Re: [Freeipa-devel] [PATCH 0091] Perform dirsrv tuning at platform level
On 08/23/2013 07:50 PM, Nathaniel McCallum wrote:
On Thu, 2013-08-22 at 17:23 +0200, Tomas Babej wrote:
On 08/20/2013 06:40 PM, Nathaniel McCallum wrote:
On Mon, 2013-08-19 at 14:48 +0200, Tomas Babej wrote:
Hi,
When configuring the 389 Directory Server instance, we tune it
so that number of file descriptors available to the DS is increased
from the default 1024 to 8192.
There are platform specific steps that need to be conducted
differently on systemd compatible platforms and sysV compatible
platforms.
systemd: set LimitNOFILE to 8192 in /etc/sysconfig/dirsrv.systemd
sysV: set ulimit -n 8192 in /etc/sysconfig/dirsrv
set ulimit - nofile 8192 in /etc/security/limits.conf
https://fedorahosted.org/freeipa/ticket/3823
I'd prefer the use of 'with' in the RedHatDirectoryService:
# check limits.conf
need_limits = True
with open(/etc/security/limits.conf) as f:
for line in f:
sline = line.strip()
if not sline.startswith(DS_USER):
continue
if sline.find('nofile') == -1:
continue
# ok we already have an explicit entry for user/nofile
need_limits = False
... and ...
with open(/etc/sysconfig/dirsrv, a+) as f:
f.write('ulimit -n %s\n' % str(num))
Nathaniel
Fixed and I did some additional refactoring in the code.
Attached.
ACK
Pushed to master, ipa-3-3
master: 6961cf2e77cca8f3784a6d82cebeb0bb8df1f535
ipa-3-3: 509e579472800a75fccb89c9fb83614744d80c87
--
PetrĀ³
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH 0091] Perform dirsrv tuning at platform level
On Thu, 2013-08-22 at 17:23 +0200, Tomas Babej wrote:
On 08/20/2013 06:40 PM, Nathaniel McCallum wrote:
On Mon, 2013-08-19 at 14:48 +0200, Tomas Babej wrote:
Hi,
When configuring the 389 Directory Server instance, we tune it
so that number of file descriptors available to the DS is increased
from the default 1024 to 8192.
There are platform specific steps that need to be conducted
differently on systemd compatible platforms and sysV compatible
platforms.
systemd: set LimitNOFILE to 8192 in /etc/sysconfig/dirsrv.systemd
sysV: set ulimit -n 8192 in /etc/sysconfig/dirsrv
set ulimit - nofile 8192 in /etc/security/limits.conf
https://fedorahosted.org/freeipa/ticket/3823
I'd prefer the use of 'with' in the RedHatDirectoryService:
# check limits.conf
need_limits = True
with open(/etc/security/limits.conf) as f:
for line in f:
sline = line.strip()
if not sline.startswith(DS_USER):
continue
if sline.find('nofile') == -1:
continue
# ok we already have an explicit entry for user/nofile
need_limits = False
... and ...
with open(/etc/sysconfig/dirsrv, a+) as f:
f.write('ulimit -n %s\n' % str(num))
Nathaniel
Fixed and I did some additional refactoring in the code.
Attached.
ACK
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH 0091] Perform dirsrv tuning at platform level
On 08/20/2013 06:40 PM, Nathaniel McCallum wrote:
On Mon, 2013-08-19 at 14:48 +0200, Tomas Babej wrote:
Hi,
When configuring the 389 Directory Server instance, we tune it
so that number of file descriptors available to the DS is increased
from the default 1024 to 8192.
There are platform specific steps that need to be conducted
differently on systemd compatible platforms and sysV compatible
platforms.
systemd: set LimitNOFILE to 8192 in /etc/sysconfig/dirsrv.systemd
sysV: set ulimit -n 8192 in /etc/sysconfig/dirsrv
set ulimit - nofile 8192 in /etc/security/limits.conf
https://fedorahosted.org/freeipa/ticket/3823
I'd prefer the use of 'with' in the RedHatDirectoryService:
# check limits.conf
need_limits = True
with open(/etc/security/limits.conf) as f:
for line in f:
sline = line.strip()
if not sline.startswith(DS_USER):
continue
if sline.find('nofile') == -1:
continue
# ok we already have an explicit entry for user/nofile
need_limits = False
... and ...
with open(/etc/sysconfig/dirsrv, a+) as f:
f.write('ulimit -n %s\n' % str(num))
Nathaniel
Fixed and I did some additional refactoring in the code.
Attached.
--
Tomas Babej
Associate Software Engeneer | Red Hat | Identity Management
RHCE | Brno Site | IRC: tbabej | freeipa.org
From dcdac193cb609e2aa24b961de7ba6d800f5880e4 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Tue, 6 Aug 2013 17:09:15 +0200
Subject: [PATCH] Perform dirsrv tuning at platform level
When configuring the 389 Directory Server instance, we tune it
so that number of file descriptors available to the DS is increased
from the default 1024 to 8192.
There are platform specific steps that need to be conducted
differently on systemd compatible platforms and sysV compatible
platforms.
systemd: set LimitNOFILE to 8192 in /etc/sysconfig/dirsrv.systemd
sysV: set ulimit -n 8192 in /etc/sysconfig/dirsrv
set ulimit - nofile 8192 in /etc/security/limits.conf
https://fedorahosted.org/freeipa/ticket/3823
---
ipapython/platform/fedora16/service.py | 30 ---
ipapython/platform/redhat/service.py | 64
ipaserver/install/dsinstance.py| 67 +++---
3 files changed, 102 insertions(+), 59 deletions(-)
diff --git a/ipapython/platform/fedora16/service.py b/ipapython/platform/fedora16/service.py
index bceb87cd5bb2111d5c3460ddcd9940edee5443f4..297e68332df0375d51f7bbf971a05b05339a84af 100644
--- a/ipapython/platform/fedora16/service.py
+++ b/ipapython/platform/fedora16/service.py
@@ -21,7 +21,7 @@ import os
import time
from ipapython import ipautil, dogtag
-from ipapython.platform import base, redhat
+from ipapython.platform import base
from ipapython.platform.base import systemd
from ipapython.platform.fedora16 import selinux
from ipapython.ipa_log_manager import root_logger
@@ -78,20 +78,38 @@ class Fedora16Service(systemd.SystemdService):
# If we wouldn't do this, our instances will not be started as systemd would
# not have any clue about instances (PKI-IPA and the domain we serve) at all.
# Thus, hook into dirsrv.restart().
+
+
class Fedora16DirectoryService(Fedora16Service):
-def enable(self, instance_name=):
-super(Fedora16DirectoryService, self).enable(instance_name)
+
+def tune_nofile_platform(self, num=8192, fstore=None):
+
+Increase the number of files descriptors available to directory server
+from the default 1024 to 8192. This will allow to support a greater
+number of clients out of the box.
+
+This is a part of the implementation that is systemd-specific.
+
+Returns False if the setting of the nofile limit needs to be skipped.
+
+
dirsrv_systemd = /etc/sysconfig/dirsrv.systemd
+
if os.path.exists(dirsrv_systemd):
# We need to enable LimitNOFILE=8192 in the dirsrv@.service
# Since 389-ds-base-1.2.10-0.8.a7 the configuration of the
# service parameters is performed via
# /etc/sysconfig/dirsrv.systemd file which is imported by systemd
# into dirsrv@.service unit
-replacevars = {'LimitNOFILE':'8192'}
-ipautil.inifile_replace_variables(dirsrv_systemd, 'service', replacevars=replacevars)
+replacevars = {'LimitNOFILE': str(num)}
+ipautil.inifile_replace_variables(dirsrv_systemd,
+ 'service',
+ replacevars=replacevars)
selinux.restore_context(dirsrv_systemd)
-ipautil.run([/bin/systemctl, --system, daemon-reload],raiseonerr=False)
+ipautil.run([/bin/systemctl, --system, daemon-reload],
+raiseonerr=False)
+
+return True
def restart(self, instance_name=, capture_output=True, wait=True):
if len(instance_name) 0:
diff --git
Re: [Freeipa-devel] [PATCH 0091] Perform dirsrv tuning at platform level
On Mon, 2013-08-19 at 14:48 +0200, Tomas Babej wrote:
Hi,
When configuring the 389 Directory Server instance, we tune it
so that number of file descriptors available to the DS is increased
from the default 1024 to 8192.
There are platform specific steps that need to be conducted
differently on systemd compatible platforms and sysV compatible
platforms.
systemd: set LimitNOFILE to 8192 in /etc/sysconfig/dirsrv.systemd
sysV: set ulimit -n 8192 in /etc/sysconfig/dirsrv
set ulimit - nofile 8192 in /etc/security/limits.conf
https://fedorahosted.org/freeipa/ticket/3823
I'd prefer the use of 'with' in the RedHatDirectoryService:
# check limits.conf
need_limits = True
with open(/etc/security/limits.conf) as f:
for line in f:
sline = line.strip()
if not sline.startswith(DS_USER):
continue
if sline.find('nofile') == -1:
continue
# ok we already have an explicit entry for user/nofile
need_limits = False
... and ...
with open(/etc/sysconfig/dirsrv, a+) as f:
f.write('ulimit -n %s\n' % str(num))
Nathaniel
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH 0091] Perform dirsrv tuning at platform level
Hi,
When configuring the 389 Directory Server instance, we tune it
so that number of file descriptors available to the DS is increased
from the default 1024 to 8192.
There are platform specific steps that need to be conducted
differently on systemd compatible platforms and sysV compatible
platforms.
systemd: set LimitNOFILE to 8192 in /etc/sysconfig/dirsrv.systemd
sysV: set ulimit -n 8192 in /etc/sysconfig/dirsrv
set ulimit - nofile 8192 in /etc/security/limits.conf
https://fedorahosted.org/freeipa/ticket/3823
--
Tomas Babej
Associate Software Engeneer | Red Hat | Identity Management
RHCE | Brno Site | IRC: tbabej | freeipa.org
From 30cf5bf24a4ca52ec8dcc9c7c79c0b92608e Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Tue, 6 Aug 2013 17:09:15 +0200
Subject: [PATCH] Perform dirsrv tuning at platform level
When configuring the 389 Directory Server instance, we tune it
so that number of file descriptors available to the DS is increased
from the default 1024 to 8192.
There are platform specific steps that need to be conducted
differently on systemd compatible platforms and sysV compatible
platforms.
systemd: set LimitNOFILE to 8192 in /etc/sysconfig/dirsrv.systemd
sysV: set ulimit -n 8192 in /etc/sysconfig/dirsrv
set ulimit - nofile 8192 in /etc/security/limits.conf
https://fedorahosted.org/freeipa/ticket/3823
---
ipapython/platform/fedora16/service.py | 30 ---
ipapython/platform/redhat/service.py | 69 ++
ipaserver/install/dsinstance.py| 67 +++--
3 files changed, 107 insertions(+), 59 deletions(-)
diff --git a/ipapython/platform/fedora16/service.py b/ipapython/platform/fedora16/service.py
index bceb87cd5bb2111d5c3460ddcd9940edee5443f4..297e68332df0375d51f7bbf971a05b05339a84af 100644
--- a/ipapython/platform/fedora16/service.py
+++ b/ipapython/platform/fedora16/service.py
@@ -21,7 +21,7 @@ import os
import time
from ipapython import ipautil, dogtag
-from ipapython.platform import base, redhat
+from ipapython.platform import base
from ipapython.platform.base import systemd
from ipapython.platform.fedora16 import selinux
from ipapython.ipa_log_manager import root_logger
@@ -78,20 +78,38 @@ class Fedora16Service(systemd.SystemdService):
# If we wouldn't do this, our instances will not be started as systemd would
# not have any clue about instances (PKI-IPA and the domain we serve) at all.
# Thus, hook into dirsrv.restart().
+
+
class Fedora16DirectoryService(Fedora16Service):
-def enable(self, instance_name=):
-super(Fedora16DirectoryService, self).enable(instance_name)
+
+def tune_nofile_platform(self, num=8192, fstore=None):
+
+Increase the number of files descriptors available to directory server
+from the default 1024 to 8192. This will allow to support a greater
+number of clients out of the box.
+
+This is a part of the implementation that is systemd-specific.
+
+Returns False if the setting of the nofile limit needs to be skipped.
+
+
dirsrv_systemd = /etc/sysconfig/dirsrv.systemd
+
if os.path.exists(dirsrv_systemd):
# We need to enable LimitNOFILE=8192 in the dirsrv@.service
# Since 389-ds-base-1.2.10-0.8.a7 the configuration of the
# service parameters is performed via
# /etc/sysconfig/dirsrv.systemd file which is imported by systemd
# into dirsrv@.service unit
-replacevars = {'LimitNOFILE':'8192'}
-ipautil.inifile_replace_variables(dirsrv_systemd, 'service', replacevars=replacevars)
+replacevars = {'LimitNOFILE': str(num)}
+ipautil.inifile_replace_variables(dirsrv_systemd,
+ 'service',
+ replacevars=replacevars)
selinux.restore_context(dirsrv_systemd)
-ipautil.run([/bin/systemctl, --system, daemon-reload],raiseonerr=False)
+ipautil.run([/bin/systemctl, --system, daemon-reload],
+raiseonerr=False)
+
+return True
def restart(self, instance_name=, capture_output=True, wait=True):
if len(instance_name) 0:
diff --git a/ipapython/platform/redhat/service.py b/ipapython/platform/redhat/service.py
index 61511b4899721869a015abfccb945660faa0aacf..a07ea2d94d21817e145109353cc408a2f12c45a0 100644
--- a/ipapython/platform/redhat/service.py
+++ b/ipapython/platform/redhat/service.py
@@ -25,6 +25,7 @@ from ipapython.ipa_log_manager import root_logger
from ipapython.platform import base
from ipalib import api
+
class RedHatService(base.PlatformService):
def __wait_for_open_ports(self, instance_name=):
@@ -107,11 +108,79 @@ class RedHatHTTPDService(RedHatService):
time.sleep(5)
self.start(instance_name, capture_output, wait)
+
+class
