[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Comparing OpenLDAP on Linux 2.6/Sol 10 [ was Re: Berkeley DB versions ]

On Fri, 13 Jan 2006 13:51:42 -0800
Quanah Gibson-Mount <quanah@stanford.edu> wrote:

> No, not really.  You are not exercising your server as an LDAP server in 
> any of these tests.

Well, I'm not sure. What would be considered a representative use?

> > Is this not a reasonable test? Do I not get a good rough estimate with
> > this test? If I use OLD for directory service on Unix, I'll need good
> > response on delivering all my users entries when getpwent() is called,
> > right?
> If your system is dumping the entire DB on that call, I suppose.  My 
> systems that look to my Directory servers for /etc/passwd information, 
> however, look up the individual users record, not the entire DB.

I believe a dump has to happen for any app that wants all your users at
once -- how else would it know whom to look up? When I run

    perl -e 'while (@arr = getpwent) { print "@arr\n" }' 

The first call that occurs is this

    conn=61 op=1 SRCH base="ou=Users,dc=cise,dc=ufl,dc=edu" 
    scope=2 deref=0 filter="(objectClass=posixAccount)"
    conn=61 op=1 SRCH attr=uid userPassword uidNumber gidNumber 
    cn homeDirectory loginShell gecos description objectClass

Then the individual lookups occur. Interestingly enough, using ruby
to dump the "passwd map" as it were:

    ruby -retc -e 'Etc.passwd { |pw| puts pw }'

it only does the dump, which seems much more efficient -- grab it all, 
cache it, use it.

> >> Have you tuned the BDB log file bits?
> Your above DB_CONFIG says differently (set_lg_regionmax, set_lg_max, 
> set_lg_bsize are all set).
> > Do you think either of these would even out the tests?

Sorry, wasn't sure what you meant.

> Only write tests, really.  Except the set_cachesize one, of course, which 
> could affect tests.


> Again, unable to comment on the entry cachesize and idlcachesize settings 
> much without being able to look at your system.


> Whatever suits you best. I just think the testing you are doing so far 
> doesn't really indicate anything substantive.

Hard to say. I ran across this problem in the first place when using FreeBSD
as my OS for the Heimdal/Samba/OpenLDAP server. At some point, I believe, 
smbd requested all the users from OLD, and on FreeBSD this was timing out.
Switching to Linux helped tremendously, then I tried Sol10x86, and that's
where I am now.

I'm not sure why the need to dump the entire database isn't considered 
valid use of an LDAP server, but it's important enough for me as far as
I can tell to have this done as efficiently as possible.

Would a simple test of running multiple getpwnam() calls from a script
be a more representative test of what an LDAP server is designed to
do? Random lookups in the DB?

Again I'm not so concerned about writes.