[Freeipa-users] Which client is noisy?

Innes, Duncan Duncan.Innes at virginmoney.com
Mon Jun 1 08:56:00 UTC 2015 

I've got an IPA installation with 8 servers replicating between each
other across various parts of our network.  Recently I've started
pushing the dirsrv logs to a remote log collector from 4 of these
machines and see a huge disparity in the number of entries being sent.
 
ipa01 - ~42,000 logs per hour
ipa02 - ~13,000 logs per hour
ipa03 - ~80,000 logs per hour
ipa04 - ~20,000 logs per hour
 
ipa01 & 02 are used as a failover pair for clients in one datacentre.
ipa03 & 04 are used as a failover pair for clients in another
datacentre.
 
>From the logs, is there a way to see if I've got an imbalance of clients
connecting to each IPA server?  Or a completely different log message
scenario?
 
We don't have access to the _SRV_ records as the AD domain controls
that, so we had to hard code the main and failover servers on the
ipa_server line in /etc/sssd/sssd.conf, the kdc line in /etc/krb5.conf,
and the URI line in /etc/openldap/ldap.conf.  As such, it's reasonable
to suggest that our randomised script for allocating primary/secondary
on a client isn't as random as we think.
 
Might it also be possible that due to the hard coding option we had to
take, our clients end up failing over to a certain server, but then
never failing back when the primary returns?  Under maintenance we
generally patch and reboot the odd numbered servers, followed by the
even servers once the odd servers are back.
 
Thanks
 
Duncan

This message has been checked for viruses and spam by the Virgin Money email scanning system powered by Messagelabs.

This e-mail is intended to be confidential to the recipient. If you receive a copy in error, please inform the sender and then delete this message.

Virgin Money plc - Registered in England and Wales (Company no. 6952311). Registered office - Jubilee House, Gosforth, Newcastle upon Tyne NE3 4PL. Virgin Money plc is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority.

The following companies also trade as Virgin Money. They are both authorised and regulated by the Financial Conduct Authority, are registered in England and Wales and have their registered office at Jubilee House, Gosforth, Newcastle upon Tyne NE3 4PL: Virgin Money Personal Financial Service Limited (Company no. 3072766) and Virgin Money Unit Trust Managers Limited (Company no. 3000482).

For further details of Virgin Money group companies please visit our website at virginmoney.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150601/c4c3a30b/attachment.htm>

More information about the Freeipa-users mailing list