Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace HTTP with TCP #378

Closed
gbryant-arm opened this issue Apr 1, 2022 · 4 comments
Closed

Replace HTTP with TCP #378

gbryant-arm opened this issue Apr 1, 2022 · 4 comments
Assignees
@egrimley-arm
Labels
client-code Something related to client code for interacting with Veracruz enhancement New feature or request server Something related to the untrusted Veracruz servers trusted-veracruz-runtime Something related to the trusted Veracruz runtime

Comments

@gbryant-arm
Copy link
Contributor

Requested feature
We propose to replace the HTTP layer with TCP between Veracruz-Client and the runtime manager.
In practice the HTTP client (on Veracruz-Client) and server (on Veracruz-Server) will be replaced with a TCP client and a TCP repeater (client & server) respectively. The stack on the runtime manager is not affected as it doesn't use HTTP.
This will reduce latency within the system by stripping down the network stack (i.e. less packet processing and no base64 encoding/decoding in particular) and using TCP's congestion control to transmit batches of TLS records more efficiently between Veracruz-Client and Veracruz-Server.

Motivation
Clients currently communicate with the runtime manager via TLS over HTTP. As a result protobuf messages are encrypted in 16KB TLS records, sent one by one to the other endpoint. The overall round-trip latency is hence subject to the processing time on the runtime manager side. This will become a major bottleneck when the latency between Veracruz-Client and Veracruz-Server increases.
#277 made some strides towards reducing the overall latency between Veracruz-Client and runtime manager but hasn't addressed this bottleneck.
@gbryant-arm gbryant-arm added enhancement New feature or request trusted-veracruz-runtime Something related to the trusted Veracruz runtime client-code Something related to client code for interacting with Veracruz server Something related to the untrusted Veracruz servers labels Apr 1, 2022
@Immy-delish
Copy link

Hello, I am an outreachy applicant. I would like to replace the HTTP layer with TCP between Veracruz-Client and the runtime manager, if this solution could solve the issue.

@dreemkiller
Copy link
Member

@Immy-delish I would not advise this issue as a first issue.
It is a very complicated change that affects many disparate code packages across all of the different platforms that we support (including AWS Nitro enclaves, which would require you to launch and run AWS EC2 instances outside of the free tier - costing you money). There are several issues labeled with "Good first Issue" (https://github.com/veracruz-project/veracruz/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22) that would be a better place to start.

@Immy-delish
Copy link

Immy-delish commented Apr 18, 2022 via email

@egrimley-arm egrimley-arm self-assigned this Oct 6, 2022
@egrimley-arm egrimley-arm mentioned this issue Nov 7, 2022
Open
@egrimley-arm
Copy link
Contributor

HTTP was replaced with TCP by #542, but with TCP still being used in an HTTP-like way, so there is more work to do, for which I have just created a new issue: #558.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@egrimley-arm egrimley-arm

Labels
client-code Something related to client code for interacting with Veracruz enhancement New feature or request server Something related to the untrusted Veracruz servers trusted-veracruz-runtime Something related to the trusted Veracruz runtime
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dreemkiller @egrimley-arm @gbryant-arm @Immy-delish