[Freeipa-devel] KDC proxy implementation specs
Nathaniel McCallum
npmccallum at redhat.com
Thu May 28 15:09:31 UTC 2015
On Thu, 2015-05-28 at 17:07 +0200, Christian Heimes wrote:
> On 2015-05-28 16:48, Nathaniel McCallum wrote:
> > An apache module would also provide similar benefits. I'm not sure
> > I
> > necessarily want to stick with python here if we're optimizing for
> > performance. Another option would be to add it to the KDC itself
> > and
> > proxy through Apache like we do for Tomcat. MIT might like that
> > option.
>
> For that kind of network code Python is really fast enough. An event
> driven framework like asyncio or Twisted can handle lots of
> connections
> simultaneous. We aren't speaking about several GBit/sec where zero
> -copy
> is required.
>
> I'm more worried about Apache than Python. Apache is tuned for the
> needs
> of the webui, e.g. prefork MPM. Let's see how it works out in a
> production system.
Right. And the KDC could just parse the messages directly.
I agree. Let's wait and see.
Nathaniel
More information about the Freeipa-devel
mailing list