Performance Optimization

Deploying Casbin in production with millions of users or permissions may lead to performance bottlenecks. These typically stem from two causes:

고량 트래픽

When a single Casbin instance receives excessive requests (for example, 10,000 requests/s), it cannot process them all. Consider these solutions:

Enable multi-threading to run multiple Casbin instances, utilizing all CPU cores on the machine. See Multi-threading for details.
Deploy Casbin instances across a cluster (multiple machines) and use Watchers to synchronize policy changes. See Watchers for details.

노트

Combine both approaches: deploy Casbin across a 10-machine cluster where each machine runs 5 threads handling enforcement requests simultaneously.

정책 규칙 수가 많음

Multi-tenant or cloud environments may require millions of policy rules, causing slow enforcement and initial policy loading. Mitigate this issue with these approaches:

Review your Casbin model and policy design. Well-designed models abstract common logic across users and tenants, reducing rules to a small set (typically under 100). Share default rules across tenants and allow customization through override rules. Open a GitHub issue on the Casbin repository if you need design guidance.
Use policy sharding to load only relevant rules per enforcer. For example, enforcer_0 serves tenant_0 through tenant_99, while enforcer_1 serves tenant_100 through tenant_199. See Policy Subset Loading for implementation details.
Assign permissions to RBAC roles rather than directly to users. Casbin implements RBAC using a role inheritance tree (cached in memory), enabling O(1) lookup time for user-role relationships. When role assignments remain relatively stable, the RBAC tree requires infrequent updates. See this discussion for more details.