Difference between revisions of "stoney cloud: OpenLDAP directory set-up"
[unchecked revision] | [unchecked revision] |
(Created page with "= Abstract = This document describes the set-up of the OpenLDAP directory of the stoney cloud. This directory contains the data of services (modules) like Selfcare, [[Virt...") |
(→Adding an index) |
||
(14 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
= Abstract = | = Abstract = | ||
− | This document describes the set-up of the OpenLDAP directory of the stoney cloud. This directory contains the data of | + | This document describes the set-up of the OpenLDAP directory of the stoney cloud. This directory contains the data of [[:Category:Self-Service Modules|Self-Service Modules]] (services) like [[:Category:stoney core|stoney core]], [[:Category:stoney conductor|stoney conductor]], [[:Category:stoney vm|stoney vm]], [[:Category:stoney backup|stoney backup]] and more. |
− | [[Category:OpenLDAP directory]] | + | = Directory set-up = |
+ | |||
+ | == Indices == | ||
+ | If you see entries similar to the following entry, you need to add indices to your slapd.conf configuration file: | ||
+ | grep bdb_equality_candidates /var/log/syslog/slapd.log | ||
+ | |||
+ | Oct 2 13:39:19 stoney-cloud-node-01 slapd[19508]: <= bdb_equality_candidates: (dhcpHWAddress) not indexed | ||
+ | |||
+ | === Adding an index === | ||
+ | Adding an index to your slapd.conf configuration file: | ||
+ | vi /etc/openldap/slapd.conf | ||
+ | |||
+ | index dhcpHWAddress eq | ||
+ | |||
+ | Now stop the OpenLDAP daemon: | ||
+ | /etc/init.d/slapd stop | ||
+ | |||
+ | Rebuild all you indices (works well for small directories): | ||
+ | slapindex -f /etc/openldap/slapd.conf | ||
+ | |||
+ | Set the proper permissions: | ||
+ | chown ldap:ldap /var/lib/openldap-hdb/foss-cloud/* | ||
+ | chmod 700 /var/lib/openldap-hdb/foss-cloud/* | ||
+ | |||
+ | Now start the OpenLDAP daemon: | ||
+ | /etc/init.d/slapd start | ||
+ | |||
+ | Make sure, that the OpenLDAP daemon started cleanly: | ||
+ | tail -f /var/log/syslog/slapd.log | ||
+ | |||
+ | Oct 2 14:49:49 stoney-cloud-node-02 slapd[15191]: @(#) $OpenLDAP: slapd 2.4.30 (Feb 4 2013 16:01:35) $ | ||
+ | @kvm-060:/var/tmp/portage/net-nds/openldap-2.4.30/work/openldap-2.4.30/servers/slapd | ||
+ | Oct 2 14:49:49 stoney-cloud-node-02 slapd[15192]: slapd starting | ||
+ | |||
+ | ps auxf | grep slapd | ||
+ | |||
+ | ldap 15192 0.0 0.0 324516 21468 ? Ssl 14:49 0:00 /usr/lib64/openldap/slapd -u ldap -g ldap -h ldaps://0.0.0.0 | ||
+ | |||
+ | == Backends == | ||
+ | The mdb backend to slapd(8) is the upcoming primary backend for a normal slapd database. It uses OpenLDAP's own Lightning Memory-Mapped Database (LMDB) library to store data and is intended to replace the Berkeley DB backends. | ||
+ | |||
+ | It supports indexing like the BDB backends, but it uses no caching and requires no tuning to deliver maximum search performance. Like hdb, it is also fully hierarchical and supports subtree renames in constant time. | ||
+ | |||
+ | === slapd-hdb === | ||
+ | cd /root | ||
+ | |||
+ | time ldapsearch -H ldaps://ldapm.stoney-cloud.org -b "ou=services,dc=stoney-cloud,dc=org" -s sub -x -D "cn=Manager,dc=stoney-cloud,dc=org" "(objectclass=*)" -v -w admin > gugus.ldif | ||
+ | |||
+ | ldap_initialize( ldaps://ldapm.stoney-cloud.org:636/??base ) | ||
+ | filter: (objectclass=*) | ||
+ | requesting: All userApplication attributes | ||
+ | |||
+ | real 0m0.029s | ||
+ | user 0m0.010s | ||
+ | sys 0m0.000s | ||
+ | |||
+ | Size of the database with all the indices: | ||
+ | du -h /var/lib/openldap-hdb/foss-cloud | ||
+ | |||
+ | 5.2M /var/lib/openldap-hdb/foss-cloud | ||
+ | |||
+ | cd /var/lib/openldap-hdb/foss-cloud | ||
+ | ls -alh | ||
+ | <pre> | ||
+ | total 5.2M | ||
+ | drwx------ 2 ldap ldap 4.0K 6. Okt 14:29 . | ||
+ | drwx------ 3 ldap ldap 23 6. Okt 14:29 .. | ||
+ | -rwx------ 1 ldap ldap 2.0K 6. Okt 14:29 alock | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 cn.bdb | ||
+ | -rwx------ 1 ldap ldap 24K 6. Okt 14:29 __db.001 | ||
+ | -rwx------ 1 ldap ldap 176K 6. Okt 14:30 __db.002 | ||
+ | -rwx------ 1 ldap ldap 5.1M 6. Okt 14:30 __db.003 | ||
+ | -rwx------ 1 ldap ldap 3.0M 6. Okt 14:30 __db.004 | ||
+ | -rwx------ 1 ldap ldap 792K 6. Okt 14:30 __db.005 | ||
+ | -rwx------ 1 ldap ldap 32K 6. Okt 14:30 __db.006 | ||
+ | -rwx------ 1 ldap ldap 160 6. Okt 14:29 DB_CONFIG | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 dhcpHWAddress.bdb | ||
+ | -rwx------ 1 ldap ldap 112K 6. Okt 14:29 dn2id.bdb | ||
+ | -rwx------ 1 ldap ldap 32K 6. Okt 14:29 entryCSN.bdb | ||
+ | -rwx------ 1 ldap ldap 24K 6. Okt 14:29 entryUUID.bdb | ||
+ | -rwx------ 1 ldap ldap 640K 6. Okt 14:29 id2entry.bdb | ||
+ | -rwx------ 1 ldap ldap 10M 6. Okt 14:29 log.0000000001 | ||
+ | -rwx------ 1 ldap ldap 64K 6. Okt 14:29 objectClass.bdb | ||
+ | -rwx------ 1 ldap ldap 16K 6. Okt 14:29 ou.bdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstDisplayName.bdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstIsActive.bdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstNode.bdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstSelfService.bdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstStoragePool.bdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstThinProvisioningVirtualMachine.bdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstVirtualMachine.bdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstVirtualMachinePool.bdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstVirtualMachinePoolType.bdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstVirtualMachineType.bdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 uid.bdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 uidNumber.bdb | ||
+ | </pre> | ||
+ | |||
+ | === slapd-mdb === | ||
+ | The mdb backend to slapd(8) is the upcoming primary backend for a normal slapd database. It uses OpenLDAP's own Lightning Memory-Mapped Database (LMDB) library to store data and is intended to replace the Berkeley DB backends. | ||
+ | |||
+ | It supports indexing like the BDB backends, but it uses no caching and requires no tuning to deliver maximum search performance. Like hdb, it is also fully hierarchical and supports subtree renames in constant time. | ||
+ | |||
+ | [http://www.openldap.org/software/man.cgi?query=slapd-mdb&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html slapd-mdb] - Memory-Mapped DB backend to slapd | ||
+ | cd /root | ||
+ | |||
+ | time ldapsearch -H ldaps://ldapm.stoney-cloud.org -b "ou=services,dc=stoney-cloud,dc=org" -s sub -x -D "cn=Manager,dc=stoney-cloud,dc=org" "(objectclass=*)" -v -w admin > gugus.ldif | ||
+ | |||
+ | ldap_initialize( ldaps://ldapm.stoney-cloud.org:636/??base ) | ||
+ | filter: (objectclass=*) | ||
+ | requesting: All userApplication attributes | ||
+ | |||
+ | real 0m0.020s | ||
+ | user 0m0.010s | ||
+ | sys 0m0.000s | ||
+ | |||
+ | Size of the database with all the indices: | ||
+ | du -h /var/lib/openldap-hdb/foss-cloud | ||
+ | |||
+ | 32M /var/lib/openldap-hdb/foss-cloud | ||
+ | |||
+ | cd /var/lib/openldap-hdb/foss-cloud | ||
+ | ls -alh | ||
+ | <pre> | ||
+ | total 32M | ||
+ | drwx------ 2 ldap ldap 36 6. Okt 14:27 . | ||
+ | drwx------ 3 ldap ldap 23 6. Okt 14:26 .. | ||
+ | -rwx------ 1 ldap ldap 32M 6. Okt 14:27 data.mdb | ||
+ | -rwx------ 1 ldap ldap 8.0K 6. Okt 14:27 lock.mdb | ||
+ | </pre> | ||
+ | |||
+ | [[Category:stoney cloud]][[Category:OpenLDAP directory]] |
Latest revision as of 12:30, 26 September 2014
Contents
Abstract
This document describes the set-up of the OpenLDAP directory of the stoney cloud. This directory contains the data of Self-Service Modules (services) like stoney core, stoney conductor, stoney vm, stoney backup and more.
Directory set-up
Indices
If you see entries similar to the following entry, you need to add indices to your slapd.conf configuration file:
grep bdb_equality_candidates /var/log/syslog/slapd.log
Oct 2 13:39:19 stoney-cloud-node-01 slapd[19508]: <= bdb_equality_candidates: (dhcpHWAddress) not indexed
Adding an index
Adding an index to your slapd.conf configuration file:
vi /etc/openldap/slapd.conf
index dhcpHWAddress eq
Now stop the OpenLDAP daemon:
/etc/init.d/slapd stop
Rebuild all you indices (works well for small directories):
slapindex -f /etc/openldap/slapd.conf
Set the proper permissions:
chown ldap:ldap /var/lib/openldap-hdb/foss-cloud/* chmod 700 /var/lib/openldap-hdb/foss-cloud/*
Now start the OpenLDAP daemon:
/etc/init.d/slapd start
Make sure, that the OpenLDAP daemon started cleanly:
tail -f /var/log/syslog/slapd.log
Oct 2 14:49:49 stoney-cloud-node-02 slapd[15191]: @(#) $OpenLDAP: slapd 2.4.30 (Feb 4 2013 16:01:35) $ @kvm-060:/var/tmp/portage/net-nds/openldap-2.4.30/work/openldap-2.4.30/servers/slapd Oct 2 14:49:49 stoney-cloud-node-02 slapd[15192]: slapd starting
ps auxf | grep slapd
ldap 15192 0.0 0.0 324516 21468 ? Ssl 14:49 0:00 /usr/lib64/openldap/slapd -u ldap -g ldap -h ldaps://0.0.0.0
Backends
The mdb backend to slapd(8) is the upcoming primary backend for a normal slapd database. It uses OpenLDAP's own Lightning Memory-Mapped Database (LMDB) library to store data and is intended to replace the Berkeley DB backends.
It supports indexing like the BDB backends, but it uses no caching and requires no tuning to deliver maximum search performance. Like hdb, it is also fully hierarchical and supports subtree renames in constant time.
slapd-hdb
cd /root
time ldapsearch -H ldaps://ldapm.stoney-cloud.org -b "ou=services,dc=stoney-cloud,dc=org" -s sub -x -D "cn=Manager,dc=stoney-cloud,dc=org" "(objectclass=*)" -v -w admin > gugus.ldif
ldap_initialize( ldaps://ldapm.stoney-cloud.org:636/??base ) filter: (objectclass=*) requesting: All userApplication attributes real 0m0.029s user 0m0.010s sys 0m0.000s
Size of the database with all the indices:
du -h /var/lib/openldap-hdb/foss-cloud
5.2M /var/lib/openldap-hdb/foss-cloud
cd /var/lib/openldap-hdb/foss-cloud ls -alh
total 5.2M drwx------ 2 ldap ldap 4.0K 6. Okt 14:29 . drwx------ 3 ldap ldap 23 6. Okt 14:29 .. -rwx------ 1 ldap ldap 2.0K 6. Okt 14:29 alock -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 cn.bdb -rwx------ 1 ldap ldap 24K 6. Okt 14:29 __db.001 -rwx------ 1 ldap ldap 176K 6. Okt 14:30 __db.002 -rwx------ 1 ldap ldap 5.1M 6. Okt 14:30 __db.003 -rwx------ 1 ldap ldap 3.0M 6. Okt 14:30 __db.004 -rwx------ 1 ldap ldap 792K 6. Okt 14:30 __db.005 -rwx------ 1 ldap ldap 32K 6. Okt 14:30 __db.006 -rwx------ 1 ldap ldap 160 6. Okt 14:29 DB_CONFIG -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 dhcpHWAddress.bdb -rwx------ 1 ldap ldap 112K 6. Okt 14:29 dn2id.bdb -rwx------ 1 ldap ldap 32K 6. Okt 14:29 entryCSN.bdb -rwx------ 1 ldap ldap 24K 6. Okt 14:29 entryUUID.bdb -rwx------ 1 ldap ldap 640K 6. Okt 14:29 id2entry.bdb -rwx------ 1 ldap ldap 10M 6. Okt 14:29 log.0000000001 -rwx------ 1 ldap ldap 64K 6. Okt 14:29 objectClass.bdb -rwx------ 1 ldap ldap 16K 6. Okt 14:29 ou.bdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstDisplayName.bdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstIsActive.bdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstNode.bdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstSelfService.bdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstStoragePool.bdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstThinProvisioningVirtualMachine.bdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstVirtualMachine.bdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstVirtualMachinePool.bdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstVirtualMachinePoolType.bdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 sstVirtualMachineType.bdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 uid.bdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:29 uidNumber.bdb
slapd-mdb
The mdb backend to slapd(8) is the upcoming primary backend for a normal slapd database. It uses OpenLDAP's own Lightning Memory-Mapped Database (LMDB) library to store data and is intended to replace the Berkeley DB backends.
It supports indexing like the BDB backends, but it uses no caching and requires no tuning to deliver maximum search performance. Like hdb, it is also fully hierarchical and supports subtree renames in constant time.
slapd-mdb - Memory-Mapped DB backend to slapd
cd /root
time ldapsearch -H ldaps://ldapm.stoney-cloud.org -b "ou=services,dc=stoney-cloud,dc=org" -s sub -x -D "cn=Manager,dc=stoney-cloud,dc=org" "(objectclass=*)" -v -w admin > gugus.ldif
ldap_initialize( ldaps://ldapm.stoney-cloud.org:636/??base ) filter: (objectclass=*) requesting: All userApplication attributes real 0m0.020s user 0m0.010s sys 0m0.000s
Size of the database with all the indices:
du -h /var/lib/openldap-hdb/foss-cloud
32M /var/lib/openldap-hdb/foss-cloud
cd /var/lib/openldap-hdb/foss-cloud ls -alh
total 32M drwx------ 2 ldap ldap 36 6. Okt 14:27 . drwx------ 3 ldap ldap 23 6. Okt 14:26 .. -rwx------ 1 ldap ldap 32M 6. Okt 14:27 data.mdb -rwx------ 1 ldap ldap 8.0K 6. Okt 14:27 lock.mdb