-
Notifications
You must be signed in to change notification settings - Fork 79
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Thread blocking under high load for unboundid-ldapsdk 3.1.1 #20
Comments
It looks like the connection is using SSL/TLS. If you Google around for
"java.security.SecurRandom.nextBytes" and BLOCKED, you'll find that this
issue is not unique to the LDAP SDK and is a result of not having enough
entropy available on the system for the cryptographically secure random
number generator.
The easiest way around this is to provide a JVM argument of
-Djava.security.egd=file:/dev/./urandom to direct Java to use a pseudo
random number generator instead. Note that the extra ./ in the value is
necessary (see https://bugs.openjdk.java.net/browse/JDK-6202721 for more
information).
David
…On Thu, Dec 22, 2016 at 11:29 AM, YuriyZ ***@***.***> wrote:
We got random thread blocking on unbound id side under high load of oxauth
(https://github.com/GluuFederation/oxAuth).
oxauth uses unboundid-ldapsdk 3.1.1 to connect to slapd. Connection pool
is set to 1000. While profiling oxauth under high load (500 requests per
second) we noticed small thread blocking on unbound id side.
[image: ldap_]
<https://cloud.githubusercontent.com/assets/2013070/21434321/8754c658-c87c-11e6-96cf-0961b1f096e8.png>
[image: ssl]
<https://cloud.githubusercontent.com/assets/2013070/21434330/89ea2c96-c87c-11e6-8e92-19385f17adf2.png>
Please let me know if you need more details.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#20>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/ALGPAO_XqJIJcqh-8DR5f0J95H74NE6kks5rKrNrgaJpZM4LUMwj>
.
|
Thanks for nice hint. I added it and don't see blocking with SecureRandom anymore. However I still see problem with SSLContextImpl, any idea? https://cloud.githubusercontent.com/assets/2013070/21434330/89ea2c96-c87c-11e6-8e92-19385f17adf2.png |
It's hard to tell anything from the stack trace of this one thread. Can you
use jstack to generate a full stack trace of your application when it's in
this state. Thanks.
David
…On Fri, Dec 23, 2016 at 10:18 AM, YuriyZ ***@***.***> wrote:
Thanks for nice hint. I added it and don't see blocking with SecureRandom
anymore.
However I still see problem with SSLContextImpl, any idea?
https://cloud.githubusercontent.com/assets/2013070/21434330/89ea2c96-
c87c-11e6-8e92-19385f17adf2.png
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#20 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ALGPAFvjzF9WDcoQ_TzUZiNKnI6UOD3sks5rK_RQgaJpZM4LUMwj>
.
|
I think I found the reason, it's bug in jvm https://bugs.openjdk.java.net/browse/JDK-8133070 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We got random thread blocking on unbound id side under high load of oxauth (https://github.com/GluuFederation/oxAuth).
oxauth uses unboundid-ldapsdk 3.1.1 to connect to slapd. Connection pool is set to 1000. While profiling oxauth under high load (500 requests per second) we noticed small thread blocking on unbound id side.
Please let me know if you need more details.
The text was updated successfully, but these errors were encountered: