "src/main.rs"
|
|
|
|
[features]
|
|
default = []
|
|
# Enables the AWS Secrets Manager bearer-token source. Off by default — on-prem
|
|
# and local-dev builds don't pay the AWS SDK compile cost.
|
|
aws = ["dep:aws-config", "dep:aws-sdk-secretsmanager"]
|
|
|
|
[dependencies]
|
|
omnigraph = { package = "omnigraph-engine", path = "../omnigraph", version = "0.4.1" }
|
|
omnigraph-compiler = { path = "../omnigraph-compiler", version = "0.4.1" }
|
|
axum = { workspace = true }
|
|
clap = { workspace = true }
|
|
color-eyre = { workspace = true }
|
|
serde = { workspace = true }
|
|
serde_json = { workspace = true }
|
|
tokio = { workspace = true }
|
|
serde_yaml = { workspace = true }
|
|
tracing = { workspace = true }
|
|
tracing-subscriber = { workspace = true }
|
|
tower-http = { workspace = true }
|
|
utoipa = { workspace = true }
|
|
cedar-policy = { workspace = true }
|
|
futures = { workspace = true }
|
|
sha2 = { workspace = true }
|
|
subtle = { workspace = true }
|
|
async-trait = { workspace = true }
|
|
dashmap = "6"
|
|
aws-config = { version = "1", optional = true, default-features = false, features = ["rustls", "rt-tokio", "credentials-process", "sso"] }
|
|
aws-sdk-secretsmanager = { version = "1", optional = true, default-features = false, features = ["rustls", "rt-tokio"] }
|
|
|
|
[dev-dependencies]
|
|
tempfile = { workspace = true }
|
|
tower = { workspace = true }
|
|
serial_test = "3"
|
|
lance-index = { workspace = true }
|