I’m going to test two types of authentication system, one is what seems to be common in current days which utilizes database and cache, the popular combination is mysql+memcached, and the other is what I recommended to others for authentication system for all the time – LDAP, and surely openldap is the first choice (Fedora DS is not available on other platforms, though seems it’s easier to manage).
I compose couple of items describing the tests I’m going to take, and I will review this couple of times while I’m doing the setup.
First, application. I had some assumption based on my past experience, that is:
- Good user
- 1 authentication (login with right username and password)
- 10 look up, getting user’s attributes (for showing them on some pages, note that reading these attributes needs to go through couple of tables)
- 1 edit, such as changing profile
- Bad user
- 1 authentication (login with incorrect username or password)
and the ratio of good vs. bad user is 1:5 (yea, lots of abuse …).
There will be 1M registered users, but the “good user” will only include 100K of them, which reflects 10% active users rate, actually this is already high. There will be 3 PHP pages: login.php to do authentication, pref.php retrieve preferences of the user, and edit.php try to change user’s profile. All these take GET query strings so to make test easier.
Environment:
- database testing environment
- debian acts as web server, running apache and PHP
- freebsd acts as client, generating load with apache’s ab
- centos is mysql’s master, handling both read and write
- opensuse is mysql’s slave, handling read only, note that we are not using mysql-proxy as it seems to me it is far away from production quality so far
- ubuntu and fedora run memcached, in TCP mode with 64M cache memory each
- I’m going to post database schema later on
- ldap testing environment
- debian acts as web server, running apache and PHP
- freebsd acts as client, generating load with apache’s ab
- ubuntu and fedora are running openldap in mirror mode
- again, schema will be posted here later on
maybe the only unreal part above is openldap will run in mirror mode, which is not extensible – I will check to see what kind of openldap replication is suitable for production deployment.
Pretty much that’s it, will update once I review this plan.