On Wednesday 2012-06-27 14:53, Jan Engelhardt wrote:
On Tuesday 2012-06-26 17:43, Stephen Gallagher wrote:
>
>Actually, it most certainly is cached locally. If it was going to LDAP
>50,000 times, it would take you MUCH longer than 8.5s to get results
>back. Naturally, looking up results in a local file is faster than
>getting it out of the SSSD's cache database. However, we have sped this
>up considerably in SSSD 1.9.0 (currently in beta). We now maintain a
>second, in-memory cache for requests that is much faster than
>communicating across the socket to the sssd_nss process and then reading
>from the database (and processing group nested members).
>
>So if you wanted to test our latest nightlies with this program, I think
>you'd find it responding much faster.
Unfortunately not. The case is that the users/groups are not in passwd,
but in LDAP. top(1) shows that sssd_nss eats CPU like mad - which would
seem coherent with the assumption that it did not cache negative
entries.
On the whole picture, I am trying out "bindfs", and how long it takes to
extract e.g. a kernel tarball with a given, but fixed over all test
runs, set of bindfs options. It's mostly about repeated getpw*/getgr*
lookups (at least one per created file).