Enable LDAP connection pooling by default
There should be no reason to leave these settings disabled by default. By enabling them, keystones runs faster and consumes fewer resources. Change-Id: I9f8d27b1f6dba19067f38e940632dcf3420c2bfa
This commit is contained in:
parent
05c58bb35e
commit
22b114f647
|
@ -765,7 +765,7 @@ FILE_OPTIONS = {
|
|||
choices=['demand', 'never', 'allow'],
|
||||
help='Specifies what checks to perform on client '
|
||||
'certificates in an incoming TLS session.'),
|
||||
cfg.BoolOpt('use_pool', default=False,
|
||||
cfg.BoolOpt('use_pool', default=True,
|
||||
help='Enable LDAP connection pooling.'),
|
||||
cfg.IntOpt('pool_size', default=10,
|
||||
help='Connection pool size.'),
|
||||
|
@ -779,7 +779,7 @@ FILE_OPTIONS = {
|
|||
'indefinite wait for response.'),
|
||||
cfg.IntOpt('pool_connection_lifetime', default=600,
|
||||
help='Connection lifetime in seconds.'),
|
||||
cfg.BoolOpt('use_auth_pool', default=False,
|
||||
cfg.BoolOpt('use_auth_pool', default=True,
|
||||
help='Enable LDAP connection pooling for end user '
|
||||
'authentication. If use_pool is disabled, then this '
|
||||
'setting is meaningless and is not used at all.'),
|
||||
|
|
|
@ -289,13 +289,20 @@ class LDAPDeleteTreeTest(unit.TestCase):
|
|||
class MultiURLTests(unit.TestCase):
|
||||
"""Tests for setting multiple LDAP URLs."""
|
||||
|
||||
def test_multiple_urls_with_comma(self):
|
||||
def test_multiple_urls_with_comma_no_conn_pool(self):
|
||||
urls = 'ldap://localhost,ldap://backup.localhost'
|
||||
self.config_fixture.config(group='ldap', url=urls)
|
||||
self.config_fixture.config(group='ldap', url=urls, use_pool=False)
|
||||
base_ldap = ks_ldap.BaseLdap(CONF)
|
||||
ldap_connection = base_ldap.get_connection()
|
||||
self.assertEqual(urls, ldap_connection.conn.conn._uri)
|
||||
|
||||
def test_multiple_urls_with_comma_with_conn_pool(self):
|
||||
urls = 'ldap://localhost,ldap://backup.localhost'
|
||||
self.config_fixture.config(group='ldap', url=urls, use_pool=True)
|
||||
base_ldap = ks_ldap.BaseLdap(CONF)
|
||||
ldap_connection = base_ldap.get_connection()
|
||||
self.assertEqual(urls, ldap_connection.conn.conn_pool.uri)
|
||||
|
||||
|
||||
class SslTlsTest(unit.TestCase):
|
||||
"""Tests for the SSL/TLS functionality in keystone.common.ldap.core."""
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
upgrade:
|
||||
- >
|
||||
The configuration options for LDAP connection pooling, `[ldap] use_pool`
|
||||
and `[ldap] use_auth_pool`, are now both enabled by default. Only
|
||||
deployments using LDAP drivers are affected. Additional configuration
|
||||
options are available in the `[ldap]` section to tune connection pool size,
|
||||
etc.
|
Loading…
Reference in New Issue