[Freeipa-users] named-dyndb-ldap looses connection when the LDAP server is under high load
Sigbjorn Lie
sigbjorn at nixtra.com
Tue Apr 24 08:03:02 UTC 2012
Hi
I have an issue that occured before, but I did not figure out what it was. It happened again
today, and the issue is related to high load on the LDAP servers.
I ran a batch job that added a lot of users to different groups, using the "ipa group-add-member
--users="$members" $group" command. This caused high CPU load across all the LDAP servers as the
changes we're replicating between the servers.
After a few minutes DNS stopped working and errors started to occur in the messages log.
The only way to get around it is to stop the batch job to lower the CPU load on the LDAP servers,
and then kill the named daemon with kill -9 and restart named. "service named restart" timed out
while stopping named and did not manage to restart the named daemon.
This happened across all 3 IPA servers almost at the same time, taking the entire environment down.
A rather nasty bug.
Apr 24 09:32:08 ipa03 named[31837]: LDAP error: Invalid DN syntax
Apr 24 09:32:08 ipa03 named[31837]: connection to the LDAP server was lost
Apr 24 09:32:09 ipa03 named[31837]: LDAP error: Invalid DN syntax
Apr 24 09:32:09 ipa03 named[31837]: connection to the LDAP server was lost
Regards,
Siggi
More information about the Freeipa-users
mailing list