Confs Space
DevOps Jun 24, 2019

OpenSSL Hardware Offload Enhancement

Shanghai '19: KubeCon + CloudNativeCon + Open Source Summit
Shanghai '19: KubeCon + CloudNativeCon + Open Source Summit Conference Collection

Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io

Don’t miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects

OpenSSL Hardware Offload Enhancement - Ping Yu, Intel

TLS traffic in Internet grows fast, and web gateway nowadays has the increasing demand to accelerate the cryptography operation in TLS. OpenSSL is widely deployed in industry as a de facto SSL/TLS implementation. In latest OpenSSL, an asynchronous acceleration framework is designed and implemented, which consists of a new ASYNC library, enhanced TLS stack and engines. In this talk, we will recap our practical experience to utilize and enhance this framework to enable a high performance and low CPU utilization acceleration TLS engine in Nginx and Fd.io/VPP. We will share how we resolve the challenge in enterprise-grade deployment such as CPU/memory consumption, user private key protection, and finally present the enhancement we recently made for a more efficient and high-performance kernel bypass asynchronous communication mechanism which is now merged to OpenSSL 3.0.0 master branch.

https://sched.co/Nrsp

#DevOps #CloudNativeCon #Kubernetes #CNCF #Open Source Summit #KubeCon