Hello All
I am facing a performance issue on my LDAP nodes.
I have two LDAP nodes ,which is syncrepl enabled.
When i create new record ,its taking 18-20 second to replicate on other node. So the application which is reading the records from the second node is unable to find those records.
1.Is this normal behavior? 2.Is there any way to findout how much time took a record to be replicated? 3.Any other paramter needs to be added to fasten this replication?
Below is my configuration details.
------------------------------------------------------------------------- # This is the main slapd configuration file. See slapd.conf(5) for more # info on the configuration options.
####################################################################### # Global Directives:
# Features to permit #allow bind_v2
TLSCACertificateFile /etc/ssl/ldap.pem TLSCertificateKeyFile /etc/ssl/ldap.pem TLSCertificateFile /etc/ssl/ldap.pem include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/sncds.schema pidfile /var/run/slapd/slapd.pid Server 002 argsfile /var/run/slapd/slapd.args loglevel sync stats modulepath /usr/lib/ldap moduleload back_hdb moduleload syncprov SizeLimit 500 tool-threads 8 threads 16 backend hdb database hdb monitoring on cachesize 50000 idlcachesize 50000 suffix "dc=xx,dc=xxx,dc=xx"
rootdn "cn=xx,dc=xx,dc=xx,dc=xx" rootpw xx
directory "/var/lib/ldap/account"
dbconfig set_cachesize 0 167772160 0
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500 index objectClass, snAccount, snEnabled, entryCSN, entryUUID eq index cn eq,pres,subany
lastmod on
checkpoint 5120 30
access to attrs=userPassword,shadowLastChange by dn="cn=xx,ou=xx,dc=xx,dc=xx" write by anonymous auth by self write by * none access to dn.base="" by * read
access to * by dn="cn=xx,ou=xx,dc=xx,dc=xx" write by self read by * none
limits dn.exact="cn=xx,ou=xx,dc=xx,dc=xx" size=unlimited
syncrepl rid=001 provider=ldap://IP bindmethod=simple binddn="cn=xx,ou=xx,dc=xx,dc=xx" credentials=xx searchbase="dc=xx,dc=xx,dc=xx" schemachecking=on type=refreshAndPersist retry="10 +" mirrormode on overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 10000
--On Monday, September 12, 2016 3:50 PM +0200 "Prashanth P.Nair" prashanthppp@gmail.com wrote:
When i create new record ,its taking 18-20 second to replicate on other node. So the application which is reading the records from the second node is unable to find those records.
1.Is this normal behavior?
Yes.
2.Is there any way to findout how much time took a record to be replicated?
Read the information on "loglevel" in the slapd.conf(5) man page.
3.Any other paramter needs to be added to fasten this replication?
backend hdb database hdb
Replication is particularly slowed if using back-hdb vs back-mdb. See https://mishikal.wordpress.com/2013/05/16/openldap-a-comparison-of-back-mdb-and-back-hdb-performance/ and https://wiki.zimbra.com/wiki/OpenLDAP_MDB_vs_HDB_performance.
--Quanah
--
Quanah Gibson-Mount
openldap-technical@openldap.org
-
Prashanth P.Nair -
Quanah Gibson-Mount