Hello, So I've been preparing my infrastructure for a big change from an older openldap system to a nice new IPA server. I have a redundant secondary server and snapshots taken daily. I populated all my user data into IPA, and gave the users a week to set a password. They all did this and the big switch was this past weekend. We had done previous tests on each server and it all worked. We switched this past weekend and it worked great.
This morning a light load hit it (since I've only put a small fraction of our servers on it about 15) and the primary came to it's knees. Processor spiked, and logs started to fill (didn't fill at this point). I then decided it's probably a glitch (I'm an optimist) so I restarted IPA services. They all restarted except for named which crashed (which then caused everything to stop). I looked and now the disk was full. So I trash the logs (had no easy place to put them at the time which I regret now) and I restart the services again. IPA fully crashes now (didn't even start the DIRSRV for my domain). So here are my questions: 1. Any idea what caused this? Any performance issues that have been seen? 2. Are the connection settings for IPA good out of the box? I ask because in RHDS (in the first versions I used) the default connection timeouts were a MAJOR issue, I used to run a network of 400 servers and I had to set the time-outs to >30sec which made my servers run really really well, but if I used the 60 min defaults they also would come to their knees. Is there a buried setting like this? (However, I must admit there didn't seem like there were a lot of connections like when I had the issue with the 400 servers years ago). Also is there an easy place to set log rotation settings? (If it's log rotate just let me know, I just don't want to step on an internal app rotate). Thanks, _____________________________________________________ John Moyer Director, IT Operations
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users