Document recommendation about using netty-tcnative for optimizing TLS performance

[lhotari]

Using netty-tcnative boosts TLS/https performance by multiple factors.

Netty wiki explains some benefits of netty-tcnative:

Speed: In local testing, we've seen performance improvements of 3x over the JDK. GCM, which is used by the only cipher suite required by the HTTP/2 RFC, is 10-500x faster.

It should be documented as a recommendation to use netty-tcnative when using TLS/https . In modern applications, most connections use TLS.

netty-tcnative-boringssl-static is a statically compiled dependency that can be used without any prerequisites and contains native libraries for Mac OSX, Linux and Windows.

For Gradle, add:

runtime 'io.netty:netty-tcnative-boringssl-static:2.0.8.Final'

or for Maven add:

<dependency>
    <groupId>io.netty</groupId>
    <artifactId>netty-tcnative-boringssl-static</artifactId>
    <version>2.0.8.Final</version>
    <scope>runtime</scope>
</dependency>

The disadvantage of the multi-platform dependency is the large size of it. It's also possible to use platform specific classifiers of the netty-tcnative-boringssl-static artifact. For example, for just supporting Linux:
For Gradle, add:

runtime 'io.netty:netty-tcnative-boringssl-static:2.0.8.Final:linux-x86_64'

or for Maven add:

<dependency>
    <groupId>io.netty</groupId>
    <artifactId>netty-tcnative-boringssl-static</artifactId>
    <version>2.0.8.Final</version>
    <classifier>linux-x86_64</classifier>
    <scope>runtime</scope>
</dependency>

On Linux, the netty-tcnative-boringssl-static library in Maven Central doesn't support Alpine Linux / libmusl. It's compiled for glibc based Linux distributions.

[horizonzy]

I've done as you say,but id dosen't seem to work.only add a denpendency?needn't more operation?

[horizonzy]

I've done as you say,but id dosen't seem to work.only add a denpendency?needn't more operation?

It's my fault,I change the version of netty-tcnative-boringssl-static.It works,thank you.

[harshSE]

Hi, when we say netty-tcnative boosts TLS/https performance by multiple factors, is it include netty-tcnative-boringssl-static ?

[violetagg]

Hi, when we say netty-tcnative boosts TLS/https performance by multiple factors, is it include netty-tcnative-boringssl-static ?

yes

[violetagg]

In the documentation it is specified that OpenSsl will be preferred when available on the system
https://projectreactor.io/docs/netty/release/reference/index.html#_ssl_and_tls_3

[jonathannaguin]

@lhotari Is there a way of specifying all platforms in Gradle? Our JARs are being built from Jenkins but then run from Docker which is a different OS.