didier
(juret)
April 8, 2021, 5:19pm
1
We use the Entreprise ReadOnlyRest plugIN.
We have a configuration based on a ldap server for authentication.
All work well.
The problem is that the adminitrator of the ldap server have detected that each elasticseach make 10 connexions per minutes to the ldap server.
In on day, the ldap server received more than 200 000 connexions.
He does’t like that.
How to tune or reduce the numbers of connexions mades by elasticsearch servers?
Bests regards
sscarduzio
(Simone Scarduzio)
April 8, 2021, 6:19pm
2
Hi Didier,
Interesting, how does your readonlyrest.yml look like?
coutoPL
(Mateusz Kołodziejczyk)
April 8, 2021, 6:58pm
3
didier
(juret)
April 23, 2021, 1:58pm
4
Sorry i replied by mail but it seem not worked.
Our configuration:
- name: ldap1
host: “###.c1. ####.####”
port: 389 # optional, default 389
ssl_enabled: false # optional, default true
ssl_trust_all_certs: true # optional, default false
bind_dn: “ou=CLOG,ou=arApplications,ou=####,dc=####” # optional, skip for anonymous bind
bind_password: “###” # optional, skip for anonymous bind
search_user_base_DN: “ou=arEntites,ou=###,dc=###”
user_id_attribute: “uid” # optional, default “uid”
search_groups_base_DN: “ou=arApplications,ou=###,dc=###”
unique_member_attribute: “uniqueMember” # optional, default “uniqueMember”
connection_pool_size: 10 # optional, default 30
connection_timeout_in_sec: 10 # optional, default 1
request_timeout_in_sec: 10 # optional, default 1
cache_ttl_in_sec: 60 # optional, default 0 - cache disabled
group_search_filter: "(objectClass=arDroitPerimetre)(cn=)" # optional, default (cn= )
group_name_attribute: “cn”
« ### » replace real values for security restriction.
I tried to change cache_ttl_in_sec to 120 but nothing changed.
Best regard
coutoPL
(Mateusz Kołodziejczyk)
April 23, 2021, 6:00pm
5
please confirm if you use the latest ROR version?
didier
(juret)
May 4, 2021, 12:56pm
6
Hello
We use the version 1.28.0.
Best regard