fix(performance): start with planning performance optimizations
This commit is contained in:
@ -318,4 +318,28 @@ const routes: IRouteConfig[] = [{
|
||||
- Authentication requires TLS termination (cannot be enforced on passthrough/direct connections)
|
||||
- Per-route connection limits are not yet implemented
|
||||
- Security is defined at the route level (route.security), not in the action
|
||||
- Route matching is based solely on match criteria; security is enforced after matching
|
||||
- Route matching is based solely on match criteria; security is enforced after matching
|
||||
|
||||
## Performance Issues Investigation (v19.5.3+)
|
||||
|
||||
### Critical Blocking Operations Found
|
||||
1. **Busy Wait Loop** in `ts/proxies/nftables-proxy/nftables-proxy.ts:235-238`
|
||||
- Blocks entire event loop with `while (Date.now() < waitUntil) {}`
|
||||
- Should use `await new Promise(resolve => setTimeout(resolve, delay))`
|
||||
|
||||
2. **Synchronous Filesystem Operations**
|
||||
- Certificate management uses `fs.existsSync()`, `fs.mkdirSync()`, `fs.readFileSync()`
|
||||
- NFTables proxy uses `execSync()` for system commands
|
||||
- Certificate store uses `ensureDirSync()`, `fileExistsSync()`, `removeManySync()`
|
||||
|
||||
3. **Memory Leak Risks**
|
||||
- Several `setInterval()` calls without storing references for cleanup
|
||||
- Event listeners added without proper cleanup in error paths
|
||||
- Missing `removeAllListeners()` calls in some connection cleanup scenarios
|
||||
|
||||
### Performance Recommendations
|
||||
- Replace all sync filesystem operations with async alternatives
|
||||
- Fix the busy wait loop immediately (critical event loop blocker)
|
||||
- Add proper cleanup for all timers and event listeners
|
||||
- Consider worker threads for CPU-intensive operations
|
||||
- See `readme.problems.md` for detailed analysis and recommendations
|
||||
Reference in New Issue
Block a user