[Freeipa-users] IPA Load Problems?
Rob Crittenden
rcritten at redhat.com
Tue Aug 6 15:15:21 UTC 2013
John Moyer wrote:
> Hello,
>
> So I've been preparing my infrastructure for a big change from an older
> openldap system to a nice new IPA server. I have a redundant secondary
> server and snapshots taken daily. I populated all my user data into
> IPA, and gave the users a week to set a password. They all did this and
> the big switch was this past weekend. We had done previous tests on
> each server and it all worked. We switched this past weekend and it
> worked great.
>
> This morning a light load hit it (since I've only put a small fraction
> of our servers on it about 15) and the primary came to it's knees.
> Processor spiked, and logs started to fill (didn't fill at this
> point). I then decided it's probably a glitch (I'm an optimist) so I
> restarted IPA services. They all restarted except for named which
> crashed (which then caused everything to stop). I looked and now the
> disk was full. So I trash the logs (had no easy place to put them at
> the time which I regret now) and I restart the services again. IPA
> fully crashes now (didn't even start the DIRSRV for my domain).
What error do you see in the 389-ds error log when the server fails to
start?
> So here are my questions:
>
> 1. Any idea what caused this? Any performance issues that have been seen?
No, the logs would have really helped here. I don't recall any other
reports like this.
> 2. Are the connection settings for IPA good out of the box? I ask
> because in RHDS (in the first versions I used) the default connection
> timeouts were a MAJOR issue, I used to run a network of 400 servers and
> I had to set the time-outs to >30sec which made my servers run really
> really well, but if I used the 60 min defaults they also would come to
> their knees. Is there a buried setting like this? (However, I must
> admit there didn't seem like there were a lot of connections like when I
> had the issue with the 400 servers years ago).
What does your IPA topology look like? How many clients are we talking
about?
>
> Also is there an easy place to set log rotation settings? (If it's log
> rotate just let me know, I just don't want to step on an internal app
> rotate).
It uses internal log rotation,
https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Configuring_Logs.html#Manual_Log_File_Rotation
rob
More information about the Freeipa-users
mailing list