October 2018 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-1687) Initial WildFly Elytron Performance Enhancments

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-1687?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated ELY-1687: ---------------------------------- Description: Rather than this becoming a single long running task to review the performance of WildFly Elytron I think the best strategy is to identity a test strategy, obtain some metrics of that strategy under load, perform profiling to identity a set of issues and look at options to address those issues. After that we will perform the initial metric test again and close the issue. A new issue will then be created either to repeat the same test or start with a new test which may be a subtle change of the first test. The first test is to test HTTP Basic authentication backed by WildFly Elytron. * Each client will alternatively send a request with no authorization header so triggering a HTTP 401 challenge followed by a request including the header which should successfully authenticate. Attached is a JMeter test plan configured to use 250 client threads, each submitting requests for 5 minutes. h2. Initial Issues h3. WildFlyElytronProvider Locking Total block time 8.393s via calls to java.security.Provider.getServices(); Potentially something that could be eliminated if mechanisms were loaded in advance, or at the very least the factories were loaded in advance. h3. Memory 2.42G of char[] e.g. {noformat} void java.nio.HeapCharBuffer.<init>(int, int) 13037 CharBuffer java.nio.CharBuffer.allocate(int) 9148 CharBuffer java.nio.charset.CharsetDecoder.decode(ByteBuffer) 9148 CharBuffer java.nio.charset.Charset.decode(ByteBuffer) 9148 void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9148 {noformat} Is there any option to re-use these as they can be cleared instead of leaving to GC. HeapByteBuffer and HeapCharBuffer are also quite prominent. h3. Memory 1.78G of Callback[] Using the CallbackHandler API the use of the array is inevitable. * Could we extend the API to avoid the array? * Could we re-use the array? Could consider null termination. {noformat} boolean org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(String, String, char[]) 9222 void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9222 {noformat} h3. Memory 1.41G of HttpAuthenticator$Builder {noformat} HttpAuthenticator$Builder org.wildfly.security.http.HttpAuthenticator.builder() 24699 boolean org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate() 24699 {noformat} Could we switch to something that associated these with a ThreadLocal and update the API to allow re-use? h3. Memory 1.3G of SecurityContextImpl {noformat} SecurityContext org.wildfly.elytron.web.undertow.server.SecurityContextImpl$Builder.build() 3247 SecurityContext org.wildfly.elytron.web.undertow.server.ElytronContextAssociationHandler.createSecurityContext(HttpServerExchange) 1673 {noformat} Also instances of HttpAuthenticator {noformat} HttpAuthenticator org.wildfly.security.http.HttpAuthenticator$Builder.build() 14624 {noformat} And instances of HttpAuthenticator$AuthenticationExchange. {noformat} boolean org.wildfly.security.http.HttpAuthenticator.authenticate() 14423 {noformat} As with HttpAuthenticator$Builder is there any way to consider re-use? _If this mechanism was re-written as a recursive call it would eliminate the need for the intermediate ArrayList to hold the responders._ h3. Memory 1.21G of java.util.ArrayList {noformat} boolean org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate() 8911 {noformat} Can check the use and see if an alternative is possible. h3. Memory ServerAuthenticationContext States Each ServerAuthenticationContext State is it's own class which needs to be instantiated, a single authentication requests results in multiple states. Should the state machine be internal to the ServerAuthenticationContext so we have only one class instance? h3. Memory 885Mb of Undertow FormParserFactory$ParserDefinition[] {noformat} FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder(boolean) 1091 FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder() 1091 void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.<init>(HttpServerExchange, Map, ScopeSessionListener) 1091 {noformat} This test did not use forms at all, is this something that can be delayed until we know it is needed? h3. Memory SecurityIdentity As an immutable object we can end up with intermediate throw away instances, can we optimise create once? {noformat} SecurityIdentity org.wildfly.security.auth.server.SecurityIdentity.withPrivateCredentials(IdentityCredentials) 11454 ServerAuthenticationContext$AuthorizedAuthenticationState org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(boolean) 11454 {noformat} h3. Method Profiling - org.wildfly.common.iteration.ByteArrayIterator and ByteIterator These lead to multiple instances of different classes, and the iteration is flagging in the top 10 packages. Could a static Base64 conversion clean up a lot of this? h1. Done h3. Method Profiling - new HttpString A lot of time spend creating new HttpString (Package is no3 in the top list) {noformat} void io.undertow.util.HttpString.<init>(String) 4 void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.addResponseHeader(String, String) 4 {noformat} Could we re-use the HttpString for common header types? Re-use of HttpString from cache https://issues.jboss.org/browse/ELYWEB-25 was: Rather than this becoming a single long running task to review the performance of WildFly Elytron I think the best strategy is to identity a test strategy, obtain some metrics of that strategy under load, perform profiling to identity a set of issues and look at options to address those issues. After that we will perform the initial metric test again and close the issue. A new issue will then be created either to repeat the same test or start with a new test which may be a subtle change of the first test. The first test is to test HTTP Basic authentication backed by WildFly Elytron. * Each client will alternatively send a request with no authorization header so triggering a HTTP 401 challenge followed by a request including the header which should successfully authenticate. Attached is a JMeter test plan configured to use 250 client threads, each submitting requests for 5 minutes. h2. Initial Issues h3. WildFlyElytronProvider Locking Total block time 8.393s via calls to java.security.Provider.getServices(); Potentially something that could be eliminated if mechanisms were loaded in advance, or at the very least the factories were loaded in advance. h3. Memory 2.42G of char[] e.g. {noformat} void java.nio.HeapCharBuffer.<init>(int, int) 13037 CharBuffer java.nio.CharBuffer.allocate(int) 9148 CharBuffer java.nio.charset.CharsetDecoder.decode(ByteBuffer) 9148 CharBuffer java.nio.charset.Charset.decode(ByteBuffer) 9148 void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9148 {noformat} Is there any option to re-use these as they can be cleared instead of leaving to GC. HeapByteBuffer and HeapCharBuffer are also quite prominent. h3. Memory 1.78G of Callback[] Using the CallbackHandler API the use of the array is inevitable. * Could we extend the API to avoid the array? * Could we re-use the array? Could consider null termination. {noformat} boolean org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(String, String, char[]) 9222 void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9222 {noformat} h3. Memory 1.41G of HttpAuthenticator$Builder {noformat} HttpAuthenticator$Builder org.wildfly.security.http.HttpAuthenticator.builder() 24699 boolean org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate() 24699 {noformat} Could we switch to something that associated these with a ThreadLocal and update the API to allow re-use? h3. Memory 1.3G of SecurityContextImpl {noformat} SecurityContext org.wildfly.elytron.web.undertow.server.SecurityContextImpl$Builder.build() 3247 SecurityContext org.wildfly.elytron.web.undertow.server.ElytronContextAssociationHandler.createSecurityContext(HttpServerExchange) 1673 {noformat} Also instances of HttpAuthenticator {noformat} HttpAuthenticator org.wildfly.security.http.HttpAuthenticator$Builder.build() 14624 {noformat} And instances of HttpAuthenticator$AuthenticationExchange. {noformat} boolean org.wildfly.security.http.HttpAuthenticator.authenticate() 14423 {noformat} As with HttpAuthenticator$Builder is there any way to consider re-use? h3. Memory 1.21G of java.util.ArrayList {noformat} boolean org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate() 8911 {noformat} Can check the use and see if an alternative is possible. h3. Memory ServerAuthenticationContext States Each ServerAuthenticationContext State is it's own class which needs to be instantiated, a single authentication requests results in multiple states. Should the state machine be internal to the ServerAuthenticationContext so we have only one class instance? h3. Memory 885Mb of Undertow FormParserFactory$ParserDefinition[] {noformat} FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder(boolean) 1091 FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder() 1091 void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.<init>(HttpServerExchange, Map, ScopeSessionListener) 1091 {noformat} This test did not use forms at all, is this something that can be delayed until we know it is needed? h3. Memory SecurityIdentity As an immutable object we can end up with intermediate throw away instances, can we optimise create once? {noformat} SecurityIdentity org.wildfly.security.auth.server.SecurityIdentity.withPrivateCredentials(IdentityCredentials) 11454 ServerAuthenticationContext$AuthorizedAuthenticationState org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(boolean) 11454 {noformat} h3. Method Profiling - org.wildfly.common.iteration.ByteArrayIterator and ByteIterator These lead to multiple instances of different classes, and the iteration is flagging in the top 10 packages. Could a static Base64 conversion clean up a lot of this? h1. Done h3. Method Profiling - new HttpString A lot of time spend creating new HttpString (Package is no3 in the top list) {noformat} void io.undertow.util.HttpString.<init>(String) 4 void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.addResponseHeader(String, String) 4 {noformat} Could we re-use the HttpString for common header types? Re-use of HttpString from cache https://issues.jboss.org/browse/ELYWEB-25 > Initial WildFly Elytron Performance Enhancments > ----------------------------------------------- > > Key: ELY-1687 > URL: https://issues.jboss.org/browse/ELY-1687 > Project: WildFly Elytron > Issue Type: Task > Affects Versions: 1.7.0.CR2 > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.7.0.CR3 > > Attachments: BASIC_Auth_Load.jmx, Flight.tgz > > > Rather than this becoming a single long running task to review the performance of WildFly Elytron I think the best strategy is to identity a test strategy, obtain some metrics of that strategy under load, perform profiling to identity a set of issues and look at options to address those issues. > After that we will perform the initial metric test again and close the issue. > A new issue will then be created either to repeat the same test or start with a new test which may be a subtle change of the first test. > The first test is to test HTTP Basic authentication backed by WildFly Elytron. > * Each client will alternatively send a request with no authorization header so triggering a HTTP 401 challenge followed by a request including the header which should successfully authenticate. > Attached is a JMeter test plan configured to use 250 client threads, each submitting requests for 5 minutes. > h2. Initial Issues > h3. WildFlyElytronProvider Locking > Total block time 8.393s via calls to java.security.Provider.getServices(); > Potentially something that could be eliminated if mechanisms were loaded in advance, or at the very least the factories were loaded in advance. > h3. Memory 2.42G of char[] > e.g. > {noformat} > void java.nio.HeapCharBuffer.<init>(int, int) 13037 > CharBuffer java.nio.CharBuffer.allocate(int) 9148 > CharBuffer java.nio.charset.CharsetDecoder.decode(ByteBuffer) 9148 > CharBuffer java.nio.charset.Charset.decode(ByteBuffer) 9148 > void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9148 > {noformat} > Is there any option to re-use these as they can be cleared instead of leaving to GC. > HeapByteBuffer and HeapCharBuffer are also quite prominent. > h3. Memory 1.78G of Callback[] > Using the CallbackHandler API the use of the array is inevitable. > * Could we extend the API to avoid the array? > * Could we re-use the array? Could consider null termination. > {noformat} > boolean org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(String, String, char[]) 9222 > void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9222 > {noformat} > h3. Memory 1.41G of HttpAuthenticator$Builder > {noformat} > HttpAuthenticator$Builder org.wildfly.security.http.HttpAuthenticator.builder() 24699 > boolean org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate() 24699 > {noformat} > Could we switch to something that associated these with a ThreadLocal and update the API to allow re-use? > h3. Memory 1.3G of SecurityContextImpl > {noformat} > SecurityContext org.wildfly.elytron.web.undertow.server.SecurityContextImpl$Builder.build() 3247 > SecurityContext org.wildfly.elytron.web.undertow.server.ElytronContextAssociationHandler.createSecurityContext(HttpServerExchange) 1673 > {noformat} > Also instances of HttpAuthenticator > {noformat} > HttpAuthenticator org.wildfly.security.http.HttpAuthenticator$Builder.build() 14624 > {noformat} > And instances of HttpAuthenticator$AuthenticationExchange. > {noformat} > boolean org.wildfly.security.http.HttpAuthenticator.authenticate() 14423 > {noformat} > As with HttpAuthenticator$Builder is there any way to consider re-use? > _If this mechanism was re-written as a recursive call it would eliminate the need for the intermediate ArrayList to hold the responders._ > h3. Memory 1.21G of java.util.ArrayList > {noformat} > boolean org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate() 8911 > {noformat} > Can check the use and see if an alternative is possible. > h3. Memory ServerAuthenticationContext States > Each ServerAuthenticationContext State is it's own class which needs to be instantiated, a single authentication requests results in multiple states. > Should the state machine be internal to the ServerAuthenticationContext so we have only one class instance? > h3. Memory 885Mb of Undertow FormParserFactory$ParserDefinition[] > {noformat} > FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder(boolean) 1091 > FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder() 1091 > void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.<init>(HttpServerExchange, Map, ScopeSessionListener) 1091 > {noformat} > This test did not use forms at all, is this something that can be delayed until we know it is needed? > h3. Memory SecurityIdentity > As an immutable object we can end up with intermediate throw away instances, can we optimise create once? > {noformat} > SecurityIdentity org.wildfly.security.auth.server.SecurityIdentity.withPrivateCredentials(IdentityCredentials) 11454 > ServerAuthenticationContext$AuthorizedAuthenticationState org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(boolean) 11454 > {noformat} > h3. Method Profiling - org.wildfly.common.iteration.ByteArrayIterator and ByteIterator > These lead to multiple instances of different classes, and the iteration is flagging in the top 10 packages. > Could a static Base64 conversion clean up a lot of this? > h1. Done > h3. Method Profiling - new HttpString > A lot of time spend creating new HttpString (Package is no3 in the top list) > {noformat} > void io.undertow.util.HttpString.<init>(String) 4 > void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.addResponseHeader(String, String) 4 > {noformat} > Could we re-use the HttpString for common header types? > Re-use of HttpString from cache https://issues.jboss.org/browse/ELYWEB-25 -- This message was sent by Atlassian JIRA (v7.5.0#75005)

5 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11099) ActiveMQ 2.6.3.jbossorg-001 requires QPid Proton-J 0.27.3 (ClassNotFoundExceptions in messaging subsystem)

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFLY-11099?page=com.atlassian.jira.plugin... ] Kabir Khan commented on WFLY-11099: ----------------------------------- [~martyn-taylor] Does this align with what AMQ uses? > ActiveMQ 2.6.3.jbossorg-001 requires QPid Proton-J 0.27.3 (ClassNotFoundExceptions in messaging subsystem) > ---------------------------------------------------------------------------------------------------------- > > Key: WFLY-11099 > URL: https://issues.jboss.org/browse/WFLY-11099 > Project: WildFly > Issue Type: Bug > Components: JMS > Affects Versions: 14.0.1.Final, 14.0.0.Final > Reporter: Jan-Willem Gmelig Meyling > Assignee: Jeff Mesnil > > With the update from Artemis 1.5.x to 2.6.x in WFLY-9407, Proton-J wasn't updated from 0.16.x to 0.27.3, which leads to class not found exceptions for "Sasl... " classes when remote acceptors are created and connected to (I tested with AMQP protocol). When updating Proton-J to the newest version (0.29.0) my issues are gone. > I'm not sure which other modules are using the proton-j module, but my suggestion is that we bump the version of Proton-j to the required 0.27.3 minimally. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

5 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-10835) Connection factory with discovery-group doesn't work

by ehsavoie Hugonnet (JIRA)

[ https://issues.jboss.org/browse/WFLY-10835?page=com.atlassian.jira.plugin... ] ehsavoie Hugonnet updated WFLY-10835: ------------------------------------- Attachment: (was: firefox.desktop) > Connection factory with discovery-group doesn't work > ---------------------------------------------------- > > Key: WFLY-10835 > URL: https://issues.jboss.org/browse/WFLY-10835 > Project: WildFly > Issue Type: Bug > Components: JMS > Affects Versions: 13.0.0.Final > Reporter: Martin Styk > Assignee: ehsavoie Hugonnet > Priority: Critical > Attachments: server-trace.log, standalone-full-ha.xml > > > Jms client can not use remote connection factory defined as follows > {noformat} > <discovery-group name="dg-group1" jgroups-cluster="activemq-cluster"/> > <connection-factory name="RemoteConnectionFactory" entries="java:jboss/exported/jms/RemoteConnectionFactory" discovery-group="dg-group1" ha="true" block-on-acknowledge="true" reconnect-attempts="-1"/> > {noformat} > Following exception is thrown on client > {noformat} > Exception in thread "main" java.lang.RuntimeException: javax.naming.CommunicationException: WFNAM00020: Remote naming operation failed [Root exception is java.io.EOFException: Read past end of file] > at client.ProducerJms11.sendMessages(ProducerJms11.java:67) > at client.Producer.run(Producer.java:34) > at client.Producer.sendAllSync(Producer.java:25) > at client.ProducerJms11.main(ProducerJms11.java:14) > Caused by: javax.naming.CommunicationException: WFNAM00020: Remote naming operation failed [Root exception is java.io.EOFException: Read past end of file] > at org.wildfly.naming.client.remote.RemoteClientTransport.lookup(RemoteClientTransport.java:261) > at org.wildfly.naming.client.remote.RemoteContext.lambda$lookupNative$0(RemoteContext.java:190) > at org.wildfly.naming.client.NamingProvider.performExceptionAction(NamingProvider.java:222) > at org.wildfly.naming.client.remote.RemoteContext.performWithRetry(RemoteContext.java:100) > at org.wildfly.naming.client.remote.RemoteContext.lookupNative(RemoteContext.java:188) > at org.wildfly.naming.client.AbstractFederatingContext.lookup(AbstractFederatingContext.java:74) > at org.wildfly.naming.client.store.RelativeFederatingContext.lookupNative(RelativeFederatingContext.java:58) > at org.wildfly.naming.client.AbstractFederatingContext.lookup(AbstractFederatingContext.java:74) > at org.wildfly.naming.client.AbstractFederatingContext.lookup(AbstractFederatingContext.java:60) > at org.wildfly.naming.client.AbstractFederatingContext.lookup(AbstractFederatingContext.java:66) > at org.wildfly.naming.client.WildFlyRootContext.lookup(WildFlyRootContext.java:144) > at javax.naming.InitialContext.lookup(InitialContext.java:417) > at client.ProducerJms11.sendMessages(ProducerJms11.java:43) > ... 3 more > Caused by: java.io.EOFException: Read past end of file > at org.jboss.marshalling.SimpleDataInput.eofOnRead(SimpleDataInput.java:151) > at org.jboss.marshalling.SimpleDataInput.readUnsignedByteDirect(SimpleDataInput.java:294) > at org.jboss.marshalling.SimpleDataInput.readUnsignedByte(SimpleDataInput.java:249) > at org.jboss.marshalling.river.BlockUnmarshaller.readUnsignedByte(BlockUnmarshaller.java:258) > at org.jboss.marshalling.river.BlockUnmarshaller.readInt(BlockUnmarshaller.java:296) > at org.jboss.marshalling.river.BlockUnmarshaller.readUTF(BlockUnmarshaller.java:326) > at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.readExternal(ActiveMQConnectionFactory.java:186) > at org.jboss.marshalling.river.RiverUnmarshaller.doReadNewObject(RiverUnmarshaller.java:1414) > at org.jboss.marshalling.river.RiverUnmarshaller.doReadObject(RiverUnmarshaller.java:272) > at org.jboss.marshalling.river.RiverUnmarshaller.doReadObject(RiverUnmarshaller.java:205) > at org.jboss.marshalling.AbstractObjectInput.readObject(AbstractObjectInput.java:41) > at org.wildfly.naming.client.remote.RemoteClientTransport.lookup(RemoteClientTransport.java:243) > ... 15 more > Caused by: an exception which occurred: > in object of type org.apache.activemq.artemis.jms.client.ActiveMQJMSConnectionFactory > {noformat} > It fails on attempt to look up RemoteCF > {noformat} > ConnectionFactory connectionFactory = (ConnectionFactory) namingContext.lookup(ClientDefaults.CONNECTION_FACTORY); > {noformat} > Same scenario with connector works well. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

5 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11082) ClassCastExceptions and unexpected ServletContainerInitializer executions

by Alexander Kudrevatykh (JIRA)

[ https://issues.jboss.org/browse/WFLY-11082?page=com.atlassian.jira.plugin... ] Alexander Kudrevatykh commented on WFLY-11082: ---------------------------------------------- [~jason.greene] can you review this bugreport? > ClassCastExceptions and unexpected ServletContainerInitializer executions > ------------------------------------------------------------------------- > > Key: WFLY-11082 > URL: https://issues.jboss.org/browse/WFLY-11082 > Project: WildFly > Issue Type: Bug > Components: Web (Undertow) > Affects Versions: 14.0.1.Final > Reporter: Alexander Kudrevatykh > Assignee: Jason Greene > Attachments: dependencies.zip > > > I got unexpected ClassCastExceptions in setup as in attached test > ServiceLoader provide only one instance of SCI, but wildlfy executes it twice > More weird - wrong Set of classes passed to onStartup method - classes are not extends @HandlesTypes annotation (because they loaded with different classloaders) > sorry for complex description, look for attached test -- This message was sent by Atlassian JIRA (v7.5.0#75005)

5 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-1687) Initial WildFly Elytron Performance Enhancments

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-1687?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated ELY-1687: ---------------------------------- Description: Rather than this becoming a single long running task to review the performance of WildFly Elytron I think the best strategy is to identity a test strategy, obtain some metrics of that strategy under load, perform profiling to identity a set of issues and look at options to address those issues. After that we will perform the initial metric test again and close the issue. A new issue will then be created either to repeat the same test or start with a new test which may be a subtle change of the first test. The first test is to test HTTP Basic authentication backed by WildFly Elytron. * Each client will alternatively send a request with no authorization header so triggering a HTTP 401 challenge followed by a request including the header which should successfully authenticate. Attached is a JMeter test plan configured to use 250 client threads, each submitting requests for 5 minutes. h2. Initial Issues h3. WildFlyElytronProvider Locking Total block time 8.393s via calls to java.security.Provider.getServices(); Potentially something that could be eliminated if mechanisms were loaded in advance, or at the very least the factories were loaded in advance. h3. Memory 2.42G of char[] e.g. {noformat} void java.nio.HeapCharBuffer.<init>(int, int) 13037 CharBuffer java.nio.CharBuffer.allocate(int) 9148 CharBuffer java.nio.charset.CharsetDecoder.decode(ByteBuffer) 9148 CharBuffer java.nio.charset.Charset.decode(ByteBuffer) 9148 void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9148 {noformat} Is there any option to re-use these as they can be cleared instead of leaving to GC. HeapByteBuffer and HeapCharBuffer are also quite prominent. h3. Memory 1.78G of Callback[] Using the CallbackHandler API the use of the array is inevitable. * Could we extend the API to avoid the array? * Could we re-use the array? Could consider null termination. {noformat} boolean org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(String, String, char[]) 9222 void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9222 {noformat} h3. Memory 1.41G of HttpAuthenticator$Builder {noformat} HttpAuthenticator$Builder org.wildfly.security.http.HttpAuthenticator.builder() 24699 boolean org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate() 24699 {noformat} Could we switch to something that associated these with a ThreadLocal and update the API to allow re-use? h3. Memory 1.3G of SecurityContextImpl {noformat} SecurityContext org.wildfly.elytron.web.undertow.server.SecurityContextImpl$Builder.build() 3247 SecurityContext org.wildfly.elytron.web.undertow.server.ElytronContextAssociationHandler.createSecurityContext(HttpServerExchange) 1673 {noformat} Also instances of HttpAuthenticator {noformat} HttpAuthenticator org.wildfly.security.http.HttpAuthenticator$Builder.build() 14624 {noformat} And instances of HttpAuthenticator$AuthenticationExchange. {noformat} boolean org.wildfly.security.http.HttpAuthenticator.authenticate() 14423 {noformat} As with HttpAuthenticator$Builder is there any way to consider re-use? h3. Memory 1.21G of java.util.ArrayList {noformat} boolean org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate() 8911 {noformat} Can check the use and see if an alternative is possible. h3. Memory ServerAuthenticationContext States Each ServerAuthenticationContext State is it's own class which needs to be instantiated, a single authentication requests results in multiple states. Should the state machine be internal to the ServerAuthenticationContext so we have only one class instance? h3. Memory 885Mb of Undertow FormParserFactory$ParserDefinition[] {noformat} FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder(boolean) 1091 FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder() 1091 void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.<init>(HttpServerExchange, Map, ScopeSessionListener) 1091 {noformat} This test did not use forms at all, is this something that can be delayed until we know it is needed? h3. Memory SecurityIdentity As an immutable object we can end up with intermediate throw away instances, can we optimise create once? {noformat} SecurityIdentity org.wildfly.security.auth.server.SecurityIdentity.withPrivateCredentials(IdentityCredentials) 11454 ServerAuthenticationContext$AuthorizedAuthenticationState org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(boolean) 11454 {noformat} h3. Method Profiling - org.wildfly.common.iteration.ByteArrayIterator and ByteIterator These lead to multiple instances of different classes, and the iteration is flagging in the top 10 packages. Could a static Base64 conversion clean up a lot of this? h1. Done h3. Method Profiling - new HttpString A lot of time spend creating new HttpString (Package is no3 in the top list) {noformat} void io.undertow.util.HttpString.<init>(String) 4 void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.addResponseHeader(String, String) 4 {noformat} Could we re-use the HttpString for common header types? Re-use of HttpString from cache https://issues.jboss.org/browse/ELYWEB-25 was: Rather than this becoming a single long running task to review the performance of WildFly Elytron I think the best strategy is to identity a test strategy, obtain some metrics of that strategy under load, perform profiling to identity a set of issues and look at options to address those issues. After that we will perform the initial metric test again and close the issue. A new issue will then be created either to repeat the same test or start with a new test which may be a subtle change of the first test. The first test is to test HTTP Basic authentication backed by WildFly Elytron. * Each client will alternatively send a request with no authorization header so triggering a HTTP 401 challenge followed by a request including the header which should successfully authenticate. Attached is a JMeter test plan configured to use 250 client threads, each submitting requests for 5 minutes. h2. Initial Issues h3. WildFlyElytronProvider Locking Total block time 8.393s via calls to java.security.Provider.getServices(); Potentially something that could be eliminated if mechanisms were loaded in advance, or at the very least the factories were loaded in advance. h3. Memory 2.42G of char[] e.g. {noformat} void java.nio.HeapCharBuffer.<init>(int, int) 13037 CharBuffer java.nio.CharBuffer.allocate(int) 9148 CharBuffer java.nio.charset.CharsetDecoder.decode(ByteBuffer) 9148 CharBuffer java.nio.charset.Charset.decode(ByteBuffer) 9148 void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9148 {noformat} Is there any option to re-use these as they can be cleared instead of leaving to GC. HeapByteBuffer and HeapCharBuffer are also quite prominent. h3. Memory 1.78G of Callback[] Using the CallbackHandler API the use of the array is inevitable. * Could we extend the API to avoid the array? * Could we re-use the array? Could consider null termination. {noformat} boolean org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(String, String, char[]) 9222 void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9222 {noformat} h3. Memory 1.41G of HttpAuthenticator$Builder {noformat} HttpAuthenticator$Builder org.wildfly.security.http.HttpAuthenticator.builder() 24699 boolean org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate() 24699 {noformat} Could we switch to something that associated these with a ThreadLocal and update the API to allow re-use? h3. Memory 1.3G of SecurityContextImpl {noformat} SecurityContext org.wildfly.elytron.web.undertow.server.SecurityContextImpl$Builder.build() 3247 SecurityContext org.wildfly.elytron.web.undertow.server.ElytronContextAssociationHandler.createSecurityContext(HttpServerExchange) 1673 {noformat} Also instances of HttpAuthenticator {noformat} HttpAuthenticator org.wildfly.security.http.HttpAuthenticator$Builder.build() 14624 {noformat} And instances of HttpAuthenticator$AuthenticationExchange. {noformat} boolean org.wildfly.security.http.HttpAuthenticator.authenticate() 14423 {noformat} As with HttpAuthenticator$Builder is there any way to consider re-use? h3. Memory 1.21G of java.util.ArrayList {noformat} boolean org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate() 8911 {noformat} Can check the use and see if an alternative is possible. h3. Memory ServerAuthenticationContext States Each ServerAuthenticationContext State is it's own class which needs to be instantiated, a single authentication requests results in multiple states. Should the state machine be internal to the ServerAuthenticationContext so we have only one class instance? h3. Memory 885Mb of Undertow FormParserFactory$ParserDefinition[] {noformat} FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder(boolean) 1091 FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder() 1091 void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.<init>(HttpServerExchange, Map, ScopeSessionListener) 1091 {noformat} This test did not use forms at all, is this something that can be delayed until we know it is needed? h3. Memory SecurityIdentity As an immutable object we can end up with intermediate throw away instances, can we optimise create once? {noformat} SecurityIdentity org.wildfly.security.auth.server.SecurityIdentity.withPrivateCredentials(IdentityCredentials) 11454 ServerAuthenticationContext$AuthorizedAuthenticationState org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(boolean) 11454 {noformat} h3. Method Profiling - org.wildfly.common.iteration.ByteArrayIterator and ByteIterator These lead to multiple instances of different classes, and the iteration is flagging in the top 10 packages. Could a static Base64 conversion clean up a lot of this? {color:#59afe1}h3. Method Profiling - new HttpString A lot of time spend creating new HttpString (Package is no3 in the top list) {noformat} void io.undertow.util.HttpString.<init>(String) 4 void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.addResponseHeader(String, String) 4 {noformat} Could we re-use the HttpString for common header types? Re-use of HttpString from cache https://issues.jboss.org/browse/ELYWEB-25 {color} > Initial WildFly Elytron Performance Enhancments > ----------------------------------------------- > > Key: ELY-1687 > URL: https://issues.jboss.org/browse/ELY-1687 > Project: WildFly Elytron > Issue Type: Task > Affects Versions: 1.7.0.CR2 > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.7.0.CR3 > > Attachments: BASIC_Auth_Load.jmx, Flight.tgz > > > Rather than this becoming a single long running task to review the performance of WildFly Elytron I think the best strategy is to identity a test strategy, obtain some metrics of that strategy under load, perform profiling to identity a set of issues and look at options to address those issues. > After that we will perform the initial metric test again and close the issue. > A new issue will then be created either to repeat the same test or start with a new test which may be a subtle change of the first test. > The first test is to test HTTP Basic authentication backed by WildFly Elytron. > * Each client will alternatively send a request with no authorization header so triggering a HTTP 401 challenge followed by a request including the header which should successfully authenticate. > Attached is a JMeter test plan configured to use 250 client threads, each submitting requests for 5 minutes. > h2. Initial Issues > h3. WildFlyElytronProvider Locking > Total block time 8.393s via calls to java.security.Provider.getServices(); > Potentially something that could be eliminated if mechanisms were loaded in advance, or at the very least the factories were loaded in advance. > h3. Memory 2.42G of char[] > e.g. > {noformat} > void java.nio.HeapCharBuffer.<init>(int, int) 13037 > CharBuffer java.nio.CharBuffer.allocate(int) 9148 > CharBuffer java.nio.charset.CharsetDecoder.decode(ByteBuffer) 9148 > CharBuffer java.nio.charset.Charset.decode(ByteBuffer) 9148 > void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9148 > {noformat} > Is there any option to re-use these as they can be cleared instead of leaving to GC. > HeapByteBuffer and HeapCharBuffer are also quite prominent. > h3. Memory 1.78G of Callback[] > Using the CallbackHandler API the use of the array is inevitable. > * Could we extend the API to avoid the array? > * Could we re-use the array? Could consider null termination. > {noformat} > boolean org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(String, String, char[]) 9222 > void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9222 > {noformat} > h3. Memory 1.41G of HttpAuthenticator$Builder > {noformat} > HttpAuthenticator$Builder org.wildfly.security.http.HttpAuthenticator.builder() 24699 > boolean org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate() 24699 > {noformat} > Could we switch to something that associated these with a ThreadLocal and update the API to allow re-use? > h3. Memory 1.3G of SecurityContextImpl > {noformat} > SecurityContext org.wildfly.elytron.web.undertow.server.SecurityContextImpl$Builder.build() 3247 > SecurityContext org.wildfly.elytron.web.undertow.server.ElytronContextAssociationHandler.createSecurityContext(HttpServerExchange) 1673 > {noformat} > Also instances of HttpAuthenticator > {noformat} > HttpAuthenticator org.wildfly.security.http.HttpAuthenticator$Builder.build() 14624 > {noformat} > And instances of HttpAuthenticator$AuthenticationExchange. > {noformat} > boolean org.wildfly.security.http.HttpAuthenticator.authenticate() 14423 > {noformat} > As with HttpAuthenticator$Builder is there any way to consider re-use? > h3. Memory 1.21G of java.util.ArrayList > {noformat} > boolean org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate() 8911 > {noformat} > Can check the use and see if an alternative is possible. > h3. Memory ServerAuthenticationContext States > Each ServerAuthenticationContext State is it's own class which needs to be instantiated, a single authentication requests results in multiple states. > Should the state machine be internal to the ServerAuthenticationContext so we have only one class instance? > h3. Memory 885Mb of Undertow FormParserFactory$ParserDefinition[] > {noformat} > FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder(boolean) 1091 > FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder() 1091 > void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.<init>(HttpServerExchange, Map, ScopeSessionListener) 1091 > {noformat} > This test did not use forms at all, is this something that can be delayed until we know it is needed? > h3. Memory SecurityIdentity > As an immutable object we can end up with intermediate throw away instances, can we optimise create once? > {noformat} > SecurityIdentity org.wildfly.security.auth.server.SecurityIdentity.withPrivateCredentials(IdentityCredentials) 11454 > ServerAuthenticationContext$AuthorizedAuthenticationState org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(boolean) 11454 > {noformat} > h3. Method Profiling - org.wildfly.common.iteration.ByteArrayIterator and ByteIterator > These lead to multiple instances of different classes, and the iteration is flagging in the top 10 packages. > Could a static Base64 conversion clean up a lot of this? > h1. Done > h3. Method Profiling - new HttpString > A lot of time spend creating new HttpString (Package is no3 in the top list) > {noformat} > void io.undertow.util.HttpString.<init>(String) 4 > void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.addResponseHeader(String, String) 4 > {noformat} > Could we re-use the HttpString for common header types? > Re-use of HttpString from cache https://issues.jboss.org/browse/ELYWEB-25 -- This message was sent by Atlassian JIRA (v7.5.0#75005)

5 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4145) --admin-only might be worth marking as deprecated with ./standalone.sh --help

by Jeff Mesnil (JIRA)

[ https://issues.jboss.org/browse/WFCORE-4145?page=com.atlassian.jira.plugi... ] Jeff Mesnil commented on WFCORE-4145: ------------------------------------- I've merged this PR as it clarifies that start-mode should be used instead of admin-only. Note that this is purely informational (it only appears in the description). As an aside, I don't know if we have a way to annotate CLI arguments with @Deprecated or similar metadata but that would be necessary to formally deprecate CLI arguments (and warns users that they rely on deprecated options). > --admin-only might be worth marking as deprecated with ./standalone.sh --help > ----------------------------------------------------------------------------- > > Key: WFCORE-4145 > URL: https://issues.jboss.org/browse/WFCORE-4145 > Project: WildFly Core > Issue Type: Task > Components: Management > Reporter: Radim Hatlapatka > Assignee: Brian Stansberry > Priority: Optional > Fix For: 7.0.0.Alpha2 > > > As part of [EAP7-636] there was introduced {{\-\-start-mode}} option which allows to define starting mode and basically replaces {{\-\-admin-only}} option and {{\-\-start-mode}} option is more universal one. > I believe we should mark {{\-\-admin-only}} option as deprecated in favor of {{\-\-start-mode=admin-only}} option in standalone mode. > [~bstansberry2], WDYT? -- This message was sent by Atlassian JIRA (v7.5.0#75005)

5 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-1687) Initial WildFly Elytron Performance Enhancments

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-1687?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated ELY-1687: ---------------------------------- Description: Rather than this becoming a single long running task to review the performance of WildFly Elytron I think the best strategy is to identity a test strategy, obtain some metrics of that strategy under load, perform profiling to identity a set of issues and look at options to address those issues. After that we will perform the initial metric test again and close the issue. A new issue will then be created either to repeat the same test or start with a new test which may be a subtle change of the first test. The first test is to test HTTP Basic authentication backed by WildFly Elytron. * Each client will alternatively send a request with no authorization header so triggering a HTTP 401 challenge followed by a request including the header which should successfully authenticate. Attached is a JMeter test plan configured to use 250 client threads, each submitting requests for 5 minutes. h2. Initial Issues h3. WildFlyElytronProvider Locking Total block time 8.393s via calls to java.security.Provider.getServices(); Potentially something that could be eliminated if mechanisms were loaded in advance, or at the very least the factories were loaded in advance. h3. Memory 2.42G of char[] e.g. {noformat} void java.nio.HeapCharBuffer.<init>(int, int) 13037 CharBuffer java.nio.CharBuffer.allocate(int) 9148 CharBuffer java.nio.charset.CharsetDecoder.decode(ByteBuffer) 9148 CharBuffer java.nio.charset.Charset.decode(ByteBuffer) 9148 void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9148 {noformat} Is there any option to re-use these as they can be cleared instead of leaving to GC. HeapByteBuffer and HeapCharBuffer are also quite prominent. h3. Memory 1.78G of Callback[] Using the CallbackHandler API the use of the array is inevitable. * Could we extend the API to avoid the array? * Could we re-use the array? Could consider null termination. {noformat} boolean org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(String, String, char[]) 9222 void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9222 {noformat} h3. Memory 1.41G of HttpAuthenticator$Builder {noformat} HttpAuthenticator$Builder org.wildfly.security.http.HttpAuthenticator.builder() 24699 boolean org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate() 24699 {noformat} Could we switch to something that associated these with a ThreadLocal and update the API to allow re-use? h3. Memory 1.3G of SecurityContextImpl {noformat} SecurityContext org.wildfly.elytron.web.undertow.server.SecurityContextImpl$Builder.build() 3247 SecurityContext org.wildfly.elytron.web.undertow.server.ElytronContextAssociationHandler.createSecurityContext(HttpServerExchange) 1673 {noformat} Also instances of HttpAuthenticator {noformat} HttpAuthenticator org.wildfly.security.http.HttpAuthenticator$Builder.build() 14624 {noformat} And instances of HttpAuthenticator$AuthenticationExchange. {noformat} boolean org.wildfly.security.http.HttpAuthenticator.authenticate() 14423 {noformat} As with HttpAuthenticator$Builder is there any way to consider re-use? h3. Memory 1.21G of java.util.ArrayList {noformat} boolean org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate() 8911 {noformat} Can check the use and see if an alternative is possible. h3. Memory ServerAuthenticationContext States Each ServerAuthenticationContext State is it's own class which needs to be instantiated, a single authentication requests results in multiple states. Should the state machine be internal to the ServerAuthenticationContext so we have only one class instance? h3. Memory 885Mb of Undertow FormParserFactory$ParserDefinition[] {noformat} FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder(boolean) 1091 FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder() 1091 void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.<init>(HttpServerExchange, Map, ScopeSessionListener) 1091 {noformat} This test did not use forms at all, is this something that can be delayed until we know it is needed? h3. Memory SecurityIdentity As an immutable object we can end up with intermediate throw away instances, can we optimise create once? {noformat} SecurityIdentity org.wildfly.security.auth.server.SecurityIdentity.withPrivateCredentials(IdentityCredentials) 11454 ServerAuthenticationContext$AuthorizedAuthenticationState org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(boolean) 11454 {noformat} h3. Method Profiling - org.wildfly.common.iteration.ByteArrayIterator and ByteIterator These lead to multiple instances of different classes, and the iteration is flagging in the top 10 packages. Could a static Base64 conversion clean up a lot of this? {color:#59afe1}h3. Method Profiling - new HttpString A lot of time spend creating new HttpString (Package is no3 in the top list) {noformat} void io.undertow.util.HttpString.<init>(String) 4 void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.addResponseHeader(String, String) 4 {noformat} Could we re-use the HttpString for common header types? Re-use of HttpString from cache https://issues.jboss.org/browse/ELYWEB-25 {color} was: Rather than this becoming a single long running task to review the performance of WildFly Elytron I think the best strategy is to identity a test strategy, obtain some metrics of that strategy under load, perform profiling to identity a set of issues and look at options to address those issues. After that we will perform the initial metric test again and close the issue. A new issue will then be created either to repeat the same test or start with a new test which may be a subtle change of the first test. The first test is to test HTTP Basic authentication backed by WildFly Elytron. * Each client will alternatively send a request with no authorization header so triggering a HTTP 401 challenge followed by a request including the header which should successfully authenticate. Attached is a JMeter test plan configured to use 250 client threads, each submitting requests for 5 minutes. h2. Initial Issues h3. WildFlyElytronProvider Locking Total block time 8.393s via calls to java.security.Provider.getServices(); Potentially something that could be eliminated if mechanisms were loaded in advance, or at the very least the factories were loaded in advance. h3. Memory 2.42G of char[] e.g. {noformat} void java.nio.HeapCharBuffer.<init>(int, int) 13037 CharBuffer java.nio.CharBuffer.allocate(int) 9148 CharBuffer java.nio.charset.CharsetDecoder.decode(ByteBuffer) 9148 CharBuffer java.nio.charset.Charset.decode(ByteBuffer) 9148 void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9148 {noformat} Is there any option to re-use these as they can be cleared instead of leaving to GC. HeapByteBuffer and HeapCharBuffer are also quite prominent. h3. Memory 1.78G of Callback[] Using the CallbackHandler API the use of the array is inevitable. * Could we extend the API to avoid the array? * Could we re-use the array? Could consider null termination. {noformat} boolean org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(String, String, char[]) 9222 void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9222 {noformat} h3. Memory 1.41G of HttpAuthenticator$Builder {noformat} HttpAuthenticator$Builder org.wildfly.security.http.HttpAuthenticator.builder() 24699 boolean org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate() 24699 {noformat} Could we switch to something that associated these with a ThreadLocal and update the API to allow re-use? h3. Memory 1.3G of SecurityContextImpl {noformat} SecurityContext org.wildfly.elytron.web.undertow.server.SecurityContextImpl$Builder.build() 3247 SecurityContext org.wildfly.elytron.web.undertow.server.ElytronContextAssociationHandler.createSecurityContext(HttpServerExchange) 1673 {noformat} Also instances of HttpAuthenticator {noformat} HttpAuthenticator org.wildfly.security.http.HttpAuthenticator$Builder.build() 14624 {noformat} And instances of HttpAuthenticator$AuthenticationExchange. {noformat} boolean org.wildfly.security.http.HttpAuthenticator.authenticate() 14423 {noformat} As with HttpAuthenticator$Builder is there any way to consider re-use? h3. Memory 1.21G of java.util.ArrayList {noformat} boolean org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate() 8911 {noformat} Can check the use and see if an alternative is possible. h3. Memory ServerAuthenticationContext States Each ServerAuthenticationContext State is it's own class which needs to be instantiated, a single authentication requests results in multiple states. Should the state machine be internal to the ServerAuthenticationContext so we have only one class instance? h3. Memory 885Mb of Undertow FormParserFactory$ParserDefinition[] {noformat} FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder(boolean) 1091 FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder() 1091 void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.<init>(HttpServerExchange, Map, ScopeSessionListener) 1091 {noformat} This test did not use forms at all, is this something that can be delayed until we know it is needed? h3. Memory SecurityIdentity As an immutable object we can end up with intermediate throw away instances, can we optimise create once? {noformat} SecurityIdentity org.wildfly.security.auth.server.SecurityIdentity.withPrivateCredentials(IdentityCredentials) 11454 ServerAuthenticationContext$AuthorizedAuthenticationState org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(boolean) 11454 {noformat} h3. Method Profiling - org.wildfly.common.iteration.ByteArrayIterator and ByteIterator These lead to multiple instances of different classes, and the iteration is flagging in the top 10 packages. Could a static Base64 conversion clean up a lot of this? h3. Method Profiling - new HttpString A lot of time spend creating new HttpString (Package is no3 in the top list) {noformat} void io.undertow.util.HttpString.<init>(String) 4 void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.addResponseHeader(String, String) 4 {noformat} Could we re-use the HttpString for common header types? > Initial WildFly Elytron Performance Enhancments > ----------------------------------------------- > > Key: ELY-1687 > URL: https://issues.jboss.org/browse/ELY-1687 > Project: WildFly Elytron > Issue Type: Task > Affects Versions: 1.7.0.CR2 > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.7.0.CR3 > > Attachments: BASIC_Auth_Load.jmx, Flight.tgz > > > Rather than this becoming a single long running task to review the performance of WildFly Elytron I think the best strategy is to identity a test strategy, obtain some metrics of that strategy under load, perform profiling to identity a set of issues and look at options to address those issues. > After that we will perform the initial metric test again and close the issue. > A new issue will then be created either to repeat the same test or start with a new test which may be a subtle change of the first test. > The first test is to test HTTP Basic authentication backed by WildFly Elytron. > * Each client will alternatively send a request with no authorization header so triggering a HTTP 401 challenge followed by a request including the header which should successfully authenticate. > Attached is a JMeter test plan configured to use 250 client threads, each submitting requests for 5 minutes. > h2. Initial Issues > h3. WildFlyElytronProvider Locking > Total block time 8.393s via calls to java.security.Provider.getServices(); > Potentially something that could be eliminated if mechanisms were loaded in advance, or at the very least the factories were loaded in advance. > h3. Memory 2.42G of char[] > e.g. > {noformat} > void java.nio.HeapCharBuffer.<init>(int, int) 13037 > CharBuffer java.nio.CharBuffer.allocate(int) 9148 > CharBuffer java.nio.charset.CharsetDecoder.decode(ByteBuffer) 9148 > CharBuffer java.nio.charset.Charset.decode(ByteBuffer) 9148 > void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9148 > {noformat} > Is there any option to re-use these as they can be cleared instead of leaving to GC. > HeapByteBuffer and HeapCharBuffer are also quite prominent. > h3. Memory 1.78G of Callback[] > Using the CallbackHandler API the use of the array is inevitable. > * Could we extend the API to avoid the array? > * Could we re-use the array? Could consider null termination. > {noformat} > boolean org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(String, String, char[]) 9222 > void org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(HttpServerRequest) 9222 > {noformat} > h3. Memory 1.41G of HttpAuthenticator$Builder > {noformat} > HttpAuthenticator$Builder org.wildfly.security.http.HttpAuthenticator.builder() 24699 > boolean org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate() 24699 > {noformat} > Could we switch to something that associated these with a ThreadLocal and update the API to allow re-use? > h3. Memory 1.3G of SecurityContextImpl > {noformat} > SecurityContext org.wildfly.elytron.web.undertow.server.SecurityContextImpl$Builder.build() 3247 > SecurityContext org.wildfly.elytron.web.undertow.server.ElytronContextAssociationHandler.createSecurityContext(HttpServerExchange) 1673 > {noformat} > Also instances of HttpAuthenticator > {noformat} > HttpAuthenticator org.wildfly.security.http.HttpAuthenticator$Builder.build() 14624 > {noformat} > And instances of HttpAuthenticator$AuthenticationExchange. > {noformat} > boolean org.wildfly.security.http.HttpAuthenticator.authenticate() 14423 > {noformat} > As with HttpAuthenticator$Builder is there any way to consider re-use? > h3. Memory 1.21G of java.util.ArrayList > {noformat} > boolean org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate() 8911 > {noformat} > Can check the use and see if an alternative is possible. > h3. Memory ServerAuthenticationContext States > Each ServerAuthenticationContext State is it's own class which needs to be instantiated, a single authentication requests results in multiple states. > Should the state machine be internal to the ServerAuthenticationContext so we have only one class instance? > h3. Memory 885Mb of Undertow FormParserFactory$ParserDefinition[] > {noformat} > FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder(boolean) 1091 > FormParserFactory$Builder io.undertow.server.handlers.form.FormParserFactory.builder() 1091 > void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.<init>(HttpServerExchange, Map, ScopeSessionListener) 1091 > {noformat} > This test did not use forms at all, is this something that can be delayed until we know it is needed? > h3. Memory SecurityIdentity > As an immutable object we can end up with intermediate throw away instances, can we optimise create once? > {noformat} > SecurityIdentity org.wildfly.security.auth.server.SecurityIdentity.withPrivateCredentials(IdentityCredentials) 11454 > ServerAuthenticationContext$AuthorizedAuthenticationState org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(boolean) 11454 > {noformat} > h3. Method Profiling - org.wildfly.common.iteration.ByteArrayIterator and ByteIterator > These lead to multiple instances of different classes, and the iteration is flagging in the top 10 packages. > Could a static Base64 conversion clean up a lot of this? > {color:#59afe1}h3. Method Profiling - new HttpString > A lot of time spend creating new HttpString (Package is no3 in the top list) > {noformat} > void io.undertow.util.HttpString.<init>(String) 4 > void org.wildfly.elytron.web.undertow.server.ElytronHttpExchange.addResponseHeader(String, String) 4 > {noformat} > Could we re-use the HttpString for common header types? > Re-use of HttpString from cache https://issues.jboss.org/browse/ELYWEB-25 > {color} -- This message was sent by Atlassian JIRA (v7.5.0#75005)

5 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELYWEB-25) Avoid unnecessary HttpString instantiation.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELYWEB-25?page=com.atlassian.jira.plugin.... ] Darran Lofthouse moved ELY-1688 to ELYWEB-25: --------------------------------------------- Project: Elytron Web (was: WildFly Elytron) Key: ELYWEB-25 (was: ELY-1688) Component/s: Undertow (was: HTTP) Fix Version/s: 1.3.0.CR3 (was: 1.7.0.CR3) > Avoid unnecessary HttpString instantiation. > -------------------------------------------- > > Key: ELYWEB-25 > URL: https://issues.jboss.org/browse/ELYWEB-25 > Project: Elytron Web > Issue Type: Bug > Components: Undertow > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.3.0.CR3 > > -- This message was sent by Atlassian JIRA (v7.5.0#75005)

5 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-1688) Avoid unnecessary HttpString instantiation.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-1688?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated ELY-1688: ---------------------------------- Parent: (was: ELY-1687) Issue Type: Bug (was: Sub-task) > Avoid unnecessary HttpString instantiation. > -------------------------------------------- > > Key: ELY-1688 > URL: https://issues.jboss.org/browse/ELY-1688 > Project: WildFly Elytron > Issue Type: Bug > Components: HTTP > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.3.0.CR3 > > -- This message was sent by Atlassian JIRA (v7.5.0#75005)

5 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-1688) Avoid unnecessary HttpString instantiation.

by Darran Lofthouse (JIRA)

Darran Lofthouse created ELY-1688: ------------------------------------- Summary: Avoid unnecessary HttpString instantiation. Key: ELY-1688 URL: https://issues.jboss.org/browse/ELY-1688 Project: WildFly Elytron Issue Type: Sub-task Components: HTTP Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 1.7.0.CR3 -- This message was sent by Atlassian JIRA (v7.5.0#75005)

5 years, 7 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira October 2018