letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use dirty reads for cert-checker (#5405) 

Explicitly opt in to the least-consistent transaction coherency for the
duration of all cert-checker queries.

The primary risk here is that the windowed table scan across the
certificates table can, on replicas, read a series of rows that aren't
from consistent timesteps. However, the certificates table is
append-only, so in practice this is not a concern, and there is no risk
to enabling the dirtiest of reads, done dirt cheap.

This doesn't impact the length of the window function, so existing
overlap mechanisms to ensure coverage will remain as good as they are
today.

Based on #5400 
Part of #5393
This commit is contained in:
J.C. Jones 2021-05-04 11:47:52 -07:00 committed by GitHub
parent d59e715c9d
commit dd4ddfc965
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cmd/cert-checker/main.go
View File

@ -384,6 +384,11 @@ func main() {
sa.InitDBMetrics(saDbMap, prometheus.DefaultRegisterer, dbSettings)
_, err = saDbMap.Exec(
"SET SESSION TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;",
)
cmd.FailOnError(err, "Failed to set transaction isolation level at the DB")
checkerLatency := prometheus.NewHistogram(prometheus.HistogramOpts{
Name: "cert_checker_latency",
Help: "Histogram of latencies a cert-checker worker takes to complete a batch",