[Freeipa-users] named-dyndb-ldap looses connection when the LDAP server is under high load
Sigbjorn Lie
sigbjorn at nixtra.com
Tue Apr 24 09:23:07 UTC 2012
On Tue, April 24, 2012 11:10, Petr Spacek wrote:
> On 04/24/2012 10:03 AM, Sigbjorn Lie wrote:
>
>> Hi
>>
>>
>> I have an issue that occured before, but I did not figure out what it was. It happened again
>> today, and the issue is related to high load on the LDAP servers.
>>
>> I ran a batch job that added a lot of users to different groups, using the "ipa
>> group-add-member --users="$members" $group" command. This caused high CPU load across all the
>> LDAP servers as the
>> changes we're replicating between the servers.
>>
>> After a few minutes DNS stopped working and errors started to occur in the messages log.
>>
>>
>> The only way to get around it is to stop the batch job to lower the CPU load on the LDAP
>> servers, and then kill the named daemon with kill -9 and restart named. "service named restart"
>> timed out while stopping named and did not manage to restart the named daemon.
>>
>> This happened across all 3 IPA servers almost at the same time, taking the entire environment
>> down.
>>
>> A rather nasty bug.
>>
>>
>>
>> Apr 24 09:32:08 ipa03 named[31837]: LDAP error: Invalid DN syntax
>> Apr 24 09:32:08 ipa03 named[31837]: connection to the LDAP server was lost
>> Apr 24 09:32:09 ipa03 named[31837]: LDAP error: Invalid DN syntax
>> Apr 24 09:32:09 ipa03 named[31837]: connection to the LDAP server was lost
>>
>>
>>
>>
>> Regards,
>> Siggi
>>
>
> Hello,
>
>
> you are right, it's very nasty bug.
>
> We know about this problem with "Invalid DN syntax". Patch is already done and
> on the way to upstream, please stay tuned.
>
Thanks for the reply.
Will it be released as an update to RHEL 6.2, or will it not make it until RHEL 6.3?
Rgds,
Siggi
More information about the Freeipa-users
mailing list