This patch adds a __str__() method to the ConnectionManager class,
which allows for a nice readible table to be obtained that shows
the current state of the connection pool. This can be very useful
for troubleshooting or monitoring issues related to connection
pooling. The table will contain a row for each connection within
the pool, with columns showing the connection slot, connectivity
status, activity status, URI, connection lifetime, and bind DN.
The header row will also indicate the pool size and maximum
connection lifetime setting.
Note that this adds a dependency on the prettytable module. This
new dependency seems worth it for the nice readible table format
it produces.
Change-Id: If0abfef405d05ecd499bdf6201ff465bd845957b
It is currently possible to specify multiple LDAP server URIs
for failover purposes when using LDAP connection pooling, as this
functionality is provided in the underlying python-ldap module.
Unfortunately, failover does not work properly if LDAP timeout
issue are encountered due to the way python-LDAP works. If multiple
URLs are provided, the first URL that results in a successful TCP
connection is considered to be a successful LDAP connection. If the
initial bind operation fails due to a timeout waiting for an LDAP
response from the server, it will never failover to additional
URIs. It is easy to demonstrate this behavior by forcing an LDAP
server to hang (attach with gdb to halt the process), then using
that server as the first URI when creating a connection pool.
This patch adds proper failover logic to ldappool. If multiple URIs
are provided, we split them and attempt to connect to them one-by-one
until we have either had a successful LDAP bind operation, or we have
exhausted the list of URIs. The connection retry logic is processed
per-URI as well, meaning we will attempt to reconnect to the first
URI up to the requested retry limit, then we will failover to the
next URI and reset the retry count.
The ldap.TIMEOUT exception was not raised to the caller like some
of the other common LDAP exceptions we might encounter. We should
raise the TIMEOUT exception instead of the more generic BackendError
exception to provide more detail to the calling code.
Change-Id: Iabc13363d2425e70a53163249e5389d336274533
pyldap is meanwhile an outdated and deprecated fork, and the
Python 3.x compatibility fixes have been merged back to python-ldap.
Change-Id: I4b793a9a72b84005a57cc1e3f6f89a483d7eda5c
Nathan Kinder