我们有一个旧的ldap系统在centos 6.4上运行openldap 2.4.23,表现出奇怪的行为:数据库中只有43,000条记录,sn搜索需要90秒(在我索引sn之后只进行通配符搜索 - 非通配符搜索只需要几分之一秒。我可以在2.5秒内查看40M slapcat的文本文件 - 为什么slapd需要这么长时间?
这是删除了一些敏感位的slapd.conf:
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/misc.schema
include /etc/openldap/schema/peak.schema
include /etc/openldap/schema/radius.schema
include /etc/openldap/schema/sendmail.schema
include /etc/openldap/schema/spf.schema
include /etc/openldap/schema/sudo.schema
allow bind_v2
loglevel sync stats2
monitoring off
sizelimit unlimited
threads 32
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
access to attrs=userPassword
...
access to attrs=peakInternetSecretAnswer
...
access to attrs=peakInternetSecretQuestion
...
access to *
...
database bdb
suffix "dc=peak, dc=org"
dbconfig set_cachesize 0 1048576 0
dbconfig set_lg_bsize 4097152
dbconfig set_lg_max 16777216
cachesize 10000
dncachesize 10000
idlcachesize 10000
rootdn "cn=Directory Manager, dc=peak, dc=org"
directory /var/db/openldap
index objectClass eq
index uid pres,eq,sub,approx
index sudoUser pres,eq
index mailLocalAddress pres,eq,approx
index cn pres,eq
index sn pres,eq
index mail pres,eq
index mailRoutingAddress pres,eq,approx
index mailHost pres,eq
index sendmailMTAKey pres,eq
index sendmailMTACluster pres,eq
index sendmailMTAMapName pres,eq
index sendmailMTAHost pres,eq
index sendmailMTAClassName pres,eq
index peakInternetAccountNumber eq
index peakInternetAccountState eq
index dc pres,eq
index peakInternetMailQuota pres
index entryCSN,entryUUID eq