Daily News |  Current Issue |  Archives  |  Blogs |  Keywords |  Mediakit  |  Advertise |    |  Free Trial!
System News
System News > Volume 138 > Issue 2 > Sun SysAdmin >
Sign in  |   Register  |   Password Help   |   Membership types
Sun Servers with CoolThreads Accelerate IBM HTTP Server Crypto Operations
 Additional Co-processor Cards, Special Licensing, Network Appliances Are Unnecessary
August 14, 2009,
Volume 138, Issue 2

Deploying Sun servers with CoolThreads technology in HTTP environments can help reduce system overhead, improve performance and increase overall computing and network efficiency.
 

The Sun BluePrints Online paper "Accelerating IBM HTTP Server Cryptographic Operations Using Sun Servers with CoolThreads Technology" provides an overview of how to offload cryptographic operations onto Sun servers with CoolThreads technology to accelerate IBM HTTP Server (IHS) performance. For Sun servers with UltraSPARC T1, T2 or T2 Plus processors, on-chip cryptographic acceleration eliminates the need for additional co-processor cards, special licensing, network appliances or power hungry add-on components. As a result, deploying Sun servers with CoolThreads technology in HTTP environments can help reduce system overhead, improve performance and increase overall computing and network efficiency by improving responsiveness across the entire solution.

The authors point out that UltraSPARC T1, T2 and T2 Plus processors are targeted at throughput applications and are equipped with built-in hardware cryptographic units to simplify and accelerate cryptographic operations. The processors combine chip multiprocessing and hardware multithreading with an efficient instruction pipeline to enable chip multithreading (CMT). The resulting processor design provides multiple physical instruction execution pipelines and several active thread contexts per pipeline.

These powerful processors use a unique System-on-a-Chip (SoC) design that incorporates additional cryptographic features as well as on-chip I/O and on-chip 10 Gigabit Ethernet networking capabilities to help improve performance. Each core of the UltraSPARC T1, T2 and T2 Plus processors includes a Modular Arithmetic Unit (MAU) that supports Digital Signature Algorithm (DSA) operations and Rivest Shamir Adelman (RSA) operations, which are an important component of the Secure Sockets Layer (SSL) full handshake.

RSA operations utilize a compute-intensive algorithm that can be offloaded to the MAU. The MAU itself is capable of sustaining 14,000 RSA-1024 operations per second on a system with an UltraSPARC T1 processor and more than 30,000 RSA-1024 operations per second on systems with an UltraSPARC T2 processor, according to the paper. Moving RSA operations to the MAU speeds SSL full handshake performance and frees the CPU to handle other computations, the authors contend.

The cryptographic capabilities of the UltraSPARC T1, T2 and T2 Plus processors can be accessed via the Solaris Cryptographic Framework (SCF). SCF provides cryptographic services for kernel-level and user-level consumers, as well as several software encryption modules. SCF continues to include Kernel SSL proxy (KSSL), which offloads SSL processing from user applications and enables them to transparently take advantage of hardware accelerators, such as those available in UltraSPARC T1, T2 and T2 Plus processors, as the authors point out.

The paper includes instructions on configuring IHS environment that can take advantage of the on-chip cryptography capabilities of Sun servers. The authors include the results of a test using HP LoadRunner to access the IHS index page. The script is presented in detail.

Finally, the paper includes several best practices for deployment that include recommendations to:

  • Keep the operating system and associated patches up to date. While some patches are targeted at seemingly unrelated technology, such as Java technology updates, it is important to be sure to apply all recommended patches.

  • Use the Java Development Kit (JDK software) version 1.5.0_06 or later.

  • Use processor binding to localize memory and keep data close to the processor.

  • Watch the total active thread count. On Sun servers with higher numbers of processor cores, such as the Sun SPARC Enterprise T5440 server, the WebSphere Application Server thread pool setting can be increased safely.

  • Minimize writes to shared data.

  • Deploy multiple instances of the software in Solaris Containers when consolidating systems. Solaris Containers provide operating system virtualization and process isolation with minimal overhead.

  • Allocate and manage resources to address performance needs.

  • Tune network related parameters appropriately. For example, the following TCP/IP settings are a good place to start when handling thousands of connections.

More Information

Complete text of the BluePrints Online article (Login or registration required)

Sun CMT Servers Offer 1.6 GHz UltraSPARC T2 and T2 Plus Processors [...read more...]

Keywords:

fullsource
Print
Email
Current
Profile
Archive
Blog
Generate newsletter
 

Other articles in the Sysadmin section of Volume 138, Issue 2:

See all archived articles in the Sysadmin section.

Top 10 Most Popular Articles in Current Issue (Vol 168, Issue 1)

Featured Articles



Archive by Section
Archive by Activity
Archive by Date
News and Solutions for Users of Solaris, Java and Oracle's Sun hardware products
Just the news you need, none of what you don't – 42,000+ Members – 24,000+ Articles Published since 1998
BigAdmin Cloud Developer Disk Events FOSS Features HPC Hardware Intel
Java MySQL NetBeans News OpenOffice OpenSolaris OpenStorage Partners Performance Publications
Security Servers Service Software Solaris Storage SysAdmin Tape Workstation VendorVoice

Latest Issue  |   Archived Articles  |   Edit Account  |   Blogs  |   About SNI  |   Mediakit  |   NewsToLeads  |   Headlines  |   NewsToLeads  |   RSS Feeds
Copyright © 1998-2011 System News, Inc.