454cff587e
If a HTTPS termination listener exists, set the tune.ssl.cachesize setting to use about half of the available memory (free + buffers + cached) on the amphora minus the memory needed for network sockets based on the global max connections setting. A larger SSL cache allows for more resumed SSL sessions and therefore less computationally expensive SSL handshakes. Change-Id: I87efba18017aa3e8b9b3cc812664efc11af1c4c4
10 lines
457 B
YAML
10 lines
457 B
YAML
---
|
|
other:
|
|
- |
|
|
When a HTTPS termination listener gets configured, Octavia will tweak the
|
|
HAProxy `tune.ssl.cachesize` setting to use about half of the available
|
|
memory (free + buffers + cached) on the amphora minus the memory needed
|
|
for network sockets based on the global max connections setting.
|
|
This allows to make better reuse of existing SSL sessions and
|
|
helps to lower the number of computationally expensive SSL handshakes.
|