slapd + valsort using 100% CPU and causing slpad to become unresponsive

Wed, 22 Nov 2006 08:15:49 -0800 

Hello list,

I've been recently experimenting with the valsort overlay. After enabling 
it on the servers in our test environment they became unresponsive after a 
few minutes and a simple "top" showed a 100% cpu utilization on the 
machines.
Before filing an ITS I thought I'd first post my problem here. Maybe it's 
just something as simple as a misplaced configuration directive. Therefor 
I've included the relevant information below.

The test-servers only have about 100 entries and usually no more than half 
a dozen clients access them simultaneously.

OpenLDAP Version: 2.3.30
BerkeleyDB: 4.2.52 + 5 patches
OS: RHES 2.1 and 3.0

Relevant slapd.conf parts:
... <ACL's, TLS opts, other global stuff> ...
...
overlay chain
chain-uri               "ldap://<...>"
chain-idassert-bind     bindmethod=sasl binddn="<...>" saslmech=external 
mode=self
chain-tls               start
#######################################################################
# BDB database definitions
#######################################################################
database        bdb
suffix          "dc=o2online,dc=de"
rootdn          <...>
rootpw          {SSHA}<...>

directory       /var/lib/ldap/openldap-data

index   objectClass     eq
index   entryCSN        eq
index   entryUUID       eq
index   sudoUser        pres,eq,sub
index   uid,cn          pres,eq,sub
index   uidNumber       eq
index   gidNumber       eq
index   memberUid       eq
index   uniqueMember    eq
index   host            eq

## Syncrepl provider settings
#overlay        syncprov
#syncprov-checkpoint    50 5
#syncprov-sessionlog    1000

# Syncrepl consumer settings
syncrepl rid=100
        provider=ldap://<...>
        type=refreshAndPersist
        interval=00:00:00:10
        retry="60 10 300 +"
        searchbase="dc=o2online,dc=de"
        filter="(objectclass=*)"
        scope=sub
        attrs="*,+"
        schemachecking=on
        starttls=critical
        bindmethod=sasl 
        saslmech="external"

updateref ldap://<...>

limits  dn.exact="<...>" size=unlimited time=unlimited

cachesize       10000
idlcachesize    30000
checkpoint      1024 5

overlay unique
unique_base             "dc=o2online,dc=de"
unique_attributes       uid uidNumber

overlay dynlist
dynlist-attrset         extensibleObject memberURL uniqueMember

overlay valsort
valsort-attr uniqueMember dc=o2online,dc=de alpha-ascend
valsort-attr host dc=o2online,dc=de alpha-ascend

authz-policy to

authz-regexp
        email=<...>
        cn=<...>

Any help or hints would be much apreciated.

With kind regards
Michael Heep

Reply via email to