https / ssl performance, 1.8

Fri, 09 Oct 2015 07:44:29 -0700 

Long time user, first time poster.

We've used server version 1.6 with svnserve on an existing project and it works 
great. (All teams members are inside firewall)

We have a new project with outside collaborations and some not open source 
code, so we set up https:// Mod Dav using apache2 and pwauth for validation -- 
we have other resources and prefer using the same authentication for all for 
simplicity.

It "works" but the performance makes it nearly unusable. Monitoring the server 
using the top linux utility indicates many, many invocations of "pwauth" for a 
single client request. The next thing I was going to try was to install an sssd 
daemon on the server, but I wanted to ask if there was anything else I was 
missing.

Below are various version numbers / httpd config directives I think will be 
relevant. The host is actually a virtual machine hosted on a fairly high 
VMSphere server; the 1.6 svnserve subversion server that works well is on the 
same server so it seems unlikely that that would be the problem. (And other IPC 
mechanisms like secure copy (scp) show very good performance.)

CentOS release 6.7 (Final)

uname -a
Linux hostname 2.6.32-573.3.1.el6.x86_64 #1 SMP Thu Aug 13 22:55:16 UTC 2015 
x86_64 x86_64 x86_64 GNU/Linux

sudo httpd -version
Server version: Apache/2.2.15 (Unix)
Server built:   Aug 24 2015 17:52:49
===
<VirtualHost *:80>
    DocumentRoot /web
    CustomLog /var/log/httpd/hostname-access.log combined
    Redirect 301 "/repos" "https://hostname/repos";<https://hostname/repos>
    Redirect 301 "/wiki" "https://hostname/wiki";<https://hostname/wiki>
    Redirect 301 "/developer" 
"https://hostname/developer";<https://hostname/developer>

===
LoadModule authnz_external_module modules/mod_authnz_external.so

DefineExternalAuth pwauth pipe /usr/bin/pwauth

<LocationMatch "/(mediawiki|repos|developer)/">

    # Require SSL connection for password protection.
    SSLRequireSSL

    AuthType Basic
    AuthName "realm name"
    AuthBasicProvider external
    AuthExternal pwauth
    require valid-user

</LocationMatch>

===
LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so

<Location /repos>
   DAV svn
   SVNParentPath "/svn/"
   SVNAllowBulkUpdates Prefer
</Location>
CustomLog logs/svn_logfile "%t %u %{SVN-ACTION}e" env=SVN-ACTION
--
Gerard Weatherby | Application Architect
Virtual Cell | Center for Cell Analysis & Modeling | UConn Health
NMRbox | Department of Molecular Biology and Biophysics | UConn Health
263 Farmington Avenue, Farmington, CT 06030-6406 uchc.ed

Reply via email to