[Beowulf] Poll - Directory implementation

Skylar Thompson skylar.thompson at gmail.com
Fri Oct 26 20:11:38 PDT 2018 

Good to know - we're still nslcd users so have yet to run into that, though
are about to make the leap to CentOS 7 where I think we will have to use
it.

On Sat, Oct 27, 2018 at 03:13:47AM +0100, John Hearns via Beowulf wrote:
>    Skylar, I believe that nscd does not work well with sssd and I disabled
>    it.
>    See [1]https://access.redhat.com/documentation/en-us/red_hat_enterprise
>    _linux/6/html/deployment_guide/usingnscd-sssd
>    I believe that nscd is the work of Auld Nick himself and causes more
>    problems than it is worth on HPC nodes.
>    If you want to speed up cacheing with sssd itself you can put its local
>    caches on a RAMdisk. This has the cost of no persistence of course and
>    uses up RAM which you may prefer to put to better use.
> 
>    On Sat, 27 Oct 2018 at 00:59, Skylar Thompson
>    <[2]skylar.thompson at gmail.com> wrote:
> 
>      On Fri, Oct 26, 2018 at 08:44:28PM +0000, Ryan Novosielski wrote:
>      > Our LDAP is very small, compared to the sorts of things some
>      people run.
>      >
>      > We added indexes today on uid, uidNumber, and gidNumber and the
>      problem went away. Didn’t try it earlier as it had virtually no
>      impact on our testing system for whatever reason, but on a different
>      testing system and on production, it dropped “ls -al /home/“ from
>      ~90s to ~5s. I’m not sure if all three were necessary, but I’ll look
>      back at that later.
>      >
>      > We’ve run SSSD from day one, so that eliminates the nscld
>      question. We also moved CentOS 5.x to SSSD, FYI (I believe there was
>      someone else with some old systems around). Was pretty painless, and
>      SSSD eliminates a lot of problems that exist with the older stuff
>      (including some really boneheaded very large LDAP queries that were
>      happening routinely with the older nss-ldap software if I’m
>      remembering its name correctly).
>      Have you experimented with client-side caching services like nscd?
>      nscd has
>      its quirks (in particular, it does very poorly with caching spurious
>      negative
>      results from transient network failures), but it also is a big
>      performance
>      improvement since you don't even have to hit the network or the
>      directory
>      services.
>      --
>      Skylar
>      _______________________________________________
>      Beowulf mailing list, [3]Beowulf at beowulf.org sponsored by Penguin
>      Computing
>      To change your subscription (digest mode or unsubscribe) visit
>      [4]http://www.beowulf.org/mailman/listinfo/beowulf
> 
> References
> 
>    1. https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/usingnscd-sssd
>    2. mailto:skylar.thompson at gmail.com
>    3. mailto:Beowulf at beowulf.org
>    4. http://www.beowulf.org/mailman/listinfo/beowulf

> _______________________________________________
> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
> To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf


-- 
Skylar

More information about the Beowulf mailing list