Use single connection in get_all function for getting "enabled" values for all ldap users.
Bug #1451910 reported by
Min Song
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
Min Song |
Bug Description
LDAP being enabled, any keystone commands that use get_all takes a lot of time, especially if there are many LDAP users (like ~3000), due to the fact that _get_enabled makes a new connection for each user. Instead, I thought it would be better if a connection is made before the for loop in get_all, get all "enabled" values from all users, and then close the connection. I actually tested this code change on mine, and it actually speeds up many keystone commands (user-list, user-role-add, user-delete, user-get). Before it took about 50 seconds, but now, it takes about 4 seconds.
Changed in keystone: | |
assignee: | nobody → Min Song (ms2597) |
Changed in keystone: | |
status: | New → In Progress |
status: | In Progress → New |
Changed in keystone: | |
milestone: | none → liberty-1 |
status: | Fix Committed → Fix Released |
tags: | added: ldap |
tags: | added: performance |
Changed in keystone: | |
importance: | Undecided → Medium |
Changed in keystone: | |
milestone: | liberty-1 → 8.0.0 |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/180247
Review: https:/