[Date Prev][Date Next]
Re: Large "dynamic" groups and performance
- To: firstname.lastname@example.org
- Subject: Re: Large "dynamic" groups and performance
- From: Al <email@example.com>
- Date: Mon, 11 Apr 2011 13:55:34 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type:content-transfer-encoding; bh=XMrkY9FU9mbmxmKDXd3nlbV+804z64tw6ozQfDC3Jdg=; b=uue0ueQ0NWPDCcHSYpkxOZ/jCcbSMjZp22PPLwEKXd1Yv6F4pWeYWl82mFaVgKYvam ifkcWLK2s9CcXGJ8tw3ihZxgzECWTtrdYeN5whBcTWH1dcLzaIHzlfoW8oC1+8E7el/Z MzTgj84R9+pN9WxExbYvKZU4oOFMHG/j8IypQ=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=Ca6CxbhUVKe6qHulK+/4/PvJyw4CN3SIHJJqeKNxOZ8IR9ArdY/RgMUytVhKgUefp+ /nnHP26XfErOWcF+GDjmcmP/fe9Jg/6SzB7umMCYhE6Ex0ZbgyY6AazyfUoWgvHxAyyj M0v7F5kRUf6rCMvSYPE+SUiyWjgw1PbPYiRgA=
- In-reply-to: <1CF00136F3F6A8090A34DF08@192.168.1.2>
- References: <BANLkTikE2+mTdb+y=uUZ8ztLRr3q7EbEgQ@mail.gmail.com> <1CF00136F3F6A8090A34DF08@192.168.1.2>
>> cachesize 500000
>> ###### DB_CONFIG
>> set_cachesize 2 0 1
>> set_flags DB_TXN_NOSYNC
>> set_lg_bsize 5097152
>> set_lg_max 50485760
> You never state the size of your database (how many dns), or the disk size of your database (du -c -h *.bdb), so there is no way to tell if these settings are in any way valid.
Thanks for getting back to me, I'm new here :) - here is some more data:
Approximately 450,000 dns - about 200+/- are groups, the rest are users.
> I don't see a checkpoint setting for slapd.conf/cn=config, and I don't see an idlcachesize setting.
I added those as well, no noticeable change in performance:
checkpoint 10000 15
> Also, you are definitely not using "dynamic" groups in the OpenLDAP sense of the word, although they would probably perform significantly better for you.
Yes, I understand that - thats why I put it in quotes. I looked into
using OpenLDAP dynamic lists, but I think I'm limited by the fact that
some of our systems requiring these groups need to do searchs off of
it based on the dynamic membership (and from what I can tell, its not
possible to use it that way), ie they need to search for
(uniquemember=cn=xxxx,cn=users,...) on my group section of the tree.
I'll openly admit some of the values I have been picking for caching
and checkpoint are somewhat arbitrary. I've been trying many
different values and have yet to settle on any that work well. I'll
gladly try any recommendations.
Thanks again, I appreciate your response.