Reuse tls sessions accross clients of a connection pool

[nherment]

Closes #556

This implements the reuse of TLS sessions across clients of a connection pool.

When reviewing this, please pay particular attention to:

• The clearing of the TLS Sessions cache. I'm not 100% confident the logic is as good as it can be.
• Whether a Map of all active sessions is that much more valuable than just keeping the last known valid session and reusing that for new clients.
• The performance tests comparing session reuse vs no-reuse are reliable on my laptop but aren't on the test VMs. This is disappointing and I would appreciate if you could verify that reusing sessions is actually a net perf gain for most use cases.
• There is a new option to the Pool to disable the session cache reuse tls.reuseSessions. I'm not sure if such option should be exposed but felt it is a good way to disable the feature if it causes some issues with some servers.

[codecov-io]

Codecov Report

Merging #588 (55803b2) into master (252b676) will decrease coverage by 0.26%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##           master     #588      +/-   ##
==========================================
- Coverage   99.15%   98.88%   -0.27%     
==========================================
  Files          16       16              
  Lines        1418     1437      +19     
==========================================
+ Hits         1406     1421      +15     
- Misses         12       16       +4     

Impacted Files	Coverage Δ
lib/core/symbols.js	100.00% <ø> (ø)
lib/core/client.js	99.13% <100.00%> (+<0.01%)	⬆️
lib/pool.js	99.34% <100.00%> (+0.08%)	⬆️
lib/node/http-parser.js	75.00% <0.00%> (-25.00%)	⬇️
lib/core/request.js	94.89% <0.00%> (-2.05%)	⬇️
lib/core/util.js	94.73% <0.00%> (-1.32%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 252b676...55803b2. Read the comment docs.

[nherment]

Also please let me know if some documentation should be added to the readme

[ronag]

I wish we could implement this without coupling Client and Pool with hidden symbols. But i guess we can improve that in the future.

[ronag]

Any chance we could implement this by passing a connect method in the client options?

[nherment]

Any chance we could implement this by passing a connect method in the client options?

What would it help with? It'll definitely be more powerful but also come with some drawbacks if I understand correctly (e.g. re implementing the function in the pool).

[ronag]

What would it help with? It'll definitely be more powerful but also come with some drawbacks if I understand correctly (e.g. re implementing the function in the pool).

Removes coupling between classes.

[nherment]

@ronag I mainly bring 4 changes:

1. The Map/TLSSessionCache is gone in favor of a single session stored at the pool level. Thanks to @mcollina for this.
2. The Client now publicly exposes the 'session' event instead of a hidden one.
3. The logic to set the TLS session on top of the tls options in the pool is updated and hopefully more readable
4. There is a flag to enable/disable the perf test of TLS session reuse

If I understand your suggestion of passing in a connect function, I feel it would be over-complicated as the pool would need to re-implement some logic that the client owns.

I saw 2 options to address your following comment:

I wish we could implement this without coupling Client and Pool with hidden symbols.

• Either implement some kind of hooks in the Client that would allow the Pool to override the default behaviour
• Or publicly expose the Client session event instead of using a hidden symbol.

[ronag]

I think I'm happy with exposing the session event.

[ronag]

LGTM, good job!

[nherment]

@ronag or @mcollina could you please merge this for me? I don't have the access rights to do it.

[ronag]

Waiting for review from @mcollina

[mcollina]

Code is good to go!

[mcollina]

What happens if this is used in node v10? Is it crashing? We should document and add a a test for it.

[Ethan-Arrowood]

i don't immediately see why this wouldn't run in node 10 but i could easily be missing something obvious

[nherment]

@ronag @delvedor @mcollina do you remember why that was done for the Client's session reuse?
This code covers the same path so I decided to reuse the node version skip.

[delvedor]

The session event has been added in Node v11.
Feel free to add a comment for posterity!

[nherment]

Thank you!

[mcollina]

Have you done any performance testing by chance? Did you see any improvement?

[Ethan-Arrowood]

is a call to Object.assign({}, this[kOptions]) potentially faster?

[nherment]

Not that I know. Cf. https://thecodebarbarian.com/object-assign-vs-object-spread.html

[Ethan-Arrowood]

Suggested change

	if (tls.reuseSessions === false) {
	if (!tls.reuseSessions) {

[nherment]

Thanks for the suggestion @Ethan-Arrowood. As mentioned in the PR's description this strict equality check is on purpose.
Changing to your code will change the behavior of the pool to not reuse sessions by default.

[Ethan-Arrowood]

Oh I see now

[Ethan-Arrowood]

Suggested change

	if (!options.tls || (options.tls.reuseSessions !== false && !options.tls.session)) {
	if (!options.tls || (options.tls.reuseSessions && !options.tls.session)) {

[nherment]

The same comment as above regarding the default behavior applies here too.

[Ethan-Arrowood]

i don't immediately see why this wouldn't run in node 10 but i could easily be missing something obvious

[nherment]

@mcollina regarding the perf tests I saw an improvement. You can test it locally. Unfortunately the perf tests dont always pass in the test VMs.

[mcollina]

lgtm

[ronag]

I'd like to understand the node 10 thing

[nherment]

Comment added regarding the node >= 11 version for the TLS session reuse tests.

[delvedor]

LGTM

[Ethan-Arrowood]

Great work!