module ReliabilityCache:sig
..end
It is advantegeous to have only one cache per process, because this maximizes the usefulness. The cache is thread-safe.
A server endpoint is disabled when too many errors occur in
sequence. For a disabled endpoint the functions host_is_enabled
and/or sockaddr_is_enabled
return false
. The endpoint is
automatically enabled again after some timeout; this is initially
disable_timeout_min
, but is increased exponentially until
disable_timeout_max
when further errors occur.
Independently of this machinery the functions host_is_enabled
and sockaddr_is_enabled
may also return false
when an
external availability checker says that the endpoint is down.
This information is not entered into the cache, and will also
not trigger the disable timeout. Instead, the hook function
getting the availability will be simply called again.
type
rcache
typercache_policy =
[ `Any_failing_port_disables_host
| `Failing_port_disables_host of int
| `Independent
| `None ]
`Independent
: When a connection to a remote port repeatedly fails,
only this port is disabled`Failing_port_disables_host p
: When a connection to the TCP
port p
repeatedly fails, the whole remote host is disabled.
Other ports do not disable the host, but are treated as in
`Independent
.`Any_failing_port_disables_host
: When a connection to any TCP
port repeatedly fails, the whole remote host is disabled`None
: Nothing is disabledrcache_availability
hook is not affected by the
policy; this hook is called anyway. The policy only determines
how the internal error counter is interpreted.type
rcache_config = {
|
rcache_policy : |
(* |
The policy, see above
| *) |
|
rcache_disable_timeout_min : |
(* |
For how long ports and hosts
are disabled
| *) |
|
rcache_disable_timeout_max : |
(* |
For how long ports and hosts
are disabled at most
| *) |
|
rcache_threshold : |
(* |
How many errors are required
for disabling a port
| *) |
|
rcache_availability : |
(* |
External
availability checker. Called by
sockaddr_is_enabled before
the result is calculated | *) |
val create_rcache_config : ?policy:rcache_policy ->
?disable_timeout_min:float ->
?disable_timeout_max:float ->
?threshold:int ->
?availability:(rcache -> Unix.sockaddr -> bool) ->
unit -> rcache_config
policy = `None
disable_timeout_min = 1.0
disable_timeout_max = 64.0
threshold = 1
availability = fun _ _ -> true
val create_rcache : rcache_config -> rcache
val rcache_config : rcache -> rcache_config
val global_rcache_config : unit -> rcache_config
policy = `None
disable_timeout_min = 1.0
disable_timeout_max = 64.0
threshold = 1
availability = fun _ _ -> true
val set_global_rcache_config : rcache_config -> unit
default_global_config
nor global_rcache
have been called.val global_rcache : unit -> rcache
val derive_rcache : rcache ->
rcache_config -> rcache
derive_cache parent config
: Returns a new cache that shares the
error counters with parent
. The interpretation of the counters,
however, may be differently configured in config
.
Because it is advantageous to share the error information as much as possible, the recommended way to create a new cache object is to derive it from the global cache.
What derive_rcache
actually does (and this is not yet
optimal): Any incr
and reset
of an error counter is also
forwarded to the parent cache. The tests whether hosts and ports
are enabled do an AND of the results for the cache and its parent
(i.e. both must be ok to enable). This allows some information
sharing, but only in vertical direction.
val incr_rcache_error_counter : rcache -> Unix.sockaddr -> unit
This function is to be called after an RPC call times out, or
runs into a socket error.
val reset_rcache_error_counter : rcache -> Unix.sockaddr -> unit
This function is to be called when an RPC call is successful.
val sockaddr_is_enabled : rcache -> Unix.sockaddr -> bool
rcache_availability
hook.val host_is_enabled : rcache -> Unix.inet_addr -> bool