This patch bumps up the default number of files allowed by default for
directory server. This allows more clients and also reserves a bigger
number of FDs (at least according to doc) for replication agreements
and such things.

Ticket 464.

Simo.
>From 57afaef17e49e0d4e71ca219f2084c6598bb3026 Mon Sep 17 00:00:00 2001
From: Simo Sorce <sso...@redhat.com>
Date: Tue, 16 Nov 2010 12:45:21 -0500
Subject: [PATCH] Autotune directory server to use a greater number of files

This changes the system limits for the dirsrv user as well as
configuring DS to allow by default 8192 max files and 64 reserved
files (for replication indexes, etc..).

Fixes: https://fedorahosted.org/freeipa/ticket/464
---
 install/share/Makefile.am       |    1 +
 install/share/ds-nfiles.ldif    |    8 +++++
 ipaserver/install/dsinstance.py |   64 +++++++++++++++++++++++++++++++++++++++
 3 files changed, 73 insertions(+), 0 deletions(-)
 create mode 100644 install/share/ds-nfiles.ldif

diff --git a/install/share/Makefile.am b/install/share/Makefile.am
index 8fa84f9a844dd4a1993dfebd236d89db58f08e99..1e71ae804fe2fde659c69c4341768a8230c2f487 100644
--- a/install/share/Makefile.am
+++ b/install/share/Makefile.am
@@ -17,6 +17,7 @@ app_DATA =				\
 	default-keytypes.ldif		\
 	default-pwpolicy.ldif		\
 	delegation.ldif			\
+	ds-nfiles.ldif			\
 	dns.ldif			\
 	kerberos.ldif			\
 	indices.ldif			\
diff --git a/install/share/ds-nfiles.ldif b/install/share/ds-nfiles.ldif
new file mode 100644
index 0000000000000000000000000000000000000000..e97c1e63012e5874e21d51cc15774dba3c1b5e9a
--- /dev/null
+++ b/install/share/ds-nfiles.ldif
@@ -0,0 +1,8 @@
+dn: cn=config
+changetype: modify
+replace: nsslapd-maxdescriptors
+nsslapd-maxdescriptors: $NOFILES
+-
+replace: nsslapd-reservedescriptors
+nsslapd-reservedescriptors: 64
+-
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index 830228daa0002bd2ef1d4de9e6901f0bc222d2aa..a9c7afa09b27b3f00caf5654aa462588778e3e9f 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -232,6 +232,7 @@ class DsInstance(service.Service):
             self.step("creating default HBAC rule allow_all", self.add_hbac)
         self.step("enabling compatibility plugin",
                   self.__enable_compat_plugin)
+        self.step("tuning directory server", self.__tuning)
 
         self.step("configuring directory to start on boot", self.__enable)
 
@@ -589,3 +590,66 @@ class DsInstance(service.Service):
         self.start()
 
         return status
+
+    def tune_nofile(self, num=8192):
+        """
+        Increase the number of files descriptors available to directory server
+        from the default 1024 to 8192. This will allow to support a greater
+        number of clients out of the box.
+        """
+
+        # check limits.conf
+        need_limits = True
+        fd = open("/etc/security/limits.conf", "r")
+        lines = fd.readlines()
+        fd.close()
+        for line in lines:
+            sline = line.strip()
+            if not sline.startswith(self.ds_user):
+                continue
+            if sline.find('nofile') == -1:
+                continue
+            # ok we already have an explicit entry for user/nofile
+            need_limits = False
+
+        # check sysconfig/dirsrv
+        need_sysconf = True
+        fd = open("/etc/sysconfig/dirsrv", "r")
+        lines = fd.readlines()
+        fd.close()
+        for line in lines:
+            sline = line.strip()
+            if not sline.startswith('ulimit'):
+                continue
+            if sline.find('-n') == -1:
+                continue
+            # ok we already have an explicit entry for file limits
+            need_sysconf = False
+
+        #if sysconf or limits are set avoid messing up and defer to the admin
+        if need_sysconf and need_limits:
+            self.fstore.backup_file("/etc/security/limits.conf")
+            fd = open("/etc/security/limits.conf", "a+")
+            fd.write('%s\t\t-\tnofile\t\t%s\n' % (self.ds_user, str(num)))
+            fd.close()
+
+            fd = open("/etc/sysconfig/dirsrv", "a+")
+            fd.write('ulimit -n %s\n' % str(num))
+            fd.close()
+
+        else:
+            logging.info("Custom file limits are already set! Skipping\n")
+            print "Custom file limits are already set! Skipping\n"
+            return
+
+        # finally change also DS configuration
+        # NOTE: dirsrv will not allow you to set max file descriptors unless
+        # the user limits allow it, so we have to restart dirsrv before
+        # attempting to change them in cn=config
+        self.__restart_instance()
+
+        nf_sub_dict = dict(NOFILES=str(num))
+        self._ldap_mod("ds-nfiles.ldif", nf_sub_dict)
+
+    def __tuning(self):
+        self.tune_nofile(8192)
-- 
1.7.3.2

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to