Redis avalanche, penetration, breakdown

One 、 Cache avalanche ：

Concept ：

Cache avalanche refers to the cache key Mass to expiration time , At this time, a large number of requests call at the same time , Causes database pressure to be too big even down machine

Examples in actual production ：

Take the second kill as an example ,QPS achieve 5000, At this time , If this 5000 Requests are accessed at the same time , stay redis When the cache of is not invalidated , This magnitude of qps,redis It's bearable .

But if , be-all key It all fails at a certain point in time , And the background hasn't had time to brush the cache again （ The cache is usually refreshed when the scheduled task actively refreshes or modifies ）, Then at this time , All requests will be directly entered MySQL database .

As you can imagine ,MySQL It's basically unbearable , And it doesn't work to restart , Because your restart speed can never keep up with the user refresh speed .

This phenomenon is called cache avalanche .

Solution ：

1、 in the light of key Cache avalanche caused by simultaneous failure

We usually set key when , Should avoid key The expiration time of is the same , You can set key Valid period of , Add a random number , Refresh the data at the same time key The validity period of is set to different （ For example, hundreds of milliseconds to tens of seconds ）.

Of course , You can also use the scheme of data preheating , Before a large concurrent access is about to occur , Manually trigger cache different key, Set different expiration times , Make the cache failure time as uniform as possible .

2、 in the light of redis Cache middleware suddenly hangs , The resulting cache avalanche

For small businesses , We can use redis Of sentinel Sentinel mechanism ;

For large businesses , We can use redis Of cluster Cluster solution to deal with .

Whether it's sentinel、 still cluster, All of them have complete automatic failover , about master All of a sudden , It will not affect the normal operation of the business .

Two 、 Cache penetration

Concept ：

Cache penetration , It refers to that malicious attackers frequently query data that must not exist in a database .

Cache miss , It will send the request to the database , The database does not have this data , It will not store the data in the cache , This leads to the same request , Always requested , In fact, it's not a cache , Instead, request directly to the database .

At this time , If someone takes advantage of what doesn't exist key Frequently request our application interface , And the magnitude is very large , This will make the storage tier database unbearable , You may die .

Examples in actual production ：

For example, there is an interface ,www.haveyb.com/getProductInfo?product_id=109&porduct_type=2,

In normal use , If you request a nonexistent data , such as product_id = 999999999, In fact, this data does not exist in the database , But there is such a malicious attacker , Take this data , Ask you frequently , It's OK when requests come one by one .

But what if tens of thousands of concurrent calls come at the same time ？ After you actually miss the cache , All the requests have been sent to the database , But the database does not have this data , You can't put the data in the cache , The result is that requests continue to hit the database , In fact, the database cannot withstand such a large concurrency , It will cause the database to hang up .

This is buffer penetration .

Solution ：

1、 Whether the data actually exists or not , We all store this key in the cache （ The validity period should be set shorter , For example, one to three minutes ）, Then set the value to a specific value , If the result obtained in the business is this specific value , It will report an error and return .

2、 Another solution is to use redis The bloom filter （Bloom Filter）, Hash all possible data to a large enough bitmap in , A certain nonexistent data will be This bitmap Intercept , Thus, the query pressure on the underlying storage system is avoided .

3、 ... and 、 Cache breakdown

1、 Concept

Buffer breakdown refers to a Key Very hot , Constantly carrying big concurrency , Large concurrent centralized access to this point , When this Key At the moment of failure , Continuous large concurrency breaks through the cache , Request directly to the database , At this time , A large amount of concurrency may directly hang up the database .

notes ： The most essential difference between cache breakdown and cache avalanche is

Cache avalanche is due to a large number of key At the same time , Cause all requests to directly call the database at the same time , Cause the database to hang up ;

Cache breakdown is due to a hot spot key invalid , Requests that have been blocked by the cache before , Send directly to the database , Cause the database to hang up .

Examples in production ：

We have an interface to get the background settings of the merchant system , The cache to redis in , This interface , Other services are called at all times , Such as the order 、 goods 、 Inventory module .

Originally , This data exists in the cache , All requests are blocked by the cache , It's no problem , But if this key Suddenly expired , Then this hot request will be directly called to the database , In the case of large concurrency , Maybe the database will hang up .

Solution ：

1、 Set the data to never expire （ Update only , Do not delete or expire ）

2、 For the key Of value Set a timeout value internally , When accessing , It is found that the timeout value has been reached , Just update the cache , And reset the timeout value （ For this key, It can be set not to expire , Or the timeout value is less than the expiration time set externally ）

$key = 'system_setting_106976';
$timestamp = time();
$data = [
    'value' => 12345678,
    'timeout' => $time
];
setnx($key, $data, $time + 360);