Sep 092009
 

I’m going to test two types of authentication system, one is what seems to be common in current days which utilizes database and cache, the popular combination is mysql+memcached, and the other is what I recommended to others for authentication system for all the time – LDAP, and surely openldap is the first choice (Fedora DS is not available on other platforms, though seems it’s easier to manage).

I compose couple of items describing the tests I’m going to take, and I will review this couple of times while I’m doing the setup.

First, application. I had some assumption based on my past experience, that is:

  • Good user
  • 1 authentication (login with right username and password)
  • 10 look up, getting user’s attributes (for showing them on some pages, note that reading these attributes needs to go through couple of tables)
  • 1 edit, such as changing profile
  • Bad user
  • 1 authentication (login with incorrect username or password)

and the ratio of good vs. bad user is 1:5 (yea, lots of abuse …).

There will be 1M registered users, but the “good user” will only include 100K of them, which reflects 10% active users rate, actually this is already high. There will be 3 PHP pages: login.php to do authentication, pref.php retrieve preferences of the user, and edit.php try to change user’s profile. All these take GET query strings so to make test easier.

Environment:

  • database testing environment
  • debian acts as web server, running apache and PHP
  • freebsd acts as client, generating load with apache’s ab
  • centos is mysql’s master, handling both read and write
  • opensuse is mysql’s slave, handling read only, note that we are not using mysql-proxy as it seems to me it is far away from production quality so far
  • ubuntu and fedora run memcached, in TCP mode with 64M cache memory each
  • I’m going to post database schema later on
  • ldap testing environment
  • debian acts as web server, running apache and PHP
  • freebsd acts as client, generating load with apache’s ab
  • ubuntu and fedora are running openldap in mirror mode
  • again, schema will be posted here later on

maybe the only unreal part above is openldap will run in mirror mode, which is not extensible – I will check to see what kind of openldap replication is suitable for production deployment.

Pretty much that’s it, will update once I review this plan.

  5 Responses to “mysql+memcached vs. openldap”

  1. Here is the schema:

    – create table user (
    id int unsigned auto_increment primary key,
    username varchar(32) not null,
    password varchar(32) not null,
    displayname varchar(32),
    language smallint unsigned not null, /* reference to language table */
    location int unsigned not null, /* reference to location table */
    birthday date not null,
    gender char(1) not null, /* M for male, F for female, N for neutral */
    last_ip varchar(15) not null,
    last_time timestamp not null,
    status char(1), /* E for enabled, D for user disabled, A for abuse disabled, P for admin placeholder */
    unique key idx_user_username (username),
    key idx_user_displayname (displayname),
    key idx_user_language (language),
    key idx_user_location (location),
    key idx_user_birthday (birthday),
    key idx_user_last_time (last_time)
    ) engine=innodb character set=utf8;
    – create table hobby (
    id int unsigned auto_increment primary key,
    user int unsigned not null, /* reference to user table */
    item varchar(32) not null, /* make things simple by avoiding another lookup */
    unique key idx_hobby_user_item (user, item)
    ) engine=innodb character set=utf8;
    – create table language (
    id smallint unsigned auto_increment primary key,
    name varchar(32) not null,
    unique key idx_language_name (name)
    ) engine=innodb character set=utf8;
    – create table location (
    id int unsigned auto_increment primary key,
    country varchar(255) not null,
    state varchar(255) not null,
    city varchar(255) not null,
    key idx_location_country (country),
    key idx_location_state (state),
    key idx_location_city (city)
    ) engine=innodb character set=utf8;

  2. […] There was not much progress with performance test as mentioned here. […]

  3. Not sure you can compare LDAP & memcache in this case.

    LDAP is good if you need to get your data from different points.

    Also, if ur data will be often updated, LDAP is not good.

    Do u have any result of ur test yet?

  4. I moved to nosql solution as mentioned here, as LDAP cannot do more than what nosql does (key-value pair, replication, dynamic schema, …).

    Of cause, if you are working on an enterprise service/product, then you may have no choice other than LDAP, but if that’s the case, I don’t think you need to think about mysql at all.

  5. mysql+memcached vs. openldap…

    Iโ€™m going to test two types of authentication system, one is what seems to be common in current days which utilizes database and cache, the popular combination is mysql+memcached, and the other is what I recommended to others for authentication system …

Sorry, the comment form is closed at this time.