Increase the ssl!cache!size on Zeus



9 years ago
4 years ago


(Reporter: clouserw, Assigned: oremj)



(Whiteboard: 12/10/2009 @ 9pm)


(3 attachments)



9 years ago
We talked a bit in the meeting about this.  It looks like we hold our SSL sessions open for 30 minutes but we have a maximum of 6000 sessions across all the AMO domains.  I think we run through that in seconds so it's not really getting any caching at all.

We should investigate increasing the ssl!cache!size flag on zeus and see if our performance improves.  As a baseline measurement, the purple on this graph is all SSL handshaking time:
Assignee: server-ops → mrz
Flags: needs-downtime+
Whiteboard: 12/10/2009 @ 9pm
Will test by bumping up to 1m.  Should eat about 700MB of mem (so next to nothing).
Created attachment 417037 [details]
SSL Session ID hit rate

Point of reference, current SSL session cache hit rate is about 85%
Created attachment 417046 [details]
Hits & Miss pre change
Changes made and ZXTM restarted right now.
Assignee: mrz → jeremy.orem+bugs
Flags: needs-downtime+

Comment 5

9 years ago
Created attachment 417164 [details]
Hits & Misses post settings change.

Comment 6

9 years ago
Looks about the same, but the size is now set @ 1,000,000. I think versioncheck is probably throwing off the graphs since almost no one will  be reusing their SSL session.
Last Resolved: 9 years ago
Resolution: --- → FIXED
New test:

Looks like the multiple ssl negotiation wasn't due to session expiration. IE opens 6 connections/host, I think it may have to create a new ssl session for each connection.
Product: → Graveyard
You need to log in before you can comment on or make changes to this bug.