[Date Prev][Date Next]
Re: performance issue behind a a load balancer 2.3.32
Why bother with the load balancer? I am curious, I am sure there is a
reason, but it isn't making a lot of sense to me. You can either do round
robin dns, or just pass out the 3 read server addy's to the clients for
failover (and change the order for real poor mans load balancing.)
conn_max_pending is what I had to adjust to up the connections, but i
suspect you may have indexing issues, returning too many responses, etc.
On Tue, 21 Jul 2009, David J. Andruczyk wrote:
> I work at a place with a fairly large openldap setup. (2.3.32). We
> have 3 large Read servers, Dell R900, 32 GB ram, 2x quadcore, hw RAID1
> disks for ldap volume. The entire database takes about 13GB of
> physical disk space (the BDB files), and has a few million entries.
> DB_CONFIG is configurd to have the entire DB in memory (for speed),
> and slapd.conf cachesize is set to a million entries, to make as most
> effective use of the 32GB of ram this box has. We have them behind an
> F5 BigIP hardware load balancer (6400 series), and find that during
> peak times of the day, we get "connection deferred: binding" in our
> slapd.logs. (loglevel set to "none" (misnomer)), and a client request
> (or series of them) fails. If we use round robin DNS instead, we
> rarely see those errors. CPU usage is low, even during peak times,
> hovering at 20-50% of 1 core (the other 7 are idle)
> The interesting this are it seems to happen (the connection defered:
> binding) , only after a certian load threshold is reached (busiest
> time of day), and only when behind the F5's. I am suspected it might
> be the "conn_max_pending" or "conn_max_pending_auth" defaults (100 and
> 1000 respectively), as when behind the F5, all the connections will
> appear to come from the F5 addresses, vs RR dns where it's coming from
> a wde range of sources (eah of the servers. (well over 100+).
> We had tried experimenting with a higher number of threads previously, but that didn't seem to have a positive effect. Can any openLDAP guru's suggest some things to set/look for, i.e. (higher number of threads, higher defaults for conn_max_pending, conn_max_pending_auth).
> Any ideas on what a theoretical performance limit should be of a machine of this caliber? i.e. how many reqs/sec, how far will it scale, etc..
> We have plans to upgrade to 2.4, but it's a "down the road item", and mgmt is demanding answers to "how far can this design scale as it is"...
> -- David J. Andruczyk
Sean O'Malley, Information Technologist
Michigan State University