[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ITS#6152 pcache enhancements

To: OpenLDAP Devel <openldap-devel@openldap.org>
Subject: Re: ITS#6152 pcache enhancements
From: Howard Chu <hyc@symas.com>
Date: Mon, 17 Aug 2009 17:07:13 -0700
In-reply-to: <4A886A78.8040808@symas.com>
References: <4A886A78.8040808@symas.com>
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; rv:1.9.1b5pre) Gecko/20090809 SeaMonkey/2.0a1pre Firefox/3.0.3

Howard Chu wrote:

The proxytemplate directive has gotten a bit cumbersome, with optional
negative TTL and sizelimit TTL added on. This would be the natural place to
add the TTR config as well. Should there be independent TTR for negative and
sizelimit too? (And it seems we should move from positional arguments to named
arguments here...)

But that gets awkward fast too, just like the syncrepl config. I think in bothcases, it would have been better to make them child-entries of the main configobject. That would also simplify altering individual parameters of aparticular config.

As a side point, I'd prefer more consistency in the config keyword names, we
should have used "pcache" as the prefix for all the keywords...

pcache<database>  ...
pcacheattrset<index>  ...
pcachemaxqueries<queries>
pcachevalidate<bool>
pcachepersist<bool>
pcacheset template=<string>  attrset=<index>  ttl=<secs>  [negttl=<secs>] ...
pcacheposition (head|tail)

I've made these changes, keeping the old keyword / attribute names as aliasesfor now. I didn't change pcacheTemplate to key-value format yet, but it lookslike that's going to be the best way forward.

For Bind caching I want to specify some additional parameters, and they allneed to be associated to a given pcacheTemplate: search base, scope, and TTR.Given that we already have 7 positional parameters for pcacheTemplate I'm notkeen to make it 10 now.

Upon receiving a Bind request, pcache will first perform a search using thetemplate's filter and attrset, with the configured base and scope. (Yes, wecould just do a base-scope search on the Bind DN, but that would isolate itinto its own cached query. By using the same base and scope as e.g. an NSSlookup uses, the results will go into a cached query that will also satisfythe anticipated NSS lookup.)

If the query was not already cached, or the cached query has exceeded its TTL,then this will cause a remote search to occur, and the results of that shouldget cached. (Unless some entry limit got exceeded, etc.) Otherwise, thisshould just retrieve the cached result.

If the cached result has a hashed userPassword and it is within the TTR age,then the Bind will be validated against the cached userPassword. If the hashis older than the TTR, or there is no hash, the Bind will be passed thru tothe remote target and if it succeeds, it will be hashed and cached.

So, actually implementing the Bind caching is pretty straightforward. Cleaningup the config syntax, not so much...

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Follow-Ups:
- Re: ITS#6152 pcache enhancements
  - From: Howard Chu <hyc@symas.com>

References:
- ITS#6152 pcache enhancements
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: commit: ldap/servers/slapd/overlays pcache.c
Next by Date: Re: commit: ldap/servers/slapd proto-slap.h syncrepl.c
Index(es):
- Chronological
- Thread