Ensure all threads are not blocked during context pool re-creation

Use the information to ensure all threads that are trying to communicate with the LDAP server are not blocked when the server is down until the read times out.

Problem

If an LDAP server is down, an exception is thrown when any new thread tries to read from the server. Virtual member manager then tries to re-create the LDAP context pool. During the re-creation of the context pool, all incoming threads are blocked. If the connection cannot be made in 120 seconds, an exception is thrown and the threads are able to complete their processing. However, all requesting threads are blocked for 120 seconds until the exception is thrown.

Solution

To ensure that all threads are not blocked during the context pool re-creation, you can configure the following three custom properties to minimize the number of threads or the exact number of threads to be blocked:
  • minimizeContextPoolThreadBlock
    The minimizeContextPoolThreadBlock custom property is used to define the thread-locking behavior when an LDAP server is down and an attempt is made to read from the server. When the value of the property is set to true, only a minimum number of threads are blocked on read operation and the remaining threads fail immediately without waiting. If the property is set to false, every thread that makes the read requests is blocked until a context is created to the requested LDAP or the context creation encounters a timeout. The default time for context creation is 120 seconds.
    Information Value
    Data type Boolean
    Default True
  • maxThreadsToBlock
    The maxThreadsToBlock property is used along with the minimizeContextPoolThreadBlock property. When the minimizeContextPoolThreadBlock property is set to true, maxThreadsToBlock determines the maximum number of threads that must be blocked when an LDAP read operation is performed.
    Information Value
    Data type Integer
    Default 5
  • bindTimeout
    The bindTimeout custom property specifies the time that is taken to track the count of quick binds in milliseconds. Any binds that take longer than the specified time are added to the log if the trace log is enabled.
    Information Value
    Data type Milliseconds
    Default 1000

You can define the value in milliseconds in the bindTimeout custom property to trace the bind timeout.

Use the setIdMgrCustomProperty command to define these properties in the federated LDAP repository.
$AdminTask setIdMgrCustomProperty {-id <LDAP_repos_ID> -name minimizeContextPoolThreadBlock -value true}

$AdminTask setIdMgrCustomProperty {-id <LDAP_repos_ID> -name maxThreadsToBlock -value 5}

$AdminTask setIdMgrCustomProperty {-id <LDAP_repos_ID> -name bindTimeout -value <millseconds>}
where LDAP_repos_ID is the repository ID of the LDAP configured in virtual member manager, millseconds is to track the count of quick binds. The binds that take longer than the specified time are added to the log if trace log is enabled.
You can save the configuration by using the following command after the previous command is complete:
$AdminConfig save

Icon that indicates the type of topic Concept topic



Timestamp icon Last updated: March 6, 2017 0:20
File name: allthreadsnotblockedduringcontextpoolrecreation.html