[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: 2.1.17 performance issues



Is GDBM better than Berkeley DB in terms of reliability "Stability" and speed?
I am encountering the same slow ,"very slow at times", searches after we hit about 2500+ queries
and usually slapd will just stop responding or sometimes crash after we hit 3200+.
We are testing Openldap 2.1.17 in our lab, here is the specs:

openldap 2.1.17 server: AMD athlon 2-ghz , 1-gig pc 2100 ram, segate sci disks and intel pro 10/100 nic.

OS: we have tried openldap on several os's with same speed problems,.... FreeBSD, NetBSD, OpenBSD and Linux.

network connections: 10/100 / switched

slapd conf:

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.5 2002/11/26 18:26:01 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /usr/local/etc/openldap/schema/core.schema
include           /usr/local/etc/openldap/schema/cosine.schema
include           /usr/local/etc/openldap/schema/inetorgperson.schema
include           /usr/local/etc/openldap/schema/nis.schema


# Define global ACLs to disable default read access.

#pidfile          /usr/local/var/slapd.pid
argsfile        /usr/local/var/slapd.args


access to attr=userPassword
    by dn="cn=admin,dc=dev-null,dc=homeunix,dc=org" write
    by self write
    by * auth
access to *
    by dn="cn=admin,dc=dev-null,dc=homeunix,dc=org" write
    by self    read
    by anonymous read



#######################################################################
# Database 1 "dev-null.homeunix.org"
#######################################################################

database        bdb
suffix          "dc=dev-null, dc=homeunix, dc=org"
rootdn          "cn=Manager,dc=dev-null, dc=homeunix, dc=org"
schemacheck  on

# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          test
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd/tools. Mode 700 recommended.
directory    /var/LDAP/var/openldap-data/qmail
# Indices to maintain

index cn,sn,uid pres,eq
index mail,mailAlternateAddress eq
index objectClass eq


here is the ldif used to setup the initial database:

dn: dc=dev-null,dc=homeunix,dc=org
objectclass: dcObject
objectclass: organization
o: test
dc: test

dn: cn=admin,dc=dev-null,dc=homeunix,dc=org
objectclass: top
objectclass: person
userPassword: tx07334664
cn: admin
sn: admin

dn: ou=people, dc=dev-null,dc=homeunix,dc=org
objectclass: top
objectclass: organizationalUnit
ou: people


dn: ou=groups, dc=dev-null,dc=homeunix,dc=org
objectclass: top
objectclass: organizationalUnit
ou: groups



ldapadd -vxc -h localhost -D "cn=Manager,dc=dev-null,dc=homeunix,dc=org" -w test -f ./setup.ldif


Our goal is to switch from netscape to openldap but currently that is not feasible as the netscape ldap server is serving a user base of about 25000. If we can get the speed issues resolved it should work, i am looking into using load balancing with maybe 3 openldap servers to see if this might work in the meantime.

Andreas wrote:
On Wed, Apr 16, 2003 at 01:52:07PM -0300, Andreas wrote:
  
- number of entries in the directory
- indexes being used
- cpu/ram
- performance (btw, how does one measure this?)
    
 
Answering to myself, it would be interesting to repeat these tests
with current versions of openldap and libdb, since they were done with
openldap-2.0.7:

http://www.daasi.de/staff/norbert/thesis/

Page 73 has some graphs