Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(NODE-5455): benchmark FLE #16

Merged
merged 6 commits into from
Jun 18, 2024
Merged

chore(NODE-5455): benchmark FLE #16

merged 6 commits into from
Jun 18, 2024

Conversation

nbbeeken
Copy link
Collaborator

@nbbeeken nbbeeken commented Jun 12, 2024

Description

What is changing?

Is there new documentation needed for these changes?

No

What is the motivation for this change?

Determine what the performance of FLE is.

- cpu: Apple M1 Max
- node: v22.0.0
- cores: 10
- arch: arm64
- os: darwin (23.5.0)
- ram: 32GB

Decrypting 1500 fields median ops/sec : 74

Double check the following

  • Ran npm run check:lint script
  • Self-review completed using the steps outlined here
  • PR title follows the correct format: type(NODE-xxxx)[!]: description
    • Example: feat(NODE-1234)!: rewriting everything in coffeescript
  • Changes are covered by tests
  • New TODOs have a related JIRA ticket

@nbbeeken nbbeeken changed the title NODE-5455-bench-fle chore(NODE-5455): benchmark FLE Jun 12, 2024
@nbbeeken
Copy link
Collaborator Author

As predicted throughput has not changed with this change, we do not cross an FFI or js/native boundary when calling the accessor functions, we can still adopt the fields if that's considered "modernizing" our use of libmongocrypt

@nbbeeken nbbeeken force-pushed the NODE-5455-bench-fle branch from bd2dab8 to 2431e57 Compare June 13, 2024 18:34
@nbbeeken nbbeeken force-pushed the NODE-5455-bench-fle branch from 2431e57 to 6decb68 Compare June 13, 2024 19:02
@nbbeeken nbbeeken marked this pull request as ready for review June 13, 2024 19:05
@nbbeeken
Copy link
Collaborator Author

Switching from cryptoCallbacks to native crypto: #18 shows good signs of being a large perf improvement

@W-A-James W-A-James self-assigned this Jun 17, 2024
@W-A-James W-A-James added the Primary Review In Review with primary reviewer, not yet ready for team's eyes label Jun 17, 2024
@W-A-James W-A-James added Team Review Needs review from team and removed Primary Review In Review with primary reviewer, not yet ready for team's eyes labels Jun 17, 2024
@@ -0,0 +1,87 @@
import crypto from 'node:crypto';
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of duplicating these here, can we add the driver as a dev dependency and use the hooks defined in the driver?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I appreciate the desire to de-dupe but I think that's overkill. I imagine we'll delete the ones in the driver after switching to native crypto, which would make this script no longer work with a ^ caret dependency on the driver. Additionally, those callbacks aren't public driver API so even if they don't get removed an innocent refactor could break an import here.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh but this looks like a perfect opportunity to move these backs into the bindings source code (i.e. next to index.ts)? I still believe that moving these into the driver was a mistake, if we need them here in the tests that's just yet another reason to move them back

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I imagine we'll delete the ones in the driver after switching to native crypto

There's probably going to be a need for JS crypto callbacks until something like the alternative approach mentioned in the ticket here is implemented – We can't use libmongocrypt's native crypto integration on macOS and Windows in mongosh because we need to be able to toggle the FIPS mode switch for those.

Copy link
Collaborator Author

@nbbeeken nbbeeken Jun 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

move these backs into the bindings source code (i.e. next to index.ts)?

Not opposed, we still need to leave the callbacks in the driver so bindings versions below the next release continue working.

We can't use libmongocrypt's native crypto integration on macOS and Windows

I think reintroducing them to the src will fit better in #18 since currently I've essentially prevented callbacks from working unless you build from libmongocrypt src using nocrypto.

I will ping you on that PR when it is ready.

something like the alternative approach mentioned in the ticket here is implemented

What's this referencing? Are you referring to what #18 is attempting, using builtin OpenSSL? Or something specific with FIPS mode?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The idea was to use the opensll that's bundled and exposed with Nodejs on all platforms for the crypto hooks (i.e., c++ crypto callbacks). That would take the place of #18.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

After this morning's discussion I think we have what we need here for this PR. In the following PR where we implement C++ callbacks we can also bring in the JS callbacks if we desire. Is that accurate?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can't bring the JS callbacks over, that's breaking. But other than that, yes.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can't bring the JS callbacks over, that's breaking

Why is it breaking (for mongodb-client-encryption)?

@nbbeeken nbbeeken requested a review from baileympearson June 17, 2024 21:24
@W-A-James W-A-James merged commit 95849dd into main Jun 18, 2024
13 checks passed
@W-A-James W-A-James deleted the NODE-5455-bench-fle branch June 18, 2024 18:58
baileympearson pushed a commit that referenced this pull request Jun 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Team Review Needs review from team
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants