2:44 a.m.
Hello SaToSa list!
We are experiencing unexpected poor performance with SaToSa. (1K requests/minute) . We
are seeing very high resource use with XMLSEC binary (default option) and using
pyXMLSecurity (crypto_backend configuration) with encryption disabled.
Here is our setup:
Load Balancer=>EC2=>NGINX=>Gunicorn. (NGINX=>Gunicorn is on the UDS, not
network stack)
EC2 instance size information: (OS is AWS linux)
Model vCPU Memory (GiB) Instance Storage (GiB) Network Bandwidth (Gbps)
EBS Bandwidth (Mbps)
c5n.2xlarge 8 21 EBS-Only Up to 25 Up to 4,750
Gunicorn is set to the "thread" model:
import multiprocessing
workers = multiprocessing.cpu_count() * 2 + 1
threads = multiprocessing.cpu_count() * 2 + 1
We have 8 core boxes.
Any suggestion on things we may try ?
TIA
-Jonathan
8:22 a.m.
Hi
Was the performance once better and did it drop?
Or has it been bad for longer.
What version of Satosa is this?
Dick
On Thu, 21 Jan 2021 at 03:01, Jonathan Newell <JonathanANewell at hotmail.com>
wrote:
Hello SaToSa list!
We are experiencing unexpected poor performance with SaToSa. (1K
requests/minute) . We are seeing very high resource use with XMLSEC binary
(default option) and using pyXMLSecurity (crypto_backend configuration)
with encryption disabled.
Here is our setup:
Load Balancer=>EC2=>NGINX=>Gunicorn. (NGINX=>Gunicorn is on the UDS, not
network stack)
EC2 instance size information: (OS is AWS linux)
Model vCPU Memory (GiB) Instance Storage (GiB) Network Bandwidth (Gbps)
EBS Bandwidth (Mbps)
c5n.2xlarge 8 21 EBS-Only Up to 25 Up to 4,750
Gunicorn is set to the "thread" model:
import multiprocessing
workers = multiprocessing.cpu_count() * 2 + 1
threads = multiprocessing.cpu_count() * 2 + 1
We have 8 core boxes.
Any suggestion on things we may try ?
TIA
-Jonathan
_______________________________________________
satosa-users mailing list
satosa-users at lists.sunet.se
https://lists.sunet.se/listinfo/satosa-users
--
Sent from a mobile device - please excuse the brevity, spelling and
punctuation.
10:27 a.m.
Ciao Jonathan,
From what I guess the bottleneck is the disk I/O to
access the xmlsec1
executable and the creation / reading of temporary xml files
managed by the
signature backend.
I would do an assessment on the performance of the discs and share it here,
it would be a good time to share some info between us.
Personally I haven't used gunicorn in production since 2010, which is when
I discovered that uwsgi is noticeably more powerful. I have some notes
scattered about how I use uwsgi with idpy products, here something:
https://github.com/peppelinux/Satosa-saml2saml#run
See you soon
Il giorno gio 21 gen 2021 alle ore 03:01 Jonathan Newell <
JonathanANewell at hotmail.com> ha scritto:
Hello SaToSa list!
We are experiencing unexpected poor performance with SaToSa. (1K
requests/minute) . We are seeing very high resource use with XMLSEC binary
(default option) and using pyXMLSecurity (crypto_backend configuration)
with encryption disabled.
Here is our setup:
Load Balancer=>EC2=>NGINX=>Gunicorn. (NGINX=>Gunicorn is on the UDS, not
network stack)
EC2 instance size information: (OS is AWS linux)
Model vCPU Memory (GiB) Instance Storage (GiB) Network Bandwidth (Gbps)
EBS Bandwidth (Mbps)
c5n.2xlarge 8 21 EBS-Only Up to 25 Up to 4,750
Gunicorn is set to the "thread" model:
import multiprocessing
workers = multiprocessing.cpu_count() * 2 + 1
threads = multiprocessing.cpu_count() * 2 + 1
We have 8 core boxes.
Any suggestion on things we may try ?
TIA
-Jonathan
_______________________________________________
satosa-users mailing list
satosa-users at lists.sunet.se
https://lists.sunet.se/listinfo/satosa-users
--
____________________
Giuseppe De Marco
Centro ICT d'Ateneo
Università della Calabria
87036 Rende (CS) - Italy
Phone: +39 0984 496961
e-mail: giuseppe.demarco at unical.it
1387
days inactive
1387
days old
2 comments
3 participants
participants (3)
-
dick.visser@geant.org -
giuseppe.demarco@unical.it -
JonathanANewell@hotmail.com