[Date Prev][Date Next] [Chronological] [Thread] [Top]

Large "dynamic" groups and performance

Hi All -

We are currently attempting to migrate from a commercial LDAP server to OpenLDAP.  Luckily our data is pretty standard, and the migration itself will be simple.  I am having issues with our groups that programatically have large numbers of adds and deletes done to its member list.  This transaction happens when a user logs into our website (the login mechanism compares their current groups with what they should have (from an external DB query) and makes the necessary adjustments).  Other applications then use these groups for permissions.

We are using the basic uniquemember within a groupOfUniqueNames.  Uniquemember is indexed with equality.  When the groups are small, performance is quite good - but once the groups begin growing, the adds and deletes of the members really starts suffering ( greater than 2 - 3 seconds per person).  The reads still seem good.  On our existing LDAP store, we see response times of less than a second for this same transaction.  We have about 175 groups, that range in size from 10 members to 50,000 members.  Most of the groups are around 1,000 members.  I can go into more detail of the exact sizes if needed.

I have a very basic configuration right now for testing.  I've messed around with different transaction log settings, different caching settings and even played with DB_TXN_NOSYNC.  DB_TXN_NOSYNC definitely helped, but its still not great.  Can anyone recommend any settings that might help me improve the performance?

Thanks in advance!

My environment and settings:
HP blade server, 8 cores @ 2.67Ghz, Redhat 5.3, OpenLDAP 2.4.25, Berkeley 5.1.25:

###### slapd.conf
include /mypath/etc/openldap/schema/core.schema
pidfile /mypath/var/run/slapd.pid
argsfile /mypath/var/run/slapd.args
 access to dn.base="" by * read
 access to dn.base="cn=Subschema" by * read
 access to *
by self write
by users read
by anonymous auth
database bdb
suffix "dc=my,dc=domain,dc=com"
rootdn "cn=Manager,dc=my,dc=domain,dc=com"
cachesize 500000
rootpw my_pass
directory /mypath/var/openldap-data
index objectClass eq
index uniquemember eq
index cn pres,eq,sub

###### DB_CONFIG

set_cachesize 2 0 1
set_flags       DB_TXN_NOSYNC
set_lg_bsize 5097152
set_lg_max 50485760