On 12/4/14 8:30 AM, Alexander Bokovoy wrote:
On Thu, 04 Dec 2014, Janelle wrote:
Hi all,
just (pam)auth and nslcd
It was ported from a running OpenLDAP environment to IPA. Just
trying to do conversions in stages so as not to change too much all
at once. Thought I could go from OpenLDAP to IPA and just use the
backend of 389ds. Functionally it does work, but the load kills it.
Seems like FDs are a huge problem. But all the settings documented
don't see to resolve the magic:
/ Netscape Portable Runtime error -5971 (Process open FD table is
full.)/
error.
Shouldn't this increase file descriptors in conjunction with
/etc/sysconfig/dirsrv.systemd change? FS-limits across the OS are set
to 65535 - /etc/security/limits.conf, /proc, sysctl.conf --
everything but 389-ds itself. But I still can't get this to work,
although it does not give an error.
ldapmodify -x -D "cn=directory manager" -W <<EOF
dn: cn=config,cn=ldbm database,cn=plugins,cn=config
changetype: modify
replace: nsslapd-maxdescriptors
nsslapd-maxdescriptors: 65535
-
replace: nsslapd-dtablesize
nsslapd-dtablesize: 65535
-
replace: nsslapd-reservedescriptors
nsslapd-reservedescriptors: 100
EOF
As you said in the original messages that you are dealing with FreeIPA
4.0.5, it means you are on a system with systemd. For it to change
limits you have to do it differently. See
/lib/systemd/system/dirsrv@.service for detailed instructions.
from /lib/systemd/system/dirsrv@.service --
# if you need to set other directives e.g. LimitNOFILE=8192
# set them in this file
.include /etc/sysconfig/dirsrv.systemd
And that is the file that contains the LimitNOFILE=32768
So that was done. But it still seems to not make any difference since
ns-slapd itself is still code to 8192. That is the issue I am facing -
I can get beyond 8192. (even if 65535 is not used - although that was
the limit used with OpenLDAP and no issues)
~J
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project