[jira] [Commented] (FLINK-9878) IO worker threads BLOCKED on SSL Session Cache while CMS full gc

Mon, 23 Jul 2018 02:30:40 -0700 


    [ 
https://issues.apache.org/jira/browse/FLINK-9878?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16552554#comment-16552554
 ] 

ASF GitHub Bot commented on FLINK-9878:
---------------------------------------

Github user pnowojski commented on a diff in the pull request:

    https://github.com/apache/flink/pull/6355#discussion_r204330930
  
    --- Diff: 
flink-runtime/src/test/java/org/apache/flink/runtime/io/network/netty/NettyClientServerSslTest.java
 ---
    @@ -65,6 +68,60 @@ public void testValidSslConnection() throws Exception {
     
                Channel ch = NettyTestUtil.connect(serverAndClient);
     
    +           SslHandler sslHandler = (SslHandler) ch.pipeline().get("ssl");
    +           assertTrue("default value should not be propagated", 
sslHandler.getHandshakeTimeoutMillis() >= 0);
    +           assertTrue("default value should not be propagated", 
sslHandler.getCloseNotifyTimeoutMillis() >= 0);
    +
    +           // should be able to send text data
    +           ch.pipeline().addLast(new StringDecoder()).addLast(new 
StringEncoder());
    +           assertTrue(ch.writeAndFlush("test").await().isSuccess());
    +
    +           NettyTestUtil.shutdown(serverAndClient);
    +   }
    +
    +   /**
    +    * Verify valid (advanced) ssl configuration and connection.
    +    */
    +   @Test
    +   public void testValidSslConnectionAdvanced() throws Exception {
    --- End diff --
    
    This is quite poor test :( With respect to `SESSION_CACHE_SIZE` and 
`SESSION_TIMEOUT` it tests only for "not throwing any exception". If those 
properties are just ignored, the test will still pass. 
    
    Can we add some stress test that actually verifies the bug which this PR is 
trying to solve? Maybe stress test AND benchmark like 
`StreamNetworkThroughputBenchmarkTest#largeRemoteMode`?


> IO worker threads BLOCKED on SSL Session Cache while CMS full gc
> ----------------------------------------------------------------
>
>                 Key: FLINK-9878
>                 URL: https://issues.apache.org/jira/browse/FLINK-9878
>             Project: Flink
>          Issue Type: Bug
>          Components: Network
>    Affects Versions: 1.5.0, 1.5.1, 1.6.0
>            Reporter: Nico Kruber
>            Assignee: Nico Kruber
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 1.5.2, 1.6.0
>
>
> According to https://github.com/netty/netty/issues/832, there is a JDK issue 
> during garbage collection when the SSL session cache is not limited. We 
> should allow the user to configure this and further (advanced) SSL parameters 
> for fine-tuning to fix this and similar issues. In particular, the following 
> parameters should be configurable:
> - SSL session cache size
> - SSL session timeout
> - SSL handshake timeout
> - SSL close notify flush timeout



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to