SlideShare a Scribd company logo

Tomcat openssl

Jean-Frederic Clere
Jean-Frederic Clere

The document discusses using OpenSSL to improve Tomcat performance. It describes Tomcat connectors like NIO, NIO2, and APR and how the new OpenSSLImplementation replaces the default JSSE implementation. Performance tests show the OpenSSLImplementation outperforms JSSE, with NIO and NIO2 performing similarly. Throughput is highest for all connectors with larger file sizes. The OpenSSLImplementation enables features like HTTP/2 and ALPN that improve Tomcat.

Internet
1 of 27
Download to read offline
Using OpenSSL to boost TomcatUsing OpenSSL to boost Tomcat Jean-Frederic ClereJean-Frederic Clere
What I will coverWhat I will cover ● Who I am. ● Connectors – NIO, NIO2, APR – OpenSSLImplementation – HTTP/2 and ALPN in Tomcat. ● Performance tests – With ab and h2load as client load generator. ● Questions?6/27/16 2
Who I amWho I am Jean-Frederic Clere Red Hat Years writing JAVA code and server software Tomcat committer since 2001 Doing OpenSource since 1999 Cyclist/Runner etc Lived 15 years in Spain (Barcelona) Now in Neuchâtel (CH) 6/27/16 3
TomcatTomcat 6/27/16 4
What is a Connector?What is a Connector? ● Tomcat's interface to the world ● Binds to a port ● Understands a protocol and possible upgrades. ● Dispatches requests (example) – protocol="org.apache.coyote.http11.Http11AprProtocol" – protocol="org.apache.coyote.http11.Http11NioProtocol" – protocol="org.apache.coyote.http11.Http11Nio2Protocol" 6/27/16 5
Tomcat ConnectorsTomcat Connectors ● Java Non-blocking I/O (NIO) ● Native / Apache Portable Runtime (APR) ● Java NIO.2 Technically, there are combinations of all of the above with HTTP and AJP protocols. The presentation focuses on HTTP and on NIO/NIO2. 6/27/16 6
What is new in Tomcat 9 / 8.5What is new in Tomcat 9 / 8.5 ● Property sslImplementationName – Allows replacement of the SSL code ● OpenSSLImplementation (use OpenSSL) ● JSSEImplementation (use JSSE) ● UpgradeProtocol – Allows protocol upgrade from HTTP/1.1 ● HTTP/2 (yes) ● Websocket (cool) / Speedy (no plan to support it). 6/27/16 7
Why a new SSLImplementationWhy a new SSLImplementation ● JSSE: – Very slow – Missing features: like ALPN (JEP 244: TLS Application-Layer Protocol Negotiation) – Hardware acceleration very partial (like AES in java8) ● Native connector: – Fast but a lot of native code – Use OpenSSL for SSL/TLS. ● New OpenSSL implemetation: – Fast. – Uses only a OpenSSL for native code (no native socket, poller etc). – Works with NIO and NIO2. – Uses OpenSSL for SSL/TLS. (warp, unwarp, handshake etc).6/27/16 8
OpenSSLImplementationOpenSSLImplementation ● Code orginates from netty-tcnative a forked Tomcat Native ● Prototype (last year): – Done with the BeFriNe University – Tested and ported to tc_trunk last summer ● SSL Configuration compatible with the JSSE connection (*) ● Uses keystores (*) ● Uses SSL BIO to wrap/unwarp, handshake ● Uses java NIO or NIO2 Sockets for the reads and writes ● Automatically enabled when TC native is installed/enabled (*)6/27/16 9
How TLS is done in TomcatHow TLS is done in Tomcat 6/27/16 10 Tomcat JSSE Con. Javastdlib JSSE SSL Engine NIO/NIO2 Tomcat Native APR JNIs Webserver APR Internals APR Connector OpenSSL OS Sockets JavaC/Native Webserver OpenSSL Impl.
How does that worksHow does that works SSLContext JSSESSLContext OpenSSLContext SSLEngine SSLContext OpenSSLEngine createSSLEngine() createSSLEngine() wrap() unwrap() getSession() etc... Overrides 6/27/16 11
How does wrap worksHow does wrap works wrap(plaintext, encrypted) internalBIO networkBIO BIO_new_bio_pair SSL_set_bio writePlainTextData write_ToSSL SSL_write readEncryptedData readFromBIO BIO_read 6/27/16 12
How does unwrap worksHow does unwrap works unwrap(encrypted, plaintext) internalBIO networkBIO BIO_new_bio_pair SSL_set_bio writeEncryptedData writeToBIO BIO_write readPlaintextData readFromSSL SSL_read 6/27/16 13
Connector PerformanceConnector Performance ● Compare connectors throughput against each other ● Only static content was compared, varying file sizes ● Run on “fast” machines, 10 Gbps local network ● Tests: – Compare the connectors (trunk) NIO, NIO2 and APR – Using JSSE and OpenSSL – First without “sendfile” 6/27/16 14
Connector Throughput (c8)Connector Throughput (c8) 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 2MiB.bin 4MiB.bin 8MiB.bin 16MiB.bin 32MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 Concurency 8 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size ThroughputKbytes/sec 6/27/16 15
Connector Throughput (c40)Connector Throughput (c40) 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 2MiB.bin 4MiB.bin 8MiB.bin 16MiB.bin 32MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 Concurency 40 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size ThroughputKbytes/sec 6/27/16 16
Connector Throughput (c80)Connector Throughput (c80) 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 2MiB.bin 4MiB.bin 8MiB.bin 16MiB.bin 32MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 concurency 80 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size ThroughputKbytes/sec 6/27/16 17
Connector CPU UseConnector CPU Use 4KiB 16KiB 64KiB 128KiB 512KiB 2MiB 8MiB 32MiB 40 50 60 70 80 90 100 Concurency 8 4KiB 16KiB 64KiB 128KiB 512KiB 2MiB 8MiB 32MiB 40 50 60 70 80 90 100 concurency 40 4KiB 16KiB 64KiB 128KiB 512KiB 2MiB 8MiB 32MiB 40 50 60 70 80 90 100 Concurency 80 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size CPUusage 6/27/16 18
Connector TC8.5Connector TC8.5 6/27/16 19 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 800000 Concurency 320 tomcat 8.5 coyote_apr_https coyote_nio_jssehttps coyote_nio_opensslhttps File Size Kbytes/second 4KiB 8KiB 16KiB 32KiB 64KiB 128KiB 256KiB 512KiB 1MiB 0 20 40 60 80 100 120 Concurency 320 tomcat8.5 coyote_apr_https coyote_nio_jssehttps coyote_nio_opensslhttps File Size CPUusage
Connector PerformanceConnector Performance ● With sendfile – In fact with TLS/SSL sendfile is emulated 6/27/16 20
Connector Throughput (c8)Connector Throughput (c8) 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 2MiB.bin 4MiB.bin 8MiB.bin 16MiB.bin 32MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 800000 Concurency 8 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size ThroughputinKbytes/sec 6/27/16 21
Connector Throughput (c40)Connector Throughput (c40) 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 2MiB.bin 4MiB.bin 8MiB.bin 16MiB.bin 32MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 800000 Concurency 40 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size ThroughputinKbytes/sec 6/27/16 22
Connector Throughput (c80)Connector Throughput (c80) 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 2MiB.bin 4MiB.bin 8MiB.bin 16MiB.bin 32MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 800000 Concurency 80 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size ThroughtinKbytes/sec 6/27/16 23
Connector CPU UseConnector CPU Use 4KiB 16KiB 64KiB 128KiB 512KiB 2MiB 8MiB 32MiB 40 50 60 70 80 90 100 Concunreny 8 4KiB 16KiB 64KiB 128KiB 512KiB 2MiB 8MiB 32MiB 40 50 60 70 80 90 100 Concurency 40 4KiB 16KiB 64KiB 128KiB 512KiB 2MiB 8MiB 32MiB 40 50 60 70 80 90 100 Concurency 80 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https 6/27/16 24
Connector PerformanceConnector Performance ● Conclusion: – OpenSSL performs better that JSSE – NIO and NIO(2) give similar results – Emulated sendfile doesn't help a lot (bigger files better). – APR isn't needed – Until Java9 is released OpenSSL is needed for HTTP/2 6/27/16 25
Questions?Questions? Thank you!Thank you! ● jfclere@gmail.com ● users@tomcat.apache.org ● Repo with the scripts for the tests: – https://github.com/jfclere/AC2014scripts 6/27/16 26
Jean-Frederic Clere @jfclere jfclere@gmail.com

Recommended

Tomcat next
Tomcat nextTomcat next
Tomcat nextJean-Frederic Clere
 
Tomcat next
Tomcat nextTomcat next
Tomcat nextJean-Frederic Clere
 
Auxiliary : Tomcat
Auxiliary : TomcatAuxiliary : Tomcat
Auxiliary : Tomcatwebhostingguy
 
Introduction to Apache Tomcat 7 Presentation
Introduction to Apache Tomcat 7 PresentationIntroduction to Apache Tomcat 7 Presentation
Introduction to Apache Tomcat 7 PresentationTomcat Expert
 
Apache Httpd and TLS certificates validations
Apache Httpd and TLS certificates validationsApache Httpd and TLS certificates validations
Apache Httpd and TLS certificates validationsJean-Frederic Clere
 
Tomcat Clustering
Tomcat ClusteringTomcat Clustering
Tomcat Clusteringgouthamrv
 
Tomcat Server
Tomcat ServerTomcat Server
Tomcat ServerAnirban Majumdar
 
HTTP/2, HTTP/3 and SSL/TLS State of the Art in Our Servers
HTTP/2, HTTP/3 and SSL/TLS State of the Art in Our ServersHTTP/2, HTTP/3 and SSL/TLS State of the Art in Our Servers
HTTP/2, HTTP/3 and SSL/TLS State of the Art in Our ServersJean-Frederic Clere
 

Recommended

Tomcat next
Tomcat nextTomcat next
Tomcat nextJean-Frederic Clere
 
Tomcat next
Tomcat nextTomcat next
Tomcat nextJean-Frederic Clere
 
Auxiliary : Tomcat
Auxiliary : TomcatAuxiliary : Tomcat
Auxiliary : Tomcatwebhostingguy
 
Introduction to Apache Tomcat 7 Presentation
Introduction to Apache Tomcat 7 PresentationIntroduction to Apache Tomcat 7 Presentation
Introduction to Apache Tomcat 7 PresentationTomcat Expert
 
Apache Httpd and TLS certificates validations
Apache Httpd and TLS certificates validationsApache Httpd and TLS certificates validations
Apache Httpd and TLS certificates validationsJean-Frederic Clere
 
Tomcat Clustering
Tomcat ClusteringTomcat Clustering
Tomcat Clusteringgouthamrv
 
Tomcat Server
Tomcat ServerTomcat Server
Tomcat ServerAnirban Majumdar
 
HTTP/2, HTTP/3 and SSL/TLS State of the Art in Our Servers
HTTP/2, HTTP/3 and SSL/TLS State of the Art in Our ServersHTTP/2, HTTP/3 and SSL/TLS State of the Art in Our Servers
HTTP/2, HTTP/3 and SSL/TLS State of the Art in Our ServersJean-Frederic Clere
 
Apache Tomcat 7 by Filip Hanik
Apache Tomcat 7 by Filip HanikApache Tomcat 7 by Filip Hanik
Apache Tomcat 7 by Filip HanikEdgar Espina
 
톰캣 #09-쓰레드
톰캣 #09-쓰레드톰캣 #09-쓰레드
톰캣 #09-쓰레드GyuSeok Lee
 
TomcatCon: from a cluster to the cloud
TomcatCon: from a cluster to the cloudTomcatCon: from a cluster to the cloud
TomcatCon: from a cluster to the cloudJean-Frederic Clere
 
Snaps on open suse
Snaps on open suseSnaps on open suse
Snaps on open suseZygmunt Krynicki
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPFastly
 
Asynchronous Io Programming
Asynchronous Io ProgrammingAsynchronous Io Programming
Asynchronous Io Programmingl xf
 
QUIC
QUICQUIC
QUICApache Traffic Server
 
Rabbit mq簡介(上)
Rabbit mq簡介(上)Rabbit mq簡介(上)
Rabbit mq簡介(上)共和 薛
 
Scapy talk
Scapy talkScapy talk
Scapy talkAshwin Patil, GCIH, GCIA, GCFE
 
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2Load Impact
 
HAProxy tech talk
HAProxy tech talkHAProxy tech talk
HAProxy tech talkicebourg
 
Large Scale Deployment of SSL/TLS For MySQL
Large Scale Deployment of SSL/TLS For MySQLLarge Scale Deployment of SSL/TLS For MySQL
Large Scale Deployment of SSL/TLS For MySQLDaniël van Eeden
 
Http/2
Http/2Http/2
Http/2Adrian Cardenas
 
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 eraHTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 erapeychevi
 
Fluentd v0.14 Overview
Fluentd v0.14 OverviewFluentd v0.14 Overview
Fluentd v0.14 OverviewN Masahiro
 
Skydive 31 janv. 2016
Skydive 31 janv. 2016Skydive 31 janv. 2016
Skydive 31 janv. 2016Sylvain Afchain
 
HAProxy 1.9
HAProxy 1.9HAProxy 1.9
HAProxy 1.9HAProxy Technologies
 
Apache httpd reverse proxy and Tomcat
Apache httpd reverse proxy and TomcatApache httpd reverse proxy and Tomcat
Apache httpd reverse proxy and TomcatJean-Frederic Clere
 
Skydive 5/07/2016
Skydive 5/07/2016Skydive 5/07/2016
Skydive 5/07/2016Sylvain Afchain
 
Fanzine ¡Vaya Mierda! Junio 2015
Fanzine ¡Vaya Mierda! Junio 2015Fanzine ¡Vaya Mierda! Junio 2015
Fanzine ¡Vaya Mierda! Junio 2015David Juan Bonacho
 
How To Use Consumer Health Complete,
How To Use Consumer Health Complete,How To Use Consumer Health Complete,
How To Use Consumer Health Complete,Lloyd_Wedes
 
Boletín Técnico colec. Junio 2014
Boletín Técnico colec. Junio 2014Boletín Técnico colec. Junio 2014
Boletín Técnico colec. Junio 2014Ricardo Rivas Montiel
 

More Related Content

What's hot

Apache Tomcat 7 by Filip Hanik
Apache Tomcat 7 by Filip HanikApache Tomcat 7 by Filip Hanik
Apache Tomcat 7 by Filip HanikEdgar Espina
 
톰캣 #09-쓰레드
톰캣 #09-쓰레드톰캣 #09-쓰레드
톰캣 #09-쓰레드GyuSeok Lee
 
TomcatCon: from a cluster to the cloud
TomcatCon: from a cluster to the cloudTomcatCon: from a cluster to the cloud
TomcatCon: from a cluster to the cloudJean-Frederic Clere
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPFastly
 
Asynchronous Io Programming
Asynchronous Io ProgrammingAsynchronous Io Programming
Asynchronous Io Programmingl xf
 
Rabbit mq簡介(上)
Rabbit mq簡介(上)Rabbit mq簡介(上)
Rabbit mq簡介(上)共和 薛
 
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2Load Impact
 
HAProxy tech talk
HAProxy tech talkHAProxy tech talk
HAProxy tech talkicebourg
 
Large Scale Deployment of SSL/TLS For MySQL
Large Scale Deployment of SSL/TLS For MySQLLarge Scale Deployment of SSL/TLS For MySQL
Large Scale Deployment of SSL/TLS For MySQLDaniël van Eeden
 
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 eraHTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 erapeychevi
 
Fluentd v0.14 Overview
Fluentd v0.14 OverviewFluentd v0.14 Overview
Fluentd v0.14 OverviewN Masahiro
 
Apache httpd reverse proxy and Tomcat
Apache httpd reverse proxy and TomcatApache httpd reverse proxy and Tomcat
Apache httpd reverse proxy and TomcatJean-Frederic Clere
 

What's hot (19)

Apache Tomcat 7 by Filip Hanik
Apache Tomcat 7 by Filip HanikApache Tomcat 7 by Filip Hanik
Apache Tomcat 7 by Filip Hanik
 
톰캣 #09-쓰레드
톰캣 #09-쓰레드톰캣 #09-쓰레드
톰캣 #09-쓰레드
 
TomcatCon: from a cluster to the cloud
TomcatCon: from a cluster to the cloudTomcatCon: from a cluster to the cloud
TomcatCon: from a cluster to the cloud
 
Snaps on open suse
Snaps on open suseSnaps on open suse
Snaps on open suse
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
 
Asynchronous Io Programming
Asynchronous Io ProgrammingAsynchronous Io Programming
Asynchronous Io Programming
 
QUIC
QUICQUIC
QUIC
 
Rabbit mq簡介(上)
Rabbit mq簡介(上)Rabbit mq簡介(上)
Rabbit mq簡介(上)
 
Scapy talk
Scapy talkScapy talk
Scapy talk
 
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
 
HAProxy tech talk
HAProxy tech talkHAProxy tech talk
HAProxy tech talk
 
Large Scale Deployment of SSL/TLS For MySQL
Large Scale Deployment of SSL/TLS For MySQLLarge Scale Deployment of SSL/TLS For MySQL
Large Scale Deployment of SSL/TLS For MySQL
 
Http/2
Http/2Http/2
Http/2
 
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 eraHTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
 
Fluentd v0.14 Overview
Fluentd v0.14 OverviewFluentd v0.14 Overview
Fluentd v0.14 Overview
 
Skydive 31 janv. 2016
Skydive 31 janv. 2016Skydive 31 janv. 2016
Skydive 31 janv. 2016
 
HAProxy 1.9
HAProxy 1.9HAProxy 1.9
HAProxy 1.9
 
Apache httpd reverse proxy and Tomcat
Apache httpd reverse proxy and TomcatApache httpd reverse proxy and Tomcat
Apache httpd reverse proxy and Tomcat
 
Skydive 5/07/2016
Skydive 5/07/2016Skydive 5/07/2016
Skydive 5/07/2016
 

Viewers also liked

Fanzine ¡Vaya Mierda! Junio 2015
Fanzine ¡Vaya Mierda! Junio 2015Fanzine ¡Vaya Mierda! Junio 2015
Fanzine ¡Vaya Mierda! Junio 2015David Juan Bonacho
 
How To Use Consumer Health Complete,
How To Use Consumer Health Complete,How To Use Consumer Health Complete,
How To Use Consumer Health Complete,Lloyd_Wedes
 
Trabajo proyecto grado
Trabajo proyecto gradoTrabajo proyecto grado
Trabajo proyecto gradohilfrank100
 
UN ANTICIPO DEL CIELO (pps)
UN ANTICIPO DEL CIELO (pps)UN ANTICIPO DEL CIELO (pps)
UN ANTICIPO DEL CIELO (pps)Ramón Rivas
 
Wif 2012 : programme des conférences et ateliers
Wif 2012 : programme des conférences et ateliersWif 2012 : programme des conférences et ateliers
Wif 2012 : programme des conférences et ateliersWif
 
Creative Consultant
Creative Consultant Creative Consultant
Creative Consultant Aradhna S
 
Redes sociales
Redes sociales Redes sociales
Redes sociales kkoral
 
Contribución social cat
Contribución social catContribución social cat
Contribución social catkatika1101
 
SCC2013 - The challenges of measuring informal science learning - Jenny Mollica
SCC2013 - The challenges of measuring informal science learning - Jenny MollicaSCC2013 - The challenges of measuring informal science learning - Jenny Mollica
SCC2013 - The challenges of measuring informal science learning - Jenny MollicaBritish Science Association
 
Eigenstudie meinungsraum.at Urlaub
Eigenstudie meinungsraum.at UrlaubEigenstudie meinungsraum.at Urlaub
Eigenstudie meinungsraum.at Urlaubmeinungsraum.at
 
Retour de SxSW 2015 - La Netscouade
Retour de SxSW 2015 - La NetscouadeRetour de SxSW 2015 - La Netscouade
Retour de SxSW 2015 - La NetscouadeLaNetscouade
 
Diálogos desde el autismo.
Diálogos desde el autismo.Diálogos desde el autismo.
Diálogos desde el autismo.José María
 

Viewers also liked (19)

Fanzine ¡Vaya Mierda! Junio 2015
Fanzine ¡Vaya Mierda! Junio 2015Fanzine ¡Vaya Mierda! Junio 2015
Fanzine ¡Vaya Mierda! Junio 2015
 
How To Use Consumer Health Complete,
How To Use Consumer Health Complete,How To Use Consumer Health Complete,
How To Use Consumer Health Complete,
 
Boletín Técnico colec. Junio 2014
Boletín Técnico colec. Junio 2014Boletín Técnico colec. Junio 2014
Boletín Técnico colec. Junio 2014
 
Trabajo proyecto grado
Trabajo proyecto gradoTrabajo proyecto grado
Trabajo proyecto grado
 
UN ANTICIPO DEL CIELO (pps)
UN ANTICIPO DEL CIELO (pps)UN ANTICIPO DEL CIELO (pps)
UN ANTICIPO DEL CIELO (pps)
 
Guia software-manual-asureid-7-0-user-guide-es
Guia software-manual-asureid-7-0-user-guide-esGuia software-manual-asureid-7-0-user-guide-es
Guia software-manual-asureid-7-0-user-guide-es
 
Educacion
EducacionEducacion
Educacion
 
Wif 2012 : programme des conférences et ateliers
Wif 2012 : programme des conférences et ateliersWif 2012 : programme des conférences et ateliers
Wif 2012 : programme des conférences et ateliers
 
Tribuna 1528
Tribuna 1528Tribuna 1528
Tribuna 1528
 
Creative Consultant
Creative Consultant Creative Consultant
Creative Consultant
 
Lia Nr. 138
Lia Nr. 138 Lia Nr. 138
Lia Nr. 138
 
Redes sociales
Redes sociales Redes sociales
Redes sociales
 
SEO - 2014 and Beyond
SEO - 2014 and BeyondSEO - 2014 and Beyond
SEO - 2014 and Beyond
 
Contribución social cat
Contribución social catContribución social cat
Contribución social cat
 
SCC2013 - The challenges of measuring informal science learning - Jenny Mollica
SCC2013 - The challenges of measuring informal science learning - Jenny MollicaSCC2013 - The challenges of measuring informal science learning - Jenny Mollica
SCC2013 - The challenges of measuring informal science learning - Jenny Mollica
 
Eigenstudie meinungsraum.at Urlaub
Eigenstudie meinungsraum.at UrlaubEigenstudie meinungsraum.at Urlaub
Eigenstudie meinungsraum.at Urlaub
 
Retour de SxSW 2015 - La Netscouade
Retour de SxSW 2015 - La NetscouadeRetour de SxSW 2015 - La Netscouade
Retour de SxSW 2015 - La Netscouade
 
Diálogos desde el autismo.
Diálogos desde el autismo.Diálogos desde el autismo.
Diálogos desde el autismo.
 
Elcorondel067 oks
Elcorondel067 oksElcorondel067 oks
Elcorondel067 oks
 

Similar to Tomcat openssl

Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceAdding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceSamsung Open Source Group
 
Tomcat from a cluster to the cloud on RP3
Tomcat from a cluster to the cloud on RP3Tomcat from a cluster to the cloud on RP3
Tomcat from a cluster to the cloud on RP3Jean-Frederic Clere
 
[OpenStack Days 2016] Track4 - OpenNSL으로 브로드콜 기반 네트,워크 스위치 제어하기
[OpenStack Days 2016] Track4 - OpenNSL으로 브로드콜 기반 네트,워크 스위치 제어하기[OpenStack Days 2016] Track4 - OpenNSL으로 브로드콜 기반 네트,워크 스위치 제어하기
[OpenStack Days 2016] Track4 - OpenNSL으로 브로드콜 기반 네트,워크 스위치 제어하기OpenStack Korea Community
 
Scaling the Container Dataplane
Scaling the Container Dataplane Scaling the Container Dataplane
Scaling the Container Dataplane Michelle Holley
 
Stacks and Layers: Integrating P4, C, OVS and OpenStack
Stacks and Layers: Integrating P4, C, OVS and OpenStackStacks and Layers: Integrating P4, C, OVS and OpenStack
Stacks and Layers: Integrating P4, C, OVS and OpenStackOpen-NFP
 
03_clere-HTTP2 HTTP3 the State of the Art in Our Servers.pdf
03_clere-HTTP2 HTTP3 the State of the Art in Our Servers.pdf03_clere-HTTP2 HTTP3 the State of the Art in Our Servers.pdf
03_clere-HTTP2 HTTP3 the State of the Art in Our Servers.pdfJean-Frederic Clere
 
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under LinuxPractical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under LinuxSamsung Open Source Group
 
Ceph Day SF 2015 - Deploying flash storage for Ceph without compromising perf...
Ceph Day SF 2015 - Deploying flash storage for Ceph without compromising perf...Ceph Day SF 2015 - Deploying flash storage for Ceph without compromising perf...
Ceph Day SF 2015 - Deploying flash storage for Ceph without compromising perf...Ceph Community
 
ORTC Library - Introduction
ORTC Library - IntroductionORTC Library - Introduction
ORTC Library - IntroductionErik Lagerway
 
Cisco Connect Toronto 2017 - Model-driven Telemetry
Cisco Connect Toronto 2017 - Model-driven TelemetryCisco Connect Toronto 2017 - Model-driven Telemetry
Cisco Connect Toronto 2017 - Model-driven TelemetryCisco Canada
 
PLNOG16: Obsługa 100M pps na platformie PC , Przemysław Frasunek, Paweł Mała...
PLNOG16: Obsługa 100M pps na platformie PC , Przemysław Frasunek, Paweł Mała...PLNOG16: Obsługa 100M pps na platformie PC , Przemysław Frasunek, Paweł Mała...
PLNOG16: Obsługa 100M pps na platformie PC , Przemysław Frasunek, Paweł Mała...PROIDEA
 
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...Junho Suh
 
LCU14 310- Cisco ODP v2
LCU14 310- Cisco ODP v2LCU14 310- Cisco ODP v2
LCU14 310- Cisco ODP v2Linaro
 
OSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
OSDC 2017 - Casey Callendrello -The evolution of the Container Network InterfaceOSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
OSDC 2017 - Casey Callendrello -The evolution of the Container Network InterfaceNETWAYS
 
OSDC 2017 | The evolution of the Container Network Interface by Casey Callend...
OSDC 2017 | The evolution of the Container Network Interface by Casey Callend...OSDC 2017 | The evolution of the Container Network Interface by Casey Callend...
OSDC 2017 | The evolution of the Container Network Interface by Casey Callend...NETWAYS
 

Similar to Tomcat openssl (20)

Tomcat openssl
Tomcat opensslTomcat openssl
Tomcat openssl
 
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceAdding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
 
6LoWPAN: An Open IoT Networking Protocol
6LoWPAN: An Open IoT Networking Protocol6LoWPAN: An Open IoT Networking Protocol
6LoWPAN: An Open IoT Networking Protocol
 
Tomcat from a cluster to the cloud on RP3
Tomcat from a cluster to the cloud on RP3Tomcat from a cluster to the cloud on RP3
Tomcat from a cluster to the cloud on RP3
 
6LoWPAN: An open IoT Networking Protocol
6LoWPAN: An open IoT Networking Protocol6LoWPAN: An open IoT Networking Protocol
6LoWPAN: An open IoT Networking Protocol
 
Run Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT NetworkRun Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT Network
 
[OpenStack Days 2016] Track4 - OpenNSL으로 브로드콜 기반 네트,워크 스위치 제어하기
[OpenStack Days 2016] Track4 - OpenNSL으로 브로드콜 기반 네트,워크 스위치 제어하기[OpenStack Days 2016] Track4 - OpenNSL으로 브로드콜 기반 네트,워크 스위치 제어하기
[OpenStack Days 2016] Track4 - OpenNSL으로 브로드콜 기반 네트,워크 스위치 제어하기
 
Scaling the Container Dataplane
Scaling the Container Dataplane Scaling the Container Dataplane
Scaling the Container Dataplane
 
Stacks and Layers: Integrating P4, C, OVS and OpenStack
Stacks and Layers: Integrating P4, C, OVS and OpenStackStacks and Layers: Integrating P4, C, OVS and OpenStack
Stacks and Layers: Integrating P4, C, OVS and OpenStack
 
03_clere-HTTP2 HTTP3 the State of the Art in Our Servers.pdf
03_clere-HTTP2 HTTP3 the State of the Art in Our Servers.pdf03_clere-HTTP2 HTTP3 the State of the Art in Our Servers.pdf
03_clere-HTTP2 HTTP3 the State of the Art in Our Servers.pdf
 
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under LinuxPractical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
 
Ceph Day SF 2015 - Deploying flash storage for Ceph without compromising perf...
Ceph Day SF 2015 - Deploying flash storage for Ceph without compromising perf...Ceph Day SF 2015 - Deploying flash storage for Ceph without compromising perf...
Ceph Day SF 2015 - Deploying flash storage for Ceph without compromising perf...
 
ORTC Library - Introduction
ORTC Library - IntroductionORTC Library - Introduction
ORTC Library - Introduction
 
Cisco Connect Toronto 2017 - Model-driven Telemetry
Cisco Connect Toronto 2017 - Model-driven TelemetryCisco Connect Toronto 2017 - Model-driven Telemetry
Cisco Connect Toronto 2017 - Model-driven Telemetry
 
PLNOG16: Obsługa 100M pps na platformie PC , Przemysław Frasunek, Paweł Mała...
PLNOG16: Obsługa 100M pps na platformie PC , Przemysław Frasunek, Paweł Mała...PLNOG16: Obsługa 100M pps na platformie PC , Przemysław Frasunek, Paweł Mała...
PLNOG16: Obsługa 100M pps na platformie PC , Przemysław Frasunek, Paweł Mała...
 
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
 
LCU14 310- Cisco ODP v2
LCU14 310- Cisco ODP v2LCU14 310- Cisco ODP v2
LCU14 310- Cisco ODP v2
 
netty_qcon_v4
netty_qcon_v4netty_qcon_v4
netty_qcon_v4
 
OSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
OSDC 2017 - Casey Callendrello -The evolution of the Container Network InterfaceOSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
OSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
 
OSDC 2017 | The evolution of the Container Network Interface by Casey Callend...
OSDC 2017 | The evolution of the Container Network Interface by Casey Callend...OSDC 2017 | The evolution of the Container Network Interface by Casey Callend...
OSDC 2017 | The evolution of the Container Network Interface by Casey Callend...
 

More from Jean-Frederic Clere

03_clere_Proxing to tomcat with httpd.pdf
03_clere_Proxing to tomcat with httpd.pdf03_clere_Proxing to tomcat with httpd.pdf
03_clere_Proxing to tomcat with httpd.pdfJean-Frederic Clere
 
01_clere_Having fun with a solar panel, camera and raspberry. How with a few ...
01_clere_Having fun with a solar panel, camera and raspberry. How with a few ...01_clere_Having fun with a solar panel, camera and raspberry. How with a few ...
01_clere_Having fun with a solar panel, camera and raspberry. How with a few ...Jean-Frederic Clere
 
Apache httpd and TLS/SSL certificates validation
Apache httpd and TLS/SSL certificates validationApache httpd and TLS/SSL certificates validation
Apache httpd and TLS/SSL certificates validationJean-Frederic Clere
 
Having fun with Raspberry(s) and Apache projects
Having fun with Raspberry(s) and Apache projectsHaving fun with Raspberry(s) and Apache projects
Having fun with Raspberry(s) and Apache projectsJean-Frederic Clere
 
Having fun with Raspberry and Apache projects
Having fun with Raspberry and Apache projectsHaving fun with Raspberry and Apache projects
Having fun with Raspberry and Apache projectsJean-Frederic Clere
 
HTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF serversHTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF serversJean-Frederic Clere
 

More from Jean-Frederic Clere (11)

Panama.pdf
Panama.pdfPanama.pdf
Panama.pdf
 
03_clere_Proxing to tomcat with httpd.pdf
03_clere_Proxing to tomcat with httpd.pdf03_clere_Proxing to tomcat with httpd.pdf
03_clere_Proxing to tomcat with httpd.pdf
 
01_clere_Having fun with a solar panel, camera and raspberry. How with a few ...
01_clere_Having fun with a solar panel, camera and raspberry. How with a few ...01_clere_Having fun with a solar panel, camera and raspberry. How with a few ...
01_clere_Having fun with a solar panel, camera and raspberry. How with a few ...
 
Cloud RPI4 tomcat ARM64
Cloud RPI4 tomcat ARM64Cloud RPI4 tomcat ARM64
Cloud RPI4 tomcat ARM64
 
From a cluster to the Cloud
From a cluster to the CloudFrom a cluster to the Cloud
From a cluster to the Cloud
 
Apache httpd and TLS/SSL certificates validation
Apache httpd and TLS/SSL certificates validationApache httpd and TLS/SSL certificates validation
Apache httpd and TLS/SSL certificates validation
 
Juggva cloud
Juggva cloudJuggva cloud
Juggva cloud
 
Having fun with Raspberry(s) and Apache projects
Having fun with Raspberry(s) and Apache projectsHaving fun with Raspberry(s) and Apache projects
Having fun with Raspberry(s) and Apache projects
 
Having fun with Raspberry and Apache projects
Having fun with Raspberry and Apache projectsHaving fun with Raspberry and Apache projects
Having fun with Raspberry and Apache projects
 
HTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF serversHTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF servers
 
Native 1.2.8
Native 1.2.8Native 1.2.8
Native 1.2.8
 

Recently uploaded

A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleanscorenetworkseo
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 

Recently uploaded (20)

A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleans
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 

Tomcat openssl

  • 1. Using OpenSSL to boost TomcatUsing OpenSSL to boost Tomcat Jean-Frederic ClereJean-Frederic Clere
  • 2. What I will coverWhat I will cover ● Who I am. ● Connectors – NIO, NIO2, APR – OpenSSLImplementation – HTTP/2 and ALPN in Tomcat. ● Performance tests – With ab and h2load as client load generator. ● Questions?6/27/16 2
  • 3. Who I amWho I am Jean-Frederic Clere Red Hat Years writing JAVA code and server software Tomcat committer since 2001 Doing OpenSource since 1999 Cyclist/Runner etc Lived 15 years in Spain (Barcelona) Now in Neuchâtel (CH) 6/27/16 3
  • 5. What is a Connector?What is a Connector? ● Tomcat's interface to the world ● Binds to a port ● Understands a protocol and possible upgrades. ● Dispatches requests (example) – protocol="org.apache.coyote.http11.Http11AprProtocol" – protocol="org.apache.coyote.http11.Http11NioProtocol" – protocol="org.apache.coyote.http11.Http11Nio2Protocol" 6/27/16 5
  • 6. Tomcat ConnectorsTomcat Connectors ● Java Non-blocking I/O (NIO) ● Native / Apache Portable Runtime (APR) ● Java NIO.2 Technically, there are combinations of all of the above with HTTP and AJP protocols. The presentation focuses on HTTP and on NIO/NIO2. 6/27/16 6
  • 7. What is new in Tomcat 9 / 8.5What is new in Tomcat 9 / 8.5 ● Property sslImplementationName – Allows replacement of the SSL code ● OpenSSLImplementation (use OpenSSL) ● JSSEImplementation (use JSSE) ● UpgradeProtocol – Allows protocol upgrade from HTTP/1.1 ● HTTP/2 (yes) ● Websocket (cool) / Speedy (no plan to support it). 6/27/16 7
  • 8. Why a new SSLImplementationWhy a new SSLImplementation ● JSSE: – Very slow – Missing features: like ALPN (JEP 244: TLS Application-Layer Protocol Negotiation) – Hardware acceleration very partial (like AES in java8) ● Native connector: – Fast but a lot of native code – Use OpenSSL for SSL/TLS. ● New OpenSSL implemetation: – Fast. – Uses only a OpenSSL for native code (no native socket, poller etc). – Works with NIO and NIO2. – Uses OpenSSL for SSL/TLS. (warp, unwarp, handshake etc).6/27/16 8
  • 9. OpenSSLImplementationOpenSSLImplementation ● Code orginates from netty-tcnative a forked Tomcat Native ● Prototype (last year): – Done with the BeFriNe University – Tested and ported to tc_trunk last summer ● SSL Configuration compatible with the JSSE connection (*) ● Uses keystores (*) ● Uses SSL BIO to wrap/unwarp, handshake ● Uses java NIO or NIO2 Sockets for the reads and writes ● Automatically enabled when TC native is installed/enabled (*)6/27/16 9
  • 10. How TLS is done in TomcatHow TLS is done in Tomcat 6/27/16 10 Tomcat JSSE Con. Javastdlib JSSE SSL Engine NIO/NIO2 Tomcat Native APR JNIs Webserver APR Internals APR Connector OpenSSL OS Sockets JavaC/Native Webserver OpenSSL Impl.
  • 11. How does that worksHow does that works SSLContext JSSESSLContext OpenSSLContext SSLEngine SSLContext OpenSSLEngine createSSLEngine() createSSLEngine() wrap() unwrap() getSession() etc... Overrides 6/27/16 11
  • 12. How does wrap worksHow does wrap works wrap(plaintext, encrypted) internalBIO networkBIO BIO_new_bio_pair SSL_set_bio writePlainTextData write_ToSSL SSL_write readEncryptedData readFromBIO BIO_read 6/27/16 12
  • 13. How does unwrap worksHow does unwrap works unwrap(encrypted, plaintext) internalBIO networkBIO BIO_new_bio_pair SSL_set_bio writeEncryptedData writeToBIO BIO_write readPlaintextData readFromSSL SSL_read 6/27/16 13
  • 14. Connector PerformanceConnector Performance ● Compare connectors throughput against each other ● Only static content was compared, varying file sizes ● Run on “fast” machines, 10 Gbps local network ● Tests: – Compare the connectors (trunk) NIO, NIO2 and APR – Using JSSE and OpenSSL – First without “sendfile” 6/27/16 14
  • 15. Connector Throughput (c8)Connector Throughput (c8) 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 2MiB.bin 4MiB.bin 8MiB.bin 16MiB.bin 32MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 Concurency 8 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size ThroughputKbytes/sec 6/27/16 15
  • 16. Connector Throughput (c40)Connector Throughput (c40) 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 2MiB.bin 4MiB.bin 8MiB.bin 16MiB.bin 32MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 Concurency 40 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size ThroughputKbytes/sec 6/27/16 16
  • 17. Connector Throughput (c80)Connector Throughput (c80) 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 2MiB.bin 4MiB.bin 8MiB.bin 16MiB.bin 32MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 concurency 80 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size ThroughputKbytes/sec 6/27/16 17
  • 18. Connector CPU UseConnector CPU Use 4KiB 16KiB 64KiB 128KiB 512KiB 2MiB 8MiB 32MiB 40 50 60 70 80 90 100 Concurency 8 4KiB 16KiB 64KiB 128KiB 512KiB 2MiB 8MiB 32MiB 40 50 60 70 80 90 100 concurency 40 4KiB 16KiB 64KiB 128KiB 512KiB 2MiB 8MiB 32MiB 40 50 60 70 80 90 100 Concurency 80 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size CPUusage 6/27/16 18
  • 19. Connector TC8.5Connector TC8.5 6/27/16 19 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 800000 Concurency 320 tomcat 8.5 coyote_apr_https coyote_nio_jssehttps coyote_nio_opensslhttps File Size Kbytes/second 4KiB 8KiB 16KiB 32KiB 64KiB 128KiB 256KiB 512KiB 1MiB 0 20 40 60 80 100 120 Concurency 320 tomcat8.5 coyote_apr_https coyote_nio_jssehttps coyote_nio_opensslhttps File Size CPUusage
  • 20. Connector PerformanceConnector Performance ● With sendfile – In fact with TLS/SSL sendfile is emulated 6/27/16 20
  • 21. Connector Throughput (c8)Connector Throughput (c8) 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 2MiB.bin 4MiB.bin 8MiB.bin 16MiB.bin 32MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 800000 Concurency 8 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size ThroughputinKbytes/sec 6/27/16 21
  • 22. Connector Throughput (c40)Connector Throughput (c40) 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 2MiB.bin 4MiB.bin 8MiB.bin 16MiB.bin 32MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 800000 Concurency 40 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size ThroughputinKbytes/sec 6/27/16 22
  • 23. Connector Throughput (c80)Connector Throughput (c80) 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin 2MiB.bin 4MiB.bin 8MiB.bin 16MiB.bin 32MiB.bin 0 100000 200000 300000 400000 500000 600000 700000 800000 Concurency 80 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https File Size ThroughtinKbytes/sec 6/27/16 23
  • 24. Connector CPU UseConnector CPU Use 4KiB 16KiB 64KiB 128KiB 512KiB 2MiB 8MiB 32MiB 40 50 60 70 80 90 100 Concunreny 8 4KiB 16KiB 64KiB 128KiB 512KiB 2MiB 8MiB 32MiB 40 50 60 70 80 90 100 Concurency 40 4KiB 16KiB 64KiB 128KiB 512KiB 2MiB 8MiB 32MiB 40 50 60 70 80 90 100 Concurency 80 coyote_apr_https coyote_nio2_openssl_https coyote_nio_jsse_https coyote_nio_openssl_https 6/27/16 24
  • 25. Connector PerformanceConnector Performance ● Conclusion: – OpenSSL performs better that JSSE – NIO and NIO(2) give similar results – Emulated sendfile doesn't help a lot (bigger files better). – APR isn't needed – Until Java9 is released OpenSSL is needed for HTTP/2 6/27/16 25
  • 26. Questions?Questions? Thank you!Thank you! ● jfclere@gmail.com ● users@tomcat.apache.org ● Repo with the scripts for the tests: – https://github.com/jfclere/AC2014scripts 6/27/16 26