pict-rs/releases/0.5.2.md
2024-01-24 17:36:33 -06:00

3.5 KiB

pict-rs 0.5.2

Overview

A quick release to avoid a bug leading to incredibly large cleanup queue sizes and resulting in high CPU use. Upgrading to 0.5.2 is recommended for any deployment that recently upgraded to 0.5.0 or 0.5.1.

Bugfixes

Changes

Upgrade Notes

There's no significant changes from 0.5.1, so upgrading should be as simple as pulling a new version of pict-rs.

Descriptions

At-Most Once Cleanup Jobs

pict-rs 0.5.2 now is smarter about queueing certain cleanup jobs. Previously, it might queue an arbitrary number of the same cleanup job while under significant load, resulting in many redundant jobs consuming CPU. The reason for this is pict-rs' strategy for handling variants and proxied media that hadn't been accessed within the configured timeframe was to queue a job to check every 30 seconds. This is fine in normal conditions, but can be a problem after upgrading to 0.5 from 0.4.

During the upgrade, pict-rs marks all variants as having been accessed at the time of the upgrade, since this information was not tracked in 0.4. This results in many variants being queued for cleanup exactly 1 week (or otherwise configured cache duration) after upgrading. When the cleanup queue fills with these cleanup jobs, it takes longer to process them all than the 30 second window between queues of the general cleanup jobs, resulting in redundant cleanup jobs that spawn the same redundant removal jobs, increasing the queue size by the number of outdated variants each time.

By adding an option to the queueing system to mark certain jobs as unique, pict-rs can now ensure that only one copy of these general cleanup jobs can be queued or running at any given time, ensuring that all individual variant cleanup jobs will be queued after a general cleanup job runs before the next general cleanup job is queued.

Support TLS in Postgres Connections

The postgres repo now supports some new options to enable connecting via TLS. If the postgres server's certificate is not generally trusted, a CA certificate can be provided to pict-rs to allow it to trust the postgres connection.

If the postgres endpoint uses TLS and has a publicly trusted certificate, the configuration can be updated to simply add use_tls = true

[repo]
type = 'postgres'
url = 'postgres://pictrs:1234@localhost:5432/pictrs'
use_tls = true

or with environment variables

PICTRS__REPO__TYPE=postgres
PICTRS__REPO__URL=postgres://pictrs:1234@localhost:5432/pictrs
PICTRS__REPO__USE_TLS=true

If the server uses a self-signed certificate, the CA's certificate can be added to pict-rs' trusted CAs.

[repo]
type = 'postgres'
url = 'postgres://pictrs:1234@localhost:5432/pictrs'
use_tls = true
certificate_file = '/path/to/ca/certificate.crt'

or with environment variables

PICTRS__REPO__TYPE=postgres
PICTRS__REPO__URL=postgres://pictrs:1234@localhost:5432/pictrs
PICTRS__REPO__USE_TLS=true
PICTRS__REPO__CERTIFICATE_FILE=/path/to/ca/certificate.crt

Compiler Version Requirements

pict-rs 0.5.2 now takes advantage of rust's native support for AFIT (Async Fn In Trait) for the store trait. This trait already was not object-safe, so using AFIT does not come with any downsides. This does mean that the minimum supported rust version for building pict-rs is now 1.75, which released in December 2023.