Yesterday we finally enabled encrypted HTTP using TLS connections on https://www.nzz.ch, one of the largest newspapers in Switzerland. Besides the "switch" on the load balancers - which was the easy part - there was a lot of work involved between many different teams and external service providers. During the kickoff meeting a few weeks ago I was asked how the load balancers would perform when we enable HTTPS. I knew that the additional encryption of the HTTP traffic will use more CPU (every connection needs to be en- and decrypted), but I couldn't give a accurate number. But what I was sure of: We're not in the 90's anymore and the servers can handle additional load.
Well, yesterday was the big day and as soon as I forced the redirect from http to https, the CPU load went up. The network traffic itself staid the same so the increased CPU usage is caused by the http encryption. But see for yourself:
Based on these graphs it's fair to say that encrypted http traffic uses around 4x more CPU than before.
No comments yet.
AWS Android Ansible Apache Apple Atlassian BSD Backup Bash Bluecoat CMS Chef Cloud Coding Consul Containers CouchDB DB DNS Database Databases Docker ELK Elasticsearch Filebeat FreeBSD Galera GlusterFS Grafana Graphics HAProxy HTML Hacks Hardware Icinga Icingaweb Icingaweb2 Influx Internet Java KVM Kibana Kodi Kubernetes LXC Linux Logstash Mac Macintosh Mail MariaDB Minio MongoDB Monitoring Multimedia MySQL NFS Nagios Network Nginx OSSEC OTRS Office PGSQL PHP Perl Personal PostgreSQL Postgres PowerDNS Proxmox Proxy Python Rancher Rant Redis Roundcube SSL Samba Seafile Security Shell SmartOS Solaris Surveillance Systemd TLS Tomcat Ubuntu Unix VMWare VMware Varnish Virtualization Windows Wireless Wordpress Wyse ZFS Zoneminder