freeipa

Clone
Source Code
GIT

#6515 [RFE] limit the retro changelog to dns subtree.
Closed: fixed 7 years ago Opened 8 years ago by pvoborni.

Closed: fixed
Reopen Issue

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1388135

Description of problem:

In Ipa, we are using content syncronization plugin to let DNS component be
aware of changes under "cn=dns"

We had a bug already fixed to exclude ipaca backend from retro changelog:

bz 1346321

this has helped to prevent some deadlocks.

But there's still some improvement here. In ipa we have a high number of
updates in some situations like provisioning users in environments with large
static groups or/and compat plugin enabled.

Each time an update is done to the db, a retro changelog operation is logged.

I think we will improve performance a lot and have less issues (lots of issues
with updates in the retro changelog are seen at customer side) if we could
restrict, in IPA, the retro changelog operations to dns subtree only.

We don't have many dns updates.

I am asking here whether an enhancement is possible to restrict by DNS subtree.

Instead of excluding "o=ipaca", the change will be similar but this time we
need an include suffix clause:


nsslapd-include-suffix: "cn=dns,...."

Metadata Update from @pvoborni:
- Issue assigned to someone
- Issue set to the milestone: FreeIPA 4.5
8 years ago

Metadata Update from @mbasti:
- Issue close_status updated to: None
- Issue set to the milestone: FreeIPA 4.5.1 (was: FreeIPA 4.5)
8 years ago

Metadata Update from @mbasti:
- Issue set to the milestone: FreeIPA 4.5.2 (was: FreeIPA 4.5.1)
7 years ago

FreeIPA 4.5.1 has been released, moving to FreeIPA 4.5.2 milestone

Metadata Update from @tkrizek:
- Issue set to the milestone: FreeIPA 4.5.3 (was: FreeIPA 4.5.2)
7 years ago

Metadata Update from @tkrizek:
- Issue set to the milestone: FreeIPA 4.5.4 (was: FreeIPA 4.5.3)
7 years ago

Metadata Update from @tkrizek:
- Issue assigned to tkrizek (was: someone)
7 years ago

Metadata Update from @tkrizek:
- Issue set to the milestone: FreeIPA 4.5.5 (was: FreeIPA 4.5.4)
7 years ago

Metadata Update from @tkrizek:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/1189
- Issue set to the milestone: FreeIPA 4.5.4 (was: FreeIPA 4.5.5)
7 years ago

master:

  • 624b34a ldap: limit the retro changelog to dns subtree

ipa-4-5:

  • d03d338 ldap: limit the retro changelog to dns subtree

ipa-4-6:

  • 68a7e47 ldap: limit the retro changelog to dns subtree

Metadata Update from @tkrizek:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
7 years ago

Log in to comment on this ticket.

Metadata
None
None
None
normal
None
None
None
None
enhancement
None
None
IPA
None
https://github.com/freeipa/freeipa/pull/1189
None
None
None
None
None
None
None
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.