Hi Andreas,

On 5 July 2011 19:48, Andreas Maunz <andreas at maunz.de> wrote:

> Hi Nina,
>
> On Tue, 5 Jul 2011 17:00:06 +0300, Nina Jeliazkova
> <jeliazkova.nina at gmail.com> wrote:
> > Currently at http://apps.ideaconsult.net:8080/ambit2/  there are roughly
> > 37000 datasets and ~470 models.  This includes all intermediate datasets
> and
> > models, created (and not deleted yet) by all partners and third party
> tools,
> > who have been using the service since last year.
> >
> > This is already three times more than the number of existing policies in
> > OpenTox production AA, and the performance of the production AA server is
> a
> > showstopper to hook our production services into the AA infrastructure,
> > unless
> >
> > a) we consider some of the resources obsolete and perform a clean up;
> > b) we bring up our own instance of AA, which can handle this amount of
> > resources;
> > c) we find out/develop more efficient approach to policy management.
>
> Obviously, the easiest way is b). Concerning Vedrin's experiments, it
> would be rather straightforward what to do (correct me if I am wrong),
> namely to give the main proportion of RAM to a dedicated LDAP hosting
> policy configuration in a separate JAVA VM.
>

Well, I was considering a)  as the most realistic route :)

Bringing a second AA instance means either synchronizing the tokens (tokens
coming from one instance will not be considered valid by another), or
providing info which service uses which AA instance.  Either ways, this will
complicate the service interaction.

I have read OpenSSO has some support for federation, but this is not tested.


>
> Currently, the production service has only 2G of memory (and it does
> not use a dedicated LDAP).
> Jiffybox offers "CloudLevel 5" (16 GB RAM / 8 CPUs) for 0,25 EUR/h,
> which is their most powerful appliance.
> When switching the machine (be the new one physical or not) we should
> consider starting from scratch, as no upgrade from OpenSSO/OpenAM 9.0 to
> the current version seems possible.
>

Perhaps we could have a script, reading the policies from MySQL pol table ,
and feeding the new OpenAM instance?

Best regards,
Nina

P.S. IMHO the memory requirements of OpenDS are rather ridiculous.  After
all, these 40K policies fit in about 50MB of memory , if one consider them
as strings, and my calculations are not completely wrong.  Perhaps we are
still unaware of some configuration magic in OpenAM/ OpenDJ (LDAP)backend.
 The OpenDJ uses Berkeley DB as a backend, and a (distributed) version of
BDB  is reported to handle all Google accounts and associated properties ...


>
> Best regards
> Andreas
>
> _______________________________________________
> Development mailing list
> Development at opentox.org
> http://www.opentox.org/mailman/listinfo/development
>