[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

https / ssl performance, 1.8

From: Weatherby,Gerard <gweatherby_at_uchc.edu>
Date: Fri, 9 Oct 2015 14:43:09 +0000

Long time user, first time poster.

We've used server version 1.6 with svnserve on an existing project and it works great. (All teams members are inside firewall)

We have a new project with outside collaborations and some not open source code, so we set up https:// Mod Dav using apache2 and pwauth for validation -- we have other resources and prefer using the same authentication for all for simplicity.

It "works" but the performance makes it nearly unusable. Monitoring the server using the top linux utility indicates many, many invocations of "pwauth" for a single client request. The next thing I was going to try was to install an sssd daemon on the server, but I wanted to ask if there was anything else I was missing.

Below are various version numbers / httpd config directives I think will be relevant. The host is actually a virtual machine hosted on a fairly high VMSphere server; the 1.6 svnserve subversion server that works well is on the same server so it seems unlikely that that would be the problem. (And other IPC mechanisms like secure copy (scp) show very good performance.)

CentOS release 6.7 (Final)

uname -a
Linux hostname 2.6.32-573.3.1.el6.x86_64 #1 SMP Thu Aug 13 22:55:16 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

sudo httpd -version
Server version: Apache/2.2.15 (Unix)
Server built: Aug 24 2015 17:52:49
===
<VirtualHost *:80>
    DocumentRoot /web
    CustomLog /var/log/httpd/hostname-access.log combined
    Redirect 301 "/repos" "https://hostname/repos"<https://hostname/repos>
    Redirect 301 "/wiki" "https://hostname/wiki"<https://hostname/wiki>
    Redirect 301 "/developer" "https://hostname/developer"<https://hostname/developer>

===
LoadModule authnz_external_module modules/mod_authnz_external.so

DefineExternalAuth pwauth pipe /usr/bin/pwauth

<LocationMatch "/(mediawiki|repos|developer)/">

    # Require SSL connection for password protection.
    SSLRequireSSL

    AuthType Basic
    AuthName "realm name"
    AuthBasicProvider external
    AuthExternal pwauth
    require valid-user

</LocationMatch>

===
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so

<Location /repos>
   DAV svn
   SVNParentPath "/svn/"
   SVNAllowBulkUpdates Prefer
</Location>
CustomLog logs/svn_logfile "%t %u %{SVN-ACTION}e" env=SVN-ACTION 

--
Gerard Weatherby | Application Architect
Virtual Cell | Center for Cell Analysis & Modeling | UConn Health
NMRbox | Department of Molecular Biology and Biophysics | UConn Health
263 Farmington Avenue, Farmington, CT 06030-6406 uchc.ed
Received on 2015-10-09 16:43:31 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.