Skip to content
This repository has been archived by the owner on Nov 13, 2024. It is now read-only.

[Enhancement]: improve copy performance with Kernel TLS #61

Open
huanghaoyuanhhy opened this issue Sep 22, 2023 · 2 comments
Open

[Enhancement]: improve copy performance with Kernel TLS #61

huanghaoyuanhhy opened this issue Sep 22, 2023 · 2 comments
Assignees
@huanghaoyuanhhy

Comments

@huanghaoyuanhhy
Copy link
Collaborator

huanghaoyuanhhy commented Sep 22, 2023
edited
Loading

What would you like to be added?

In cross-cloud or cross-region data copying, the data needs to be read from the source socket and then written to the destination socket, causing two user-kernel mode switches. We can use the splice system call to avoid the overhead of context switching, where the kernel directly copies the data. The io.Copy function in Golang automatically utilizes this optimization. However, due to the presence of TLS encryption, data must be encrypted and decrypted in user mode. In newer Linux kernels (≥ 4.17), Kernel TLS (kTLS) feature has been implemented, which can be leveraged to achieve the copying functionality.

Why is this needed?

Can significantly improve performance.

Anything else?

kernel doc
nginx blog
@huanghaoyuanhhy huanghaoyuanhhy self-assigned this Sep 22, 2023
@xiaofan-luan
Copy link
Collaborator

any more description?

@huanghaoyuanhhy huanghaoyuanhhy changed the title [Enhancement]: improve copy perform with Kernel TLS [Enhancement]: improve copy performance with Kernel TLS Sep 22, 2023
@huanghaoyuanhhy
Copy link
Collaborator Author

@xiaofan-luan Sorry for busy work. More explanations have been added.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@huanghaoyuanhhy huanghaoyuanhhy

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xiaofan-luan @huanghaoyuanhhy