Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-1846

Load shedding excessive handshakes

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Done
    • Major
    • 2.2.5.Final
    • 2.2.4.Final
    • SSL
    • None

    Description

      I've encountered a number of issues in which clients fail to reuse connections, or many clients are reconnect in parallel in such a way that overwhelms an Undertow server with many concurrent or successive handshakes, draining entropy and spiking CPU utilization.

      This class of issue isn't unique to Undertow, however it would be helpful to expose a minimal API that would allow users to experiment with solutions. I would like to try imposing a concurrency limit and rate limit on handshakes, and reject (or close) new incoming connections similar to Options.CONNECTION_HIGH_WATER when limits have been exceeded.

      A handshake timeout could be helpful, as well as the ability to provide a distinct Executor to SslConduit for delegated tasks, where we could measure time spent per handshake as well as limiting concurrent delegated tasks separately from the worker pool.

      Is this something others have experimented with? I'd be happy to write an outline for a potential approach if we're in agreement that the concept is sound.

      Thanks!

      Attachments

        Issue Links

          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. WFCORE-5329 Upgrade Undertow to 2.2.5.Final

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed

          Activity

            People

              flaviarnn Flavia Rainone
              carterkozak Carter Kozak
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: