PKI authentications causes VERY HIGH CPU usage

Hello. I recently had to switch Kibana to authenticate against ES client node to use basic auth instead of client certificates. When using client certificates, the Elasticsearch client node CPU is loaded by 50% (it is a new 8core HW Xeon CPU machine). It is caused JUST by idle Kibana which is authenticating itself at some frequency. After changing the authentication to basic, the CPU usage is just 0.5% which is huge difference.

I know PKI auth is more resource hungry but this it too much. Where is the problem? Is it a java issue - wrong configuration/version or xpack bug?

Java: OpenJDK 1.8.0
OS: Centos 7
Elasticsearch + Xpack: 6.2.3
Kibana: 6.2.2

Btw. the same applies for probably every authentication. I just switch remote security audit client authentication from PKI to basic auth and the CPU usage on my monitoring cluster nodes dropped from 60 percent to 30.


Sorry this took so long to address. We would love some more information so that we can try to get to the bottom of this:

  • If I understand this correctly, Kibana and Elasticsearch run on the same node. Can you clarify if this the Elasticsearch or the Kibana processes (or maybe both ) that accumulate to the CPU load ?
  • Can you share some details about the client certificates and the keys you are using ? Key length and algorithm, certificate type and signature algorithm, anything that might be helpful for reproduction.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.