Re: Scaling slapd nodes in Kubernetes with the MDB Backend

On Fri, Jan 5, 2024 at 9:03 PM Marc Marc@f1-outsourcing.eu wrote:

...

Using ARGON2 auth takes 3 seconds (was thinking of switching to this)?

You should fine tune it to the actual deployment environment. We use a lot of Perl so I use this utility to calibrate it on a typical pod: https://metacpan.org/dist/Crypt-Argon2/view/script/argon2-calibrate

This is our current setup:

Y => 'argon2id', # type P => 2, # threads M => '64M', # mem T => 17, # passes SL => 128, # salt len TL => 128, # tag len

takes about 2 secs on the LDAP pod, and 3-5 secs from the outside when you add our OUath2 server and all the network latency.