#372 closed enhancement (fixed)
offload the RSA keypair generation?
| Reported by: | warner | Owned by: | somebody |
|---|---|---|---|
| Priority: | major | Milestone: | 1.1.0 |
| Component: | code | Version: | 0.9.0 |
| Keywords: | Cc: | ||
| Launchpad Bug: |
Description
We're monitoring the allmydata.com user-facing web-api server, and we're noticing that it is doing a significant amount of RSA key generation. Each time somebody creates a directory, the reactor is stalled for a second or two while the CPU cranks through the generation of the kilobit primes. This will reduce responsiveness: not just for the dirnode creation taking place, but for all others users.
We're thinking about pushing the keypair generation off to a separate process. The interface would be to drop a "key-generation.furl" in your node's basedir. If present, a simple foolscap protocol would be used to ask this server for a key. The server could pre-generate a batch of keys when it's idle. The server would probably run on the same server as the web-api machine, but it could use a different core if that host is SMP.
Change History (2)
comment:1 Changed at 2008-04-23T19:18:55Z by warner
- Milestone changed from 1.1.0 to 1.0.1
- Resolution set to fixed
- Status changed from new to closed
comment:2 Changed at 2008-05-05T21:08:36Z by zooko
- Milestone changed from 1.0.1 to 1.1.0
Milestone 1.0.1 deleted
rob implemented this several weeks ago and it's been working correctly on the prodnet webapi servers.