subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Weatherby,Gerard" <>
Subject https / ssl performance, 1.8
Date Fri, 09 Oct 2015 14:43:09 GMT
Long time user, first time poster.

We've used server version 1.6 with svnserve on an existing project and it works great. (All
teams members are inside firewall)

We have a new project with outside collaborations and some not open source code, so we set
up https:// Mod Dav using apache2 and pwauth for validation -- we have other resources and
prefer using the same authentication for all for simplicity.

It "works" but the performance makes it nearly unusable. Monitoring the server using the top
linux utility indicates many, many invocations of "pwauth" for a single client request. The
next thing I was going to try was to install an sssd daemon on the server, but I wanted to
ask if there was anything else I was missing.

Below are various version numbers / httpd config directives I think will be relevant. The
host is actually a virtual machine hosted on a fairly high VMSphere server; the 1.6 svnserve
subversion server that works well is on the same server so it seems unlikely that that would
be the problem. (And other IPC mechanisms like secure copy (scp) show very good performance.)

CentOS release 6.7 (Final)

uname -a
Linux hostname 2.6.32-573.3.1.el6.x86_64 #1 SMP Thu Aug 13 22:55:16 UTC 2015 x86_64 x86_64
x86_64 GNU/Linux

sudo httpd -version
Server version: Apache/2.2.15 (Unix)
Server built:   Aug 24 2015 17:52:49
<VirtualHost *:80>
    DocumentRoot /web
    CustomLog /var/log/httpd/hostname-access.log combined
    Redirect 301 "/repos" "https://hostname/repos"<https://hostname/repos>
    Redirect 301 "/wiki" "https://hostname/wiki"<https://hostname/wiki>
    Redirect 301 "/developer" "https://hostname/developer"<https://hostname/developer>

LoadModule authnz_external_module modules/

DefineExternalAuth pwauth pipe /usr/bin/pwauth

<LocationMatch "/(mediawiki|repos|developer)/">

    # Require SSL connection for password protection.

    AuthType Basic
    AuthName "realm name"
    AuthBasicProvider external
    AuthExternal pwauth
    require valid-user


LoadModule dav_svn_module     modules/
LoadModule authz_svn_module   modules/

<Location /repos>
   DAV svn
   SVNParentPath "/svn/"
   SVNAllowBulkUpdates Prefer
CustomLog logs/svn_logfile "%t %u %{SVN-ACTION}e" env=SVN-ACTION
Gerard Weatherby | Application Architect
Virtual Cell | Center for Cell Analysis & Modeling | UConn Health
NMRbox | Department of Molecular Biology and Biophysics | UConn Health
263 Farmington Avenue, Farmington, CT 06030-6406 uchc.ed

View raw message