Comments (6)
phiresky
commented on May 23, 2024
1
make sure you use cargo run --release and add lto="thin" to [profile.release] in cargo, rust is really slow in dev mode
from activitypub-federation-rust.
Nutomic
commented on May 23, 2024
Last I checked, Rustls wasnt able to generate RSA keypairs.
https://github.com/LemmyNet/activitypub-federation-rust/blob/main/src/http_signatures.rs#L53
from activitypub-federation-rust.
prettykool
commented on May 23, 2024
I do support the idea of moving away from OpenSSL, but there are better solutions than what you've suggested. Using a dedicated RSA library like what the RustCrypto guys made would probably be better for this project's use case.
from activitypub-federation-rust.
phiresky
commented on May 23, 2024
Since signing messages takes up a significant amount of CPU time and we're signing millions of messages, there probably needs to be some benchmarking done to prevent large performance regression
from activitypub-federation-rust.
prettykool
commented on May 23, 2024
Since signing messages takes up a significant amount of CPU time and we're signing millions of messages, there probably needs to be some benchmarking done to prevent large performance regression
I'm not familiar with Rust benchmarking in the slightest, but I decided to try and improvise, just to get an idea of what the differences in performance might be at a very basic level.
Taking from the examples for rsa and openssl provided by both of the respective projects, I made a quick thing checking how long it would take for both of them to:
- Create a private key
- Generate a public key from said private key
- Sign a 230 character string using the private key
I used /bin/time -v to get these stats. Here's the results:
rsa
Command being timed: "cargo run"
User time (seconds): 0.49
System time (seconds): 0.12
Percent of CPU this job got: 119%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:00.51
Average shared text size (kbytes): 0
Average unshared data size (kbytes): 0
Average stack size (kbytes): 0
Average total size (kbytes): 0
Maximum resident set size (kbytes): 218176
Average resident set size (kbytes): 0
Major (requiring I/O) page faults: 0
Minor (reclaiming a frame) page faults: 42945
Voluntary context switches: 669
Involuntary context switches: 13
Swaps: 0
File system inputs: 0
File system outputs: 21872
Socket messages sent: 0
Socket messages received: 0
Signals delivered: 0
Page size (bytes): 4096
Exit status: 0
openssl
Command being timed: "cargo run"
User time (seconds): 0.30
System time (seconds): 0.12
Percent of CPU this job got: 102%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:00.41
Average shared text size (kbytes): 0
Average unshared data size (kbytes): 0
Average stack size (kbytes): 0
Average total size (kbytes): 0
Maximum resident set size (kbytes): 178612
Average resident set size (kbytes): 0
Major (requiring I/O) page faults: 0
Minor (reclaiming a frame) page faults: 33667
Voluntary context switches: 214
Involuntary context switches: 15
Swaps: 0
File system inputs: 0
File system outputs: 11360
Socket messages sent: 0
Socket messages received: 0
Signals delivered: 0
Page size (bytes): 4096
Exit status: 0
Just from a quick glance, rsa is heavier on resources, and a bit slower than openssl too. The people who made rsa have said that they plan to do more optimization for it in the future - but for the time being, I don't see a real advantage to using rsa, other than moving away from OpenSSL (Which, while good, shouldn't be the primary reason for switching away from it)
If anyone wants to do better than me on the benchmarking, or has an alternate RSA library to check out, lemmie know.
from activitypub-federation-rust.
prettykool
commented on May 23, 2024
make sure you use cargo run --release and add lto="thin" to [profile.release] in cargo, rust is really slow in dev mode
Good catch. I redid the tests using what you suggested, and here's what I got:
rsa
Command being timed: "cargo run --release"
User time (seconds): 0.03
System time (seconds): 0.02
Percent of CPU this job got: 100%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:00.06
Average shared text size (kbytes): 0
Average unshared data size (kbytes): 0
Average stack size (kbytes): 0
Average total size (kbytes): 0
Maximum resident set size (kbytes): 25468
Average resident set size (kbytes): 0
Major (requiring I/O) page faults: 0
Minor (reclaiming a frame) page faults: 2121
Voluntary context switches: 5
Involuntary context switches: 1
Swaps: 0
File system inputs: 0
File system outputs: 8
Socket messages sent: 0
Socket messages received: 0
Signals delivered: 0
Page size (bytes): 4096
Exit status: 0
openssl
Command being timed: "cargo run --release"
User time (seconds): 0.05
System time (seconds): 0.01
Percent of CPU this job got: 98%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:00.06
Average shared text size (kbytes): 0
Average unshared data size (kbytes): 0
Average stack size (kbytes): 0
Average total size (kbytes): 0
Maximum resident set size (kbytes): 25212
Average resident set size (kbytes): 0
Major (requiring I/O) page faults: 0
Minor (reclaiming a frame) page faults: 2122
Voluntary context switches: 5
Involuntary context switches: 2
Swaps: 0
File system inputs: 0
File system outputs: 8
Socket messages sent: 0
Socket messages received: 0
Signals delivered: 0
Page size (bytes): 4096
Exit status: 0
Looks like, in production, they're mostly equivalent from a resource standpoint, with rsa being a little faster than openssl.
I'm glad to know I was wrong the first time around. Thanks for helping me out with this.
from activitypub-federation-rust.
Related Issues (20)
- Upgrade background-jobs dependency HOT 1
- Support secure-mode federation HOT 3
- Remove actix-rt depenency
- do_send should retry failed connections HOT 1
- Compress body of outgoing post requests HOT 1
- Real-world 0.17.4 Lemmy servers are failing with federation - error logs show 'Header is expired' HOT 1
- [Bug]: Incompatible licenses HOT 5
- Add Url wrapper type
- Change return type of UrlVerifier::verify
- Make sure http signing is not blocking tokio HOT 3
- Webfinger fetching not compliant with webfinger standard HOT 1
- Error when trying to use ObjectId::parse HOT 2
- Signing broken when using axum nested routers HOT 2
- Examples on how to implement Object Trait for persistent storage like Sqlite HOT 1
- Remove `anyhow` dependency HOT 2
- Error: don't drop the original error HOT 5
- Upgrade `hyper` and `http` dependencies to 1.0 HOT 4
- How does this crate (and Lemmy) handle the dynamic nature of JSON-LD? HOT 1
- What is the diesel feature for in the crate? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from activitypub-federation-rust.