[MDEV-33721] Use http keep-alive instead of individual request connections when talking to Vault server - Jira

XML

Word

Printable

Details

Type: New Feature
Status: Open (View Workflow)
Priority: Major
Resolution: Unresolved
Fix Version/s: None
Component/s: Plugin - Hashicorp Key Management
Labels:
None

Description

Right now the HashiCorp Vault key management plugin uses individual HTTP connections to send requests to the Vault key server via the curl library. When dealing with a large number of different keys this is

a) slower then necessary due to the connect overhead, including TLS handshake when using https:
b) can use up a lot of client ports in a short time frame, so potentially running out of available ports while these are in TIME_WAIT state before becoming ready or reuse

As Vault supports http keep-alive we should try to re-use existing curl/http connections for followup requests where ever possible.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Hartmut Holzgraefe

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2022-08-08 09:01

Updated:: 2024-03-19 09:42

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.