1

We have a main webservice using several microservices. The main service is called really often (lot of queries) and has been profiled and designed to be blazing fast from code perspective.

If we had 5 microservices behind the main webservice, for each request to the main service, we have 5 sub-requests (1 for each microservice).

For security reasons, we enabled HTTPS for every communications (tls1.2).

Now we note that we add a non negligeable overhead because of the TLS handshake.

Is there a way to have an architecture allowing the reuse of part of the handshakes (or anything else heavy in the https part of the com) for optimizing all the requests?

Maybe something allowing apache or nginx or (...) to keep the connections "open" and reuse them?

PHP curl extension allows something like this, but it is only during the life of your curl handler... I want to reproduce this kind of behaviour but for all (or most of all) the requests coming to the main webservice.

The curl feature I mentioned: http://tokenposts.blogspot.nl/2013/02/php-curl-optimise-speed-reusing-ssl.html

nemenems
  • 1,064
  • 2
  • 9
  • 27
  • 1
    Do you have `http2` enabled on your web server? Try to enable `http2` in your web server (for `nginx` this is trivial, no idea how it works with Apache), then use cURL with `CURL_HTTP_VERSION_2_0` flag. If you're using library such as `guzzle` so you don't have to do all the curl-ing manually, you can simply set the `version` to `2.0`. [More details](https://stackoverflow.com/a/34607482/693806) – N.B. Apr 19 '18 at 12:59
  • OK, i ll look at that, but to be clear, will it enable some kind of persistent connections or some kind of optimization between multiple PHP process ? – nemenems Apr 19 '18 at 15:34
  • It's much easier if you check what http/2 is. I know you want an answer that gives you security and performance at the same time but that kind of thing doesn't exist. Encryption is cpu intensive. That's how it is. – N.B. Apr 19 '18 at 16:24

0 Answers0