Red Hat SummitQuesto contenuto non è disponibile nella lingua selezionata.
Chapter 6. Managing indexes in Directory Server
Indexing makes searching for and retrieving information faster by classifying and organizing attributes or values. You can request a contiguous subset of a large search result by using virtual list view control.
6.1. About indexes
Learn about index types in Directory Server and pluses and minuses when using index.
6.1.1. The different index types
Directory Server stores the indexes of each indexed attribute in a separate database file in the instance’s database directory. For example, the indexes of the sn attribute are stored in the /var/lib/dirsrv/slapd-<instance_name>/db/database_name/sn.db file. Each index file can contain multiple index types if Directory Server maintains different indexes for an attribute.
Directory Server supports the following index types:
-
The presence index (
pres) is a list of the entries that contain a particular attribute. For example, use this type when clients frequently perform searches, such asattribute=mail. -
The equality index (
eq) improves searches for entries containing a specific attribute value. For example, an equality index on thecnattribute enables faster searches forcn=first_name last_name. -
The approximate index (
approx) enables efficient approximate or sounds-like searches. For example, searches forcn~=first_name last_name,cn~=first_name, orcn~=first_nam(note the misspelling) would return an entrycn=first_name X last_name. Note that the metaphone phonetic algorithm in Directory Server supports only US-ASCII letters. Therefore, use approximate indexing only with English values. -
The substring index (
sub) is a costly index to maintain, but it enables efficient searching against substrings within entries. Substring indexes are limited to a minimum of three characters for each entry. For example, searches fortelephoneNumber=*555*return all entries in the directory with a value that contains555in thetelephoneNumberattribute. - International index speeds up searches for information in international directories. The process for creating an international index is similar to the process for creating regular indexes, except that it applies a matching rule by associating an object identifier (OID) with the attributes to be indexed.
6.1.2. Balancing the benefits of indexing
Before you create new indexes, balance the benefits of maintaining indexes against the costs:
- Approximate indexes are not efficient for attributes commonly containing numbers, such as phone numbers.
- Substring indexes do not work for binary attributes.
- Avoid equality indexes on attributes that contain big values, such as an image.
- Maintaining indexes for attributes that are not commonly used in searches increases the overhead without improving the search performance.
- Attributes that are not indexed can still be used in search requests, although the search performance can be degraded significantly, depending on the type of search.
Indexes can become very time-consuming. For example, if Directory Server receives an add operation, the server examines the indexing attributes to determine whether an index is maintained for the attribute values. If the created attribute values are indexed, Directory Server adds the new attribute values to the index, and then the actual attribute values are created in the entry.
Example 6.1. Indexing steps Directory Server performs when a user adds an entry
Assume that Directory Server maintains the following indexes:
-
Equality, approximate, and substring indexes for the
cnandsnattributes. -
Equality and substring indexes for the
telephoneNumberattribute. -
Substring indexes for the
descriptionattribute.
For example, a user adds the following entry:
When the user adds the entry, Directory Server performs the following steps:
-
Create the
cnequality index entry forJohnandJohn Doe. -
Create the
cnapproximate index entries forJohnandJohn Doe. -
Create the
cnsubstring index entries forJohnandJohn Doe. -
Create the
snequality index entry forDoe. -
Create the
snapproximate index entry forDoe. -
Create the
snsubstring index entry forDoe. -
Create the
telephoneNumberequality index entry for408 555 8834. -
Create the
telephoneNumbersubstring index entry for408 555 8834. -
Create the
descriptionsubstring index entry forManufacturing lead.
This example illustrates that the number of actions required to create and maintain databases for a large directory can be very resource-intensive.
Do not define a substring index for membership attributes (for example, member,uniquemember) because it can impact Directory Server performance. When adding or removing members, for example,uniquemember to a group with many members, the computation of the uniquemember substring index requires to evaluating all uniquemember values and not only added or removed values.
6.2. Defining a default index that applies to all newly created databases
The default index in Directory Server defines a set of attributes to be indexed. When you create a new database, Directory Server copies the default index attributes from cn=default indexes,cn=config,cn=ldbm database,cn=plugins,cn=config entry to the database-specific cn=index,cn=database_name,cn=ldbm database,cn=plugins,cn=config entry.
Directory Server does not apply changes in the default index to existing databases.
6.2.1. Default index attributes
Directory Server stores the default index attributes in the cn=default indexes,cn=config,cn=ldbm database,cn=plugins,cn=config entry. To display them, including their index types, enter:
ldapsearch -D "cn=Directory Manager" -W -H ldap://server.example.com -b "cn=default indexes,cn=config,cn=ldbm database,cn=plugins,cn=config" -s one -o ldif-wrap=no
# ldapsearch -D "cn=Directory Manager" -W -H ldap://server.example.com -b "cn=default indexes,cn=config,cn=ldbm database,cn=plugins,cn=config" -s one -o ldif-wrap=no|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Removing the attributes listed in the table (system indexes) from the index of databases can significantly affect the Directory Server performance.
6.2.2. Maintaining the default index
Directory Server stores the default index attributes in the cn=default indexes,cn=config,cn=ldbm database,cn=plugins,cn=config entry. Note that you can only maintain the default index attributes using LDIF statements.
Procedure
For example, to add the
roomNumberattribute to the default index with the index typeseqandsub, enter:Copy to Clipboard Copied! Toggle word wrap Toggle overflow Explanation of the LDIF statement:
-
objectClass: nsIndex: Defines that this entry is an index entry. -
objectClass: top: This object class is additionally required in index entries. -
cn: Sets the name of the attribute to index. -
nsSystemIndex: Indicates whether or not the index is essential to Directory Server operations. -
nsIndexType: This multi-value attribute specifies the index types.
-
For example, to add the
presindex type to the default index attributes of theroomNumberattribute, enter:Copy to Clipboard Copied! Toggle word wrap Toggle overflow For example, to remove the
presindex type from the default index attributes of theroomNumberattribute, enter:Copy to Clipboard Copied! Toggle word wrap Toggle overflow For example, to remove the
roomNumberattribute from the default index, enter:ldapdelete -D "cn=Directory Manager" -W -H ldap://server.example.com -x cn=roomNumber,cn=default indexes,cn=config,cn=ldbm database,cn=plugins,cn=config
# ldapdelete -D "cn=Directory Manager" -W -H ldap://server.example.com -x cn=roomNumber,cn=default indexes,cn=config,cn=ldbm database,cn=plugins,cn=configCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Verification
List the default index attributes to verify your changes:
ldapsearch -H ldap://server.example.com:389 -D "cn=Directory Manager" -W -b "cn=default indexes,cn=config,cn=ldbm database,cn=plugins,cn=config" -x -s one -o ldif-wrap=no
# ldapsearch -H ldap://server.example.com:389 -D "cn=Directory Manager" -W -b "cn=default indexes,cn=config,cn=ldbm database,cn=plugins,cn=config" -x -s one -o ldif-wrap=noCopy to Clipboard Copied! Toggle word wrap Toggle overflow
6.3. Maintaining the indexes of a specific database
Each database in Directory Server has its own index. You can create, update, and delete indexes using the dsconf utility or the web console.
6.3.1. Maintaining the indexes of a specific database using the command line
You can use the dsconf utility to maintain index settings using the command line.
Procedure
For example, to add the
roomNumberattribute to the index of theuserRootdatabase with the index typeseqandsub, enter:dsconf <instance_name> backend index add --attr roomNumber --index-type eq --index-type sub --reindex userRoot
# dsconf <instance_name> backend index add --attr roomNumber --index-type eq --index-type sub --reindex userRootCopy to Clipboard Copied! Toggle word wrap Toggle overflow The
--reindexoption causes that Directory Server automatically re-indexes the database.For example, to add the
presindex type to the index settings of theroomNumberattribute in theuserRootdatabase, enter:dsconf <instance_name> backend index set --attr roomNumber --add-type pres userRoot
# dsconf <instance_name> backend index set --attr roomNumber --add-type pres userRootCopy to Clipboard Copied! Toggle word wrap Toggle overflow For example, to remove the
presindex type from the index settings of theroomNumberattribute in theuserRootdatabase, enter:dsconf <instance_name> backend index set --attr roomNumber --del-type pres userRoot
# dsconf <instance_name> backend index set --attr roomNumber --del-type pres userRootCopy to Clipboard Copied! Toggle word wrap Toggle overflow For example, to remove the
roomNumberattribute from the index in theuserRootdatabase, enter:dsconf <instance_name> backend index delete --attr roomNumber userRoot
# dsconf <instance_name> backend index delete --attr roomNumber userRootCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Verification
List the index settings of the
userRootdatabase:dsconf <instance_name> backend index list userRoot
# dsconf <instance_name> backend index list userRootCopy to Clipboard Copied! Toggle word wrap Toggle overflow
6.3.2. Recreating an index while the instance is offline
You can use the dsctl db2index utility for reindexing the whole database while the instance is offline.
Prerequisites
-
You created an indexing entry or added additional index types to the existing
userRootdatabase.
Procedure
Shut down the instance:
dsctl <instance_name> stop
# dsctl <instance_name> stopCopy to Clipboard Copied! Toggle word wrap Toggle overflow Recreate the index:
For all indexes in the database, run:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow For specific attribute indexes, run:
dsctl <instance_name> db2index userRoot --attr aci cn givenname
# dsctl <instance_name> db2index userRoot --attr aci cn givennameCopy to Clipboard Copied! Toggle word wrap Toggle overflow The following command recreates indexes for
aci,cn, andgivennameattributes.Note that if no database is specified, the command recreates indexes for all attributes.
For more information regarding
dsctl(offline) command, run:dsctl <instance_name> db2index --help
# dsctl <instance_name> db2index --helpCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Start the instance:
dsctl <instance_name> start
# dsctl <instance_name> startCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Verification
List the index settings of the
userRootdatabase:dsconf <instance_name> backend index list userRoot
# dsconf <instance_name> backend index list userRootCopy to Clipboard Copied! Toggle word wrap Toggle overflow
6.3.3. Maintaining the indexes of a specific database using the web console
You can use the web console to maintain index settings in Directory Server.
Prerequisites
- You are logged in to the instance in the web console.
Procedure
Navigate to
. To add an attribute to the index:
- Click .
-
Enter the attribute name to the
Select An Attributefield. - Select the index types.
- Select Index attribute after creation.
- Click .
To update the index settings of an attribute:
- Click the overflow menu next to the attribute, and select Edit Index.
- Update the index settings to your needs.
- Select Index attribute after creation.
- Click .
To delete an attribute from the index:
- Click the overflow menu next to the attribute, and select Delete Index.
- Select Yes, I am sure, and click .
- In the menu, select Reindex Suffix.
Verification
-
Navigate to
, and verify that the index settings reflect the changes you made.
6.4. Changing the search key length in a substring index
By default, the length of the search key for substring indexes must be at least three characters. For example, Directory Server will add the string abc as a search key to an index while ab* will not. However, to improve the search performance, particularly for searches with many wildcard characters, you can shorten the search key length. This increases the number of search keys in the index.
Directory Server has three attributes that change the minimum number of characters required for a search key:
-
nsSubStrBegin: Sets the minimum number of characters for the beginning of a search key, before the wildcard character. For example:
abc*
abc*-
nsSubStrMiddle: Sets the minimum number of characters in the search key between wildcard characters. For example:
*abc*
*abc*-
nsSubStrEnd: Sets the number of characters for the end of a search key, after the wildcard character. For example:
*xyz
*xyz6.4.1. Changing the search key length in a substring index using the command line
You can improve search speeds by setting a new search key length for an attribute index.
Procedure
To set new search key length, add the
extensibleObjectobject class and then add thensSubStrBegin,nsSubStrEnd, ornsSubStrMiddleattributes to the entry. For example:Copy to Clipboard Copied! Toggle word wrap Toggle overflow Recreate the index to apply the new setting. For example, while the Directory Server instance is running, use the following command to recreate the index for the specified attribute:
dsconf <instance_name> backend index reindex --attr <attribute_name> <database_name>
# dsconf <instance_name> backend index reindex --attr <attribute_name> <database_name>Copy to Clipboard Copied! Toggle word wrap Toggle overflow
Verification
-
Select the attribute for which you want to change the search key length, for example,
cn. Dump the
cnindex:dbscan -f /var/lib/dirsrv/slapd-<instance_name>/db/database/cn.db > /tmp/default_len
# dbscan -f /var/lib/dirsrv/slapd-<instance_name>/db/database/cn.db > /tmp/default_lenCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Configure the new search key length as described in section Changing the search key length in a substring index using the command line.
Stop the instance to synchronize the database on the disk:
dsctl <instance_name> stop
# dsctl <instance_name> stopCopy to Clipboard Copied! Toggle word wrap Toggle overflow Dump the
cnindex:dbscan -f /var/lib/dirsrv/slapd-<instance_name>/db/database/cn.db > /tmp/len_2
# dbscan -f /var/lib/dirsrv/slapd-<instance_name>/db/database/cn.db > /tmp/len_2Copy to Clipboard Copied! Toggle word wrap Toggle overflow Compare
len_2anddefault_lenfiles:diff /tmp/len_2 /tmp/default_len
# diff /tmp/len_2 /tmp/default_lenCopy to Clipboard Copied! Toggle word wrap Toggle overflow
6.5. Using virtual list view control to request a contiguous subset of a large search result
Directory Server supports the LDAP virtual list view control. This control enables an LDAP client to request a contiguous subset of a large search result.
For example, you have stored an address book with 100.000 entries in Directory Server. By default, a query for all entries returns all entries at once. This is a resource and time-consuming operation, and clients often do not require the whole data set because, if the user scrolls through the results, only a partial set is visible.
However, if the client uses the VLV control, the server only returns a subset and, for example, if the user scrolls in the client application, the server returns more entries. This reduces the load on the server, and the client does not need to store and process all data at once.
VLV also improves the performance of server-sorted searches when all search parameters are fixed. Directory Server pre-computes the search results within the VLV index. Therefore, the VLV index is much more efficient than retrieving the results and sorting them afterwards.
In Directory Server, the VLV control is always available. However, if you use it in a large directory, a VLV index, also called browsing index, can significantly improve the speed.
Directory Server does not maintain VLV indexes for attributes, such as for standard indexes. The server generates VLV indexes dynamically based on attributes set in entries and the location of those entries in the directory tree. Unlike standard entries, VLV entries are special entries in the database.
6.5.1. How the VLV control works in ldapsearch commands
Typically, you use the virtual list view (VLV) feature in LDAP client applications. However, for example for testing purposes, you can use the ldapsearch utility to request only partial results.
To use the VLV feature in ldapsearch commands, specify the -E option for both the sss (server-side sorting) and vlv search extensions:
ldapsearch ... -E 'sss=attribute_list' -E 'vlv=query_options'
# ldapsearch ... -E 'sss=attribute_list' -E 'vlv=query_options'
The sss search extension has the following syntax:
[!]sss=[-]<attr[:OID]>[/[-]<attr[:OID]>...]
[!]sss=[-]<attr[:OID]>[/[-]<attr[:OID]>...]
The vlv search extension has the following syntax:
[!]vlv=<before>/<after>(/<offset>/<count>|:<value>)
[!]vlv=<before>/<after>(/<offset>/<count>|:<value>)-
beforesets the number of entries returned before the targeted one. -
aftersets the number of entries returned after the targeted one. -
index,count, andvaluehelp to determine the target entry. If you setvalue, the target entry is the first one having its first sorting attribute starting with the value. Otherwise, you setcountto0, and the target entry is determined by theindexvalue (starting from 1). If thecountvalue is higher than0, the target entry is determined by the ratioindex * number of entries / count.
Example 6.2. Output of an ldapsearch command with VLV search extension
The following command searches in ou=People,dc=example,dc=com. The server then sorts the results by the cn attribute and returns the uid attributes of the 70th entry together with one entry before and two entries after the offset.
6.5.2. Enabling unauthenticated users to use the VLV control
By default, the access control instruction (ACI) in the oid=2.16.840.1.113730.3.4.9,cn=features,cn=config entry enables only authenticated users to use the VLV control. To enable also non-authenticated users to use the VLV control, update the ACI by changing userdn = "ldap:///all" to userdn = "ldap:///anyone"
Procedure
Update the ACI in
oid=2.16.840.1.113730.3.4.9,cn=features,cn=config:Copy to Clipboard Copied! Toggle word wrap Toggle overflow
Verification
Perform a query with VLV control not specify a bind user:
ldapsearch -H ldap://server.example.com -b "ou=People,dc=example,dc=com" -s one -x -E 'sss=cn' -E 'vlv=1/2/70/0' uid
# ldapsearch -H ldap://server.example.com -b "ou=People,dc=example,dc=com" -s one -x -E 'sss=cn' -E 'vlv=1/2/70/0' uidCopy to Clipboard Copied! Toggle word wrap Toggle overflow This command requires that the server allows anonymous binds.
If the command succeeds but returns no entries, run the query again with a bind user to ensure that the query works when using authentication.
6.5.3. Creating a VLV index using the command line to improve the speed of VLV queries
Follow this procedure to create a virtual list view (VLV) index, also called browsing index, for entries in ou=People,dc=example,dc=com that contain a mail attribute and have the objectClass attribute set to person.
Prerequisites
- Your client applications use the VLV control.
- Client applications require to query a contiguous subset of a large search result.
- The directory contains a large number of entries.
Procedure
Create the VLV search entry:
dsconf <instance_name> backend vlv-index add-search --name "VLV People" --search-base "ou=People,dc=example,dc=com" --search-filter "(&(objectClass=person)(mail=*))" --search-scope 2 userRoot
# dsconf <instance_name> backend vlv-index add-search --name "VLV People" --search-base "ou=People,dc=example,dc=com" --search-filter "(&(objectClass=person)(mail=*))" --search-scope 2 userRootCopy to Clipboard Copied! Toggle word wrap Toggle overflow This command uses the following options:
-
--namesets the name of the search entry. This can be any name. -
--search-basesets the base DN for the VLV index. Directory Server creates the VLV index on this entry. -
--search-scopesets the scope of the search to run for entries in the VLV index. You can set this option to0(base search),1(one-level search), or2(subtree search). -
--search-filtersets the filter Directory Server applies when it creates the VLV index. Only entries that match this filter become part of the index. -
userRootis the name of the database in which to create the entry.
-
Create the index entry:
dsconf <instance_name> backend vlv-index add-index --index-name "VLV People - cn sn" --parent-name "VLV People" --sort "cn sn" --index-it userRoot
# dsconf <instance_name> backend vlv-index add-index --index-name "VLV People - cn sn" --parent-name "VLV People" --sort "cn sn" --index-it userRootCopy to Clipboard Copied! Toggle word wrap Toggle overflow This command uses the following options:
-
--index-namesets the name of the index entry. This can be any name. -
--parent-namesets the name of the VLV search entry and must match the name you set in the previous step. -
--sortsets the attribute names and their sort order. Separate the attributes by space. -
--index-itcauses that Directory Server automatically starts an index task after the entry was created. -
userRootis the name of the database in which to create the entry.
-
Verification
Verify the successful creation of the VLV index in the
/var/log/dirsrv/slapd-<instance_name>/errorsfile:[26/Nov/2021:11:32:59.001988040 +0100] - INFO - bdb_db2index - userroot: Indexing VLV: VLV People - cn sn [26/Nov/2021:11:32:59.507092414 +0100] - INFO - bdb_db2index - userroot: Indexed 1000 entries (2%). ... [26/Nov/2021:11:33:21.450916820 +0100] - INFO - bdb_db2index - userroot: Indexed 40000 entries (98%). [26/Nov/2021:11:33:21.671564324 +0100] - INFO - bdb_db2index - userroot: Finished indexing.
[26/Nov/2021:11:32:59.001988040 +0100] - INFO - bdb_db2index - userroot: Indexing VLV: VLV People - cn sn [26/Nov/2021:11:32:59.507092414 +0100] - INFO - bdb_db2index - userroot: Indexed 1000 entries (2%). ... [26/Nov/2021:11:33:21.450916820 +0100] - INFO - bdb_db2index - userroot: Indexed 40000 entries (98%). [26/Nov/2021:11:33:21.671564324 +0100] - INFO - bdb_db2index - userroot: Finished indexing.Copy to Clipboard Copied! Toggle word wrap Toggle overflow Use the VLV control in an
ldapsearchcommand to query only specific records from the directory:Copy to Clipboard Copied! Toggle word wrap Toggle overflow This example assumes you have entries continuously named
uid=user001to at leastuid=user072inou=People,dc=example,dc=com.
6.5.4. Creating a VLV index using the web console to improve the speed of VLV queries
Follow this procedure to create a virtual list view (VLV) index, also called browsing index, for entries in ou=People,dc=example,dc=com that contain a mail attribute and have the objectClass attribute set to person.
Prerequisites
- You are logged in to the instance in the web console.
- Your client applications use the VLV control.
- Client applications require to query a contiguous subset of a large search result.
- The directory contains a large number of entries.
Procedure
-
Navigate to
. Click , and fill the fields:
-
VLV Index Name: The name of the search entry. This can be any name. -
Search base: The base DN for the VLV index. Directory Server creates the VLV index on this entry. -
Search Filter: The filter Directory Server applies when it creates the VLV index. Only entries that match this filter become part of the index. -
Search Scope: The scope of the search to run for entries in the VLV index.
-
- Click .
- Click
Enter the attribute names, and select Reindex After Saving.
- Click .
Verification
Navigate to
and verify the successful creation of the VLV index: [26/Nov/2021:11:32:59.001988040 +0100] - INFO - bdb_db2index - userroot: Indexing VLV: VLV People - cn sn [26/Nov/2021:11:32:59.507092414 +0100] - INFO - bdb_db2index - userroot: Indexed 1000 entries (2%). ... [26/Nov/2021:11:33:21.450916820 +0100] - INFO - bdb_db2index - userroot: Indexed 40000 entries (98%). [26/Nov/2021:11:33:21.671564324 +0100] - INFO - bdb_db2index - userroot: Finished indexing.
[26/Nov/2021:11:32:59.001988040 +0100] - INFO - bdb_db2index - userroot: Indexing VLV: VLV People - cn sn [26/Nov/2021:11:32:59.507092414 +0100] - INFO - bdb_db2index - userroot: Indexed 1000 entries (2%). ... [26/Nov/2021:11:33:21.450916820 +0100] - INFO - bdb_db2index - userroot: Indexed 40000 entries (98%). [26/Nov/2021:11:33:21.671564324 +0100] - INFO - bdb_db2index - userroot: Finished indexing.Copy to Clipboard Copied! Toggle word wrap Toggle overflow Use the VLV control in an
ldapsearchcommand to query only specific records from the directory:Copy to Clipboard Copied! Toggle word wrap Toggle overflow This example assumes you have entries continuously named
uid=user001to at leastuid=user072inou=People,dc=example,dc=com.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}