yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1953622] [NEW] LDAP Failover behavior is unexpected and random, depending on which server on the configured list fails

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Grzegorz Grasza <1953622@xxxxxxxxxxxxxxxxxx>
Date: Wed, 08 Dec 2021 14:03:05 -0000
Reply-to: Bug 1953622 <1953622@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Public bug reported:

When the user specifies a list of LDAP servers to connect, both ldappool
and ldap try these in order. Depending on which server fails, this
causes a waiting period of the set timeout. If the first servers on the
list are down, this results in a delay of all requests.

This behavior would be expected, if LDAP is run in HA and keyston
writing to it, but since LDAP is readonly, this shouldn't be the
default.

** Affects: keystone
     Importance: Undecided
         Status: New


** Tags: ldap

** Tags added: ldap

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1953622

Title:
  LDAP Failover behavior is unexpected and random, depending on which
  server on the configured list fails

Status in OpenStack Identity (keystone):
  New

Bug description:
  When the user specifies a list of LDAP servers to connect, both
  ldappool and ldap try these in order. Depending on which server fails,
  this causes a waiting period of the set timeout. If the first servers
  on the list are down, this results in a delay of all requests.

  This behavior would be expected, if LDAP is run in HA and keyston
  writing to it, but since LDAP is readonly, this shouldn't be the
  default.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1953622/+subscriptions