Damn, forgot to send my response to list: Message-ID: <[email protected]> Date: Mon, 05 Jan 2009 11:59:36 -0600 From: tico <[email protected]> User-Agent: Thunderbird 2.0.0.18 (Macintosh/20081105) MIME-Version: 1.0 To: "P.Pruett" <[email protected]> Subject: Re: OpenLDAP w/o bdb okay? References: <[email protected]> In-Reply-To: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit
Responses inline: P.Pruett wrote: > For OpenBSD 4.4 and current the flavor "bdb" is broken on openldap > BROKEN= OpenLDAP 2.3 is incompatible with Berkeley DB 4.6 > > Most past articles have strongly suggested haveing openldap use "bdb" > as its storage method. If by most articles, you mean "most of the Linux HOWTO articles," you'll notice that most of them are ancient now and were written by people with an almost pathological need for premature optimization and overly-complex initial installs. I've yet to encounter an LDAP environment where there a) was a disk I/O bottleneck due to locking that was solvable by BDB b) that was not more sanely solvable by scaling out to replicated slapd servers c) with or without moving the dataset onto a memory filesystem d) or sectioning the dataset into one chunk per group of servers. If you actually need any of the above, you probably know or should know way more about the bottlenecks in your LDAP environment than any of us do, much less the clueless retards writing HOWTO articles. Note that I'm *not* saying that I hate BDB, just that I haven't found what it solves in the real world, and having data in BDB means that *when* corruption occurs, it's more of a pain in the ass to recover from than an LDIF/LDBM. This has happened to me several times, and I've found that the resulting error messages have been less than verbose, and less than helpful. > Seeing that even the current port is not ready > to implement OpenLDAP 2.4 suggests that using openldap without bdb may > not be so terrible. Thank god. Now I don't have to double-check my installs to make sure they don't include BDB. > Staying with openbsd is the choice, so we have to use a non bdb openldap > on openbsd 4.4 or current for now. Having always used the bdb flavor > because literature suggested, I wonder > what problems for performance or maitenance in production will arise > by not using flavor bdb for openldap? > Run your own benchmarks using your own dataset. If your LDAP environment is anything at all like the majority I've seen you will not notice any difference whatsoever (except you'll be free from BDB corruption during a crash). Cheers -Tico
