Hello everyone,
After integrating SSL with Kafka, I noticed a significant decrease in producer
speed.
The speed of transmitting messages in plaintext is 101MB/s, which is exactly my
network's maximum bandwidth speed.
However, the speed of transmitting messages encrypted with SSL is only 19.17
MB/s, which is quite strange.
I understand that encryption adds additional overhead to network transmission,
but the impact on speed is too significant. Is there an issue with my
configuration?
Attached is the configuration list:
kakfa broker:
process.roles=broker
node.id=201
controller.quorum.voters=101@10.5.34.7:9094,102@10.5.34.8:9094,103@10.5.34.9:9094
listeners=BROKER://0.0.0.0:9091,INTERNAL://0.0.0.0:9092,SSLINTERNAL://0.0.0.0:9095,SASLSSLINTERNAL://0.0.0.0:9096
controller.listener.names=CONTROLLER
advertised.listeners=BROKER://10.5.34.4:9091,INTERNAL://10.5.34.4:9092,SSLINTERNAL://10.5.34.4:9095,SASLSSLINTERNAL://10.5.34.4:9096
inter.broker.listener.name=BROKER
listener.security.protocol.map=PLAINTEXT:PLAINTEXT,SSL:SSL,SASL_PLAINTEXT:SASL_PLAINTEXT,SASL_SSL:SASL_SSL,INTERNAL:SASL_PLAINTEXT,CONTROLLER:PLAINTEXT,BROKER:PLAINTEXT,SSLINTERNAL:SSL,SASLSSLINTERNAL:SASL_SSL
num.network.threads=3
num.io.threads=8
socket.send.buffer.bytes=102400
socket.receive.buffer.bytes=102400
socket.request.max.bytes=104857600
log.dirs=/data/kraft-broker-logs
num.partitions=12
default.replication.factor=2
min.insync.replicas=1
num.recovery.threads.per.data.dir=1
offsets.topic.replication.factor=3
transaction.state.log.replication.factor=3
transaction.state.log.min.isr=1
offsets.retention.minutes=10080
log.retention.hours=168
log.segment.bytes=1073741824
log.retention.check.interval.ms=300000
request.timeout.ms=30000
sasl.enabled.mechanisms=PLAIN
sasl.mechanism.inter.broker.protocol=PLAIN
listener.name.internal.plain.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule
required \
username="admin" \
password="GFy2Bit6-HYV" \
user_admin="GFy2Bit6-HYV";
listener.name.saslsslinternal.plain.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule
required \
username="admin" \
password="GFy2Bit6-HYV" \
user_admin="GFy2Bit6-HYV";
ssl.keystore.location=/data/kafka_2.13-3.3.2/ssl/kafka.server.keystore.jks
ssl.keystore.password=test1234
ssl.key.password=test1234
ssl.truststore.location=/data/kafka_2.13-3.3.2/ssl/kafka.server.truststore.jks
ssl.truststore.password=test1234
ssl.endpoint.identification.algorithm=
ssl.client.auth=required
Java client
props.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, "SSL");
props.put(SslConfigs.SSL_KEYSTORE_TYPE_CONFIG, "JKS");
props.put(SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG,
ProducerConstructor.class.getClassLoader().getResource("kafka_ssl/sitehealth/kafka.client.keystore.jks").getPath());
props.put(SslConfigs.SSL_KEYSTORE_PASSWORD_CONFIG, "test1234");
props.put(SslConfigs.SSL_TRUSTSTORE_TYPE_CONFIG, "JKS");
props.put(SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG,
ProducerConstructor.class.getClassLoader().getResource("kafka_ssl/sitehealth/kafka.client.truststore.jks").getPath());
props.put(SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG, "test1234");
