I think a performance hit is expected, due to the expected overhead of the TLS handshake, and the number of connections Accumulo requires in order to distribute work across a cluster. I think whether the overhead is tolerable is a per user decision, and may also be dependent upon the details of your application, table content, query patterns, hardware, and JVM support. I'm sure it's not suitable for everybody's use case, but could be a useful option in some circumstances. It's really hard to make general statements about whether it's worthwhile, though, because of different people having different requirements and environments.
I am curious, though, if you could characterize the overhead you saw, as a point of comparison. On Mon, Oct 16, 2023, 23:18 Logan Jones <lo...@codescratch.com> wrote: > Hello: > > I know that Accumulo has support for TLS. When turning on TLS support, we > noticed some pretty serious performance hits as a result of turning this on > in 1.10.2. Does anyone actually have TLS turned on for larger clusters? Are > there any known performance problems with turning on TLS? > > Thanks in advance, > > - Logan >
