cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brett Humphreys <bretthumphr...@google.com>
Subject Jetty SSL Performance
Date Mon, 21 Oct 2013 16:38:53 GMT
Hi all,
This may be a bit off the wall, but I'm trying to squeeze out the most
performance out of Jetty that I can.  However I have some constraints that
I can't change in the near term.  Specifically:

1.  I'm using a relatively ancient version of CXF (2.2.12)
2.  I'm *not* using keep-alive

What I'd like to reach is about 180 SOAP operations per second (OPS) on
this jetty server, which is simulating a 3rd party server.  It seems that
it takes Jetty ~350ms to negotiate the SSL connection.  So what I'm seeing
is I get about 3 (technically 2.96 consistently) SOAP OPS with the Jetty
instance.  If I turn on keep-alives, then my performance goes through the
roof (I see it take about ~20ms, but I think this is multithreaded) to
about 150 SOAP OPS.

So without any heroics, is there a way that I can push jetty to get better
performance without setting keep-alives to true on my client?

The reason for lack of keep alive connections is I'm trying to make sure
that under load I can still negotiate the SSL connections.  Since I talk to
third parties through this interface I don't want to assume they'll have
keep-alives turned on.

FWIW, I also have client authentication turned on.

Here's some relevant config about my server:

      ClientAuthentication clientAuth = new ClientAuthentication();
      clientAuth.setRequired(true);
      clientAuth.setWant(true);

I'm using very small keystores and truststores (1-2 entries each).  And I
have the TLS cipher suites limited to a dozen or so trusted cipher suites.

Thanks!

Brett Humphreys

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message