You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Benjamin Mahler (JIRA)" <ji...@apache.org> on 2018/10/21 22:39:00 UTC

[jira] [Created] (MESOS-9339) SSL (TLS) peer reverse DNS lookup can block the event loop thread.

Benjamin Mahler created MESOS-9339:
--------------------------------------

             Summary: SSL (TLS) peer reverse DNS lookup can block the event loop thread.
                 Key: MESOS-9339
                 URL: https://issues.apache.org/jira/browse/MESOS-9339
             Project: Mesos
          Issue Type: Bug
          Components: libprocess
            Reporter: Benjamin Mahler


We currently look up the peer hostname in order to perform certificate verification while accepting SSL (TLS) connections. This blocks the event loop thread in cases where it has to go over the network. We saw one issue where a misconfiguration meant that this would block for 15 seconds.

Once we add asynchronous DNS lookup facilities (MESOS-9338), we can use them to avoid blocking the event loop thread.

We should consider logging slow DNS reverse lookups and adding timing metrics for them.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)