How-To: Properly Configure LMDB maxsize in LDAP

Knowledge Base Community
, , , ,
1

Understanding LMDB maxsize

LMDB uses memory-mapped files and requires enough free space to support copy-on-write (CoW) operations. Even if the database is only partially filled, large modifications can fail if there is insufficient space.

Quote: “A good rule of thumb is to multiply the total database size by five. This will provide sufficient headroom for LMDB to maintain isolation (the “I” in “ACID”) between readers and writers.” — Symas OpenLDAP LMDB Sizing Guide

For example, if your database currently occupies 10 GB, setting the LMDB maxsize to at least 50 GB ensures enough space for write transactions without errors.

Even if checks indicate that only e.g. 30% of the LDMB maxsize is used, this may still be insufficient for large modifications. LMDB’s copy-on-write behavior means that every modification temporarily creates copies of pages in memory:

  • Each write operation requires space for the new page plus any overhead.
  • Bulk operations on tens of thousands of objects in one transaction can exceed the apparent free space.
  • As a result, operations like modifying >30,000 objects (in one LMDB-transaction or if there are LDAP-readers keeping a read transaction open for a long time) may fail even when the database appears only 30% full.

If the LDMB maxsize is too small, you may see log messages like:

ldap_modify: Other (e.g., implementation specific) error (80)
        additional info: entry update failed
Error in noninteractive mode, giving up.

even though the Nagios check says OK:

/usr/lib/nagios/plugins/check_univention_slapd_mdb_maxsize
SLAPD MDB OK: Database /var/lib/univention-ldap/ldap operational (in fact 33%)

How to adjust the LMDB maxsize

  1. Check the default value:

    On UCS, the default LMDB maxsize is 4295000000 bytes (approximately 4 GB).

    ucr get ldap/database/mdb/maxsize

  2. Apply the 5x rule of thumb:

    First, check the current size of your LDAP database:

    du -sh /var/lib/univention-ldap/ldap

    Suppose the output is 20G. Applying the 5x rule:

    Current database size: 20 GB
Recommended LMDB maxsize: 20 GB * 5 = 100 GB

    This ensures enough headroom for large operations and transactional isolation.

  3. Set the new value with UCR:

    ucr set ldap/database/mdb/maxsize='107374182400'

    (Note: The value is in bytes. 100 GB = 100 * 1024^3 = 107374182400 bytes.)

  4. Restart the LDAP service to apply the change:

    systemctl restart slapd

The UCR variable ldap/database/mdb/maxsize controls the size limit of both /var/lib/univention-ldap/ldap and /var/lib/univention-ldap/translog.

The UCR variable listener/cache/mdb/maxsize controls the size limit of /var/lib/univention-directory-listener/cache.

3

This topic was automatically closed after 24 hours. New replies are no longer allowed.