Open
Description
Version: 4.3.3
Platform: Python 3.10 (actually any python)
Description: By default, there is a 2**31 max connection pool size. Such a large number seems unreasonable and unsafe to me for several reasons:
- By default Redis instance can handle 10000 connections at a time which is far less than our default pool size.
- Such an enormous pool size could lead to a DDoS attack on the Redis instance if used without proper care. Actually, it happened with our production not so long ago - we had some problems with a load and it led to our connections pool growing infinitely. Our Redis instances just couldn't recover from a massive amount of new connections. With a stricter connections size policy we could avoid that.
- I made some research and other Redis clients have a much stricter pool policy. For example, the Java client has 8 connections by default. Unofficial go client implementation has 10 connections per CPU by default.
My suggestion is to reduce the default max_connections number (both in sync and async versions) to provide a safe configuration by default and let the end-user override it to fine-tune the performance for its needs. The number is discussable, I'd stay for about 100 default connections. I can handle this issue if you will decide to fix that :)