Even though CPU usage is low, and http responses are very quick, SSL responses are taking longer than 10+ seconds to respond.
HAProxy SSL Responses Very Slow
haproxyopenssl
haproxyopenssl
Even though CPU usage is low, and http responses are very quick, SSL responses are taking longer than 10+ seconds to respond.
Best Answer
It turns out that the OpenSSL library needs to have the hostname properly set in
/etc/hosts
, if not it will block on lookups. Discovered this behavior by running strace on one of the ssl procs.127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 close(519) = 0 stat("/etc/krb5.conf", {st_mode=S_IFREG|0644, st_size=685, ...}) = 0 open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 299 fstat(299, {st_mode=S_IFREG|0644, st_size=209, ...}) = 0