d8tltanc commented on a change in pull request #9485:
URL: https://github.com/apache/kafka/pull/9485#discussion_r532327560
##########
File path: core/src/main/scala/kafka/security/authorizer/AclAuthorizer.scala
##########
@@ -130,6 +130,11 @@ class AclAuthorizer extends Authorizer with Logging {
@volatile
private var aclCache = new
scala.collection.immutable.TreeMap[ResourcePattern, VersionedAcls]()(new
ResourceOrdering)
+
+ @volatile
+ private var resourceCache = new
scala.collection.immutable.HashMap[AccessControlEntry,
+ scala.collection.mutable.HashSet[ResourcePattern]]()
Review comment:
commit 230ee36b9147a11d7ce299aa9fcbb590324faf68
Added the authorizeByResourceType() API to the benchmark and simulate the
worst case: every allow ACL on the same resource has a dominant deny ACL.
Adjust the `resourceCount` parameter to "10000", "40000", "80000" since each
cluster is unlikely to have more than 10k resources. Also, since we are testing
against the worst case mentioned above, I think the "10000" cases are adequate
for us.
Performance result here: https://paste.ubuntu.com/p/k8kV3w6fvF/
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
