-
Notifications
You must be signed in to change notification settings - Fork 502
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reuse tls sessions accross clients of a connection pool #588
Conversation
Codecov Report
@@ Coverage Diff @@
## master #588 +/- ##
==========================================
- Coverage 99.15% 98.88% -0.27%
==========================================
Files 16 16
Lines 1418 1437 +19
==========================================
+ Hits 1406 1421 +15
- Misses 12 16 +4
Continue to review full report at Codecov.
|
Also please let me know if some documentation should be added to the readme |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wish we could implement this without coupling Client and Pool with hidden symbols. But i guess we can improve that in the future.
Any chance we could implement this by passing a |
What would it help with? It'll definitely be more powerful but also come with some drawbacks if I understand correctly (e.g. re implementing the function in the pool). |
Removes coupling between classes. |
@ronag I mainly bring 4 changes:
If I understand your suggestion of passing in a connect function, I feel it would be over-complicated as the pool would need to re-implement some logic that the client owns. I saw 2 options to address your following comment:
|
I think I'm happy with exposing the session event. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, good job!
Waiting for review from @mcollina |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code is good to go!
test/tls-session-reuse.js
Outdated
@@ -130,3 +130,103 @@ test('TLS should reuse sessions', { skip: nodeMajor < 11 }, t => { | |||
|
|||
t.end() | |||
}) | |||
|
|||
test('A pool should be able to reuse TLS sessions between clients', { skip: nodeMajor < 11 }, t => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What happens if this is used in node v10? Is it crashing? We should document and add a a test for it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i don't immediately see why this wouldn't run in node 10 but i could easily be missing something obvious
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ronag @delvedor @mcollina do you remember why that was done for the Client's session reuse?
This code covers the same path so I decided to reuse the node version skip.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The session
event has been added in Node v11.
Feel free to add a comment for posterity!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
Have you done any performance testing by chance? Did you see any improvement? |
@@ -159,11 +166,18 @@ class Pool extends EventEmitter { | |||
|
|||
if (!client) { | |||
if (!this[kConnections] || this[kClients].length < this[kConnections]) { | |||
client = new Client(this[kUrl], this[kOptions]) | |||
const options = { ...this[kOptions] } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is a call to Object.assign({}, this[kOptions])
potentially faster?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not that I know. Cf. https://thecodebarbarian.com/object-assign-vs-object-spread.html
} | ||
|
||
// User has chosen to opt out of TLS session reuse | ||
if (tls.reuseSessions === false) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if (tls.reuseSessions === false) { | |
if (!tls.reuseSessions) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the suggestion @Ethan-Arrowood. As mentioned in the PR's description this strict equality check is on purpose.
Changing to your code will change the behavior of the pool to not reuse sessions by default.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh I see now
.on('drain', this[kOnDrain]) | ||
.on('connect', this[kOnConnect]) | ||
.on('disconnect', this[kOnDisconnect]) | ||
|
||
if (!options.tls || (options.tls.reuseSessions !== false && !options.tls.session)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if (!options.tls || (options.tls.reuseSessions !== false && !options.tls.session)) { | |
if (!options.tls || (options.tls.reuseSessions && !options.tls.session)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The same comment as above regarding the default behavior applies here too.
test/tls-session-reuse.js
Outdated
@@ -130,3 +130,103 @@ test('TLS should reuse sessions', { skip: nodeMajor < 11 }, t => { | |||
|
|||
t.end() | |||
}) | |||
|
|||
test('A pool should be able to reuse TLS sessions between clients', { skip: nodeMajor < 11 }, t => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i don't immediately see why this wouldn't run in node 10 but i could easily be missing something obvious
@mcollina regarding the perf tests I saw an improvement. You can test it locally. Unfortunately the perf tests dont always pass in the test VMs. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd like to understand the node 10 thing
Comment added regarding the node >= 11 version for the TLS session reuse tests. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work!
Closes #556
This implements the reuse of TLS sessions across clients of a connection pool.
When reviewing this, please pay particular attention to:
tls.reuseSessions
. I'm not sure if such option should be exposed but felt it is a good way to disable the feature if it causes some issues with some servers.