OpenLDAP Tuning Keys 8.0: Difference between revisions

No edit summary
No edit summary
Line 19: Line 19:
  ldap_common_require_tls=0
  ldap_common_require_tls=0


* Set the '''toolthreads''' count to an appropriate level.  The ZCS default is 1.  It should be set to the number of real cores you have available.  The purpose of the toolthreads setting is to decrease the amount of time it takes to slapadd a database.
* Set the '''toolthreads''' count to an appropriate level.  The ZCS default is 2.  It should be set to 2.


  zmlocalconfig -e ldap_common_toolthreads=1
  zmlocalconfig -e ldap_common_toolthreads=2


* Set the '''writetimeout''' for how long to wait for a write to succeed.  The default is 0, which is infinitely.  Otherwise, forcefully close the connection after the specified number of seconds.
* Set the '''writetimeout''' for how long to wait for a write to succeed.  The default is 0, which is infinitely.  Otherwise, forcefully close the connection after the specified number of seconds.
Line 28: Line 28:


=== OpenLDAP Primary Database keys ===
=== OpenLDAP Primary Database keys ===
These keys apply to the primary LDAP database.  They are apply to both the master and replica servers.  More detail on what these keys determine can be found by reading the [http://www.openldap.org/software/man.cgi?query=slapd-hdb&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html slapd-hdb(5) man page]  
These keys apply to the primary LDAP database.  They are apply to both the master and replica servers.  More detail on what these keys determine can be found by reading the [http://www.openldap.org/software/man.cgi?query=slapd-mdb&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html slapd-mdb(5) man page]  
 
* The number of entries to free when the entry cache gets full.  Default is 1.
 
zmlocalconfig -e ldap_db_cachefree=1
 
* The entry '''cachesize''' for the primary database. The number set should be the number of configured active accounts and the number of configured active domains. The default is 10000.
 
zmlocalconfig -e ldap_db_cachesize=10000


* How frequently to checkpoint the database to disk.  This flushes data from the cache to the database.  Default is every 64KB or 5 minutes.  It takes two values.
* How frequently to checkpoint the database to disk.  This flushes data from the cache to the database.  Default is every 64KB or 5 minutes.  It takes two values.
Line 42: Line 34:
  zmlocalconfig -e ldap_db_checkpoint="64 5"
  zmlocalconfig -e ldap_db_checkpoint="64 5"


* The '''dn entry cachseize''' for the primary database.  It is highly recommended to leave it at the default value of zero, which means an unlimited DN cache.  If it is set to a non-zero value, it should be no less than two times the entry cache.
* Maximum allowable size for the primary database.  '''WARNING''': If your database reaches the size of this value, dataloss will occurDefaults to 85GB
 
zmlocalconfig -e ldap_db_dncachesize=0
 
* The '''idlcachesize''' for the primary database.  The number set should optimally be three times the '''cachesize''' setting.  The default is 10000.
 
  zmlocalconfig -e ldap_db_idlcachesize=10000
 
* Whether or not to use a shared memory key for the primary database.  The default is 0 (no shared memory key).  A shared memory key is recommended for systems where the DB_CONFIG cachesize is 8GB or higher.  The value must be positive and non-zero.  It cannot be the same as another shm key setting (See the Accesslog DB tuning keys).


  zmlocalconfig -e ldap_db_shmkey=0
  zmlocalconfig -e ldap_db_maxsize=85899345920


=== OpenLDAP Accesslog Database Keys ===
=== OpenLDAP Accesslog Database Keys ===
These keys apply to the Accesslog LDAP database used for replication.  They are apply only to the master server. More detail on what these keys determine can be found by reading the [http://www.openldap.org/software/man.cgi?query=slapd-hdb&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html slapd-hdb(5) man page]
These keys apply to the Accesslog LDAP database used for replication.  They are apply only to the master server. More detail on what these keys determine can be found by reading the [http://www.openldap.org/software/man.cgi?query=slapd-mdb&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html slapd-mdb(5) man page]
 
* The number of entries to free when the entry cache gets full.  Default is 1.
 
zmlocalconfig -e ldap_accesslog_cachefree=1
 
* The entry '''cachesize''' for the accesslog database. The default is 10000.
 
zmlocalconfig -e ldap_accesslog_cachesize=10000


* How frequently to checkpoint the accesslog database to disk.  This flushes data from the cache to the database.  Default is every 64KB or 5 minutes.  It takes two values.
* How frequently to checkpoint the accesslog database to disk.  This flushes data from the cache to the database.  Default is every 64KB or 5 minutes.  It takes two values.
Line 69: Line 45:
  zmlocalconfig -e ldap_accesslog_checkpoint="64 5"
  zmlocalconfig -e ldap_accesslog_checkpoint="64 5"


* The '''dn entry cachseize''' for the accesslog database.  It is highly recommended to leave it at the default value of zero, which means an unlimited DN cache.  If it is set to a non-zero value, it should be no less than two times the entry cache.
* Maximum allowable size for the accesslog database.  '''WARNING''': If your database reaches the size of this value, dataloss will occurDefaults to 85GB
 
zmlocalconfig -e ldap_accesslog_dncachesize=0
 
* The '''idlcachesize''' for the accesslog database.  The number set should optimally be three times the '''cachesize''' setting.  The default is 10000.
 
  zmlocalconfig -e ldap_accesslog_idlcachesize=10000
 
* Whether or not to use a shared memory key for the accesslog database.  The default is 0 (no shared memory key).  A shared memory key is recommended for systems where the DB_CONFIG cachesize for the accesslog database is 8GB or higher.  The value must be positive and non-zero.  It cannot be the same as another shm key setting (See the Primary DB tuning keys).


  zmlocalconfig -e ldap_accesslog_shmkey=0
  zmlocalconfig -e ldap_accesslog_maxsize=85899345920


=== OpenLDAP Overlay Keys ===
=== OpenLDAP Overlay Keys ===

Revision as of 03:00, 21 July 2012

Admin Article

Article Information

This article applies to the following ZCS versions.

ZCS 8.0 Article ZCS 8.0


OpenLDAP Tuning Keys

Starting with ZCS 6.0, the configuration is stored in a database. This allows the ability to make changes to the OpenLDAP configuration on the fly. To support this, a number of keys were added to Localconfig. When modified via zmlocalconfig, the values will automatically be updated in the OpenLDAP server configuration within 2 minutes. It is advised to also read over the OpenLDAP Performance Wiki as well.

OpenLDAP Common keys

These keys set the general, or common, settings for the slapd process. They are apply to both the master and replica servers. More detail on what these keys determine can be found by reading the slapd.conf(5) man page

  • Set the loglevel level to be used. The default is 49152
zmlocalconfig -e ldap_common_loglevel=49152
  • Set the threads count to an appropriate level. The ZCS default is 8, which is fine for 1 or 2 CPU servers. The general rule of thumb is 4 threads for every real core.
zmlocalconfig -e ldap_common_threads=8
  • Set whether or not an encrypted connection is required to establish communication with the LDAP server. 0 for no, 1 for yes. Default is 0. Changing this option requires a server restart for it to take effect.
ldap_common_require_tls=0
  • Set the toolthreads count to an appropriate level. The ZCS default is 2. It should be set to 2.
zmlocalconfig -e ldap_common_toolthreads=2
  • Set the writetimeout for how long to wait for a write to succeed. The default is 0, which is infinitely. Otherwise, forcefully close the connection after the specified number of seconds.
zmlocalconfig -e ldap_common_writetimeout=0

OpenLDAP Primary Database keys

These keys apply to the primary LDAP database. They are apply to both the master and replica servers. More detail on what these keys determine can be found by reading the slapd-mdb(5) man page

  • How frequently to checkpoint the database to disk. This flushes data from the cache to the database. Default is every 64KB or 5 minutes. It takes two values.
zmlocalconfig -e ldap_db_checkpoint="64 5"
  • Maximum allowable size for the primary database. WARNING: If your database reaches the size of this value, dataloss will occur. Defaults to 85GB
zmlocalconfig -e ldap_db_maxsize=85899345920

OpenLDAP Accesslog Database Keys

These keys apply to the Accesslog LDAP database used for replication. They are apply only to the master server. More detail on what these keys determine can be found by reading the slapd-mdb(5) man page

  • How frequently to checkpoint the accesslog database to disk. This flushes data from the cache to the database. Default is every 64KB or 5 minutes. It takes two values.
zmlocalconfig -e ldap_accesslog_checkpoint="64 5"
  • Maximum allowable size for the accesslog database. WARNING: If your database reaches the size of this value, dataloss will occur. Defaults to 85GB
zmlocalconfig -e ldap_accesslog_maxsize=85899345920

OpenLDAP Overlay Keys

The following keys are specific to the OpenLDAP overlays used by ZCS.

OpenLDAP Accesslog Overlay Keys

This key applies to the accesslog overlay. It is only meaningful on the LDAP master. More detail on what this key determines can be found by reading the slapo-accesslog(5) man page

  • How often to purge old entries from the accesslog database, and what age they need to be. The default is to purge all entries 1 day or older, and to run the purges every 4 hours. It takes two values, the first being the age of the entries to delete, the second being how frequently to run the deletion.
zmlocalconfig -e ldap_overlay_accesslog_logpurge="01+00:00  00+04:00"

OpenLDAP Syncprov Overlay Keys

The following keys apply to the syncprov overlay. It is only meaningful on the LDAP master. More detail on what these keys determine can be found by reading the slapo-syncprov(5) man page

  • How often to checkpoint the current CSN to the underlying database. The default is every 20 changes or 10 minutes. It takes two values.
zmlocalconfig -e ldap_overlay_syncprov_checkpoint="20 10"
  • How many operations to store in the syncprov sessionlog. Has no real impact for ZCS, as it is never used.
zmlocalconfig -e ldap_overlay_syncprov_sessionlog=500
Verified Against: ZCS 7.0 Date Created: ZCS 6.0
Article ID: https://wiki.zimbra.com/index.php?title=OpenLDAP_Tuning_Keys_8.0 Date Modified: 2012-07-21



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Other help Resources

User Help Page »
Official Forums »
Zimbra Documentation Page »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Retrieved from "http://wiki.zimbra.com/index.php?title=OpenLDAP_Tuning_Keys_8.0&oldid=42269"
Jump to: navigation, search