Hello,
From a DS point of view, you may use logconv.pl to get a rapid summary
of the received activity (DS access logs).
You may take the same period of time on each server and compare the
results. It will give hints to know if the difference comes from bind,
connections, replication session, or ...
thanks
theirry
On 06/01/2015 10:56 AM, Innes, Duncan wrote:
I've got an IPA installation with 8 servers replicating between each
other across various parts of our network. Recently I've started
pushing the dirsrv logs to a remote log collector from 4 of these
machines and see a huge disparity in the number of entries being sent.
ipa01 - ~42,000 logs per hour
ipa02 - ~13,000 logs per hour
ipa03 - ~80,000 logs per hour
ipa04 - ~20,000 logs per hour
ipa01 & 02 are used as a failover pair for clients in one datacentre.
ipa03 & 04 are used as a failover pair for clients in another datacentre.
From the logs, is there a way to see if I've got an imbalance of
clients connecting to each IPA server? Or a completely different
log message scenario?
We don't have access to the _SRV_ records as the AD domain controls
that, so we had to hard code the main and failover servers on the
ipa_server line in /etc/sssd/sssd.conf, the kdc line in
/etc/krb5.conf, and the URI line in /etc/openldap/ldap.conf. As such,
it's reasonable to suggest that our randomised script for
allocating primary/secondary on a client isn't as random as we think.
Might it also be possible that due to the hard coding option we had to
take, our clients end up failing over to a certain server, but then
never failing back when the primary returns? Under maintenance we
generally patch and reboot the odd numbered servers, followed by the
even servers once the odd servers are back.
Thanks
Duncan
This message has been checked for viruses and spam by the Virgin Money
email scanning system powered by Messagelabs.
This e-mail is intended to be confidential to the recipient. If you
receive a copy in error, please inform the sender and then delete this
message.
Virgin Money plc - Registered in England and Wales (Company no.
6952311). Registered office - Jubilee House, Gosforth, Newcastle upon
Tyne NE3 4PL. Virgin Money plc is authorised by the Prudential
Regulation Authority and regulated by the Financial Conduct Authority
and the Prudential Regulation Authority.
The following companies also trade as Virgin Money. They are both
authorised and regulated by the Financial Conduct Authority, are
registered in England and Wales and have their registered office at
Jubilee House, Gosforth, Newcastle upon Tyne NE3 4PL: Virgin Money
Personal Financial Service Limited (Company no. 3072766) and Virgin
Money Unit Trust Managers Limited (Company no. 3000482).
For further details of Virgin Money group companies please visit our
website at virginmoney.com
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
