#372 closed enhancement (fixed)

offload the RSA keypair generation?

Reported by: warner Owned by: somebody
Priority: major Milestone: 1.1.0
Component: code Version: 0.9.0
Keywords: Cc:
Launchpad Bug:


We're monitoring the allmydata.com user-facing web-api server, and we're noticing that it is doing a significant amount of RSA key generation. Each time somebody creates a directory, the reactor is stalled for a second or two while the CPU cranks through the generation of the kilobit primes. This will reduce responsiveness: not just for the dirnode creation taking place, but for all others users.

We're thinking about pushing the keypair generation off to a separate process. The interface would be to drop a "key-generation.furl" in your node's basedir. If present, a simple foolscap protocol would be used to ask this server for a key. The server could pre-generate a batch of keys when it's idle. The server would probably run on the same server as the web-api machine, but it could use a different core if that host is SMP.

Change History (2)

comment:1 Changed at 2008-04-23T19:18:55Z by warner

  • Milestone changed from 1.1.0 to 1.0.1
  • Resolution set to fixed
  • Status changed from new to closed

rob implemented this several weeks ago and it's been working correctly on the prodnet webapi servers.

comment:2 Changed at 2008-05-05T21:08:36Z by zooko

  • Milestone changed from 1.0.1 to 1.1.0

Milestone 1.0.1 deleted

Note: See TracTickets for help on using tickets.