Sun Java(TM) System Directory Server 5 2004Q2 Technical Overview |
Chapter 2
Directory Server PerformanceSince Directory Server provides the foundation for the new generation of e-business applications and Web services, it is essential that strong performance be maintained. This chapter examines Directory Server indexing which helps boost directory performance and other substantial performance improvements brought by the 5.2 release. This chapter is divided into the following sections:
Using Indexes for Efficient Searches
Directory Server implements indexes so that you can search quickly the data in your directory. The index files are stored in the directory’s databases. Directory Server supports the following types of indexes:
- Presence index: this index contains a list of the entries that contain a particular attribute. For example, you can use this type of index for examining any entries that contain access control information.
- Equality index: this index allows you to search efficiently for entries containing a specific attribute value.
- Approximate index: this index allows efficient approximate searches. For example, a search again locality~=San Fransisco (note the misspelling) would return entries including locality=San Francisco.
- Substring index: this index allows efficient searching against substrings within entries.
- International index: this index speeds up searches for information in international directories. During a search operation, you can request that the directory sort the results based on any language for which the server has a supporting collation order. The international index associates the object identifier (OID) of a locale with the attribute to be indexed.
- Browsing (virtual list view) index: this index speeds up the display of entries in the Sun Java System Server Console. The browsing index display entries in an order you configure, presenting them as small groups rather as a large, unorganized list. You can create a browsing index on any branch of your directory tree to improve the display performance.
You can use separate, specialized indexes for masters and consumers in a replication scenario. For example, a master replica might contain a UID index, a series of consumers that are used for phone number look-ups might contain a phone number index, another consumer might contain an E-mail address index while replication hubs might contain only system indexes (that is indexes that cannot be deleted or modified as they are required for Directory Server to function properly and efficiently).
Through the use of separate indexes, you can ensure that each machine has indexes that are optimized for its role in the overall directory architecture.
Performance Enhancements
Sun Java System Directory Server 5.2 incorporates enhancements in terms of:
Enhanced Replication Performance
Enhanced SSL Performance with Crypto Accelerator 1000 Board
Enhanced Update Performance
The update performance enhancements include the following:
- Index compression. This enhancement improves performance on large databases with large index lists and does not require specific configuration.
- Replication compression. On Solaris and Linux systems that communicate over a WAN, replication can be compressed to maximize the throughput on the WAN connection. This feature automatically optimizes bandwidth usage on the WAN and speeds up replication.
- Improved checkpointing. Checkpoints and updates are now carried out in parallel.
Enhanced Search Performance
The search performance improvements include:
Enhanced Replication Performance
Previously master Directory Servers had to be connected via high-speed, low-latency networks with minimum connection speeds of 100Mb/second, for full MMR support which ruled out the possibility of MMR over WAN, but this is no longer the case. Now that Directory Server now supports MMR over WAN, geographical boundaries no longer constitute a stumbling block for multi-master replication.
To optimize the replication flow and reduce round-trip delay time, Directory Server now:
- sends multiple replication operation requests rather than having to send them individually,
- specifies a certain number of requests that can be sent to the consumer without the supplier having to wait for an acknowledgement from the consumer before continuing,
- and improves bandwidth performance by reducing the amount of data sent over the wire through smart compression and other internal enhancements, such as full asynchronous support.
Enhanced SSL Performance with Crypto Accelerator 1000 Board
Directory Server supports the Sun Crypto Accelerator 1000 Board (on Sun SPARCŪ hardware only). This board speeds up the initial exchange of keys (i.e. not the bulk encryption itself) by performing specific SSL mathematical functions, leaving the system processor to focus on application processing, which may be useful in deployments where client applications repeatedly bind over SSL, search, and then unbind. It is worth noting that the Sun Crypto Accelerator 1000 Board is most effective if the clients that are establishing connections are doing so from different machines. For further detail on the Sun Crypto Accelerator 1000 Board see the Securing Connections With SSL section in the Directory Server Deployment Planning Guide.