[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Large Number of Transactions x Low performance

To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: Re: Large Number of Transactions x Low performance
From: Alessandro Lasmar Mourao <alessandro.mourao@caixa.gov.br>
Date: Fri, 30 Jan 2015 19:08:43 +0000
Accept-language: pt-BR, en-US
Cc: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>, Andrew Findlay <andrew.findlay@skills-1st.co.uk>, Michael Ströder <michael@stroeder.com>
Content-language: pt-BR
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=caixa.gov.br; i=postmaster@caixa.gov.br; l=2143; q=dns/txt; s=caixadkim; t=1422644932; x=1454180932; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; z=From:=20Alessandro=20Lasmar=20Mourao=20<alessandro.moura o@caixa.gov.br>|To:=20"openldap-technical@openldap.org" =20<openldap-technical@openldap.org>|CC:=20=3D?iso-8859-1 ?Q?Michael_Str=3DF6der?=3D=20<michael@stroeder.com>,=20An drew=20Findlay=0D=0A=09<andrew.findlay@skills-1st.co.uk>, =20Ulrich=20Windl=0D=0A=09<Ulrich.Windl@rz.uni-regensburg .de>|Subject:=20Re:=20Large=20Number=20of=20Transactions =20x=20Low=20performance|Date:=20Fri,=2030=20Jan=202015 =2019:08:43=20+0000|Message-ID:=20<28AB54FB485A754DA492D8 0E5C43E2635E71ADDA@dfexchsd002.corp.caixa.gov.br> |References:=20<28AB54FB485A754DA492D80E5C43E2635E71A99C@ dfexchsd002.corp.caixa.gov.br>=0D=0A=20<20150130114155.GD 22805@slab.skills-1st.co.uk>=0D=0A=20<54CB6F7D.7070209@st roeder.com>|In-Reply-To:=20<54CB6F7D.7070209@stroeder.com >|Content-Transfer-Encoding:=20quoted-printable |MIME-Version:=201.0; bh=BKOwVLM3Yt5cwodGJ8aKdBhPjit+Auz6zCn7EmGxQWA=; b=NfBUS/gAUzeP8pCJP4oWjGg6m0dWtMNAWBXuNgHmjRQNJgKHuSqViQ6i Wh2Xajdm/qNAbiSRmszrcQIYals8+Jv5v8QLQTZw+qLCciQo5ExRTTqA0 GUTd/XytbQT1PPMpahvWVcn1zYRJR87ipb/htHQufjBg+OO8Krjuw7Ova obG6W+ST6fV1avMM3L3tDzrNeLZcZOC6fm4U5+uJUNKwg/khCvWJ3bSgp uHwu70G911UgjlvTIXi4DMpzdnTo+9qZqCGjPKWW4GMid0sGqzrjIfuZB yriQBJzRmUFruOWze0vxU4+srOMv9Q0ZAuPbpm4zAW6lPzk4SeKGU7dHx g==;
In-reply-to: <54CB6F7D.7070209@stroeder.com>
References: <28AB54FB485A754DA492D80E5C43E2635E71A99C@dfexchsd002.corp.caixa.gov.br> <20150130114155.GD22805@slab.skills-1st.co.uk> <54CB6F7D.7070209@stroeder.com>
Thread-index: AQHQPIG/VRdv9BptQ5Omb6AS0pIyLJzYrcSAgABJdxA=
Thread-topic: Large Number of Transactions x Low performance

It's really like Andrew understood!
When I used the term group was to specify a node in the tree (objectclass type groupOfUniqueNames).
Group members are uniquemember attributes.
We have over 50000 uniquemembers in a single groupOfUniqueNames.
We have not set the sortvals, but I will provide. (When configured is necessary to make a new load of data?)

As the management tool, it makes the inclusion or deletion of a single uniquemember attribute at a time. But is not fast these operations thus need some tuning in OpenLDAP and so I'm using you!

As for replication, I'm using delta, because as I read, and get it right, it only replicates the operations on the attributes of the node, and not all its value as is done in other types of replication. I like it to be faster.

Alessandro

-----Mensagem original-----
De: openldap-technical [mailto:openldap-technical-bounces@openldap.org] Em nome de Michael Ströder
Enviada em: sexta-feira, 30 de janeiro de 2015 09:48
Para: openldap-technical@openldap.org
Assunto: Re: Large Number of Transactions x Low performance

Andrew Findlay wrote:
>> We have a tool (BMC Identity Management (formerly Control-SA))
> 
> Check how it modifies the groups.

First of all it's not clear to me whether the original poster really meant
group entries.

> If it rewrites the whole set of 'member' attributes each time then you are
> forcing the server to re-index every value.

Not only that it's horribly inefficient. With this approach you run into the
famous security issue back in those Windows 2000 days where removed group
members were accidently re-added because of concurrent write access.

> The efficient way to do this is to specify the value that you want to
> remove or the one you want to add. It should be very quick.

Additionally LDAP PDUs manipulating many values at once grow very big.

> Also look at your replication setup. With this sort of data you really
> do need delta mode.

delta-syncrepl would only help if group membership is changed only for a few
members in one modify request.

Ciao, Michael.

References:
- Large Number of Transactions x Low performance
  - From: Alessandro Lasmar Mourao <alessandro.mourao@caixa.gov.br>
- Re: Large Number of Transactions x Low performance
  - From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
- Re: Large Number of Transactions x Low performance
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: LMDB memory location on Android
Next by Date: MatchingRuleUseDescription::APPLIES
Index(es):
- Chronological
- Thread