From 13e8f4eea69c0f789127e14e9c94f9e3dba39661 Mon Sep 17 00:00:00 2001
From: Aaditya Sondhi <aadityas@cockroachlabs.com>
Date: Mon, 26 Sep 2022 16:08:17 -0400
Subject: [PATCH] server: fix bottlenecks when purging system.web_sessions

The previous purging limit was found to be too low which resulted in the
`system.web_sessions` table growing rapidly. Additionally, we were using
`ORDER BY random()` when deleting expired sessions from the table which
caused a full table scan of a large table. This resulted in high cpu
usage on every purge attempt with only very few rows actually being
deleted. Over time, this turns into a nonideal feedback loop.

This change fixes the two issues by:
1. Increasing the defauilt purging limit to 1000 from 10.
2. Remove the `ORDER BY random()` when purging the table to avoid full
   table scans on every purge.

support ticket: https://github.com/cockroachlabs/support/issues/1812

resolves #88622

Release note: None
---
 pkg/server/purge_auth_session.go | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/pkg/server/purge_auth_session.go b/pkg/server/purge_auth_session.go
index da0e846a4714..bec835230b23 100644
--- a/pkg/server/purge_auth_session.go
+++ b/pkg/server/purge_auth_session.go
@@ -50,7 +50,7 @@ var (
 		settings.TenantWritable,
 		"server.web_session.purge.max_deletions_per_cycle",
 		"the maximum number of old sessions to delete for each purge",
-		10,
+		1000,
 	).WithPublic()
 )
 
@@ -90,21 +90,18 @@ func (s *authenticationServer) purgeOldSessions(ctx context.Context) {
 		deleteOldExpiredSessionsStmt = `
 DELETE FROM system.web_sessions
 WHERE "expiresAt" < $1
-ORDER BY random()
 LIMIT $2
 RETURNING 1
 `
 		deleteOldRevokedSessionsStmt = `
 DELETE FROM system.web_sessions
 WHERE "revokedAt" < $1
-ORDER BY random()
 LIMIT $2
 RETURNING 1
 `
 		deleteSessionsAutoLogoutStmt = `
 DELETE FROM system.web_sessions
 WHERE "lastUsedAt" < $1
-ORDER BY random()
 LIMIT $2
 RETURNING 1
 `