Well...this is hardly a satisfactory answer. Of course I expect a slowdown
because encryption takes down. But how much, and what data does shield
encrypt (e.g. only the initial authentication step or every bit of
communication)? For example, I would not be surprised if Shield does the
simplest thing and naively encrypt every communication between nodes as
they happen, i.e. a SSL wrap on top of the transport layer. In that case,
it would be super easy to estimate the type of slowdown that one could
expect, and similarly back out how much slowdown under a specific cluster
setup and data pattern.
My inquiry is really to ask for more detailed information.
- Could you outline how the node-to-node communication is encrypted?
- Using 1, could you explain, via an example, when the slowdown is
minimum, and also via a different example, when the slowdown is significant?
Best,
Jin
On Thursday, January 29, 2015 at 1:00:32 AM UTC-8, David Pilato wrote:
Shay twitted this about this matter:
https://twitter.com/kimchy/status/560124652472008704
Shay Banon @kimchy https://twitter.com/kimchy
Follow https://twitter.com/kimchy
@m_hughes https://twitter.com/m_hughes yes, it affects performance,
though less now with newer JVMs @dadoonet https://twitter.com/dadoonet @
elasticsearch https://twitter.com/elasticsearch
6:18 PM - 27 Jan 2015
https://twitter.com/kimchy/status/560124652472008704
Not specific numbers here though.
--
David Pilato | Technical Advocate | Elasticsearch.com
http://Elasticsearch.com
@dadoonet https://twitter.com/dadoonet | @elasticsearchfr
https://twitter.com/elasticsearchfr | @scrutmydocs
https://twitter.com/scrutmydocs
Le 29 janv. 2015 à 09:56, Jin Huang <huang...@gmail.com <javascript:>> a
écrit :
Hi,
Can anyone shed some light on the impact of Shield on performance,
assuming that secured communication is enabled for node to node
communication?
When Elasticsearch team says that node-to-node encryption is enabled, does
it mean that every bit of data transported on port 9300 is encrypted? Since
the whole cluster could transfer a huge amount of data across different
nodes constantly, would this encryption step severely lower the performance
of the cluster?
Doe the Elasticsearch team have some ready-made benchmark data to share?
Can someone elaborate on the architecture?
Thanks,
Jin
--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearc...@googlegroups.com <javascript:>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/8af7a106-0365-49a1-a0be-38eb1a7c0514%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/8af7a106-0365-49a1-a0be-38eb1a7c0514%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/9eca170f-8bf9-4dda-afee-f38c099174b5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.