freeipa

Clone
Source Code
GIT

#8798 RFE: Cache LDAP data within a request
Closed: fixed 2 years ago by rcritten. Opened 3 years ago by rcritten.

Closed: fixed
Reopen Issue

Request for enhancement

As an IPA administrator I want to limit the number of LDAP searches performed by the IPA framework.

Each IPA command is implemented standalone but some call others (e.g. host-del calls service-del) so there are some repeated executions (like is DNS available). By caching some answers the total number of LDAP searches can be reduced.

The cache does not need to be particularly aggressive. Only single entry searches will need to be cached so:

  • get_entries/find_entries are excluded. Keeping track of all the options plus the cache data would be too cumbersome and probably not pay off.
  • cn=kerberos cannot be cached because kadmin/kadmin.local may operate directly on the data
  • the above is a risk with modifying data directly in LDAP too but is expected to be less
  • the cache is per-request so the size should be relatively small and will refresh on its own. The only risk is a humongous batch command.

Metadata Update from @rcritten:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1953656
2 years ago

Issue linked to Bugzilla: Bug 1953656

master:

  • d1f3ff5 Call the LDAPClient layer when modifying values
  • 8365d5e Unify installer context to be 'installer'
  • a4675f6 Implement simple LDAP cache layer
  • 3539857 Add LDAP cache options to the default.conf man page
  • 8d21df9 Add a unit test for the LDAP cache layer
  • 1e9a238 Parse the debugging cache log to determine the read savings

ipa-4-9:

  • d6637b2 Call the LDAPClient layer when modifying values
  • 63767ec Unify installer context to be 'installer'
  • b37d679 Implement simple LDAP cache layer
  • 00c99cc Add LDAP cache options to the default.conf man page
  • 951720d Add a unit test for the LDAP cache layer
  • 0307d22 Parse the debugging cache log to determine the read savings

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
2 years ago

Login to comment on this ticket.

Metadata

performance

None
None
normal
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=1953656
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.