using a fetcher in wrong context, performance tip

Pavlos Parissis Mon, 30 Mar 2015 13:12:06 -0700

Hi all,

During a stress test I discovered a drop of 5% performance at rate of
380K req/s when the following 3 statements were added in a frontend
where HTTPS is not used


    http-request add-header X-Cipher-Name %sslc
    http-request add-header X-Cipher-Version %sslv
    http-request add-header X-Cipher-Bits %[ssl_fc_use_keysize]

Here is the stress result
# wrk --timeout 3s --latency -c 1000 -d 5m -t 24
http://10.190.3.1/
Running 5m test @ http://10.190.3.1/
  24 threads and 1000 connections
  Thread Stats   Avg      Stdev     Max   ± Stdev
    Latency     2.31ms  815.14us  27.06ms   74.32%
    Req/Sec    16.98k     2.25k   32.00k    85.12%
  Latency Distribution
     50%    2.43ms
     75%    2.71ms
     90%    3.15ms
     99%    3.88ms
  115019521 requests in 5.00m, 16.50GB read
  Socket errors: connect 0, read 0, write 0, timeout 13264
Requests/sec: 383420.54
Transfer/sec:     56.31MB

After I removed only the ssl_fc_use_keysize fetcher
    http-request add-header X-Cipher-Bits %[ssl_fc_use_keysize]

performance was improved by 5%, see below
# wrk --timeout 3s --latency -c 1000 -d 5m -t 24
http://10.190.3.1/
Running 5m test @ http://10.190.3.1/
  24 threads and 1000 connections
  Thread Stats   Avg      Stdev     Max   ± Stdev
    Latency     2.12ms  831.01us 206.61ms   74.86%
    Req/Sec    17.88k     2.22k   31.56k    80.62%
  Latency Distribution
     50%    2.30ms
     75%    2.62ms
     90%    2.88ms
     99%    3.72ms
  120947683 requests in 5.00m, 17.35GB read
  Socket errors: connect 0, read 0, write 0, timeout 17255
Requests/sec: 403180.76
Transfer/sec:     59.21MB

When I added it back but with a condition if traffic is HTTPS
performance at that high rate of request was increased
     http-request add-header X-Cipher-Bits %[ssl_fc_use_keysize] if
https_traffic

stress results:
# wrk --timeout 3s --latency -c 1000 -d 5m -t 24
http://10.190.3.1/
Running 5m test @ http://10.190.3.1/
  24 threads and 1000 connections
  Thread Stats   Avg      Stdev     Max   ± Stdev
    Latency     2.07ms  823.41us  32.08ms   75.64%
    Req/Sec    17.86k     2.27k   29.56k    81.81%
  Latency Distribution
     50%    2.27ms
     75%    2.54ms
     90%    2.76ms
     99%    3.80ms
  120945989 requests in 5.00m, 17.35GB read
  Socket errors: connect 0, read 0, write 0, timeout 19828
Requests/sec: 403177.77
Transfer/sec:     59.21MB


I also added the same condition for other 2 variables accessed as log
formatters and the performance was improved even more

stress results with
     http-request add-header X-Cipher-Name %sslc if https_traffic
     http-request add-header X-Cipher-Version %sslv if https_traffic
     http-request add-header X-Cipher-Bits %[ssl_fc_use_keysize] if
https_traffic

# wrk --timeout 3s --latency -c 1000 -d 5m -t 24
http://10.190.3.1/
Running 5m test @ http://10.190.3.1/
  24 threads and 1000 connections
  Thread Stats   Avg      Stdev     Max   ± Stdev
    Latency     2.12ms    9.64ms 607.23ms   99.79%
    Req/Sec    19.43k     3.28k   33.56k    82.82%
  Latency Distribution
     50%    1.95ms
     75%    2.20ms
     90%    2.41ms
     99%    3.36ms
  131646991 requests in 5.00m, 18.88GB read
  Socket errors: connect 0, read 0, write 0, timeout 30179
Requests/sec: 438828.20
Transfer/sec:     64.45MB

Lesson learned here is to either condition all your statements or pay
attention at the context you apply a logic.


Cheers,
Pavlos

signature.asc
Description: OpenPGP digital signature

using a fetcher in wrong context, performance tip

Reply via email to