MINOR: stats: add counters for SSL cache lookups and misses

One important aspect of SSL performance tuning is the cache size, but there's no metric to know whether it's large enough or not. This commit introduces two counters, one for the cache lookups and another one for cache misses. These counters are reported on "show info" on the stats socket. This way, it suffices to see the cache misses counter constantly grow to know that a larger cache could possibly help.
2014-05-28 16:47:01 +02:00 · 2014-05-28 16:47:01 +02:00 · ce3f913e48
commit ce3f913e48
parent 0c9c2720dc
3 changed files with 9 additions and 4 deletions
--- a/include/types/global.h
+++ b/include/types/global.h
@ -98,6 +98,7 @@ struct global {
 	int sps_lim, sps_max;
 	int ssl_lim, ssl_max;
 	int ssl_fe_keys_max, ssl_be_keys_max;
+	unsigned int shctx_lookups, shctx_misses;
 	int comp_rate_lim;           /* HTTP compression rate limit */
 	int maxpipes;		/* max # of pipes */
 	int maxsock;		/* max # of sockets */
--- a/src/dumpstats.c
+++ b/src/dumpstats.c
@ -2471,6 +2471,8 @@ static int stats_dump_info_to_buffer(struct stream_interface *si)
 		     "SslFrontendSessionReuse_pct: %d\n"
 		     "SslBackendKeyRate: %d\n"
 		     "SslBackendMaxKeyRate: %d\n"
+		     "SslCacheLookups: %u\n"
+		     "SslCacheMisses: %u\n"
 #endif
 	             "CompressBpsIn: %u\n"
 	             "CompressBpsOut: %u\n"
@ -2505,6 +2507,7 @@ static int stats_dump_info_to_buffer(struct stream_interface *si)
 	             ssl_key_rate, global.ssl_fe_keys_max,
 	             ssl_reuse,
 	             read_freq_ctr(&global.ssl_be_keys_per_sec), global.ssl_be_keys_max,
+		     global.shctx_lookups, global.shctx_misses,
 #endif
 	             read_freq_ctr(&global.comp_bps_in), read_freq_ctr(&global.comp_bps_out),
 	             global.comp_rate_lim,
--- a/src/shctx.c
+++ b/src/shctx.c
@ -18,16 +18,14 @@
 #else
 #ifdef USE_SYSCALL_FUTEX
 #include <unistd.h>
-#ifndef u32
-#define u32 unsigned int
-#endif
 #include <linux/futex.h>
 #include <sys/syscall.h>
 #endif
 #endif
 #endif
 #include <arpa/inet.h>
-#include "ebmbtree.h"
+#include <ebmbtree.h>
+#include <types/global.h>
 #include "proto/shctx.h"

 struct shsess_packet_hdr {
@ -440,6 +438,8 @@ SSL_SESSION *shctx_get_cb(SSL *ssl, unsigned char *key, int key_len, int *do_cop
 	int data_len;
 	SSL_SESSION *sess;

+	global.shctx_lookups++;
+
 	/* allow the session to be freed automatically by openssl */
 	*do_copy = 0;

@ -458,6 +458,7 @@ SSL_SESSION *shctx_get_cb(SSL *ssl, unsigned char *key, int key_len, int *do_cop
 	if (!shsess) {
 		/* no session found: unlock cache and exit */
 		shared_context_unlock();
+		global.shctx_misses++;
 		return NULL;
 	}