[Opendnssec-develop] [Opendnssec-user]How to speed up signing performance
Matthijs Mekking
matthijs at nlnetlabs.nl
Mon Dec 17 11:13:27 UTC 2012
On 12/17/2012 09:58 AM, Jerry Lundström wrote:
> On Dec 12, 2012, at 13:43 , Matthijs Mekking wrote:
>
>> This is probably a flawed assumption, because the small break is
>> unlocking the mutex, and locking it when the wait is over. So the
>> drudgers should have no problem popping RRsets.
>
>
> I see that you have made changes during last week so this might not
> be an issue now.
>
> But my point was that no matter how long we wait, if the code uses
> mutex/cond correctly it will be notified when there is work. Reducing
> it is just a workaround and not a fix to the real problem (and that
> can result in other "strange" problems in the future).
I agreed with the fix to decrease the waiting time to be a workaround,
but it would be a better value for waiting time. 60 seconds is too long
if you would end up hitting this code path. If only after 5 seconds, the
signer continued signing, the 'damage' is not that big.
I claim that 5 seconds is long enough wait, but that depends on the
speed of the signer. The queue is 1000 items big, so after 900
signatures created, or after 5 seconds, the worker will start queuing
RRsets again. Only if the signer is slower than 180 RRSIGS/sec, the 5
seconds timeout will kick in.
> How has this gone now with the changes you have made?
It was mainly .ca who had problems with this. They run a patched beta1,
and they don't have a bunch of fixes which are made in trunk. I think
your fix, r6642, is the real fix for this.
My commits from the past few days are mainly documentation + I applied
the r6642 fix also to worker_queue_rrset() (lock; push; if failed:
{sleep; push}; unlock)
Also, I use lock_basic_sleep directly and removed wrapper functions
worker_wait_locked and worker_wait_timeout_locked. This introduces no
behavioral changes.
Best regards,
Matthijs
>
> -- Jerry Lundström - OpenDNSSEC Developer http://www.opendnssec.org/
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 553 bytes
Desc: OpenPGP digital signature
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20121217/05fffe4b/attachment.bin>
More information about the Opendnssec-develop
mailing list