Hello Everybody.
Introduction
This article walks you through the process of increasing Threads in LDAP Sync for improved Parallelism and Optimisation.
Summary
When you integrate your User Groups in Harness with LDAP a Sync Job is fired which not only Syncs this particular groups but all the other Groups in the Account as well in a serial order. By default, Harness syncs with your server every 15 minutes. When the account has alot of groups this serial processing could increase the time taken to run the Sync jobs. To improve this behaviour and provide a better solution, Harness has implemented an LDAP Job Iterator which runs the Group sync in Parallel. This Feature is currently behind the Flag PL_LDAP_PARALLEL_GROUP_SYNC, which when enabled on the Account runs the jobs on multiple threads and this further improves the Sync time on the Harness end.
As an addition to this functionality we have also added support for users to be able to implement and control more threads for LDAP Sync Parallelism. The below steps will walk you through how this is achieved :
-
To change number of Parallel threads in an Env you can directly change it using the Harness Manager Config map in GCP. In the GCP UI you can Click on Secrets and ConfigMaps in the Nav bar
-
Here you will find the Entry
-
Click on Edit on the YAML to Add the variable under Data field :
-
Add a new variable LDAP_GROUP_SYNC_POOL_SIZE under data field as below after clicking on Edit :
You can provide a value between 4-15 where 4 is the minimum default of threads. Once the pool size has been provided please save this Config and then Bounce the Manager pods by scaling them down and up.
New pods will have the new number of threads. They can verify by checking manager logs by searching below line
ParallelLDAPIterator: Starting UserGroup Sync with number of threads
Using this config the Sync time reduces for LDAP Group Sync.