Thanks for the info, Tomas.
I will definitely try this one out! Couldn’t wait for it to be released
for CentOS if it really does what the changes you mentioned describe :-)
We would like to have hostgroup of 10.000 hostmembers or even more in
one group. We currently split these group into multiple smaller groups
with max 1000 members, because adding, modifying or removing a members
of a large group (~7k hostmembers) takes around 7 seconds (removing one
host from the group alone).
Am 05.10.2015 um 13:16 schrieb Tomas Babej:
On 10/01/2015 05:06 PM, Dominik Korittki wrote:
I am running two FreeIPA Servers with around 100 users and around 15.000
hosts, which are used by users to login via ssh. The FreeIPA servers
(which are Centos 7.0) ran good for a while, but as more and more hosts
got migrated to serve as FreeIPA hosts, it started to get slow and
For example, its hard to maintain hostgroups, which have more than 1.000
hosts. The ipa host-* commands are getting slower as the hostgroup
grows. Is this normal?
We also experience random dirsrv segfaults. Here's a dmesg line from the
[690787.647261] traps: ns-slapd general protection ip:7f8d6b6d6bc1
sp:7f8d3aff2a88 error:0 in libc-2.17.so[7f8d6b650000+1b6000]
Nothing in /var/log/dirsrv/slapd-INTERNAL/errors, which relates to the
I'm thinking about migrating to latest CentOS 7 FreeIPA 4, but does that
solve my problems?
FreeIPA server version is 3.3.3-28.el7.centos
389-ds-base.x86_64 is 188.8.131.52-26.el7_0
performance issues are a known problem, there has been some work to
improve the performance with respect to large groups:
These improvements are in FreeIPA 4.2 only, however, which has not been
released for CentOS7 as of now. You may try to play with FreeIPA 4.2 on
Fedora, see https://copr.fedoraproject.org/coprs/mkosek/freeipa-4.2/.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project