Bug 50673

Summary: Reduce slapd downtime during updates by triggering online reindexing of LMDB
Product: UCS Reporter: Arvid Requate <requate>
Component: LDAPAssignee: UCS maintainers <ucs-maintainers>
Status: NEW --- QA Contact: UCS maintainers <ucs-maintainers>
Severity: enhancement    
Priority: P5 CC: best, grandjean, michelsmidt
Version: UCS 4.4   
Target Milestone: ---   
Hardware: Other   
OS: Linux   
See Also: https://forge.univention.org/bugzilla/show_bug.cgi?id=49821
https://forge.univention.org/bugzilla/show_bug.cgi?id=44925
https://forge.univention.org/bugzilla/show_bug.cgi?id=41281
https://forge.univention.org/bugzilla/show_bug.cgi?id=6700
https://forge.univention.org/bugzilla/show_bug.cgi?id=47609
What kind of report is it?: Feature Request What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional): Further conceptual development, Troubleshooting
Max CVSS v3 score:

Description Arvid Requate univentionstaff 2019-12-27 20:08:22 CET 
The manpage of slapd-mdb has this interesting statement:

> changing  index  settings  dynamically  by LDAPModifying "cn=config"
> automatically causes rebuilding of the indices online in a background task.

This could be useful e.g. to reduce re-indexing delays during updates of large environments.
Comment 1 Arvid Requate univentionstaff 2019-12-30 13:32:45 CET 
From a quick look into the code it looks like slapd-mdb re-indexes *everything* by iterating over all entries.

I think we need some resource/performance test of this feature to find out the conditions (size of database, number of cores) where this is a good option.


FYI: slapindex on the other hand offers the option to only index specific attributes, but our ldap_setup_index script currently doesn't make use of that.

I guess we also need to think about a way to ensure that this is not run multiple times during an update or join (see Bug 49821), e.g. in case an app package uses ldap_setup_index to configure another index. We could delay the re-inxeding by making ldap_setup_index just set an UCR variable which later triggers the actual re-indexing (with cron or dpkg triggers or whatever). But the indexing should not "hit" the admins unexpectedly and bog down the servers.