Re: CPU security fixes and performance
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 1/21/18 2:17 PM, Rémy Maucherat wrote: > On Sat, Jan 20, 2018 at 5:42 PM, Christopher Schultz < > ch...@christopherschultz.net> wrote: > > Rémy, > > On 1/19/18 11:18 AM, Rémy Maucherat wrote: >>>> I had a look at performance with the CPU security fixes on >>>> my Fedora 27. Although it is a bit early for final >>>> conclusions, I can report that they have an impact for >>>> Tomcat, but it doesn't seem it's as much as my initial >>>> measurements. I chose to use HTTP/2 this time, it's more >>>> complex. >>>> >>>> h2load -n 10 -c 10 >>>> >>>> PTI on: >>>> >>>> docs/changelog.html NIO2: 17200 (sendfile, without it it is >>>> slightly below NIO) NIO: 9000 APR: 14450 >>>> >>>> /tomcat.gif NIO2: 52000 NIO: 47000 APR: 55000 >>>> >>>> PTI off: >>>> >>>> docs/changelog.html NIO2: 19000 (sendfile) NIO: 9500 >>>> APR:16000 >>>> >>>> /tomcat.gif NIO2: 57000 NIO: 51000 APR: 59000 >>>> >>>> The APR connector performs very well here, especially on the >>>> large file test. > > This is all HTTPS, right (http/2 implies HTTPS). For NIO/NIO2, > were you using OpenSSL or JSSE? > > >> It's unencrypted h2c, I added that support to be able to use >> h2load with Tomcat. > > > > The numbers shown above are ... requests/sec? > > >> Yes, but it doesn't matter much ;) Well, it would make a big difference if it was total request time (1.g. 10k requests). It would flip the logic around and make it look like a CPU performance improvement ;) - -chris -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQJRBAEBCAA7FiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlpmLlUdHGNocmlzQGNo cmlzdG9waGVyc2NodWx0ei5uZXQACgkQHPApP6U8pFjT6hAAujEkGVqV0JkdpVgB zPFP3goMJYRXgfXSs8MytF0Ma2Jgn2D0wXbbb6AJq1ScnwuMDQEnhL1Pcmx/sTHj 2dJO/H3fV0uv4kGikXrEyAonUnJdKXbrEWI6l4Ehq0YpIGa7KPB7vrFXLNOzr7fJ p8dbDkecdQH9f1Rl+g8YP+am3IeIkEw4eoM1SdYRsiNmadal+nZRx3uOYDWyET/w z/ePa2yLdecHSATv2fi2neQk31bMU32nVvpoG9bctc1W3vzgdgh/v419c2sEglcF DZ6yyTOaUZnlBIyfDXw/yRK0df//91s6NVKetCDnvKUYjALEsoh0C82BXgRKpcCH WlmxXaSi2+ISbnu0nHh3TIUh6l1GQrQVfpVb7peg1D6Y+71PkQntaBuXFFE0JllX aTtdLDdgtSmhuPfR6DRFqJfeiPy7+XAFLh8+lx5d3MGxArxm1WUfTSeVESZXuhae lZjjxTvbAHuOIulfNwEnCwufrn5e3GC2Ffgsw2SbPj3IhfWUBxEg4q8vtRamDUy3 2EQztoamSIGLOBTmUNK0Sq9/YbMHIw/LL0MmOFbd2PEUuB4p0Ch9Odea9I8LpeEH Z6XLFVVdQ60t4cqk3CmnCj33D9cB32ojHi2RR1u3cyacYRKqTx9zhG7qhJajQMOz 67qQoO6yDwljT6NaKMEwYa0Ss2c= =rEWW -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: CPU security fixes and performance
On Sat, Jan 20, 2018 at 5:42 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Rémy, > > On 1/19/18 11:18 AM, Rémy Maucherat wrote: > > I had a look at performance with the CPU security fixes on my > > Fedora 27. Although it is a bit early for final conclusions, I can > > report that they have an impact for Tomcat, but it doesn't seem > > it's as much as my initial measurements. I chose to use HTTP/2 this > > time, it's more complex. > > > > h2load -n 10 -c 10 > > > > PTI on: > > > > docs/changelog.html NIO2: 17200 (sendfile, without it it is > > slightly below NIO) NIO: 9000 APR: 14450 > > > > /tomcat.gif NIO2: 52000 NIO: 47000 APR: 55000 > > > > PTI off: > > > > docs/changelog.html NIO2: 19000 (sendfile) NIO: 9500 APR:16000 > > > > /tomcat.gif NIO2: 57000 NIO: 51000 APR: 59000 > > > > The APR connector performs very well here, especially on the large > > file test. > > This is all HTTPS, right (http/2 implies HTTPS). For NIO/NIO2, were > you using OpenSSL or JSSE? > It's unencrypted h2c, I added that support to be able to use h2load with Tomcat. > > The numbers shown above are ... requests/sec? > Yes, but it doesn't matter much ;) Rémy > > - -chris > -BEGIN PGP SIGNATURE- > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQJRBAEBCAA7FiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlpjcXIdHGNocmlzQGNo > cmlzdG9waGVyc2NodWx0ei5uZXQACgkQHPApP6U8pFjkbA//bYPaeOUDhaMhHR43 > SWrcuO1vydetrbFwl958wd7OLffBpmTX/8B47mVJVe+DnFou/pgDmETgfkPg7pm2 > ZhXLm4v+pCerV7lbtdylVFsr7c5fwYp8JQpMdvctDxQU2JglEcB5nA63rJ4GSj7t > nIdJmtUSUpA+VhEVNYdtdrAyShEBp/5yYjrV/QucojG3EO8tWfc5R43SCxfCDpqB > AHLrD4nHMO8tzGeah7HKLrd7ptCf//1yD+5AHhrYJaOfsyyLMw8oJS+3ejXfX+bH > NGoYg77gD6LAMKVDZZl9Oty4c1oWoue01LiFJjV8GIwB8+Q2uEOtVHUKBIv1cA9W > TPp5IZ2b3HkV2QU/is+Ks/Yt4OVQvyi7HTQgRbMYW4leH+Fx876dX5n5DL4182ip > 8riWEp6TwPI/BYeVfjNP/ffNvhcZ7g3uRFNc2ZCtfzzzitXuLHMeZ+jvjEWAjonw > XfpDl8ueNut4jSn5qWKnAByC7uxKkdls8AyesQ98oFHP+rSdq7Kn1hHXnLEIv/Ex > uvvspm/Vawx8IfbODSIbp58aZvHh2HrlmZjLu8e9C6sfsCKZYOSKJFYOo9AVsaM9 > HL0KoHssIeoccavOwk25sjT5BK70cYxvfEv41jYlI91Kv4CsnJUdMMv4Hz+/nNqK > zs994SDyRQjHwkC0ASWTrgZ5280= > =JhvK > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
Re: CPU security fixes and performance
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 1/19/18 11:18 AM, Rémy Maucherat wrote: > I had a look at performance with the CPU security fixes on my > Fedora 27. Although it is a bit early for final conclusions, I can > report that they have an impact for Tomcat, but it doesn't seem > it's as much as my initial measurements. I chose to use HTTP/2 this > time, it's more complex. > > h2load -n 10 -c 10 > > PTI on: > > docs/changelog.html NIO2: 17200 (sendfile, without it it is > slightly below NIO) NIO: 9000 APR: 14450 > > /tomcat.gif NIO2: 52000 NIO: 47000 APR: 55000 > > PTI off: > > docs/changelog.html NIO2: 19000 (sendfile) NIO: 9500 APR:16000 > > /tomcat.gif NIO2: 57000 NIO: 51000 APR: 59000 > > The APR connector performs very well here, especially on the large > file test. This is all HTTPS, right (http/2 implies HTTPS). For NIO/NIO2, were you using OpenSSL or JSSE? The numbers shown above are ... requests/sec? - -chris -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQJRBAEBCAA7FiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlpjcXIdHGNocmlzQGNo cmlzdG9waGVyc2NodWx0ei5uZXQACgkQHPApP6U8pFjkbA//bYPaeOUDhaMhHR43 SWrcuO1vydetrbFwl958wd7OLffBpmTX/8B47mVJVe+DnFou/pgDmETgfkPg7pm2 ZhXLm4v+pCerV7lbtdylVFsr7c5fwYp8JQpMdvctDxQU2JglEcB5nA63rJ4GSj7t nIdJmtUSUpA+VhEVNYdtdrAyShEBp/5yYjrV/QucojG3EO8tWfc5R43SCxfCDpqB AHLrD4nHMO8tzGeah7HKLrd7ptCf//1yD+5AHhrYJaOfsyyLMw8oJS+3ejXfX+bH NGoYg77gD6LAMKVDZZl9Oty4c1oWoue01LiFJjV8GIwB8+Q2uEOtVHUKBIv1cA9W TPp5IZ2b3HkV2QU/is+Ks/Yt4OVQvyi7HTQgRbMYW4leH+Fx876dX5n5DL4182ip 8riWEp6TwPI/BYeVfjNP/ffNvhcZ7g3uRFNc2ZCtfzzzitXuLHMeZ+jvjEWAjonw XfpDl8ueNut4jSn5qWKnAByC7uxKkdls8AyesQ98oFHP+rSdq7Kn1hHXnLEIv/Ex uvvspm/Vawx8IfbODSIbp58aZvHh2HrlmZjLu8e9C6sfsCKZYOSKJFYOo9AVsaM9 HL0KoHssIeoccavOwk25sjT5BK70cYxvfEv41jYlI91Kv4CsnJUdMMv4Hz+/nNqK zs994SDyRQjHwkC0ASWTrgZ5280= =JhvK -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
CPU security fixes and performance
Hi, I had a look at performance with the CPU security fixes on my Fedora 27. Although it is a bit early for final conclusions, I can report that they have an impact for Tomcat, but it doesn't seem it's as much as my initial measurements. I chose to use HTTP/2 this time, it's more complex. h2load -n 10 -c 10 PTI on: docs/changelog.html NIO2: 17200 (sendfile, without it it is slightly below NIO) NIO: 9000 APR: 14450 /tomcat.gif NIO2: 52000 NIO: 47000 APR: 55000 PTI off: docs/changelog.html NIO2: 19000 (sendfile) NIO: 9500 APR:16000 /tomcat.gif NIO2: 57000 NIO: 51000 APR: 59000 The APR connector performs very well here, especially on the large file test. Rémy