- If pgsql is the bottleneck, try multiple pgsql connections: Add maxconns=4 (or whatever) to the dovecot-sql.conf.ext's connect line.
Great thanks for this hint. I can't imagine how I could have missed this parameter. If I increase maxconns to 200+, does it make sense to use pgbouncer in front of postgresql? Or are these connections permanent and are regulated only by setting the max connections in postgresql itself, and pgbouncer will be useless?
- In your Dovecot proxy (assuming you have one?)
Suddenly no, we didn't have a proxy in this configuration. I haven't worked with this service, so I'll read up on how to set it up properly.
- With that many connections and to make logins faster, you'd be better
off using https://doc.dovecot.org/2.3/admin_manual/login_processes/#high-performance-m...
What are the default values for service_count\process_min_avail parameters? To enable high performance mode do I need to specify both explicitly or is the first one enough?
- To optimize login performance, it would be best to get rid of the
post-login script. Also:
service imap {
service_count = 1000
process_min_avail = 10
}
When we tried to raise service_count > 5, service stopped responding quickly. I suppose now it depends on maxconns=5 by default.
- auth_cache_size is rather small. Likely could be increased much larger.
Thanks for your advice. What value would you recommend here?
On Tue, Feb 4, 2025 at 1:23 PM Timo Sirainen <timo@sirainen.com> wrote:
On 3. Feb 2025, at 20.18, Anatoliy Zhestov via dovecot < dovecot@dovecot.org> wrote:
Are you sure the problem is authentication / pgsql? You could test with looping "doveadm auth lookup $user" rapidly. Of course for different
users
to avoid them coming from cache. Or if you can reproduce it that way, try if the same happens for repeating the same user so it does come from cache.
i test in condition when 90% of imap connection is already established. auth cache is enabled so i guess tests with the same user are not relevant.
-------- less loaded server ps waux|grep imap-login|wc -l 24977
Oh, somehow I missed that you have this many concurrent connections.
echo "13285 / 343" |bc 38 (per second)
So with this speed 24977 users would take 11 minutes to login back, which is a bit slow.
Some ideas:
If pgsql is the bottleneck, try multiple pgsql connections: Add maxconns=4 (or whatever) to the dovecot-sql.conf.ext's connect line.
In your Dovecot proxy (assuming you have one?) you can configure it to spread over disconnections over a long time, if the issue is that backend disconnects everyone at once. login_proxy_max_disconnect_delay setting does this.
With that many connections and to make logins faster, you'd be better off using https://doc.dovecot.org/2.3/admin_manual/login_processes/#high-performance-m...
To optimize login performance, it would be best to get rid of the post-login script. Also:
service imap { service_count = 1000 process_min_avail = 10 }
- auth_cache_size is rather small. Likely could be increased much larger.