Try increasing the zodb-cache-size for the zope2instance (client1). It defaults to 30000, try increasing it to 100000 and monitor the RAM usage.
On Wed, Jul 19, 2017 at 2:42 PM, Hanno Schlichting <ha...@hannosch.eu> wrote:Try increasing the zodb-cache-size for the zope2instance (client1). It defaults to 30000, try increasing it to 100000 and monitor the RAM usage.Is the cache_size_bytes option still considered to be experimental and/or broken?
Hi All,
I am encountering very serious performance issues and I observed that mostly 100% CPU is used and RAM utilization remains less than 15%. Is there anyway that I can configure to increase the RAM?
The problem mostly arises when we query portal_catalog which has about 30,000 objects.
Following is my Plone environment:
Plone 4.3.10rc1 (4313)
CMF 2.2.9
Zope 2.13.24
Python 2.7.10
PIL 3.2.0 (Pillow)
And this is the buildout
[zeoserver]
<= zeoserver_base
recipe = plone.recipe.zeoserver
zeo-address = 127.0.0.1:8100
zserver-threads = 8
zodb-cache-size = 200000
[client1]
<= client_base
recipe = plone.recipe.zope2instance
zeo-address = ${zeoserver:zeo-address}
http-address = 8080
zeo-client-cache-size = 128MB
On Wed, Jul 19, 2017 at 2:42 PM, Hanno Schlichting <ha...@hannosch.eu> wrote:Try increasing the zodb-cache-size for the zope2instance (client1). It defaults to 30000, try increasing it to 100000 and monitor the RAM usage.Is the cache_size_bytes option still considered to be experimental and/or broken?
On Wed, Jul 19, 2017, at 14:53, Joni Orponen wrote:On Wed, Jul 19, 2017 at 2:42 PM, Hanno Schlichting <ha...@hannosch.eu> wrote:Try increasing the zodb-cache-size for the zope2instance (client1). It defaults to 30000, try increasing it to 100000 and monitor the RAM usage.Is the cache_size_bytes option still considered to be experimental and/or broken?I'd still consider it to be experimental. I did my last tests with it 8 or so years ago and it didn't work reliably back than.
this week we had a similar thread on the Plone community forum:
https://community.plone.org/t/plone-recipe-zope2instance-memory-usage/4528?u=hvelarde
the problem there was high memory usage and low CPU, but the rationale applies in your case also.
On Wed, Jul 19, 2017 at 7:28 AM, Hanno Schlichting <ha...@hannosch.eu> wrote:I'd still consider it to be experimental. I did my last tests with it 8 or so years ago and it didn't work reliably back than.How so?
One thing to understand is that ZODB doesn't limit memory usage. Ghostifies objects to meet memory settings at certain times like transaction boundaries and when asked to explicitly. So a transaction that loads a lot of objects can grow ram without bound. This is why applications that load lots of objects should explicitly reduce cache size by calling _p_jar.cacheGC() occasionally.
On Wednesday, July 19, 2017 at 9:54:05 AM UTC-7, Jim Fulton wrote:One thing to understand is that ZODB doesn't limit memory usage. Ghostifies objects to meet memory settings at certain times like transaction boundaries and when asked to explicitly. So a transaction that loads a lot of objects can grow ram without bound. This is why applications that load lots of objects should explicitly reduce cache size by calling _p_jar.cacheGC() occasionally.Does it mean that after a database is finalized (no more writing and thus transactions), there is no way to bound its RAM cache size other than manually resetting cache (via cacheGC() or cacheMinimize()) after every N reads?
On Saturday, December 15, 2018 at 8:30:16 AM UTC-8, Jim Fulton wrote:On Fri, Dec 14, 2018 at 9:54 PM Vlad Oles <vladysl...@gmail.com> wrote:On Wednesday, July 19, 2017 at 9:54:05 AM UTC-7, Jim Fulton wrote:One thing to understand is that ZODB doesn't limit memory usage. Ghostifies objects to meet memory settings at certain times like transaction boundaries and when asked to explicitly. So a transaction that loads a lot of objects can grow ram without bound. This is why applications that load lots of objects should explicitly reduce cache size by calling _p_jar.cacheGC() occasionally.Does it mean that after a database is finalized (no more writing and thus transactions), there is no way to bound its RAM cache size other than manually resetting cache (via cacheGC() or cacheMinimize()) after every N reads?Define finalized.When a transaction is committed or a connection closed, the connection's cache is reduced to it's target size. When a database is closed, the connections and their memory is freed. (If there are cycles, the Python garbage collection may take some time to deal with them.)By "finalized" I meant the connection is still open but no more transactions are being commited, so the database is used only for reads.
I think I can confirm my initial assumption from your answer though — the target cache size configuration is not going to be applied automatically in this scenario, and I'll have to free database cache manually by caling cacheMinimize().
--
You received this message because you are subscribed to the Google Groups "zodb" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zodb+uns...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
By "finalized" I meant the connection is still open but no more transactions are being commited, so the database is used only for reads.Reads are executed in transactions. In fact, most transactions are read transactions.
I think I can confirm my initial assumption from your answer though — the target cache size configuration is not going to be applied automatically in this scenario, and I'll have to free database cache manually by caling cacheMinimize().Cache management is applied at transaction boundaries. You can and generally should commit periodically when reading. If you don't, you won't see updates from other users or processes.
Pickle is a compact serialization protocol for Python objects. Great for communication between #distributed #Python programs, but it is not safe. What can be done?
--
What would be necessary to limit pickling in ZODB to read only specific/whitelisted classes?
I chose ZODB as the file storage format for my speaker crossover program and wrote a very thin wrapper around ZODB which puts a FileStorage .fs into the tmp dir, opens it and copies it back when saving. Works great but now that I hear that pickles are inherently unsafe I wonder how I can mitigate this.
Best regards,Jürgen--Am Mi., 16. Jan. 2019 um 11:33 Uhr schrieb Christopher Lozinski <lozi...@specialtyjobmarkets.com>:--I found this talk quite interesting.Pickle is a compact serialization protocol for Python objects. Great for communication between #distributed #Python programs, but it is not safe. What can be done?
Warm RegardsChris
You received this message because you are subscribed to the Google Groups "zodb" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zodb+uns...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups "zodb" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zodb+uns...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
On Jan 24, 2019, at 11:09 AM, 'Juergen Herrmann' via zodb <zo...@googlegroups.com> wrote:I use the ZODB as file format for a application that is used by end users. So telling them "don't open files from untrusted sources" seems a bit weird :)
class XoverDB(DB):
"""
derived from ZODB.DB.DB - overrides classFactory() to only allow
import of very specific classes
"""
def classFactory(self, connection, modulename, globalname):
if (modulename, globalname) not in ALLOWED_MODULE_GLOBALS:
raise TypeError("Not allowed to import global %r from module %r" % (globalname, modulename))
return super().classFactory(connection, modulename, globalname)
My application is a GUI app that uses ZODB Filestorage files as it's storage format and these files can be sent to other people who expect to be able to open them without risk of their machine getting taken over. Makes sense?
I think I solved the problem by overriding classFactory() in ZODB.DB.DB:class XoverDB(DB):
"""
derived from ZODB.DB.DB - overrides classFactory() to only allow
import of very specific classes
"""
def classFactory(self, connection, modulename, globalname):
if (modulename, globalname) not in ALLOWED_MODULE_GLOBALS:
raise TypeError("Not allowed to import global %r from module %r" % (globalname, modulename))
return super().classFactory(connection, modulename, globalname)ALLOWED_MODULE_GLOBALS is a lsit of (modulename, globalname) tuples.Did I miss anything?
Best regards,Jürgen HerrmannAm Do., 24. Jan. 2019 um 20:31 Uhr schrieb Sean Upton <sdu...@gmail.com>:On Jan 24, 2019, at 11:09 AM, 'Juergen Herrmann' via zodb <zo...@googlegroups.com> wrote:I use the ZODB as file format for a application that is used by end users. So telling them "don't open files from untrusted sources" seems a bit weird :)Your ZEO isn't open to the public on a TCP port, only your application on machines you control, no? That makes the "injection" security question an application concern, not a ZODB or pickle problem?If you open your ZEO (or RelStorage) to Python applications running on machines you don't control, you are doing something ZODB was not designed to directly address.Sean
--
You received this message because you are subscribed to the Google Groups "zodb" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zodb+uns...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
I found this talk quite interesting.
Pickle is a compact serialization protocol for Python objects. Great for communication between #distributed #Python programs, but it is not safe.What can be done?
On Sat, Jan 26, 2019 at 8:10 AM 'Juergen Herrmann' via zodb <zo...@googlegroups.com> wrote:My application is a GUI app that uses ZODB Filestorage files as it's storage format and these files can be sent to other people who expect to be able to open them without risk of their machine getting taken over. Makes sense?Yup. Interesting.
I think I solved the problem by overriding classFactory() in ZODB.DB.DB:class XoverDB(DB):
"""
derived from ZODB.DB.DB - overrides classFactory() to only allow
import of very specific classes
"""
def classFactory(self, connection, modulename, globalname):
if (modulename, globalname) not in ALLOWED_MODULE_GLOBALS:
raise TypeError("Not allowed to import global %r from module %r" % (globalname, modulename))
return super().classFactory(connection, modulename, globalname)ALLOWED_MODULE_GLOBALS is a lsit of (modulename, globalname) tuples.Did I miss anything?That seems reasonable to me. If you're feeling especially paranoid, perhaps you want some data validation logic in your application's __setstate__ methods (which you're probably not defining now) to protect against some of the other attacks mentioned in the subject video. There are lots of schema libraries around that might help.