[erlang-questions] mochiweb https/ssl

sasa sasa555@REDACTED
Mon May 9 11:35:44 CEST 2011 

Hello,

First of all I would like to say that I tested the server on a 4 cores
instance and it works very nicely with 2000 users.
The load average is about 0.3 (it was about 9-10 with 2 cores), so it looks
very good. I'll test with a larger number of clients, but so far it's a very
big improvement.

Unfortunately, as I switched to a larger instance, I immediately configured
erlang with --enable-hipe so I'm not sure if that caused an improvement or
is it due to the more CPU power. I'll play some more to find out.

In any case, below is the code for the server. I don't know if I can post
attachments to the mailing list so I embedded the code inline. The client
code is very untidy at the moment, so I didn't include it. Basically it
amounts to N processes which do following:

ibrowse:send_req(Url,
    [{'Content-Type', 'application/x-www-form-urlencoded'}], post,
    "",
    [{ssl_options, [{depth, 0}]}, {max_sessions, 1000}, {max_pipeline_size,
1000}],
    10000
  )


The Url is a string such as "https://test-server.some.domain:9999


The server is in the file ssl_server.erl. I also didn't provide the SSL
keys.

-module(ssl_server).
-export([start/0]).


-define(HTTPS_OPTS, [
  {port, 9999},
  {name, https_test},
  {ssl, true},
  {ssl_opts, [
    {ssl_imp, new},
    {cacertfile, "keys/cacert.pem"},
    {certfile, "keys/cert.pem"},
    {keyfile, "keys/cert.key"},
    {depth, 0}
  ]}
]).

-define(HTTP_OPTS, [
  {port, 8888},
  {name, http_test}
]).

start() ->
  application:start(crypto),
  application:start(ssl),

  {ok, FeederPid} = start_feed(),

  Loop = fun(Req) ->
    dispatch(Req, FeederPid)
  end,

  {ok, Https} = mochiweb_http:start([{loop, Loop} | ?HTTPS_OPTS]),
  {ok, Http} = mochiweb_http:start([{loop, Loop} | ?HTTP_OPTS]),
  wait_loop().

wait_loop() ->
  timer:sleep(60000),
  wait_loop().

% invoked from mochi web for each request
dispatch(Req, FeederPid) ->
  FeederPid ! {add, self()}, % register with the feeder
  receive
    {respond, Message} -> % on feeder signal
      Req:ok({"text/plain", Message})
  after 10000 -> Req:not_found() % timeout
  end.


start_feed() ->
  FeederPid = proc_lib:spawn_link(fun feeder/0), % start feeder process
  proc_lib:spawn_link(fun() -> heartbeat(FeederPid) end), % start heartbeat
process
  {ok, FeederPid}.

% heartbeat - signal feeder in regular intervals
heartbeat(Feeder) ->
  timer:sleep(5000),
  Feeder ! {broadcast, "message"},
  heartbeat(Feeder).


% feeder
feeder() -> feeder([]).

feeder(Children) ->
  NewChildren = receive
    {add, Child} -> % child registered
      [Child | Children];

    {broadcast, Message} -> % heartbeat signaled
      io:format("broadcasting to ~p processes~n", [length(Children)]),

      lists:foreach(fun(Child) ->
        Child ! {respond, Message}
      end, Children),
      []
  end,

  feeder(NewChildren).

Best regards,
Sasa



On Mon, May 9, 2011 at 9:59 AM, Ingela Andin <ingela.andin@REDACTED> wrote:
> Hi!
>
> If you want to make sure that you run the new implementation you can use
the
> option {ssl_imp, new}  but if you run R14B02 and do not specify {ssl_imp,
old}
> you should get the new one.  When looking closer at your earlier post
> the occational error-report
> is from the new implementation, so I think that is not the issue. You
> mentioned that you could
> provide a test program, if you could send that to me so I can test it
> agaist the latest ssl code
> that would be great. All your problems might not have to do with
> erlang-ssl but it sure looks like
> there might be atleast one bug that needs fixing.
>
> Regards Ingela Erlang/OTP team - Ericsson AB
>
> 2011/5/6 sasa <sasa555@REDACTED>:
>> Hello,
>>
>> On Fri, 2011-05-06 at 21:30 +0200, Ingela Andin wrote:
>>
>> Where you using the old or the new erlang ssl implementation? Old ssl
>> scales poorly.
>>
>> If you use new ssl and not make any special configuration it will
>> always automatically
>> try to reuse sessions. (The server can refuse to reuse a session if it
wants
>> to)
>> How the old implementation works I can  not remember from the
>> top of my head but if you are using the old one I recomend upgrading
>> to the new one.
>> The new one is default in R14* and before that the old one is default.
>> I recomend R14.
>>
>> I am using erlang R14B02, so I suppose it is the new ssl. Is there any
way I
>> can verify which implementation is actually used? Could it be that I was
>> missing some dependency during the compilation of the erlang and the old
ssl
>> is actually used even though it is the version R14?
>>
>> Sasa
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20110509/a5115c1e/attachment.htm>

More information about the erlang-questions mailing list