Путеводитель по Руководству Linux

  User  |  Syst  |  Libr  |  Device  |  Files  |  Other  |  Admin  |  Head  |



   lloadd.conf    ( 5 )

файл конфигурации для lloadd, автономного демона LDAP (configuration file for lloadd, the stand-alone LDAP daemon)

Глобальные параметры конфигурации (Global configuration options)

Options described in this section apply to all backends.
       Arguments that should be replaced by actual text are shown in
       brackets <>.

argsfile <filename> The (absolute) name of a file that will hold the lloadd server's command line (program name and options).

concurrency <integer> Specify a desired level of concurrency. Provided to the underlying thread system as a hint. The default is not to provide any hint.

feature <feature> [...] Switch additional features supported by the LDAP Load Balancer on. Supported features are: proxyauthz when proxying an operation, pass the client's authorized identity using the proxy authorization control (RFC 4370). No control is added to the operation if initiated by a client whose bound identity matches the identity configured in bindconf (no normalisation of the DN is attempted).

If SASL binds are issued by clients and this feature is enabled, backend servers need to support LDAP Who Am I? extended operation for the Load Balancer to detect the correct authorization identity.

include <filename> Read additional configuration information from the given file before continuing with the next line of the current file.

io-threads <integer> Specify the number of threads to use for the connection manager. The default is 1 and this is typically adequate for up to 16 CPU cores. The value should be set to a power of 2.

If modified after server starts up, a change to this option will not take effect until the server has been restarted.

logfile <filename> Specify a file for recording lloadd debug messages. By default these messages only go to stderr, are not recorded anywhere else, and are unrelated to messages exposed by the loglevel configuration parameter. Specifying a logfile copies messages to both stderr and the logfile.

loglevel <integer> [...] Specify the level at which debugging statements and operation statistics should be syslogged (currently logged to the syslogd(8) LOG_LOCAL4 facility). They must be considered subsystems rather than increasingly verbose log levels. Some messages with higher priority are logged regardless of the configured loglevel as soon as any logging is configured. Log levels are additive, and available levels are: 1 (0x1 trace) trace function calls 2 (0x2 packets) debug packet handling 4 (0x4 args) heavy trace debugging (function args) 8 (0x8 conns) connection management 16 (0x10 BER) print out packets sent and received 64 (0x40 config) configuration file processing 256 (0x100 stats) connections, LDAP operations, results (recommended) 512 (0x200 stats2) stats log entries sent

32768 (0x8000 none) only messages that get logged whatever log level is set The desired log level can be input as a single integer that combines the (ORed) desired levels, both in decimal or in hexadecimal notation, as a list of integers (that are ORed internally), or as a list of the names that are shown between parentheses, such that

loglevel 513 loglevel 0x201 loglevel 512 1 loglevel 0x200 0x1 loglevel stats trace

are equivalent. The keyword any can be used as a shortcut to enable logging at all levels (equivalent to -1). The keyword none, or the equivalent integer representation, causes those messages that are logged regardless of the configured loglevel to be logged. In fact, if loglevel is set to 0, no logging occurs, so at least the none level is required to have high priority messages logged.

The loglevel defaults to stats. This level should usually also be included when using other loglevels, to help analyze the logs.

pidfile <filename> The (absolute) name of a file that will hold the lloadd server's process ID (see getpid(2)).

sockbuf_max_incoming_client <integer> Specify the maximum LDAP PDU size accepted coming from clients. The default is 262143.

sockbuf_max_incoming_upstream <integer> Specify the maximum LDAP PDU size accepted coming from upstream connections. The default is 4194303.

tcp-buffer [listener=<URL>] [{read|write}=]<size> Specify the size of the TCP buffer. A global value for both read and write TCP buffers related to any listener is defined, unless the listener is explicitly specified, or either the read or write qualifiers are used. See tcp(7) for details. Note that some OS-es implement automatic TCP buffer tuning.

threads <integer> Specify the maximum size of the primary thread pool. The default is 16; the minimum value is 2.

threadqueues <integer> Specify the number of work queues to use for the primary thread pool. The default is 1 and this is typically adequate for up to 8 CPU cores. The value should not exceed the number of CPUs in the system.

max_pdus_per_cycle <integer> If set to 0, PDUs are handled by the I/O threads directly, otherwise a task is queued to be picked up by the thread pool. This task will process PDUs from the connection until there is no more data to be read or this limit is reached when the I/O thread can pick it up again. Very high values have a potential to cause some connections to be starved in a very high-bandwidth environment. The default is 1000.

client_max_pending <integer> Will cause the load balancer to limit the number unfinished operations for each client connection. The default is 0, unlimited.

iotimeout <integer> Specify the number of milliseconds to wait before forcibly closing a connection with an outstanding write. This allows faster recovery from various network hang conditions. An iotimeout of 0 disables this feature. The default is 10000.

write_coherence <integer> Specify the number of seconds after a write operation is finished that lloadd will direct operations exclusively to the last selected backend. A write operation is anything not handled internally (certain exops, abandon), except search, compare and bind operations. Bind operations also reset this restriction. The default is 0, write operations do not restrict selection. When negative, the restriction is not time limited and will persist until the next bind.

restrict_exop <OID> <action> Tell lloadd that extended operation with a given OID should be handled in a specific way. OID 1.1 is special, setting a default (only for operations not handled internally). The meaning of the <action> argument is the same as in restrict_control below.

restrict_control <OID> <action> Tell lloadd that a control with a given OID attached to any operation should be handled in a specific way according to the <action> argument. At the moment, only operations passed intact are inspected in this way, in particular, controls on bind and extended operations are not checked.

In order of descending priority (the control with highest priority action wins), this is the action made: reject operations that carry this control will be rejected. connection once an upstream is selected, every future operation from this client will be directed to the same connection. Useful when state is shared between client and upstream that the load balancer doesn't track. backend like write except this does not time out. write this is treated like a write operation (see write_coherence) above. ignore does not influence restrictions, useful when changing the global exop default. This is the default handling for exops/controls not handled by the load balancer internally.