One question that arises time and time again pertains to the manner in which OpenDJ stores it entry data and how this differs from the Oracle Directory Server Enterprise Edition (previously known as Sun Directory Server Enterprise Edition).
The following information is from ForgeRock’s OpenDJ Administration, Maintenance and Tuning Class and has been used with the permission of ForgeRock.
OpenDJ includes the Berkeley DB Java Edition database as the backend repository for user data. The Java version is quite different from the Berkeley C version which is used by the Sun Directory Server Enterprise Edition.
The Berkeley DB Java Edition is a Java implementation of a raw database using the B-Tree technology. A Berkeley DB JE environment can be composed of multiple databases, each of which is stored in a single folder on the file system. Rather than having separate files for records and transaction logs, Berkeley DB JE uses a rolling log file to store everything; this includes the B-Tree structure, the user provided records and the indexes. Write operations append entries as the last items in the log file. When a certain size is reached (10MB by default), a new log file is created. This results in consistent write performance regardless of the database size.
Note: Initial log files are located beneath the db/userRoot folder in the installation directory. The initial log file is 00000000.jdb. When that file reaches a size of 10MB, a new file is created as 00000001.jdb.
Over time records are deleted or modified in the log. OpenDJ performs periodic cleanup of log files and rewrites them to new log files. This task is performed without action by a system administrator and ensures consistency of the data contained in the log files.
You can see a list of all entries contained in the database with the dbtest utility. This command returns the entry specific information that can also be used to debug the backend.
The following diagram demonstrates the periodic processing of the Berkeley DB Java Edition database over time.
Log (Entry) Processing
The log shown at the far left (row 1, column 1) contains entries after an immediate population. You will note that it contains five data entries (Entry 1 through Entry 5) as well as the associated index entries. To keep things simple, only the common name and object class attributes have been indexed (as shown by the cn and OC keys).
Note: The data does not appear in this actual format. This notation is used for demonstration purposes.
As time goes by, data in the database changes. New entries are added, attribute values for existing entries are modified, and some entries are deleted. This has an effect on both the data entries in the log as well as any associated index entries.
The second log (row 1, column 2) demonstrates the effect on the database after Entry 3 has been modified. The modified data entry is written to the end of the log and the original entry is marked for deletion. The modification was made to an attribute that that was not indexed so the log does not contain any modification to the index entries.
Changes made to data entries containing indexed attributes would not only appear at the end of the log, but the modifications to the indexes would appear there as well. This can be seen in the third log (row 1, column 3). Entry 2 was modified and the change involved a modification to the common name (cn) attribute. Note how the previous index value for this entry is marked for deletion and the new index entry is written to the end of the log.
The logs found at row 1, column 4 and row 2, column 4 demonstrate how new log files are created as previous ones reach their limit. Write operations are appended to the log file in a linear fashion until it reaches a maximum size of 10 MB at which time a new log is created. This can be seen by the 00000001.jdb log in row 2, column 4.
Note: The maximum log size of 10 MB is defined in the ds-cfg-db-log-file-max attribute contained in the backend definition.
The Berkeley C Database simply purged data from the database. This led to fragmentation (“holes”) in the database and required periodic cleanup by system administrators to eliminate the holes (similar to defragmenting your hard drive). This is not the case with the Berkeley DB Java Edition.
The Berkeley DB Java Edition has a number of threads that periodically check the occupancy of each log. If it detects that the size associated with active entries falls below a certain threshold (50% of its maximum size, or 5MB by default), it rewrites the active records to the end of the latest log file and deletes the old log altogether. This can be seen in the log found at row 2, column 5.
Note: Maximum occupancy is defined in the ds-cfg-db-cleaner-min-utilization attribute contained in the backend definition.
The default occupancy is 50% so at its maximum size, the log will be twice as big as its sum of records. Increasing the occupancy % will reduce the log’s size, but induce more copying, thus increasing CPU utilization.
This process of always appending data to the end of the log and periodically rewriting the log as entries are obsoleted allows OpenDJ to maintain a fairly consistent size – even if entries are heavily modified. It does, however, allow the database to shrink in size if many entries are deleted.
Directory Services Timeline
The Most Complete History of Directory Services You Will Ever Find
(Until the next one comes along)
|1969||First Arpanet node comes online; first RFC published.|
|1973||Ethernet invented by Xerox PARC researchers.|
|1982||TCP/IP replaces older Arpanet protocols on the Internet.|
|1982||First distributed computing research paper on Grapevine published by Xerox PARC researchers.|
|1984||Internet DNS comes online.|
|1986||IETF formally chartered.|
|1989||Quipu (X.500 software package) released.|
|1990||Estimated number of Internet hosts exceeds 250,000.|
|1990||First version of the X.500 standard published.|
|1991||A team at CERN headed by Tim Berners-Lee releases the first World Wide Web software.|
|1992||University of Michigan developers release the first LDAP software.|
|1993||NDS debuts in Netware 4.0.|
|July 1993||LDAP specification first published as RFC 1487.|
|December 1995||First standalone LDAP server (SLAPD) ships as part of U-M LDAP 3.2 release.|
|April 1996||Consortium of more than 40 leading software vendors endorses LDAP as the Internet directory service protocol of choice.|
|1996||Netscape Hires Tim Howes, Mark Smith, and Gordon Good from University of Michigan. Howes serves as a directory server architect.|
|September 1997||Sun Microsystems releases Sun Directory Services 1.0, derived from U-M LDAP 3.2||
|November 1997||LDAPv3 named the winner of the PC Magazine Award for Technical Excellence.|
|December 1997||LDAPv3 approved as a proposed Internet Standard.|
|1998||The OpenLDAP Project was started by Kurt Zeilenga. The project started by cloning the LDAP reference source from the University Of Michigan.|
|January 1998||Netscape ships the first commercial LDAPv3 directory server.|
|March 1998||Innosoft acquires Mark Walh’s Critical Angle company, relesases LDAP directory server product 4.1 one month later.|
|July 1998||Sun Microsystems ships Sun Directory Server 3.1, implementing LDAPv3 standards||
|July 1998||Estimated number of Internet hosts exceeds 36 million.|
|1999||AOL acquires Netscape and forms the iPlanet Alliance with Sun Microsystems.|
|March 1999||Innosoft team, led by Mark Wahl, releases Innosoft Distributed Directory Server 5.0||
|March 2000||Sun Microsystems acquires Innosoft, merges Innosoft directory code with iPlanet. This forms the foundation for the iPlanet Directory Access Router.||
|October 2001||The iPlanet Alliance ends and Sun and Netscape fork the codebase.|
|October 2004||Apache Directory Server Top Level Project is formed after 1 year in incubation||
|December 2004||RedHat Purchases Netscape Server products|
|2005||Sun Microsystems initiates the OpenDS project. An open source directory server based on the Java platform.|
|June 2005||RedHat Releases Fedora Directory Server|
|October 2006||Apache Directory Server 1.0 is released||
|2007||UnboundID releases its directory server||
|2008||AOL Stops Supporting Netscape Products|
|April 2009||Oracle purchases Sun Microsystems|
|May 2009||RedHat changes the Fedora Directory Server to 389 Directory Server|
|Feb 1, 2010||ForgeRock is founded||
|Dec 2010||ForgeRock releases OpenDJ|
|July 2011||Oracle releases Oracle Unified Directory|
(1) Understanding and Deploying LDAP Directory Services; Second Edition; Timothy A. Howes, Ph.D., Mark C. Smith, and Gordon S. Good.
(2) 389 Directory Server; History (http://directory.fedoraproject.org/wiki/History).
(3) Email exchange with Ludovic Poitou (ForgeRock).
(4) Press Release, March 16th, 1998; “Innosoft Acquires LDAP Technology Leader Critical Angle Inc. (http://www.pmdf.process.com/press/critical-angle-acquire.html).
(5) OpenLDAP; Wikipedia (http://en.wikipedia.org/wiki/OpenLDAP).
(6) iPlanet; Wikipedia (http://en.wikipedia.org/wiki/IPlanet).
(7) OpenDS; Wikipedia (http://en.wikipedia.org/wiki/OpenDS).
(8) Netscape; Wikipedia (http://en.wikipedia.org/wiki/Netscape).
(9) Press Release, April 20th, 2000; “Oracle Buys Sun” (http://www.oracle.com/us/corporate/press/018363).
(10) 389 Directory Server; 389 Change FAQ (http://directory.fedoraproject.org/wiki/389_Change_FAQ).
(11) OpenDJ; Wikipedia (http://en.wikipedia.org/wiki/OpenDJ).
(12) Email exchange with Nick Crown (UnboundID).
(13) Press Release, July 20th, 2011; “Oracle Announces Oracle Unified Directory 11g” (http://www.oracle.com/us/corporate/press/434211).