Backport of Add worker pool for LDAP group lookup into release/1.14.x #22704
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backport
This PR is auto-generated from #22659 to be assessed for backporting due to the inclusion of the label backport/1.14.x.
The below text is copied from the body of the original PR.
This PR aims to make LDAP group lookup more performant by adding a worker pool for group searches. Specifically this is helpful when
use_token_groups=true
and we need to look up every group individually in LDAP associated with the user.In my testing where a LDAP user is a member of 300 LDAP groups and has 300 policies mapped to those groups I see significant performance increase by using a worker pool:
Before:
After:
Overview of commits