By: Mark David Dumlao named 13 Feb 2015 at 1:41 a.m. CST

1 Response
Mark David Dumlao gravatar
Hi! I'm tinkering with Gluu CE 2.0 from CentOS and trying to run performance tests on it. The published benchmark results on the website hint at 100 concurrent transactions in 8 seconds, but don't hint at the specifications or configuration of the test machine outside of mentioning use of OpenID Implicit Flow. http://www.gluu.org/docs/articles/benchmarking/ Separately, the wiki gives hints on how to benchmark and achieves a result of about 10.3 concurrent transactions, but again no hints of the specifications of the test machine. http://ox.gluu.org/doku.php?id=oxauth:benchmarking From my own tests, I'm achieving results on the order of 20-80 transactions/second when using OpenID connection authorization code workflow. I'm pretty sure I'm not yet hitting the limits of httpd, tomcat, or opendj connections as I can easily hit 300+ transactions/second when only retrieving $gluu_sso_url/.well-known/openid-configuration, and I can get better numbers on tuning. Hardware: CPU: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz, 4 cores, 64 bit Memory: 4GB (swap unused) Software: - OS: Centos 6.6 - Gluu Version: Gluu CE 2.0 (centos) - JVM: OpenJDK 24.65-b04, bundled with Gluu - LDAP: Gluu OpenDJ 2.6.0, bundled with Gluu - Application Server: Tomcat 7.0.55, bundled with Gluu - Web Server: apache 2.2.15, bundled with Gluu oxAuth parameters - ldap over localhost:1389 (not SSL) - maxconnections=256 oxTrust parameters - ldap over localhost:1389 (not SSL) - maxconnections=64 Apache parameters - disabled anti-DOS - worker mpm - start 8 servers - serverlimit 32 - maxclients 256 - minsparethreads 32 - maxsparethreads 128 - threadsperchild 64 - maxrequestsperchild 0 Tomcat parameters - initial heap 512m - max memory 2048m - XX:DisableExplicitGC - ulimit -n 65536 (max open files) - connector maxThreads=256, acceptCount=512, acceptorThreadCount=2, minSpareThreads=64 - 8009 is not redirected to 8443 OpenDJ parameters - start-ds.java-args = -server -Xms1456m -Xmx2048m -XX:MaxTenuringThreshold=1 -XX:+UseCompressedOops - ulimit -n 65536 (max open files) Login program does: - authorization code workflow - retrieves .well-known/openid-configuration - fills in login page - parses authorization code, retrieves id_token - retrieves 1 userinfo with openid, username, profile, email

By Yuriy Zabrovarnyy staff 13 Feb 2015 at 10:31 a.m. CST

Yuriy Zabrovarnyy gravatar
Since oxAuth has stateless architecture it's possible scale easily. You may want to run a few oxAuth instances in cluster then dependency between handled requests and number of instances will be linear. While benchmarking the oxAuth instance we concentrated on ability to authorize as many request as possible within single instance with limited resources. Indeed it's possible to accelerate each part of system and get better results. We are interested in results from other people, so please share your results. Benchmarking published on site was made on following machine: **Hardware:** Intel Core i5-2400,, 3.10 Ghz RAM: 16.0 GB **Software:** Gluu Version: Gluu CE 2.0