Perfornace bench marking

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Perfornace bench marking

Yegui Cai
Hi,
Is there some performance bench marking done against KDC. For instance, if
I want to deploy a KDC server and suppose some peak traffic volume, what
kind of memory/cpu resource I should provision for the server?

Thanks!
Yegui
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: Perfornace bench marking

Charles Hedrick
How many client systems and users?

We have a few hundred machines with around 2000 users (not all active, of course) in a computer science dept. 3 KDCs running as VMs with 4 processors and 16 GB each. The processors are generally using < 10% of available CPU. The KDC itself is light-weight. You want to watch the LDAP server. Now and then it grows, and you’ll want to restart it. (The only reason we have 16 G is to accommodate that issue. It should normally work OK in 8 GB, and maybe less.)  It’s possible tune the directory server, but we haven’t done so. We run with the default of logging all LDAP and KDC transactions. You could turn that off. I find that the logs are useful for debugging.

We use Kerberized NFS, so we’re using Kerberos more than if you just used it to login.

The ideal environment is a VM where the VM or stooge system can do consistent point in time snapshots. A VM snapshot is the most useful backup.

> On Nov 15, 2019, at 3:35 PM, Yegui Cai <[hidden email]> wrote:
>
> Hi,
> Is there some performance bench marking done against KDC. For instance, if
> I want to deploy a KDC server and suppose some peak traffic volume, what
> kind of memory/cpu resource I should provision for the server?
>
> Thanks!
> Yegui
> ________________________________________________
> Kerberos mailing list           [hidden email]
> https://mailman.mit.edu/mailman/listinfo/kerberos


________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos