Issue #17739 has been updated by eric sorenson. Status changed from Unreviewed to Needs Decision Assignee set to Andrew Parker Target version set to 3.x Keywords set to ssl backlog
This seems like it could be a pretty big win. AFAIK all of our http transaction processing is just passed straight through to ruby's net::http routines, so support would depend on the underlying library, but we should take advantage of it if it's available. Adding to 3.x engineering backlog. ---------------------------------------- Feature #17739: The puppet agent should be able to reuse HTTPS connections to the master https://projects.puppetlabs.com/issues/17739#change-77854 Author: Andrew Gaffney Status: Needs Decision Priority: Normal Assignee: Andrew Parker Category: Target version: 3.x Affected Puppet version: Keywords: ssl backlog Branch: When managing hundreds or thousands of files with puppet (don't ask), the overhead of establishing the HTTPS connection over and over again can really add up. This was especially noticeable when I upgraded to puppet 2.7 and then generated some new certs for some new masters. In my development environment, the puppet agent runtime went up by 50 seconds. Some debugging with wget, nginx, and strace showed a delay of 0.05s during the SSL negotiation after the server sent its cert to the client. The new keylength default in 2.7 was 4096 bytes where it was only 1024 bytes in 2.6. I explicitly set req_bits and keylength in my puppet.conf and regenerated the certs, only to see the run time drop almost back to "normal". -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
