ldap for mysql cluster back ndb
play

LDAP for MySQL Cluster back-ndb Howard Chu CTO, Symas Corp. - PowerPoint PPT Presentation

Feb 18, 2024 •238 likes •596 views

LDAP for MySQL Cluster back-ndb Howard Chu CTO, Symas Corp. hyc@symas.com Chief Architect, OpenLDAP hyc@openldap.org OpenLDAP Project Open source code project Founded 1998 Three core team members A dozen or so contributors

  1. LDAP for MySQL Cluster back-ndb Howard Chu CTO, Symas Corp. hyc@symas.com Chief Architect, OpenLDAP hyc@openldap.org

  2. OpenLDAP Project ● Open source code project ● Founded 1998 ● Three core team members ● A dozen or so contributors ● Feature releases every 12-18 months ● Maintenance releases roughly monthly

  3. A Word About Symas ● Founded 1999 ● Founders from Enterprise Software world ● platinum Technology (Locus Computing) ● IBM ● Howard joined OpenLDAP in 1999 ● One of the Core Team members ● Appointed Chief Architect January 2007

  4. Topics ● Overview ● Relational vs Hierarchical Data models ● Accessing Relational data from LDAP ● The new Back-NDB Backend ● Early Results ● Future Directions

  5. Overview ● OpenLDAP is the fastest, most efficient, most scalable, most reliable, and most standards- conformant LDAP software in the world, and has been for many years. ● Proven to scale to billions of objects and terabytes of data, with performance in excess of 100,000 queries/second at sub-millisecond latencies. ● Reliability in production deployments has been flawless, with hardware failure being the principal cause of unscheduled downtime.

  6. Overview ● The current design depends on having a very powerful single machine to achieve maximum scaling. ● The trend in data centers has been to scale using clusters that can be grown incrementally. ● A cluster-friendly backend design was needed. ● As luck would have it, MySQL released a cluster-based database engine while we were beginning our own cluster- oriented design effort. ● Leveraging MySQL's relational database engine in LDAP is not straightforward.

  7. Overview ● The hierarchical data model of the directory and the tabular data model of relational databases (RDBMSs) are fundamentally different ● Both are ubiquitously useful ● Access to one from the other is frequently desired ● Solutions for providing cross-access exist but tend to be sub-optimal ● The new OpenLDAP solution developed in cooperation with MySQL leverages the strengths of both technologies

  8. Relational vs Hierarchical ● RDBMSs are built on tables of rows and columns ● One “record” is one row of columns ● One value is stored per cell of the table ● Values have predefined size ● Directories are built from trees of objects ● One “record” is an object with arbitrarily many attributes ● An attribute has arbitrarily many values ● Values have arbitrary size

  9. Relational vs Hierarchical Each record is similar to every Records can differ greatly ● ● other record Complex traversals may be ● Individual values can be directly required to access specific ● accessed across many records values across records

  10. Storing LDAP data in RDBMS ● RDBMSs generally don't support multiple values for a single field/attribute ● Normalization requires only one value per field ● Supporting multi-valued attributes requires dedicating a separate table per attribute ● Combining values across multiple tables typically requires many disk seeks and thus performs poorly

  11. Storing LDAP data in RDBMS ● LDAP uses Distinguished Names (DNs) as primary key ● The directory namespace is inherently hierarchical, but the RDBMS namespace is inherently flat, so the DN cannot be used directly as an RDBMS primary key

  12. Cross Access ● LDAP access to RDBMS ● OpenLDAP has provided back-sql since release 2.0 ● It requires a lot of manual setup, and performance is poor because it goes thru many translation layers ● RDBMS access to LDAP ● Generally there's no direct access: export the LDAP data, massage it, import to RDBMS

  13. Open Source to the Rescue ● OpenLDAP is the world's most powerful LDAP software ● MySQL is the world's most popular open source relational database ● Open development models allow seemingly intractable obstacles to be overcome

  14. Introducing Back-NDB ● Back-NDB is a new OpenLDAP backend that uses native MySQL APIs for direct access to a MySQL NDB data store ● Released in OpenLDAP 2.4.12 ● NDB is MySQL's carrier-grade cluster database engine ● Fully transactional, scales across multiple data nodes ● Memory-based for high performance ● Provides automatic replication/failover

  15. Introducing Back-NDB Application Layer: Simultaneous access to Data using LDAP, SQL, NDBAPI, etc Data Layer (MySQL Cluster): HA and Dynamically Scalable (online add node) Data Store.

  16. Introducing Back-NDB

  17. Back-NDB ● Uses NDB APIs, bypasses ODBC and SQL layers ● Allows multiple slapd processes to operate on the same NDB databases concurrently ● Also allows multiple concurrent SQL clients ● Automatically maps LDAP schema to RDBMS schema ● Automatically detects RDBMS schema changes and maps to LDAP

  18. Back-NDB Design ● Uses a DN to ID table to map DNs to numeric IDs ● Numeric IDs are used as the primary key of the main data tables ● Generally uses a separate table per objectclass ● LDAP entries that have multiple objectclasses may have their data split across many tables ● The list of objectclasses for an entry must be known, to identify which tables hold the entry's data

  19. DN Mapping ● DN2ID table ● 16 column primary key, one column per RDN of a DN (thus, the directory tree is limited to 16 levels deep) ● 1 column numeric ID (generated by autoincrement) ● 1 column objectclass (contains multiple class names, delimited by spaces)

  20. DN Mapping ● DN2ID table example a0 ... a15 eid objectclasses dc=com dc=example (null) (null) (null) 1 dcObject organization dc=com dc=example ou=users (null) (null) 2 organizationalUnit dc=com dc=example ou=groups (null) (null) 3 organizationalUnit dc=com dc=example ou=groups cn=staff (null) 4 groupOfNames dc=com dc=example ou=users cn=Joe M (null) 5 person inetOrgPerson

  21. ObjectClass Mapping ● Data is distributed in a separate table per objectclass ● Since NDB is memory-resident, disk seeks are not an issue ● But, attributes may only appear in one table ● Inherited attributes only appear in the parent class's table ● "Attribute Sets" are used to collect attributes that have multiple unrelated references ● Attribute Sets are defined in slapd config

  22. ObjectClass Mapping ● attrset Common cn,sn,uid eid cn cn sn sn uid uid 4 staff (null) (null) 5 Joe M Mudd joem ● objectClass person eid userPassword cn telephoneNumber 5 MyGoodSecret +1-818-555-1212

  23. Attribute Mapping ● LDAP schema imposes no size limits on schema elements, but RDBMS table columns must be of explicitly configured size ● LDAP schema allows for advisory lengths ● Back-NDB uses advisory lengths as column size, if present ● Sizes may be explicitly configured ● Otherwise a default size of 1024 is used for DNs, 128 for everything else ● Widths of any existing columns are used as-is

  24. Attribute Mapping ● Multi-valued attributes require a compound primary key (eid,vid) eid vid cn cn sn sn uid uid 4 0 staff (null) (null) 5 0 Joe M Mudd joem 5 1 Joseph (null) (null)

  25. Attributes, Misc... ● Currently Attributes are stored either as VARCHARs or as BLOBs; BLOBs must be explicitly chosen in the slapd config ● NDB indexing only supports equality and inequality matching, no substring matching

  26. Design Wrap-Up ● The table design is minimally constrained; while Back-NDB cannot be dropped in place on an existing database the database can be adapted with minimal changes ● SQL apps are able to use the new tables as easily as before, so data can be shared directly with no duplication/waste ● Hard limits are imposed where LDAP has no limits, but most LDAP apps won't notice

  27. Early Results ● Orders of Search Rate magnitude faster 25000 than Back-SQL 20000 ● Not as fast as BerkeleyDB on a 15000 OL HDB Searches/Sec OL NDB Competition single node, but OL SQL 10000 that's not the point... 5000 0 4 8 12 16 20 24 28 32 Clients

  28. Scaling Horizontally... ● Cluster engine NDB With 2 Data Nodes allows DB to be 14000 spread across 12000 multiple data nodes 10000 Colocated 1 slapd ● Multiple slapds can Dislocated 1 Searches/Sec 8000 slapd Colocated 2 access the same slapd 6000 DB simultaneously 4000 ● Performance scales 2000 linearly with number 0 1 2 3 4 5 6 7 8 9 10 Clients of nodes

  29. Scaling Horizontally... ● Ideal for cluster and NDB With 4 Data Nodes blade deployments 20000 18000 ● Whenever more 16000 capacity or 14000 12000 throughput are 1 slapd Searches/Sec 2 slapd 10000 4 slapd needed, just add 8000 more data nodes or 6000 slapd frontends 4000 2000 0 1 2 3 4 5 6 7 8 9 10 Clients

  30. Future Directions ● Cache DN2ID table ● Currently no local caching is done ● Every reference to an entry requires two network roundtrips - one to the DN2ID table, and one to all of the relevant data tables ● Reduce network roundtrips in half, double throughput

  31. Future Directions ● Redesign DN2ID table to use HDB-style hierarchical layout ● Increase storage efficiency - current approach wastes significant space on redundant copies of RDNs ● Support subtree renames - current approach requires O(n) time to rename a subtree; HDB style is O(1)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

MySQL Cluster sometimes SQL Bernd Ocklin MySQL Cluster High Performance: Write

MySQL Cluster sometimes SQL Bernd Ocklin MySQL Cluster High Performance: Write

<Insert Picture Here> MySQL Cluster sometimes SQL Bernd Ocklin MySQL Cluster High Performance: Write Scalability & Low Latency 99.999% Availability Flexible Data Access Methods (SQL & NoSQL) Low TCO (Open

745 views • 31 slides
MySQL Cluster und MySQL Proxy Alles Online Diese Slides gibt es auch unter:

MySQL Cluster und MySQL Proxy Alles Online Diese Slides gibt es auch unter:

MySQL Cluster und MySQL Proxy Alles Online Diese Slides gibt es auch unter: http://rt.fm/s4p Agenda (Don't) Panic Web- und MySQL-Server MySQL Master-Master Cluster MySQL Proxy und Cluster MySQL

1.83k views • 31 slides
MySQL Group Replication & MySQL InnoDB Cluster Production Ready? Kenny Gryp MySQL Practice

MySQL Group Replication & MySQL InnoDB Cluster Production Ready? Kenny Gryp MySQL Practice

MySQL Group Replication & MySQL InnoDB Cluster Production Ready? Kenny Gryp MySQL Practice Manager Table of Contents Group Replication MySQL Shell (AdminAPI) MySQL Group Replication MySQL Router Best Practices Limitations Production?

993 views • 72 slides
Introduction to LDAP Frank A. Kuse Introduction to LDAP AGENDA Understanding LDAP

Introduction to LDAP Frank A. Kuse Introduction to LDAP AGENDA Understanding LDAP

Introduction to LDAP Frank A. Kuse Introduction to LDAP AGENDA Understanding LDAP LDAP Servers Information Structure Protocol Overview LDAP operations UNDERSTANDING LDAP LDAP stands for Lightweight Directory Access

268 views • 12 slides
Performance Guide for MySQL Cluster Mikael Ronstrm, Ph.D Senior MySQL Architect Sun

Performance Guide for MySQL Cluster Mikael Ronstrm, Ph.D Senior MySQL Architect Sun

Performance Guide for MySQL Cluster Mikael Ronstrm, Ph.D Senior MySQL Architect Sun Microsystems MySQL Cluster Application Application Application MySQL Client MySQL Client MySQL Client Application Application MySQL MySQL MySQL

737 views • 50 slides
PhxSQL: A High-Availability & Strong-Consistency MySQL Cluster Ming CHEN@WeChat Why PhxSQL

PhxSQL: A High-Availability & Strong-Consistency MySQL Cluster Ming CHEN@WeChat Why PhxSQL

PhxSQL: A High-Availability & Strong-Consistency MySQL Cluster Ming CHEN@WeChat Why PhxSQL Highly expected features for MySql cluster Availability and consistency in MySQL cluster SVR A Master-slaves replication MySQL (master)

531 views • 25 slides
Redundant Storage Cluster For When It's Just Too Big Bob Burgess radian 6 Technologies MySQL

Redundant Storage Cluster For When It's Just Too Big Bob Burgess radian 6 Technologies MySQL

Redundant Storage Cluster For When It's Just Too Big Bob Burgess radian 6 Technologies MySQL User Conference 2009 Scope Fundamentals of MySQL Proxy Fundamentals of LuaSQL Description of the Redundant Storage Cluster Architecture

782 views • 55 slides
Why MySQL Replication Fails, and How to Get it Back September, 26, 2017 Sveta Smirnova Sveta

Why MySQL Replication Fails, and How to Get it Back September, 26, 2017 Sveta Smirnova Sveta

Why MySQL Replication Fails, and How to Get it Back September, 26, 2017 Sveta Smirnova Sveta Smirnova MySQL Support engineer Author of MySQL Troubleshooting JSON UDF functions FILTER clause for MySQL Speaker Percona

1.4k views • 139 slides
The presentation is intended to outline our general product direction. It is intended for

The presentation is intended to outline our general product direction. It is intended for

<Insert Picture Here> MySQL Cluster Deployment Best Practices Johan ANDERSSON Joffrey MICHAE MySQL Cluster practice Manager MySQL Consultant The presentation is intended to outline our general product direction. It is intended for

863 views • 31 slides
25x: MySQL Cluster and push-down joins (in pursuit of the holy grail) Jonas Oreland 25x: MySQL

25x: MySQL Cluster and push-down joins (in pursuit of the holy grail) Jonas Oreland 25x: MySQL

<Insert Picture Here> 25x: MySQL Cluster and push-down joins (in pursuit of the holy grail) Jonas Oreland 25x: MySQL Cluster and push-down joins (in pursuit of the holy grail) What is your name: Jonas Oreland, Oracle/Sun/MySQL What is

523 views • 50 slides
Todays Objec2ves Domain Name System LDAP Cluster on Demand Oct 11, 2017 Sprenkle -

Todays Objec2ves Domain Name System LDAP Cluster on Demand Oct 11, 2017 Sprenkle -

10/11/17 Todays Objec2ves Domain Name System LDAP Cluster on Demand Oct 11, 2017 Sprenkle - CSCI325 1 Review How does DNS work? How do we assign names? What are the two ways that DNS can resolve names? How does DNS

516 views • 30 slides
MySQL Replication Update MySQL 5.5 (GA) & MySQL 5.6.2 (Dev. Milestone) Lars Thalmann

MySQL Replication Update MySQL 5.5 (GA) & MySQL 5.6.2 (Dev. Milestone) Lars Thalmann

<Insert Picture Here> MySQL Replication Update MySQL 5.5 (GA) & MySQL 5.6.2 (Dev. Milestone) Lars Thalmann Development Director MySQL Replication, Backup & Connectors O'Reilly MySQL Users Conference, April 2011 MySQL Releases

456 views • 42 slides
Partitioning under the hood in MySQL 5.5 Mattias Jonsson, Partitioning developer Mikael

Partitioning under the hood in MySQL 5.5 Mattias Jonsson, Partitioning developer Mikael

<Insert Picture Here> Partitioning under the hood in MySQL 5.5 Mattias Jonsson, Partitioning developer Mikael Ronstrm, Partitioning author Who are we? Mikael is a founder of the technology behind NDB Cluster (MySQL Cluster)

379 views • 35 slides
How we implemented an LDAP directory Multiple Simultaneous Requests . . . . . . . . . . . . . . .

How we implemented an LDAP directory Multiple Simultaneous Requests . . . . . . . . . . . . . . .

Getting Started What do you already know about ldap ? . . . . . . . . . . . . . . slide #3 What Do You Want? . . . . . . . . . . . . . . . . . . . . . . . . . . . . slide #4 Argument for LDAP Account Information . . . . . . . . . . . . . . . . .

442 views • 26 slides
MySQL Proxy Making MySQL more flexible Jan Kneschke jan@mysql.com MySQL Proxy proxy-servers

MySQL Proxy Making MySQL more flexible Jan Kneschke jan@mysql.com MySQL Proxy proxy-servers

MySQL Proxy Making MySQL more flexible Jan Kneschke jan@mysql.com MySQL Proxy proxy-servers forward requests to backends and can transform, handle or block them released under the GPL see http://forge.mysql.com/wiki/MySQL_Proxy

945 views • 27 slides
MySQL Cluster Performance Tuning Johan Andersson Principal Field Technologist The

MySQL Cluster Performance Tuning Johan Andersson Principal Field Technologist The

<Insert Picture Here> MySQL Cluster Performance Tuning Johan Andersson Principal Field Technologist The presentation is intended to outline our general product direction. It is intended for information purposes only, and may not be

410 views • 40 slides
INVESTOR PRESENTATION 17 February 2020 TR AN S F O R MI N G THROUGH T AL E N T AND TECHNOLOGY

INVESTOR PRESENTATION 17 February 2020 TR AN S F O R MI N G THROUGH T AL E N T AND TECHNOLOGY

INVESTOR PRESENTATION 17 February 2020 TR AN S F O R MI N G THROUGH T AL E N T AND TECHNOLOGY 1 | H I N D U S T A N O I L E X P L O R A T I O N C O M P A N Y L I M I T E D SAFE HARBOUR Investor presentation Q3 2019-20 This presentation

560 views • 30 slides
Lopez Island Airport Master Plan Update Public Meeting June 15, 2017 Master Plan Update Team

Lopez Island Airport Master Plan Update Public Meeting June 15, 2017 Master Plan Update Team

Lopez Island Airport Master Plan Update Public Meeting June 15, 2017 Master Plan Update Team Reid Middleton/Everett, WA Shannon Kinsella, Project Manager Melania Haagsma, Project Engineer Mead & Hunt/Tulsa, OK Kelly

407 views • 23 slides
INF585 - 3D Animation 1/40 Objective and organization of the class - Give you fundamental notions

INF585 - 3D Animation 1/40 Objective and organization of the class - Give you fundamental notions

INF585 - 3D Animation 1/40 Objective and organization of the class - Give you fundamental notions of 3D computer animation - Train at practical CG/animation programming Mostly practical-oriented class - TD in computer rooms - C++, OpenGL

714 views • 40 slides
Regional Airport (JQF) December 3, 2019 Aviation Forecast Summary 2017 (Existing) 2018 2023

Regional Airport (JQF) December 3, 2019 Aviation Forecast Summary 2017 (Existing) 2018 2023

Concord-Padgett Regional Airport (JQF) December 3, 2019 Aviation Forecast Summary 2017 (Existing) 2018 2023 2028 2038 TAF TAF TAF Forecast Forecast Forecast TAF Forecast Forecast TAF Enplanements and Average Annual Growth Rate

347 views • 16 slides
Licensed Pipelines & the Planning System Council Briefing 2019 Critical Infrastructure

Licensed Pipelines & the Planning System Council Briefing 2019 Critical Infrastructure

Licensed Pipelines & the Planning System Council Briefing 2019 Critical Infrastructure Licensed pipelines are licensed under the Pipelines Act 2005 Licensed pipelines can carry natural gas, petroleum, oxygen, carbon dioxide,

386 views • 19 slides
On the Testbed NorduGrid Tutorial, LCSC 2002 1 overview of a Grid session user formulates the

On the Testbed NorduGrid Tutorial, LCSC 2002 1 overview of a Grid session user formulates the

NorduGrid Tutorial On the Testbed NorduGrid Tutorial, LCSC 2002 1 overview of a Grid session user formulates the job requirements by editing an xrsl file having a valid proxy submits the job with ngsub the broker from the UI selects the

342 views • 12 slides
HOW TO MECHANISE AN IT AUDIT Chris Parker chris.parker@uq.edu.au The University of Queensland

HOW TO MECHANISE AN IT AUDIT Chris Parker chris.parker@uq.edu.au The University of Queensland

HOW TO MECHANISE AN IT AUDIT Chris Parker chris.parker@uq.edu.au The University of Queensland $1.6 Billion Organisation 40+ Sites 400+ Buildings 100+ Institutes, Schools, and Centres 50,000+ Students 100,000+ Network

798 views • 60 slides
Password Policy John Hally John.hally@comcast.net Why This Policy? Very important aspect of

Password Policy John Hally John.hally@comcast.net Why This Policy? Very important aspect of

Password Policy John Hally John.hally@comcast.net Why This Policy? Very important aspect of security Can easily be the weakest link Set standards for: Creation of strong passwords Password protection Frequency of

202 views • 6 slides

More recommend