SSL加密对Kafka传输速度的影响

After integrating SSL with Kafka, I noticed a significant decrease in producer speed.

The speed of transmitting messages in plaintext is 101MB/s, which is exactly my network's maximum bandwidth speed.

However, the speed of transmitting messages encrypted with SSL is only 19.17 MB/s, which is quite strange.

I understand that encryption adds additional overhead to network transmission, but the impact on speed is too significant. Is there an issue with my configuration?

Attached is the configuration list:

kakfa broker:

process.roles=broker
node.id=201
[email protected]:9094,[email protected]:9094,[email protected]:9094
listeners=BROKER://0.0.0.0:9091,INTERNAL://0.0.0.0:9092,SSLINTERNAL://0.0.0.0:9095,SASLSSLINTERNAL://0.0.0.0:9096
controller.listener.names=CONTROLLER
advertised.listeners=BROKER://10.5.34.4:9091,INTERNAL://10.5.34.4:9092,SSLINTERNAL://10.5.34.4:9095,SASLSSLINTERNAL://10.5.34.4:9096
inter.broker.listener.name=BROKER
listener.security.protocol.map=PLAINTEXT:PLAINTEXT,SSL:SSL,SASL_PLAINTEXT:SASL_PLAINTEXT,SASL_SSL:SASL_SSL,INTERNAL:SASL_PLAINTEXT,CONTROLLER:PLAINTEXT,BROKER:PLAINTEXT,SSLINTERNAL:SSL,SASLSSLINTERNAL:SASL_SSL
num.network.threads=3
num.io.threads=8
socket.send.buffer.bytes=102400
socket.receive.buffer.bytes=102400
socket.request.max.bytes=104857600
log.dirs=/data/kraft-broker-logs
num.partitions=12
default.replication.factor=2
min.insync.replicas=1
num.recovery.threads.per.data.dir=1
offsets.topic.replication.factor=3
transaction.state.log.replication.factor=3
transaction.state.log.min.isr=1
offsets.retention.minutes=10080
log.retention.hours=168
log.segment.bytes=1073741824
log.retention.check.interval.ms=300000
request.timeout.ms=30000

sasl.enabled.mechanisms=PLAIN
sasl.mechanism.inter.broker.protocol=PLAIN

listener.name.internal.plain.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required \
    username="admin" \
    password="GFy2Bit6-HYV" \
    user_admin="GFy2Bit6-HYV";
listener.name.saslsslinternal.plain.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required \
    username="admin" \
    password="GFy2Bit6-HYV" \
    user_admin="GFy2Bit6-HYV";
      

ssl.keystore.location=/data/kafka_2.13-3.3.2/ssl/kafka.server.keystore.jks
ssl.keystore.password=test1234
ssl.key.password=test1234
ssl.truststore.location=/data/kafka_2.13-3.3.2/ssl/kafka.server.truststore.jks
ssl.truststore.password=test1234
ssl.endpoint.identification.algorithm=
ssl.client.auth=required

Java client:

props.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, "SSL");

props.put(SslConfigs.SSL_KEYSTORE_TYPE_CONFIG, "JKS");
props.put(SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG, ProducerConstructor.class.getClassLoader().getResource("kafka_ssl/sitehealth/kafka.client.keystore.jks").getPath());
props.put(SslConfigs.SSL_KEYSTORE_PASSWORD_CONFIG,  "test1234");

props.put(SslConfigs.SSL_TRUSTSTORE_TYPE_CONFIG, "JKS");
props.put(SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG, ProducerConstructor.class.getClassLoader().getResource("kafka_ssl/sitehealth/kafka.client.truststore.jks").getPath());
props.put(SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG,  "test1234");