User login function: simple but difficult

Abstract ： User login is just a common function , But its logic is not simple at all .

This article is shared from Huawei cloud community 《 User login of performance analysis TPS Low and CPU Filled with problem analysis 》, author ：zuozewei .

User login is just a common function , But its logic is not simple at all . Because the login process needs to compare and verify personal information , During the verification process, the corresponding encryption algorithm must be called , Encryption algorithm is a function that requires high performance . The complex encryption algorithm has high security , But the performance is poor ; Uncomplicated encryption algorithm has good performance , But it's safe , This is a question of trade-offs .

Follow the design steps of the benchmark scenario of the test scheme , First, test the benchmark scenario of this interface .

● Problem phenomenon

As shown in the figure above , This phenomenon is becoming more and more obvious .

In the pressure measurement results TPS The average is 25 The average response time reached 993 ms.

● The analysis process

In terms of performance analysis logic , For the problem of long response time , The first thing to do is to split the time . Since this system has been deployed SkyWalking, Use it to see where time is mainly spent .

Look at the picture ,Tomcat Of SelfDuration The most. , In other words, time is almost consumed in the service itself .

● Global monitoring

First, check the resource level of the application server ：

You can see 4C Of CPU Resources have been exhausted .

The container deployed here , Let's take a look at the resource usage of each container ：

You can see that resources are mainly consumed by the service container .

● Service orientation analysis

First, enter the service container to view the resource consumption ：

stay SkyWaking You can't see the complete call stack in , Consider connecting directly to the service Java The time consumption of the method in the process . Here we use Arthas Follow up .

Check out the busiest previous N Thread and print stack ：

Here is the business code of the program .

therefore trace attemptAuthentication This method .

next trace authenticate This method .

Follow it layer by layer , Finally came here ：

Since the crypt_raw The method takes a long time , Then decompile the source code to see what this paragraph is .

As you can see, here is an encryption algorithm BCrypt, So the conclusion is obvious BCrypt Although the encryption algorithm has high security , But the performance is poor .

● demo verification

Use here SpringBoot Realization MD5 Encryption and BCrypt Encrypted instance .

JMeter Concurrent 20 MD5 Encryption result ：

JMeter Concurrent 20 BCrypt Encryption result ：

● Suggested optimization direction

Here's an explanation ,Bcrypt When encrypting , every time HASH The values are different , So it's very slow ！

What exactly is Bcrypt Algorithm , You can refer to this article ：https://www.jianshu.com/p/2b131bfc2f10

So that's the analysis , The optimization scheme is actually clear , That is to use faster encryption , Or remove the encryption algorithm .

Click to follow , The first time to learn about Huawei's new cloud technology ~