Issue with SSL CPU utilization

So we are starting to see this problem happening maybe every 4 minutes. What I see there is a bunch of sonar logins and logoffs via the SSL API - if enough of them happen simultaneously, the CPU does that. The high CPU usage is concerning. Is there a way to get Sonar to stay logged in for longer instead of opening so many different API sessions?

Those spikes happen at moments like this

image

Those look like different users. Have you setup the device in multiple Sonar instances or multiple times in the same instance?

Multiple instances logging into the same device. In our case, there are 6 different instances logging into the same device. The issue happens when all 6 instances do so basically simultaneously, which happens about once every 4 minutes on average, and the spike lasts only a second or two. I have to be very quick with the screenshot to capture it.

There’s nothing we can do about that in v1, none of the instances have knowledge of each other so they will all have their own independent logins.

Yes, of course they have no knowledge of each other, but I am wondering why even a single instance disconnects and reconnects so frequently. Even with just a single instance I see lots of logins and logouts in the log over a period of time, vs. just using the same session for longer. Is there a short timeout or something on the API side?

It’s to check the status, everything is run in a temporary job so there’s no persistence.

We have worked around this by disabling SSL for now but that isn’t an ideal solution. I assume you have all instances on the same cron timer or whatever for the status check and that is why they all happen simultaneously. It would be nice if this status check could be randomized somehow within the period to try to avoid these simultaneous checks when multiple instances happen to be used with the same router. Also, sometimes if it needs to make a few address list changes (with a single user) it logs in, makes one address list change, logs out, immediately logs back in, makes another change, and logs out in a single second basically. It would be nice if it realized it had a few address list changes to make and batched them together to be in a single session instead of that pattern.

It’s tough to do with the current setup, but we’ll take a look for the future.

1 Like