Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
A Primer on OpenDS
April 23, 2009

  Ludovic Poitou
  OpenDS Community Manager
  Sun Microsystems, Inc.
Who am I ?
• Ludovic Poitou
• Software Architect
  in the Directory Engineering team
• Based in the Grenoble Engineering C...
Agenda
• Introduction to the OpenDS Project
• OpenDS 2.0
• The Roadmap




                                               ...
LDAP 10 years ago
• Email address book
• White pages for Enterprises
• Mostly Read Access
  > Fast
  > Thousands read requ...
Use of LDAP Today
• Tens of Millions of user entries
• More data per users
• More transient, writable data
  > Authenticat...
The OpenDS project




• Released in Open Source
      July 2006
  >
      CDDL
  >
      https://opends.dev.java.net/
  >...
The Community
• Sun driven development
  > Over 12 years of experience of LDAP and building
    scalable servers
  > 41 co...
OpenDS Goals
• A complete set of Directory Services
    Directory Back-end database
  >
    Full LDAPv3 compliance and sta...
Three Principles
• Ease of Use
  > Installation, Configuration, Management, Monitoring...
• Performance
  > Throughput
  >...
OpenDS 1.0
• Released in July 2008
• Installs in 6 clicks and under 3 minutes
• Embeddable in Java applications
    > For ...
OpenDS 1.2
• Released in February 2009.
• Goal
  > Deliver in OpenSolaris 2009.06 package repository
• Features
      GUI ...
OpenDS 2.0




                                              12
             OpenDS Primer – April 23, 2009
OpenDS 2.0
• Targetted for June 2009
• Features:
      Assured Replication
  >
      International collation rules
  >
   ...
Assured Replication
• Extension to the current Loose Consistency model
• Make sure operation has been forwarded up to
  ot...
Assured Replication: Performances
• Throughput at constant CPU usage
   > Safe Data level 2 : 5 % cost
   > Safe Read 2 se...
International Collation Rules
• Unicode / UTF-8 support in standards Matching
  Rules
• Ability to Search / Sort / Index b...
Recurring Tasks
• Provides the ability to schedule regular tasks within
  OpenDS
  > Backup, Export but also Import, Resto...
MySQL Cluster
• MySQL Cluster NDB is
  an in-memory,
  distributed, replicated
  database
   > Proven 99,999%
     availab...
MySQL Cluster NDB Back-end
• Alternate data storage back-end for OpenDS
• Allows concurrent transactional access to the da...
OpenDS performances
• Huge effort done on code profiling and optimization
  > Refactor the Attribute API, the ASN1 encodin...
OpenDS performance
• Better out of the box configuration
  > Automatically tunes number of worker threads
  > Automaticall...
OpenDS 2.0 Performance figures
• Configuration
 > Sun X4150                                       > Internal disk
 > 8 x I...
OpenDS Roadmap




                                            23
           OpenDS Primer – April 23, 2009
Roadmap
• Working on the release plan:
  > quartely “Express” releases
  > yearly “Product” releases
• OpenDS 2.2 planned ...
Feature-wise
• Publicly available ChangeLog
• Transactions for LDAP
• PassThrough authentication service with delegation
 ...
More information
• OpenDS
  > http://www.opends.org/
  > https://www.opends.org/wiki/
• Sun OpenDS
  > http://wikis.sun.co...
ATEMPLATE –
  Primer on OpenDS
  ENDING SLIDE
  WITHOUT PHOTO
April 23, 2009

 Ludovic Poitou
 ludovic.poitou@sun.com
 htt...
Upcoming SlideShare
Loading in …5
×

OpenDS Primer Aquarium

1,816 views

Published on

Ludo talks about OpenDS

Published in: Technology
  • Be the first to comment

OpenDS Primer Aquarium

  1. 1. A Primer on OpenDS April 23, 2009 Ludovic Poitou OpenDS Community Manager Sun Microsystems, Inc.
  2. 2. Who am I ? • Ludovic Poitou • Software Architect in the Directory Engineering team • Based in the Grenoble Engineering Center, France • Work on LDAP and Directory Services since 1996 • Involved with OpenDS since project launch, Community Manager since 2007. • http://blogs.sun.com/Ludo 2 OpenDS Primer – April 23, 2009
  3. 3. Agenda • Introduction to the OpenDS Project • OpenDS 2.0 • The Roadmap 3 OpenDS Primer – April 23, 2009
  4. 4. LDAP 10 years ago • Email address book • White pages for Enterprises • Mostly Read Access > Fast > Thousands read requests per second • Small data sets > 100.000 user entries was BIG > 20 attributes was a lot • Very infrequent changes > Less than10% writes 4 OpenDS Primer – April 23, 2009
  5. 5. Use of LDAP Today • Tens of Millions of user entries • More data per users • More transient, writable data > Authentication auditing > Web session cookies > Presence • Mission critical applications > Telecom Operators, Financial institutions > Central security point 5 OpenDS Primer – April 23, 2009
  6. 6. The OpenDS project • Released in Open Source July 2006 > CDDL > https://opends.dev.java.net/ > https://www.opends.org/ > • Written in Java 6 OpenDS Primer – April 23, 2009
  7. 7. The Community • Sun driven development > Over 12 years of experience of LDAP and building scalable servers > 41 committers > 10 full time developers, 4 testers, 2 technical writers > Others are also working on Sun Directory Services products • 21 External contributors • 330 registered users • Collaborating with other communities : 7 OpenDS Primer – April 23, 2009
  8. 8. OpenDS Goals • A complete set of Directory Services Directory Back-end database > Full LDAPv3 compliance and standard extensions > Multi-Master replication > Directory Proxy Services : load-balancing, data > distribution, security services > Virtual Directory Capabilities • Horizontal and Vertical Scalability • Sun Directory Server Enterprise Edition will be OpenDS based in the future 8 OpenDS Primer – April 23, 2009
  9. 9. Three Principles • Ease of Use > Installation, Configuration, Management, Monitoring... • Performance > Throughput > Response time > Determinism • Extensibility > Many interfaces defined > Default implementation provided 9 OpenDS Primer – April 23, 2009
  10. 10. OpenDS 1.0 • Released in July 2008 • Installs in 6 clicks and under 3 minutes • Embeddable in Java applications > For a better out of the box experience > For better security, performance and availability Scriptable installations • Full LDAPv3 compliant + many extensions • Supports Multi-Master Replication • Sun OpenDS Standard Edition 1.0 as a supported • product 10 OpenDS Primer – April 23, 2009
  11. 11. OpenDS 1.2 • Released in February 2009. • Goal > Deliver in OpenSolaris 2009.06 package repository • Features GUI for managing the server – Control Panel > SASL Security > Administration Connector > Access Control based on Security Strength factor > SVR4 packages, support for SMF and RBAC > Better performances > 11 OpenDS Primer – April 23, 2009
  12. 12. OpenDS 2.0 12 OpenDS Primer – April 23, 2009
  13. 13. OpenDS 2.0 • Targetted for June 2009 • Features: Assured Replication > International collation rules > Recurring tasks > SASL security with TLS > MySQL Cluster NDB back-end > Performances > • Sun OpenDS Standard Edition 2.0 for support 13 OpenDS Primer – April 23, 2009
  14. 14. Assured Replication • Extension to the current Loose Consistency model • Make sure operation has been forwarded up to other locations in the Replication topology BEFORE the LDAP client call returns • No isolation of commits • Safe Data : Make sure data is safe on several replicas • Safe Read : Make sure data can be read from a set of given replicas • Best effort mode 14 OpenDS Primer – April 23, 2009
  15. 15. Assured Replication: Performances • Throughput at constant CPU usage > Safe Data level 2 : 5 % cost > Safe Read 2 servers : 14 % cost • Response time > Safe Data : 25% cost > Safe Read : 50% cost • Safe Data with File system cache write is 70% faster than write to the disk with safe write cache 15 OpenDS Primer – April 23, 2009
  16. 16. International Collation Rules • Unicode / UTF-8 support in standards Matching Rules • Ability to Search / Sort / Index based on Local specific rules > Case folding handling and ordering is different in French or Swedish > Provides better results for matching names according to the Users' native language. 16 OpenDS Primer – April 23, 2009
  17. 17. Recurring Tasks • Provides the ability to schedule regular tasks within OpenDS > Backup, Export but also Import, Restore • Cron like syntax • Ability to view, cancel scheduled tasks • Example, automatic backup > backup --recurringTask quot;00 * * * *quot; --backupDirectory /example/backup --backUpAll --backupID quot;Hourlyquot; 17 OpenDS Primer – April 23, 2009
  18. 18. MySQL Cluster • MySQL Cluster NDB is an in-memory, distributed, replicated database > Proven 99,999% availability > Scales as you grow > Uses off-the-shelf HW • OpenDS access directly the Data Nodes 18 OpenDS Primer – April 23, 2009
  19. 19. MySQL Cluster NDB Back-end • Alternate data storage back-end for OpenDS • Allows concurrent transactional access to the data through LDAP, SQL or direct APIs • Gives consistent high performance throughput and response times for read and write operations • Common data model for OpenDS and OpenLDAP 19 OpenDS Primer – April 23, 2009
  20. 20. OpenDS performances • Huge effort done on code profiling and optimization > Refactor the Attribute API, the ASN1 encoding/decoding library > Reduced copying > Reduced memory usage • Results in Improved scalability for large entries > lower response times > Higher throughput > Better determinism > 20 OpenDS Primer – April 23, 2009
  21. 21. OpenDS performance • Better out of the box configuration > Automatically tunes number of worker threads > Automatically tunes number of cleaner threads • Remember: OpenDS default configuration is for developers' laptop. Tune settings for scaling: https://www.opends.org/wiki/page/HowToTunePerformance • Overall since 1.0: > About 4 time faster > Gained 2 to 3 Nine's in determinism > More robust write performances 21 OpenDS Primer – April 23, 2009
  22. 22. OpenDS 2.0 Performance figures • Configuration > Sun X4150 > Internal disk > 8 x Intel 3.2GHz > 10M 1.5K entries > 64GB RAM > Fully preloaded • Search rate • Modify rate 8 clients / CPU 35% idle 2 clients / CPU 75% idle > > 15500 op/s 4000 op/s > > 10% = 0.193417 10% = 0.237901 > > 50% = 0.223053 50% = 0.288164 > > 90% = 0.278756 90% = 0.36565 > > 99% = 0.362329 99% = 0.486679 > > 99.9% = 0.422575 99.9% = 0.706433 > > 99.99% = 35.5056 99.99% = 11.1529 > > 99.999% = 41.8817 99.999% = 65.5304 > > Average = 0.237412 Average = 0.303045 > > 22 OpenDS Primer – April 23, 2009
  23. 23. OpenDS Roadmap 23 OpenDS Primer – April 23, 2009
  24. 24. Roadmap • Working on the release plan: > quartely “Express” releases > yearly “Product” releases • OpenDS 2.2 planned for October 2009 • OpenDS 3.0 planned for Mid 2010 24 OpenDS Primer – April 23, 2009
  25. 25. Feature-wise • Publicly available ChangeLog • Transactions for LDAP • PassThrough authentication service with delegation to LDAP and Kerberos • Improved ease of use • More monitoring and configuration GUI • Log analysis tools • More performance and scalability improvements 25 OpenDS Primer – April 23, 2009
  26. 26. More information • OpenDS > http://www.opends.org/ > https://www.opends.org/wiki/ • Sun OpenDS > http://wikis.sun.com/display/sunopends/Home • Interested in OpenDS: Join our community > https://opends.dev.java.net/servlets/ProjectMembershipRequest 26 OpenDS Primer – April 23, 2009
  27. 27. ATEMPLATE – Primer on OpenDS ENDING SLIDE WITHOUT PHOTO April 23, 2009 Ludovic Poitou ludovic.poitou@sun.com http://blogs.sun.com/Ludo 27

×