Sunday, April 15, 2012

Quick Google App Engine RSA Benchmark

Update: Please read Strom's comment. He explains everything. I wasn't aware of the 15 minutes rule.

Generating a 2048-Bit RSA key with the Google APP Engine takes about 10 seconds at average. On my PC, it takes 2 seconds. I called the service six times on a clean app engine account. This resulted in 0.30 frontend machine hours being consumed. So even though I used the CPU for one minute in total, Google charges about 20 minutes (0.3 hours).

At a price of 0.08$ per hour, generating a 2048-Bit RSA key costs about half a cent. Or in other words: my cpu (intel i7, 2.8 GHz) can do about one app engine machine hour in 40 seconds. This means, doing one hour of heavy-duty calculations on my CPU would cost me about 8$ of frontend machine hours at Google.

My conclusion: Google app engine is too expensive for my intended application, unless backend machine hours differ significantly from frontend machine hours.

For reference, the core code of my servlet:

KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
KeyPair kp = kpg.genKeyPair();


  1. Your CPU: i7, 2.8 GHz
    App Engine frontend CPU: 600MHz

    You do a test and find that your CPU is 5x faster. 2800 MHz / 600 MHz = 4.67, so these findings match the documented instance speeds and yet you are surprised.

    Your pricing math is all wrong. Instances live 15 minutes after the last request and you are charged for that. You claim that the amount of work you can do on your i7 CPU for one hour would cost $8 on App Engine. Taking into account your researched 5x faster speed, one hour would result in 5 hours on App Engine, 5 hours + 15 minutes after the requests would mean 5.25 hours * $0.08 = $0.42, which is far less than your $8 statement.

  2. To expand on what Strom said: The 20 minutes of frontend time is because App Engine started a frontend instance to handle the request, and then kept it alive until it became clear he wasn't going to get any more requests. As you say in the article, the actual calculation only took 10 seconds. You could hit your frontend instance once every 10 seconds for an hour for a price of $0.08 an hour as well, which would correspond to around 12 CPU-minutes on your computer, so around 2/3rds of a cent per your-PC-CPU-minute.

  3. Does Google guarantee plenty of secure entropy on the app engine? This is a pretty big problem in some virtualized environments, causing key generation to take much longer, via blocking on /dev/random.

    You haven't specified a source, so KeyPairGenerator will use "the SecureRandom implementation of the highest-priority installed provider as the source of randomness. (If none of the installed providers supply an implementation of SecureRandom, a system-provided source of randomness is used.)" I wonder what that is for your benchmark.

    In any case, you might not want to use keypair generation as a benchmark here. Maybe something that just tests the CPU?

  4. Oh yeah, there is 15 minute rule, if u have less traffic, it seems like it is costing a lot but as it scales the cost does not increase linearly, I host on app engine, going from 250,000 pageviews to 6 million has made very little difference in price, may be like 40 cents more on instance charge.