Enable LDAP connection pooling by default

There should be no reason to leave these settings disabled by default. By enabling them, keystones runs faster and consumes fewer resources. Change-Id: I9f8d27b1f6dba19067f38e940632dcf3420c2bfa
2016-02-26 01:22:22 +00:00 · 2016-02-26 01:22:22 +00:00 · 22b114f647
parent 05c58bb35e
commit 22b114f647
3 changed files with 19 additions and 4 deletions
--- a/keystone/common/config.py
+++ b/keystone/common/config.py
@ -765,7 +765,7 @@ FILE_OPTIONS = {
                   choices=['demand', 'never', 'allow'],
                   help='Specifies what checks to perform on client '
                        'certificates in an incoming TLS session.'),
-        cfg.BoolOpt('use_pool', default=False,
+        cfg.BoolOpt('use_pool', default=True,
                    help='Enable LDAP connection pooling.'),
        cfg.IntOpt('pool_size', default=10,
                   help='Connection pool size.'),
@ -779,7 +779,7 @@ FILE_OPTIONS = {
                        'indefinite wait for response.'),
        cfg.IntOpt('pool_connection_lifetime', default=600,
                   help='Connection lifetime in seconds.'),
-        cfg.BoolOpt('use_auth_pool', default=False,
+        cfg.BoolOpt('use_auth_pool', default=True,
                    help='Enable LDAP connection pooling for end user '
                         'authentication. If use_pool is disabled, then this '
                         'setting is meaningless and is not used at all.'),
--- a/keystone/tests/unit/common/test_ldap.py
+++ b/keystone/tests/unit/common/test_ldap.py
@ -289,13 +289,20 @@ class LDAPDeleteTreeTest(unit.TestCase):
 class MultiURLTests(unit.TestCase):
    """Tests for setting multiple LDAP URLs."""

-    def test_multiple_urls_with_comma(self):
+    def test_multiple_urls_with_comma_no_conn_pool(self):
        urls = 'ldap://localhost,ldap://backup.localhost'
-        self.config_fixture.config(group='ldap', url=urls)
+        self.config_fixture.config(group='ldap', url=urls, use_pool=False)
        base_ldap = ks_ldap.BaseLdap(CONF)
        ldap_connection = base_ldap.get_connection()
        self.assertEqual(urls, ldap_connection.conn.conn._uri)

+    def test_multiple_urls_with_comma_with_conn_pool(self):
+        urls = 'ldap://localhost,ldap://backup.localhost'
+        self.config_fixture.config(group='ldap', url=urls, use_pool=True)
+        base_ldap = ks_ldap.BaseLdap(CONF)
+        ldap_connection = base_ldap.get_connection()
+        self.assertEqual(urls, ldap_connection.conn.conn_pool.uri)
+

 class SslTlsTest(unit.TestCase):
    """Tests for the SSL/TLS functionality in keystone.common.ldap.core."""
--- a/releasenotes/notes/ldap-conn-pool-enabled-90df94652f1ded53.yaml
+++ b/releasenotes/notes/ldap-conn-pool-enabled-90df94652f1ded53.yaml
@ -0,0 +1,8 @@
+---
+upgrade:
+  - >
+    The configuration options for LDAP connection pooling, `[ldap] use_pool`
+    and `[ldap] use_auth_pool`, are now both enabled by default. Only
+    deployments using LDAP drivers are affected. Additional configuration
+    options are available in the `[ldap]` section to tune connection pool size,
+    etc.