[jira] [Commented] (TINKERPOP-1189) SimpleAuthenticator over HttpChannelizer makes Gremlin Server pretty slow and consumes more CPU

Mon, 03 Oct 2016 14:17:55 -0700 

    [ 
https://issues.apache.org/jira/browse/TINKERPOP-1189?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15543453#comment-15543453
 ] 

Robert Dale commented on TINKERPOP-1189:
----------------------------------------

Can we reopen this for further investigation?  I ran some tests on 
apache-tinkerpop-gremlin-server-3.2.2 and could demonstrate that authentication 
is a limiting factor

Results:
||Config||Seconds||
|ssl+auth|200|
|auth-only|144|
|ssl-only|67|
|none|10|

h2. Details
Using variations on conf/gremlin-server-rest-secure.yaml.  Server was restarted 
cleanly between each run with ./bin/gremlin-server.sh 
conf/gremlin-server-rest-secure.yaml

Added 10 vertices with g.addV(). Ran query g.V() 1000 times.

For each configuration and all else being equal:

h3. ssl+auth
{code}
authentication: {
  className: org.apache.tinkerpop.gremlin.server.auth.SimpleAuthenticator,
  config: {
    credentialsDb: conf/tinkergraph-credentials.properties}}
ssl: {
  enabled: true}
{code}

h5. Setup
{noformat}
for i in `seq 1 10`; do curl -u stephen:password -k -X POST -d 
"{\"gremlin\":\"g.addV()\"}" "https://localhost:8182";; done
{noformat}

h5. Test
{noformat}
date; for i in `seq 1 1000`; do curl -u stephen:password -k -X POST -d 
"{\"gremlin\":\"g.V()\"}" "https://localhost:8182"; &>/dev/null; done; date
{noformat}

h3. auth-only
{code}
authentication: {
  className: org.apache.tinkerpop.gremlin.server.auth.SimpleAuthenticator,
  config: {
    credentialsDb: conf/tinkergraph-credentials.properties}}
ssl: {
  enabled: false}
{code}

h5. Setup
{noformat}
for i in `seq 1 10`; do curl -u stephen:password  -X POST -d 
"{\"gremlin\":\"g.addV()\"}" "http://localhost:8182";; done
{noformat}

h5. Test
{noformat}
date; for i in `seq 1 1000`; do curl -u stephen:password -X POST -d 
"{\"gremlin\":\"g.V()\"}" "http://localhost:8182"; &>/dev/null; done; date
{noformat}

h3. ssl-only
{code}
#authentication: {
#  className: org.apache.tinkerpop.gremlin.server.auth.SimpleAuthenticator,
#  config: {
#    credentialsDb: conf/tinkergraph-credentials.properties}}
ssl: {
  enabled: true}
{code}

h5. Setup
{noformat}
for i in `seq 1 10`; do curl -k -X POST -d "{\"gremlin\":\"g.addV()\"}" 
"https://localhost:8182";; done
{noformat}

h5. Test
{noformat}
date; for i in `seq 1 1000`; do curl -k -X POST -d "{\"gremlin\":\"g.V()\"}" 
"https://localhost:8182"; &>/dev/null; done; date
{noformat}

h3. none
{code}
#authentication: {
#  className: org.apache.tinkerpop.gremlin.server.auth.SimpleAuthenticator,
#  config: {
#    credentialsDb: conf/tinkergraph-credentials.properties}}
ssl: {
  enabled: false}
{code}

h5. Setup
{noformat}
for i in `seq 1 10`; do curl -X POST -d "{\"gremlin\":\"g.addV()\"}" 
"http://localhost:8182";; done
{noformat}

h5. Test
{noformat}
date; for i in `seq 1 1000`; do curl -X POST -d "{\"gremlin\":\"g.V()\"}" 
"http://localhost:8182"; &>/dev/null; done; date
{noformat}


> SimpleAuthenticator over HttpChannelizer makes Gremlin Server pretty slow and 
> consumes more CPU
> -----------------------------------------------------------------------------------------------
>
>                 Key: TINKERPOP-1189
>                 URL: https://issues.apache.org/jira/browse/TINKERPOP-1189
>             Project: TinkerPop
>          Issue Type: Improvement
>          Components: server
>    Affects Versions: 3.0.2-incubating
>         Environment: Gremlin Server 3.0.2 backended by Titan 1.0.0 and 
> Cassandra (separate instance), running in a server with 2 CPUs / 7.5 GB RAM 
> (Linux Debian 3.16.7)
>            Reporter: Gabriel Moreira
>            Assignee: stephen mallette
>            Priority: Minor
>
> I have setup Authorization in my Gremlin Server instances (v3.0.2), backended 
> by Titan v1.0.0 and Cassandra.
> I am testing SimpleAuthenticator, with the following snippet from my 
> gremlin-server.yaml:
> authentication: {
>   className: org.apache.tinkerpop.gremlin.server.auth.SimpleAuthenticator,
>   config: {
>     credentialsDb: conf/tinkergraph-empty.properties,
>     credentialsDbLocation: data/credentials.kryo}}
> ssl: {
>   enabled: false}
> I am using the default serialization file of TinkerGraph credentials.kryo, 
> with only the default user stephen/password.
>  I am using Basic Auth in my requests to Gremlin Server, by passing the 
> header "Authorization" with the value "Basic c3RlcGhlbjpwYXNzd29yZA==".
> Authorization works as expected. Therefore, the Gremlin Server becomes pretty 
> slow! It takes 10x more time and consumes 5x more CPU (from 10% to 50%) to 
> handle the same simple traversal Http POST request (below) in batch, compared 
> to Gremlin Server with NO authorization!
> {
> "gremlin": "g.V().has('CONTENT','id', 'LinkPost:7330001').count()"
> }
> Is there a workaround to this?
> Ps. If there is a fix, could it be patched for version 3.0.2? I am limited to 
> this version because I use Titan 1.0.0.
> Thanks.
> Gabriel Moreira



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to