Performance Bottlecheck when Auditing to File

[bradbl]

Describe the bug
When Vault is configured to audit to a file, the throughput of every Vault instance is severely impacted.

To Reproduce
Steps to reproduce the behavior:

1. Enable file auditing. Run vault audit enable file file_path=/dev/null.
2. Add a k/v secret. Run vault kv put secret/foo bar=test.
3. Read the secret at a high RPS. Run vault kv get secret/foo.

Expected behavior
When reading a single k/v secret and auditing to the /dev/null device, I expect to see relatively high CPU utilization and high throughput of requests served. Under this configuration however, it is not possible to exceed around 30% CPU utilization on our hardware.

Environment:

• Vault Server Version (retrieve with vault status): Vault Enterprise 1.1.2
• Vault CLI Version (retrieve with vault version): N/A
• Server Operating System/Architecture:

Distributor ID:	Debian
Description:	Debian GNU/Linux 8.11 (jessie)
Release:	8.11
Codename:	jessie

Vault server configuration file(s):

storage "consul" {}

listener "tcp" {
  address       = "0.0.0.0:8200"
  tls_cert_file = "/etc/vault.d/cert.pem"
  tls_key_file  = <scrubbed>
}

seal "transit" {
  // The Vault token to use for unseal is injected by the entrypoint script.
  // The key_name and address are set as environment variables.
  disable_renewal    = "true"
  mount_path         = "transit/"
}

disable_sealwrap = "true"
plugin_directory = "/vault/plugins/"