Performance issue with redfish TLS handshake

John Broadbent jebr at google.com
Wed Oct 6 05:47:31 AEDT 2021


On Tue, Oct 5, 2021 at 1:42 AM sharad yadav <sharad.openbmc at gmail.com>
wrote:

> Hi All,
>
> We have tried to measure redfish APIs performance benchmarking on AST2600.
> On redfish GET request there is a penalty added for ~100ms on TLS
> handshake at
> https://github.com/openbmc/bmcweb/blob/master/http/http_connection.hpp#L297
>
> On trying below all methods, each request calls `async_handshake` which
> adds 100ms delay
> before the actual redfish handler code gets called.
> *Method 1:*
> curl --insecure -X POST -D headers.txt https://${bmc}/redfish/v1/SessionService/Sessions
> -d    '{"UserName":"root", "Password":"0penBmc"}'
> export token=<Read X-Auth-Token from the headers.txt>
> curl -k -H "X-Auth-Token: $token" -H "Content-Type: application/json" -X
> GET https://${bmc}/redfish/v1/Systems/system
>
> *Method 2:*
> export token=`curl -k -H "Content-Type: application/json" -X POST https://${bmc}/login
> -d '{"username" : "root", "password" : "0penBmc"}' | grep token | awk
> '{print $2;}' | tr -d '"'`
> curl -k -H "X-Auth-Token: $token" -H "Content-Type: application/json" -X
> GET https://${bmc}/redfish/v1/Systems/system
>
> *Method 3:*
> curl https://${bmc}/redfish/v1/Systems/system --insecure -u root:0penBmc
> -L
>
> We want to avoid this ~100ms delay for better performance.
> Please suggest if there is a way to skip the `async_handshake` call by
> modifying the requests method?
>
> Thanks,
> Sharad
>



There is logic in the crow::connection object that should allow you to use
tcp keep-alive and avoid the handshake in start.
https://github.com/openbmc/bmcweb/blob/master/http/http_connection.hpp#L694

I have looked at the connection class in bmcweb before, and found it
difficult to understand.
However, this is a simplified version of the states within the connection
class:

start->doReadHeaders->doRead->handle->completeRequest->doWrite[if keep
alive]->doReadHeaders

The async_handshake is in the start, so if you are able to use the same
connection, you should only pay for the handshake once.
Ed Tanous and Gunnar Mills are the definitive experts.

Let us know what you find.
Thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20211005/46b3fc15/attachment.htm>


More information about the openbmc mailing list