Slowness during SSL Handshakes
Closed this issue · 2 comments
Description:
A duplicate of the Internal issue https://github.com/wso2-enterprise/internal-support-ballerina/issues/674
Description:
Hi Team
One of the users has encountered an issue with high CPU usage during SSL handshakes in MicroGateway, which has resulted in performance degradation. This problem has been intermittently observed and is impacting the system's responsiveness.
The issue occurs as a high CPU load when the MicroGateway handles SSL handshakes, which appears to be resource-intensive. Thread dumps[1] have shown that the nioEventLoopGroup threads consume between 20-25% of CPU capacity, mainly when engaging in SSL operations.
We have explored the following configs in MicroGateway but couldn't find any options to optimize the CPU usage.
[httpClients]
# Hostname verification
verifyHostname=true
# Skip validating certificates when ssl is used
disableSslVerification = false
# Enable http2 when connecting with upstream backend endpoints.
enableHttp2 = true
# Configurations for managing HTTP client(sender) connection pool
[httpClients.poolConfig]
#Max active connections per route(host:port). Default value is -1 which indicates unlimited
maxActiveConnections = -1
#Maximum number of idle connections allowed for the pool
maxIdleConnections = 100
#Maximum amount of time, the client should wait for an idle connection before it sends an error when the pool is exhausted
waitTimeInMillis = 30000
#Maximum active streams per connection. This only applies to HTTP/2.
maxActiveStreamsPerConnection = 50
We previously discussed the possibility of extending the keep-alive time for the SSL Handshake to decrease the frequency of these handshakes. At that time, this setting was not configurable. Has this been addressed in the latest versions?
We would appreciate it if the Ballerina team could provide insights or potential optimizations for handling SSL handshakes more efficiently in MicroGateway. Additionally, if there are any patches or settings that could help reduce the CPU load during these operations.
Please refer the original internal issue in APIM side at [2] for further information.
Appreciate a quick response.
Affected version:
Ballerina 1.2.43
References:
[1] https://drive.google.com/drive/folders/1ljlCZ2qAgD3hpOULjAZeOt9iiNPpLwu-?usp=drive_link
[2] https://github.com/wso2-enterprise/wso2-apim-internal/issues/5279
Closing the issue as this has been answered in the original internal issue.
This issue is NOT closed with a proper Reason/ label. Make sure to add proper reason label before closing. Please add or leave a comment with the proper reason label now.
- Reason/EngineeringMistake - The issue occurred due to a mistake made in the past.
- Reason/Regression - The issue has introduced a regression.
- Reason/MultipleComponentInteraction - Issue occured due to interactions in multiple components.
- Reason/Complex - Issue occurred due to complex scenario.
- Reason/Invalid - Issue is invalid.
- Reason/Other - None of the above cases.