Hello! I disabled logging and added some resources to the virtual machine. On a working OpenSIPS, I reloaded the tls several times and in parallel ran a trap. #opensips-cli -x mi tls_reload #opensips-cli -x trap
If possible, please analyze it again, maybe you could find something interesting: https://github.com/denyspozniak/opensips_tls_debug/tree/main Thanks in advance! ср, 8 мая 2024 г. в 19:59, Brett Nemeroff <[email protected]>: > Just offering my experience here. I have, without a doubt, > noticed intensive logging brings a highly performant server to its knees. > > Disable ALL logging. Watch disk IO and confirm it's disabled. Try it > again. Just an easy thing to try. > > -Brett > > > On Wed, May 8, 2024 at 7:17 AM Bogdan-Andrei Iancu <[email protected]> > wrote: > >> Hi, >> >> There is only one trap, ideally you should try to get several during the >> reload time. >> >> Still, the trap you did shows opensips doing some logging (dumping to >> syslog) while reloading - could you check how intensive this logging is and >> eventually to try to disable it (increase the log level of opensips lower >> than INFO) to see if there is any impact? >> >> Regards, >> >> Bogdan-Andrei Iancu >> >> OpenSIPS Founder and Developer >> https://www.opensips-solutions.com >> https://www.siphub.com >> >> On 08.05.2024 14:10, Denys Pozniak wrote: >> >> Hello! >> >> If possible, please check log: >> >> https://github.com/denyspozniak/opensips_tls_debug/blob/main/gdb_opensips_20240508_115956 >> >> >> ср, 8 мая 2024 г. в 08:55, Bogdan-Andrei Iancu <[email protected]>: >> >>> Hi Denys. >>> >>> That is rather weird, 250 certificates in 1 min. I assume it is not a DB >>> issue (considering the db_text backend), so can you try to do multiple >>> sequential "opensips-cli -x trap" to try to understand what is going on ? >>> >>> Regards, >>> >>> Bogdan-Andrei Iancu >>> >>> OpenSIPS Founder and Developer >>> https://www.opensips-solutions.com >>> https://www.siphub.com >>> >>> On 02.05.2024 11:41, Denys Pozniak wrote: >>> >>> Hello! >>> >>> There is a task to divide a single tls/ssl letsencrypt certificate for >>> white labels into specific ones. >>> I entered about ~250 certificates into db_text, but as it turned out, >>> for OpenSIPS this is a rather complex operation to load them and takes >>> about 1 minute and a heavy CPU load is noticeable. >>> >>> I would appreciate any advice on how to avoid this. >>> >>> # wc -l dbtext/tls_mgm >>> 253 dbtext/tls_mgm >>> >>> # time opensips-cli -x mi tls_reload >>> "OK" >>> real 0m52.034s >>> user 0m1.419s >>> sys 0m0.433s >>> >>> # time systemctl restart opensips >>> real 0m58.198s >>> user 0m0.024s >>> sys 0m0.055s >>> >>> # opensips -V >>> version: opensips 3.4.4 (x86_64/linux) >>> flags: STATS: On, DISABLE_NAGLE, USE_MCAST, SHM_MMAP, PKG_MALLOC, >>> Q_MALLOC, F_MALLOC, HP_MALLOC, DBG_MALLOC, FAST_LOCK-ADAPTIVE_WAIT >>> ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, >>> MAX_URI_SIZE 1024, BUF_SIZE 65535 >>> poll method support: poll, epoll, sigio_rt, select. >>> git revision: 036d02961 >>> >>> -- >>> >>> BR, >>> Denys Pozniak >>> >>> >>> >>> _______________________________________________ >>> Users mailing >>> [email protected]http://lists.opensips.org/cgi-bin/mailman/listinfo/users >>> >>> >>> >> >> -- >> >> BR, >> Denys Pozniak >> >> >> >> _______________________________________________ >> Users mailing list >> [email protected] >> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >> > -- BR, Denys Pozniak
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
