ldap user search very slow #13
Comments
|
Hi Daniel, I see, unfortunately I haven't currently got access to a LDAP server to test this against, although it was initially tested against a real one. Is it slower than when running without LDAP settings? There is "throttling" of the search in the GUI, and it could be it's a little too much. It's set to not send search queries to the backend more often than every 0.5 seconds. This was intended to prevent overloading the LDAP, but perhaps I was being too careful. It would certainly also be possible to cache the results in the backend, since LDAP info rarely changes. If you're able to experiment with the frontend, you could maybe try changing "frontend/src/entryeditor.js", in the section this.slowFetchUserSuggestions = debounce(
this.fetchUserSuggestions.bind(this),
500
);you might want to experiment with changing the number 500 to something smaller, or even 0 and see what happens. It might send quite a lot of queries (one per key stroke I think) to the LDAP server though. If you try this, please report your results so we can change the setting. Thanks for reporting this! BTW, did you try updating to the latest master? A change was merged to remember the last author list used, which might also make the situation less annoying in some cases. |
|
To test the speed of the backend querying LDAP, you can also try something like and see how long it takes. If it takes more than an instant, the problem is somewhere between the backend and the LDAP server. Anyway, I've set up a LDAP server now so I can test, it does not seem very slow but the experience can definitely be improved :) |
|
Thanks for your comments. However, when I try the curl cmd I get a rather slow response while an |
|
Wow, that's way slower than anything I've seen. I can see how that would be
very annoying.
It seems abnormal. I guess there is a problem either with the python ldap
client, or somehow with the configuration. Or could there possibly be some
kind of throttling going on at the ldap server side? It seems unlikely that
there's some network issue causing four second delays...
It would be really interesting if you could try doing the same query using
the python ldap client (all the code is in backend/users.py) from the same
machine where ldap search was fast.
I'll look into caching the ldap lookups on the backend. It probably makes
sense anyway.
…On Mon, 11 Mar 2019, 12:30 Daniel Schick, ***@***.***> wrote:
Thanks for your comments.
First of all the "remember-author" feature will pretty much solve most of
our issues.
However, when I try the curl cmd I get a rather slow response
time curl http://elogy/api/users/?search=mylogin
{
"users": [
{
"login": "mylogin",
"name": "D......",
"email": "D......"
}
]
}
real 0m4,052s
user 0m0,012s
sys 0m0,011s
while an ldapsearch return quasi instantaneously from the same terminal.
Changing frontend throtteling seem not to be the issue here.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#13 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABNy6EOJzcRWm8jO9TBwNhGQa28XoRmoks5vVj5sgaJpZM4bZXjf>
.
|
|
hm, doing the ldap search directly in python is also pretty fast: ähm, is the python lib doing a new binding on every search? |
|
doint 100 rebinds and searches with python ldap takes 1.8sec and is perfectly linear with the number of attempts, so a single search takes 0.018sec. |
|
I don't really know what the python client is doing under the hood, but I
don't remember doing anything particularly to keep the session alive or
anything so it's likely that this could be done better. But as you say, it
does not seem to explain the issue anyway. Curious...
I guess the final test would be to try the same thing from the elogy
server, if you didn't already. If that's fast too I'm out of ideas... could
it be related to running in docker..? Library versions? Some issue with the
particular LDAP server you're using?
…On Mon, 11 Mar 2019, 13:42 Daniel Schick, ***@***.***> wrote:
doint 100 rebinds and searches with python ldap takes 1.8sec and is
perfectly linear with the number of attempts, so a single search takes
0.018sec.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#13 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABNy6GXjIr4upbdhnBqSsFwMW35AzOjDks5vVk9IgaJpZM4bZXjf>
.
|
|
Indeed it's wired. Actually I test it from the elogy host.
So it might be related to Docker or a different version of some packages.
I tested it with python 2.7
Johan Forsberg <notifications@github.com> schrieb am Mo., 11. März 2019,
14:27:
… I don't really know what the python client is doing under the hood, but I
don't remember doing anything particularly to keep the session alive or
anything so it's likely that this could be done better. But as you say, it
does not seem to explain the issue anyway. Curious...
I guess the final test would be to try the same thing from the elogy
server, if you didn't already. If that's fast too I'm out of ideas... could
it be related to running in docker..? Library versions? Some issue with the
particular LDAP server you're using?
On Mon, 11 Mar 2019, 13:42 Daniel Schick, ***@***.***>
wrote:
> doint 100 rebinds and searches with python ldap takes 1.8sec and is
> perfectly linear with the number of attempts, so a single search takes
> 0.018sec.
>
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <
#13 (comment)
>,
> or mute the thread
> <
https://github.com/notifications/unsubscribe-auth/ABNy6GXjIr4upbdhnBqSsFwMW35AzOjDks5vVk9IgaJpZM4bZXjf
>
> .
>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#13 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ANKILNC2y5bjQeALV2Pm530dlBE-oU3xks5vVlmugaJpZM4bZXjf>
.
|
|
So I could try to install elogy locally without Docker to check that, right?
I fear that I would need some help/manual for that, as I was not able to
follow the instructions of the Readme so far.
Best
Daniel
Daniel Schick <schick.daniel@gmail.com> schrieb am Mo., 11. März 2019,
14:43:
… Indeed it's wired. Actually I test it from the elogy host.
So it might be related to Docker or a different version of some packages.
I tested it with python 2.7
Johan Forsberg ***@***.***> schrieb am Mo., 11. März 2019,
14:27:
> I don't really know what the python client is doing under the hood, but I
> don't remember doing anything particularly to keep the session alive or
> anything so it's likely that this could be done better. But as you say, it
> does not seem to explain the issue anyway. Curious...
>
> I guess the final test would be to try the same thing from the elogy
> server, if you didn't already. If that's fast too I'm out of ideas...
> could
> it be related to running in docker..? Library versions? Some issue with
> the
> particular LDAP server you're using?
>
> On Mon, 11 Mar 2019, 13:42 Daniel Schick, ***@***.***>
> wrote:
>
> > doint 100 rebinds and searches with python ldap takes 1.8sec and is
> > perfectly linear with the number of attempts, so a single search takes
> > 0.018sec.
> >
> > —
> > You are receiving this because you commented.
> > Reply to this email directly, view it on GitHub
> > <
> #13 (comment)
> >,
> > or mute the thread
> > <
> https://github.com/notifications/unsubscribe-auth/ABNy6GXjIr4upbdhnBqSsFwMW35AzOjDks5vVk9IgaJpZM4bZXjf
> >
> > .
> >
>
> —
> You are receiving this because you authored the thread.
> Reply to this email directly, view it on GitHub
> <#13 (comment)>,
> or mute the thread
> <https://github.com/notifications/unsubscribe-auth/ANKILNC2y5bjQeALV2Pm530dlBE-oU3xks5vVlmugaJpZM4bZXjf>
> .
>
|
|
Or could you easily test the difference in ldap performance between a local
and a Docker installation?
Daniel Schick <schick.daniel@gmail.com> schrieb am Mo., 11. März 2019,
17:09:
… So I could try to install elogy locally without Docker to check that,
right?
I fear that I would need some help/manual for that, as I was not able to
follow the instructions of the Readme so far.
Best
Daniel
Daniel Schick ***@***.***> schrieb am Mo., 11. März 2019,
14:43:
> Indeed it's wired. Actually I test it from the elogy host.
> So it might be related to Docker or a different version of some packages.
> I tested it with python 2.7
>
> Johan Forsberg ***@***.***> schrieb am Mo., 11. März 2019,
> 14:27:
>
>> I don't really know what the python client is doing under the hood, but I
>> don't remember doing anything particularly to keep the session alive or
>> anything so it's likely that this could be done better. But as you say,
>> it
>> does not seem to explain the issue anyway. Curious...
>>
>> I guess the final test would be to try the same thing from the elogy
>> server, if you didn't already. If that's fast too I'm out of ideas...
>> could
>> it be related to running in docker..? Library versions? Some issue with
>> the
>> particular LDAP server you're using?
>>
>> On Mon, 11 Mar 2019, 13:42 Daniel Schick, ***@***.***>
>> wrote:
>>
>> > doint 100 rebinds and searches with python ldap takes 1.8sec and is
>> > perfectly linear with the number of attempts, so a single search takes
>> > 0.018sec.
>> >
>> > —
>> > You are receiving this because you commented.
>> > Reply to this email directly, view it on GitHub
>> > <
>> #13 (comment)
>> >,
>> > or mute the thread
>> > <
>> https://github.com/notifications/unsubscribe-auth/ABNy6GXjIr4upbdhnBqSsFwMW35AzOjDks5vVk9IgaJpZM4bZXjf
>> >
>> > .
>> >
>>
>> —
>> You are receiving this because you authored the thread.
>> Reply to this email directly, view it on GitHub
>> <#13 (comment)>,
>> or mute the thread
>> <https://github.com/notifications/unsubscribe-auth/ANKILNC2y5bjQeALV2Pm530dlBE-oU3xks5vVlmugaJpZM4bZXjf>
>> .
>>
>
|
|
I did test with docker, but only against my own test LDAP server with a few users. I'll do some more testing. It might be that the search query we're using is too slow. I believe elogy being used with a real LDAP server at MAXIV, and as far as I can remember performance was OK when I was testing. But I suppose the performance could vary between server implementations, and maybe with database size. The search string is e.g. Regarding local install, did you try the |
|
Hej, I actually used the I tried already the For testing on my production machine, I would like to do also a clean uninstall of the local install. is that possible? |
|
python2.7 vs python 3.6 does not make a difference |
|
OK, so slow query is also eliminated... 🤔 The make scripts will start the backend on port 8888 and the frontend proxy on port 3000, if you run it with Regarding uninstall, The only thing you may have to do on the host is to install some of the dependencies in the underlying OS, in particular the ldap libs. E.g. |
|
now I am completely confused.
takes only 0.083sec instead of 4s on my production server. The only obvious difference is, that both machines are in different networks. |
|
We are currently also checking our infrastructure, since there could be a problem with one of our switches. |
|
Very confusing indeed, but I think we have to conclude that this is likely not directly caused by Elogy. However it might still be worth thinking about some form of caching of the search results. |
Hi,
my colleagues are little complaining about the fact, that the user search via ldap is pretty slow, even if one type a complete and correct user name.
I've checked with ldapsearch in the terminal, that the ldap connection itself, seems to be fast.
Is there anyway how to tackle this problem?
Best
Daniel
The text was updated successfully, but these errors were encountered: