On Sep 11, 2009, at 2:41 PM, Doug Cutting wrote:
I'm considering an HTTP-based transport for Avro as the preferred, high-performance option.
I've got concerns about this. Both tactical and strategic. The tactical problem is that I need to get security (both Kerberos and token) in to 0.22. I'd really like to get Avro RPC into 0.22. I'd like both to be done roughly in 5 months. If you switch off of the current RPC code base to a completely new RPC code base, I don't see that happening.
HTTP has lots of advantages. In particular, it already has - lots of authentication, authorization and encryption support; - highly optimized servers; - monitoring, logging, etc.
It also has a couple of disadvantages: - poor integration with kerberos - very expensive on the wire encryption (ssl)
Tomcat and other servlet containers support async NIO, where a thread is not required per connection.
I'm also concerned about the weight of Tomcat. Everything I've read about it says that it take a lot more memory and cpu than Jetty. I think a solution that requires Tomcat may be problematic...
-- Owen
