This section describes some recommended performance tuning configurations to optimize the API Manager. It assumes that you have set up the API Manager on Unix/Linux, which is recommended for a production deployment. We also recommend a distributed API Manager setup for most production systems. Out of all components of an API Manager distributed setup, the API Gateway is the most critical, because it handles all inbound calls to APIs. Therefore, we recommend you to have at least a 2-node cluster of API Gateways in a distributed setup.
When it comes to performance, the OS that the server runs plays an important role.
If you are running MacOS Sierra and experiencing long startup times for WSO2 products, try mapping your Mac hostname to 127.0.0.1 and ::1 in the
/etc/hosts file as described. For example, if your Macbook hostname is "john-mbpro. local", then add the mapping to the canonical 127.0.0.1 address in the
/etc/hosts file, as shown in the example below.
Following are the configurations you can apply to optimize OS-level performance:
To optimize network and OS performance, configure the following settings in the
/etc/sysctl.conffile of Linux. These settings specify a larger port range, a more effective TCP connection timeout value, and a number of other important parameters at the OS-level.
It is not recommended to use
net.ipv4.tcp_tw_recycle = 1when working with network address translation (NAT), such as if you are deploying products in EC2 or any other environment configured with NAT.
To alter the number of allowed open files for system users, configure the following settings in the
/etc/security/limits.conffile of Linux (be sure to include the leading * character).
Optimal values for these parameters depend on the environment.
To alter the maximum number of processes your user is allowed to run at a given time, configure the following settings in the
/etc/security/limits.conffile of Linux (be sure to include the leading * character). Each carbon server instance you run would require upto 1024 threads (with default thread pool configuration). Therefore, you need to increase the nproc value by 1024 per each carbon server (both hard and soft).
When an XML element has a large number of sub elements and the system tries to process all the sub elements, the system can become unstable due to a memory overhead. This is a security risk.
To avoid this issue, you can define a maximum level of entity substitutions that the XML parser allows in the system. You do this using the
entity expansion limit as follows in the
<API-M_HOME>/bin/wso2server.bat file (for Windows) or the
<API-M_HOME>/bin/wso2server.sh file (for Linux/Solaris). The default entity expansion limit is 64000.
In a clustered environment, the entity expansion limit has no dependency on the number of worker nodes.
WSO2 Carbon platform-level settings
In multitenant mode, the WSO2 Carbon runtime limits the thread execution time. That is, if a thread is stuck or taking a long time to process, Carbon detects such threads, interrupts and stops them. Note that Carbon prints the current stack trace before interrupting the thread. This mechanism is implemented as an Apache Tomcat valve. Therefore, it should be configured in the
<PRODUCT_HOME>/repository/conf/tomcat/catalina-server.xml file as shown below.
classNameis the Java class used for the implementation. Set it to
thresholdgives the minimum duration in seconds after which a thread is considered stuck. The default value is 600 seconds.
Timeout configurations for an API call
The following diagram shows the communication/network paths that occur when an API is called. The timeout configurations for each network call are explained below.
Key validation occurs via a Servlet HTTP call and the connection timeout can be configured by changing the following configuration details in the
<API-M_HOME>/repository/conf/axis2/axis2_client.xmlfile. All timeout values are in milliseconds.
If the Key Manager caching is enabled, the calls between the API Gateway and Key Manager are cached. As a result, the Key Manager is not invoked for each API call.
Client call API Gateway + API Gateway call Backend
For backend communication, the API Manager uses PassThrough transport. This is configured in the
<API-M_HOME>/repository/conf/passthru-http.propertiesfile. For more information, see Configuring passthru-http.properties in the EI documentation.
Note that the default value for
http.socket.timeoutdiffers between WSO2 products. In WSO2 API-M, the default value for
General APIM-level recommendations
Some general APIM-level recommendations are listed below:
|Improvement Area||Performance Recommendations|
|API Gateway nodes|
Increase memory allocated by modifying the
Set the following in the
The above configurations are only applicable when WS key validation is enabled.
|NHTTP transport of API Gateway|
Recommended values for the
|PassThrough transport of API Gateway|
Recommended values for the
The API Gateway routes the requests from your client to an appropriate endpoint. The most common reason for your client getting a timeout is when the Gateway's timeout is larger than the client's timeout values. You can resolve this by either increasing the timeout on the client's side or by decreasing it on the API Gateway's side.
Here are a few parameters, in addition to the timeout parameters discussed in the previous sections.
|Key Manager nodes|
Set the MySQL maximum connections:
Set the open files limit to 200000 by editing the
Set the following in the
If you use WSO2 Identity Server (WSO2 IS) as the Key Manager, then the root location of the above path and the subsequent path needs to change from
Set the following connection pool elements in the
Note that you set the
Registry indexing configurations
The registry indexing process is only required to be run on the API Publisher and API Store nodes. To disable the indexing process from running on the other nodes (Gateways and Key Managers), you need to set the
<wso2registry><indexingConfiguration><startIndexing> element to false in the
<API-M_HOME>/repository/conf/registry.xml file of the relevant nodes.
Throttle data and Analytics-related settings
This section describes the parameters you need to configure to tune the performance of API-M Analytics and Throttling when it is affected by high load, network traffic etc. You need to tune these parameters based on the deployment environment.
Tuning data-agent parameters
The following parameters should be configured in the
<APIM_ANALYTICS_HOME>/repository/conf/data-bridge/data-agent-config.xml file. Note that there are two sub-sections in this file, named Thrift and Binary.
The Thrift section is related to Analytics and the Binary section is related to Throttling. Same set of parameters mentioned below can be found in both sections. The parameter descriptions and recommendations are intended towards the for performance tuning of Analytics, but the same recommendations are relevant for Throttling data related tuning in the Binary section. Note that the section for Thrift is relevant only if Analytics is enabled.
|Parameter||Description||Default Value||Tuning Recommendation|
|The number of messages that can be stored in WSO2 API-M at a given time before they are published to the Analytics Server.||32768|
This value should be increased when the Analytics Server is busy due to a request overload or if there is high network traffic. This prevents the generation of the queue
When the Analytics server is not very busy and when the network traffic is relatively low, the queue size can be reduced to avoid an overconsumption of memory.
The number specified for this parameter should be a power of 2.
|The WSO2 API-M statistical data sent to the Analytics Server to be published in the Analytics Dashboard are grouped into batches. This parameter specifies the number of requests to be included in a batch.||200||This value should be tuned in proportion to the volume of requests sent from WSO2 API-M to the Analytics Server. This value should be reduced if you want to reduce the system overhead of the Analytics Server. This value should be increased if WSO2 API-M is generating a high amount of statistics and if the |
|The number of threads allocated to publish WSO2 API-M statistical data to the Analytics Server via Thrift at the time WSO2 API-M is started. This value increases when the throughput of statistics generated increases. However, the number of threads will not exceed the number specified for the ||1||The number of available CPU cores should be taken into account when specifying this value. Increasing the core pool size may improve the throughput of statistical data published in the Analytics Dashboard, but latency will also be increased due to context switching.|
|The maximum number of threads that should be allocated at any given time to publish WSO2 API-M statistical data to the Analytics Server.||1||The number of available CPU cores should be taken into account when specifying this value. Increasing the maximum core pool size may improve the throughput of statistical data published in the Analytics Dashboard, since more threads can be spawned to handle an increased number of events. However, latency will also increase since a higher number of threads would cause context switching to take place more frequently.|
|The maximum number of transport threads that should be allocated at any given time to publish WSO2 API-M statistical data to the Analytics Server.||250||This value must be increased when there is an increase in the throughput of events handled by WSO2 API-M Analytics.|
The value of the
|The maximum number of secure transport threads that should be allocated at any given time to publish WSO2 API-M statistical data to the Analytics Server.||250|
This value must be increased when there is an increase in the throughput of events handled by WSO2 API-M Analytics.
The value of the