Comment 0 for bug 1842496

Keystone provides multiple configuration options for operators to setup LDAP connection pooling [0]. Connection pooling has the ability to increase performance by keeping LDAP connection open and available for use across threads within a single keystone process. It's not clear that these connections are shared only between threads and not processes. In a deployment with a multiple processes defined that are all using a single thread per process, it's confusing to query LDAP connections but less than the configured values in keystone.conf.

We could either improve the documentation to explain this relationship more clearly, elude to this behavior in the configuration help text, or both.

[0] https://opendev.org/openstack/keystone/src/commit/fe39838f712880c336e18eadf320e7c9e2007448/keystone/conf/ldap.py#L392-L407