Attendees
Tim
Arnie
Khalil
Jimmy Vuccolo
Michael Sessa
Ann
Michael from Unicon
Jim Leous
Nate
Michael Morris (ACT)
Agenda
Review Action items from last call.
Discussion
- Project plan:
- detailed added.
- Calls with Michael, Jimmy, and Nate schedule to fine tune.
- Action items from last week's call:
- Unicon
- working on Logo, being reviewed by I2 and PESC. Feedback coming soon. Probably today or tomorrow.
- Roll call discussion of where we stand on action items:
- Jimmy
- moved test instance of CPR to new 4 CPU machine.
- Completed coding development for api for jmeter.
- Migrating database from MySQL to PostGres. Editing schema. Will perform unit testing to make sure it's consistant with MySQL and Oracle.
- Working on applicaitons scan of idenitty provisioning scan with their security folks.
- Hoping to be read to move stuff into the cloud by Friday
- Jimmy to work with either Nate or Unicon folks to get access to the cloud
- Michael:
- Load testing issues.
- Curious as to what information is being collected with respect to load and performance.
- Asked Unicon to define a transaction.
- Unicon:
- Nate suggested we use Grinder for testing.
- Transaction is defined as a full transaction, full authn where we are receiving back the attributes. Includes mimicking an SP.
- MRG concerned that 100 tps, we need to collect enough information to pass this off to Shib dev team to see if we can do better then 100 tps. Understanding where the limits are and giving the developers the information will help work the issues out.
- Michael from Unicon:
- Deadline slipped a little.
- Have graphs of CPU and memory usage over the duration of the tests.
- Also have the output from Grinder.
- Will send config files, they are compiling now and should be out shortly.Artifacts need to be added to our wiki.
- What is definition of "low failure rate?"
- Upping the number of threads gives more failures. Possibly from connection to LDAP connection pool, either getting stale or not responding fast enough. Working towards 0 failure rate. LDAP server being used is 389. MRG doesn't think 389 is the issue here. Unicon agress. LDAP appears to be handling things beautifully.
- MRG: It may be worthwhile to reduce the size of the LDAP pool, reducing the number of threads to see what impact that has, since LDAP hasn't been a bottleneck. Unicon will do that. Only adjust vtldap. Extreme, take it to one and see what happens, then take it to two. See where the failure rate starts.
- User interface will change, and doesn't have to be perfect on day 1! Once we have art approved, it will be plugged in and Penn State UX person will review and comment.
- Are we going with Resin, or is that open to further discussion? Unicon willing to put Resin and Jetty in the cloud. They are basically the same from a performance perspective, but Resin gives more capability. It sounds like Resin is the no-brainer choice.
- Jimmy
- Unicon
Action Items
- Unicon:
- It may be worthwhile to reduce the size of the LDAP pool, reducing the number of threads to see what impact that has, since LDAP hasn't been a bottleneck. Unicon will do that. Only adjust vtldap. Extreme, take it to one and see what happens, then take it to two. See where the failure rate starts.
- Continue testing*
- Post all artifacts to our wiki
- turn on SSL between client (grinder) and the IdPs, and between IdP and LDAP server
- Khalil:
- We still don't have azure resources. Should be checked on.
- Mr. Lehay says we're provisioned for only 10k on AWS, but we should be provisioned for 50k. We will watch resources and get back with Khalil if there's a problem
- Jimmy:
- Finish testing
- Move to cloud resources
- Tim:
- Get contact information from Jimmy regarding Penn State user interface person and work with them.
- Next step for UI: Bolt it together and point UX person at it and solicit comments
- Nate:
- Ensure Amazon web service is prepared for deployment
- Create VM's ASAP
- Upload Nate's architecture diagrams to wiki