[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Load testing bind performance

To: Tim <tim@yetanother.net>
Subject: Re: Load testing bind performance
From: MJ J <mikedotjackson@gmail.com>
Date: Fri, 3 Nov 2017 22:00:36 +0200
Cc: openldap-technical@openldap.org
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=UVD+rnuG2UBHILNbEmYQf8HyIbLCJaJ6ZDAdf/94Dik=; b=lytZckMsb2hB68IeKqCy+PCe3oQ9nj3mIgT1LgVTXqbW3iwE0cuan21ClwnlKO9/s+ d5FIYs8mgaimp3SS6UWVqs0+bYG1OPL4c3fHI+7KHqGWRvGuDHlhd+YgSDrMNp1Yh7iM bkWffI7SnJW8ZwtQQP3nlcPjeUuGu8iXRUhDJdMoT1KifCYDuu/sTGcQEhC33NBFFNKk 2q5/OHoc/+BH+kdoXJ24VYwSdYrP4Cc/Ddh0TRRDQjMi5zfdKcqwY95L4wmCYV9I/AZQ 7oK7FLuFti6FOgsjLM+IcI9VIraWMFj0Edkql6HHIxmKHbTd2sx9enmQBNzF7C3n+Aqo Pr2g==
In-reply-to: <CAPkXO3U7=X05YVy==GJo8SZVVxO1frGAhS0jcmqr+vQrs3nsTg@mail.gmail.com>
References: <CAPkXO3Upv=L+fmYtgMi5sz+HF3jyBvS5236JkRycKxHNkshd3A@mail.gmail.com> <70ce731a-7620-a093-c250-15761be85d34@stroeder.com> <CANCEyfNW1H0vxjQ=cmU1Ney=jqLKFjtFa8eQJppS4vPWondQsA@mail.gmail.com> <CAPkXO3VXN3tWfopUnf_rs4PB4ubv4zJ8iDOGe=rYqwU2EZX4Fg@mail.gmail.com> <WM!17ef9400e7ef3e60df4d54d03bd36ad91ac9fcbbabff6c9b8270add114c46e5190b81fd79d63baa5503673beed40e4c5!@mailstronghold-1.zmailcloud.com> <B82D8DC4B28BAD5AF91AF1A2@192.168.1.30> <CAPkXO3U7=X05YVy==GJo8SZVVxO1frGAhS0jcmqr+vQrs3nsTg@mail.gmail.com>

Set your kernel parameters like this:

net.core.somaxconn = 100000
net.core.netdev_max_backlog = 100000
net.ipv4.tcp_keepalive_time = 300
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.tcp_max_syn_backlog = 100000
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.tcp_tw_recycle = 1
net.netfilter.nf_conntrack_tcp_timeout_established = 600


Set your slapd.config like this:

dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/run/openldap/slapd.args
olcPidFile: /var/run/openldap/slapd.pid
olcConcurrency: 0
olcConnMaxPending: 100
olcConnMaxPendingAuth: 100000
olcGentleHUP: FALSE
olcIdleTimeout: 0
olcIndexSubstrIfMaxLen: 4
olcIndexSubstrIfMinLen: 2
olcIndexSubstrAnyLen: 4
olcIndexSubstrAnyStep: 2
olcIndexIntLen: 4
olcSizeLimit: -1
olcSockbufMaxIncoming: 262143
olcSockbufMaxIncomingAuth: 16777215
olcListenerThreads: 4
olcLogLevel: 0
olcThreads: 32

dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema

include: file:///etc/openldap/schema/core.ldif
include: file:///etc/openldap/schema/cosine.ldif
include: file:///etc/openldap/schema/inetorgperson.ldif
include: file:///etc/openldap/schema/openldap.ldif

dn: olcDatabase=frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: frontend
olcPasswordHash: {SSHA}
olcAccess: {0}to * by sockurl=ldapi:/// read by * break
olcAccess: {1}to * by * none

dn: olcDatabase=monitor,cn=config
objectClass: olcDatabaseConfig
olcDatabase: monitor
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcSyncUseSubentry: FALSE
olcMonitoring: FALSE

dn: olcDatabase=mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: mdb
olcAccess: {0}to * by anonymous auth by * break
olcAccess: {1}to * by * none
olcSuffix: dc=foo,dc=bar
olcDbDirectory: /usr/local/ldap/var/openldap-data
olcDbIndex: objectClass eq
olcDbIndex: cn,sn,uid pres,eq,approx,sub
olcDbIndex: gidNumber eq
olcDbIndex: givenName eq
olcDbIndex: mail eq
olcDbIndex: member eq
olcDbIndex: uidNumber eq
OlcDbMaxSize: 107374182400
olcDbEnvFlags: writemap
olcDbEnvFlags: nometasync
olcDbNoSync: FALSE
olcRootDN: cn=Manager,dc=foo,dc=bar
olcRootPW: secret


That will ramp your binds per second up to something better than you have now..

On Fri, Nov 3, 2017 at 6:02 PM, Tim <tim@yetanother.net> wrote:
> No.. unfortunately not... :)
>
> I was/am grasping at straws a little bit currently and just tweaking things
> one setting at a time to see if I can see any difference - admittedly,
> increasing threads has not improved the situation at all.
>
>
> --
> Tim
>
> On Fri, Nov 3, 2017 at 3:44 PM, Quanah Gibson-Mount <quanah@symas.com>
> wrote:
>>
>> --On Friday, November 03, 2017 1:11 PM +0000 Tim <tim@yetanother.net>
>> wrote:
>>
>>> olcThreads: 512
>>
>>
>> You have 128 cores on your box?  More threads != better performance.  In
>> fact, it will cause significant problems if it is set beyond what your
>> system can handle.
>>
>>
>> --Quanah
>>
>> --
>>
>> Quanah Gibson-Mount
>> Product Architect
>> Symas Corporation
>> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
>> <http://www.symas.com>
>>
>>
>
>
>
> --
> Tim
> tim@yetanother.net

References:
- Load testing bind performance
  - From: Tim <tim@yetanother.net>
- Re: Load testing bind performance
  - From: Michael Ströder <michael@stroeder.com>
- Re: Load testing bind performance
  - From: MJ J <mikedotjackson@gmail.com>
- Re: Load testing bind performance
  - From: Tim <tim@yetanother.net>
- Re: Load testing bind performance
  - From: Tim <tim@yetanother.net>

Prev by Date: Re: Load testing bind performance
Next by Date: NO-USER-MODIFICATION and USAGE dSAOperation in custom schema
Index(es):
- Chronological
- Thread