[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP's backend for performance and high reliability



Hi Howard,

Thanks for your prompt reply.

--- Howard Chu <hyc@symas.com> wrote:

> Tommy Pham wrote:
> 
> > After thinking about the robustness of OpenLDAP due to it's BDB
> backend, 
> > I tried to convert over to back-sql and use MySQL 5.0.45 for it's 
> > backend.
> 
> What thinking did you do? Both back-bdb and back-hdb are fully
> ACID-compliant 
> transactional backends. There is nothing more reliable, anywhere.
> 
> It seems you haven't read the FAQ yet.
> http://www.openldap.org/faq/data/cache/1165.html
> 
> > Here are a few case studies scenario where I see issues:
> 
> > The database server is then reconfigured to be 
> > clustered. All OpenLDAP servers connect to the database cluster. 
> > (Alternatives? Still possible with OpenLDAP+back-bdb in
> master/slave 
> > replication? What about performance and high reliability?)
> 
> Back-bdb and back-hdb are the most reliable and highest performance
> LDAP 
> backends in the world, bar none. The backends are proven to scale to
> manage 
> hundreds of millions of entries at transaction rates and response
> times many 
> times faster than any other directory software in the world. You can
> benchmark 
> them yourself against any software of your choice, the result will
> always be 
> the same.
> 
> Back-sql exists to provide LDAP access to legacy SQL data; it's not
> suitable 
> for general-purpose LDAP use. The SQL translation layer will always
> impose a 
> large performance cost; it can never perform as well as a native
> backend.
> 
> Distributing data across clusters tends to be less cost-effective
> than using a 
> single large database. E.g. using LVM Logical Volume Management it's
> trivial 
> to add storage capacity to an existing database, without the need of 
> clustering protocol overhead.
> -- 
>    -- Howard Chu
>    Chief Architect, Symas Corp.  http://www.symas.com
>    Director, Highland Sun        http://highlandsun.com/hyc/
>    Chief Architect, OpenLDAP     http://www.openldap.org/project/
> 

My concerns are not just about performance for 1 box setup or 1 master
with multiple slave replications and proxies.  I'm more interested in
the robustness such as Dynamic Schema(s), Multi-Master Replication, and
Dynamic configuration (as featured in Apache DS).  Multi-master or
cluster setup have higher reliability and performance under heavy load
with large data in my experience.  Also, because I'm migrating from MS
based platform, I intend to integrate other application servers into
LDAP as well such as DNS (via bind-dlz), FTP, e-mail & groupware,
Samba, etc... in the same way as MS integrates DNS and Exchange in it's
Active Directory.  Will OpenLDAP with back-bdb/hdb support all of that
and still perform well when there are over millions of entries?  As for
native DB support vs layer like ODBC, why not just use the DB's native
client library?  (I guess this falls in line with development mailing
list more than this mailing list.)  I understand that "a directory is a
specialized database optimized for reading, browsing and searching" and
not writing.  That's why I opt for having dedicated RDBMS vs embedded
for distributed computing... just as enterprise applications are
developed in n-tier.

Thanks,
Tommy