Do we know of any cases where customers use up this many X11 forwarding ports? Another alternative would simply be to error out which might be preferable. I imagine a user could start one main session early, then play around with different behaviors and depleting the pool, only to have the main session evicted.

#18263 has a description from the customer. He has like 15 sessions open at a time, gets disconnected, and reconnects all 15. Since we have long server-side timeouts, they end up accumulating.

This LRU thing is definitely a band-aid and we need to fix the fact that his SSH sessions don't recover and/or don't get cleaned up server side, but that's likely involved.

Erroring out is not preferrable in this case, since once the SSH sessions are orphaned on the server there is nothing you can do to force them down early other than restarting the workspace which is not acceptable.

Wecould instrument the bicopy to periodically bump the usage time of the session, so that "active" X11 forwarding would be less likely to be evicted, but I'm not sure it's worth it, given our understanding of the problem. My working hypothesis is that you're just never going to be creating over 200 X11 forwarding sessions on purpose unless you're getting repeatedly disconnected, in which case the early sessions are toast.

Alright, thanks for the detailed explanation! I think your reasoning makes sense, and considering we have some ideas on how to improve this in the future if the need arises, I’m ok with the approach. I’ll go through the rest of the PRs tomorrow.

Suggestion:closeSession sounds a bit more informative to me than clean. I guess it's a matter of implicit close vs implicit clean, and which is the primary action.

Nit: Comment isn't informative and could be removed or describe why.