SP metadata cache keeps growing
Alan Buxey
alan.buxey at myunidays.com
Thu Feb 27 04:04:54 EST 2020
hi,
with the full firehose-feed of eduGAIN there's a lot of metadata to be
checked.... probably looking at almost 10minutes
- whilst the systemd stuff can be adjusted to deal with theres a
quicker fix and that's to have a local instantiation
of PyFF that filters out just the IdPs (the SP doesn't need to know
all other SPs) - that'll slash the data size. and if
PyFF is doing the heavy lifting and dropping resulting file to disk
then Shibboleth can be configured to ONLY read
that local disk file (and not verify/check it either as its already
been checked with cert in the PyFF staging). pretty
fast restarting of the shibd process then.
verifyBackup="false" - the on-disk file won't get checked - but the
on disk one will only be used if the system cannot
successfully download the remote metadata (which it can...and then checks)
alan
More information about the users
mailing list