Documentation
¶
Overview ¶
Package requestbudget bounds expensive request work across an akari process.
Index ¶
Constants ¶
const ( // DefaultCapacity is sixteen 8 MiB-equivalent work units. It permits two // concurrent Argon2 operations or one maximum-sized MCP spool with room for // lighter database work. DefaultCapacity int64 = 16 // DefaultWaitTimeout lets normal bursts drain through the queue while bounding // how long an overloaded request occupies a connection. DefaultWaitTimeout = 5 * time.Second )
const MinCapacity = int64(12)
MinCapacity is the smallest useful capacity because the heaviest class must be able to run once. Smaller values would leave MCP POSTs queued until timeout.
Variables ¶
var ( // ErrWaitTimeout means the budget could not admit work within its bounded wait. ErrWaitTimeout = errors.New("request budget wait timeout") // ErrInvalidClass means a caller supplied a class the budget cannot safely use. ErrInvalidClass = errors.New("invalid request budget work class") )
Functions ¶
This section is empty.
Types ¶
type Budget ¶
type Budget struct {
// contains filtered or unexported fields
}
Budget is a fair, process-wide weighted admission queue. Its semaphore is FIFO, so lighter work cannot repeatedly jump ahead of an older expensive request.
func New ¶
New constructs a weighted budget. Capacity must be large enough to admit the heaviest built-in work class at least once.
type WorkClass ¶
type WorkClass uint8
WorkClass is one measured class of expensive request work. The closed constants keep names and weights coupled so a caller cannot admit work under a misleading metric label or an accidentally smaller weight.
const ( // MCPSpool reserves approximately the 100 MiB request ceiling owned by #134. // Applying it to MCP POSTs now also bounds the SDK's current request buffering. MCPSpool WorkClass = iota + 1 PublicAnalytics OAuthRegistration )
Password work is deliberately absent: request-triggered Argon2 hashing is bounded by its own fixed worker pool (see httpapi's passwordWork), and a second gate here would let budget pressure produce a login response that differs from the uniform invalid-credentials path.