Caching technology can be used to reduce the pressure on the database, improve access efficiency. More and more attention is currently cached in an enterprise project. But cache is not to say casually to join the project on it. The integrated cache to the project, this is the first step. The cache problems caused by penetration, and then jumped problems caused by snow are we urgently need to address the problem. This article will my usual project solutions for everyone to share, for reference.
A cache penetration of principle
FIG normal use of the cache:
As shown, use of the cache process:
1, taken existing cache data, if its size, the data is returned directly to the user. So do not access the database, reducing the pressure on the database.
2, if there is no data in the cache, it will access the database.
There will exist a BUG, as shown:
As shown, the cache is like a firewall database, request more frequent data into the cache, thereby reducing the pressure on the database. But if someone malicious attack, it is very easy to penetrate your cache, all the pressure will give the database. For example, on the map, you cache key are positive integers, but why do I use a negative number as the key to access your cache, which would lead to penetration of the cache, the pressure directly to the database.
Second, the cause of cache penetration
Cache penetrating question, then certainly the next big concurrency. So the premise, we analyze the causes cache penetration as follows:
1, malicious attacks, naming guess your key, you then estimated using a cache in some key will not be accessed.
2, the first data access, then no data in the cache, the concurrent scenario, all requests are pressed into the database.
3, the data in the database is empty, so that even if a database access, data is not acquired, then certainly there is no corresponding cache data. It will also lead to penetration.
Third, resolve cache penetration
Cache is a step by step to avoid the penetration of the reasons penetration, as shown:
, The following steps to solve the above chart:
1, then web server startup, advance will likely be frequent concurrent access to data written to the cache. - This will avoid a lot of requests queuing up blocking in step 3.
2, standard key name, and unified cache entry query and write. Thus, at the entrance of the key specifications for testing. - Save this malicious key was blocked.
3, Synchronized double detection mechanism, then we need to use the synchronous (Synchronized) mechanism to check what the preamble block cache has a corresponding key, and then re-synchronized block inside the query cache if there is key to query. Such "dual detection" The purpose is to avoid concurrent access scenarios lead to the database does not make sense (also a strictly avoid penetration program).
This step will lead to line up, but we said the first step in order to avoid a large number of queues, large number of requests can be predictable in advance of the write cache in advance.
4, whether or not there is data in the database, the corresponding key are stored in the cache, the line is empty. - This is to avoid this data is not in the database, resulting in the extraordinary penetration cache access to the database.
5, null value in step 4, if too much can lead to memory exhaustion. Resulting in unnecessary memory consumption. So we must regularly clean null key. Avoid memory malicious filled. Lead to normal function can not cache data.