On 12/03/2012 05:17 PM, Simo Sorce wrote: > On Mon, 2012-12-03 at 16:54 -0500, Dmitri Pal wrote: >> On 12/03/2012 04:27 PM, Simo Sorce wrote: >>> On Mon, 2012-12-03 at 16:16 -0500, Dmitri Pal wrote: >>>> On 12/03/2012 03:21 PM, Simo Sorce wrote: >>>>> On Mon, 2012-12-03 at 21:12 +0100, Olivier wrote: >>>>>> I may be wrong but that is not exactly the way I read the man page : >>>>>> http://linux.die.net/man/5/sssd-ldap >>>>>> >>>>>> On failover section : >>>>>> >>>>>> --> Further connection attempts are made to machines or services >>>>>> marked as offline after a --> specified period of time; this is >>>>>> currently hard coded to 30 seconds. >>>>>> >>>>>> As I understand it, once a machine or service has been stamped "offline", >>>>>> then it won't be queried before 30 second has passed. >>>>>> >>>>>> The delay I would like to know (and to tune if possible) is the time >>>>>> after which >>>>>> sssd query the next ldap server in ldap_uri list if the current one is >>>>>> not reachable >>>>>> (IMHO, 5 second would be more than enough and I think would even tune >>>>>> less >>>>>> if I could). >>>>> Ah I think you've been mislead by the timeout section. >>>>> >>>>> That doesn't apply to a specific server but to a general attempt to go >>>>> online. >>>>> >>>>> If I remember correctly, when SSSD tries to go online it will try the >>>>> first server, and if it fails it will immediately try the next and so on >>>>> until it finds one that works or goes back offline because none work. >>>>> >>>>> If it goes back offline it will wait at least 30 sec. before going >>>>> online but will go online only if there is an event that requires data >>>>> after the 30 sec. has gone by. >>>>> >>>>> HTH, >>>>> Simo. >>>>> >>>> I think the question is for how long SSSD waits to detect that the >>>> server is offline and whether this is configurable. >>> It is not, SSSD will find out the first time it needs to resolve >>> something and will try to fetch data from the offline server. >>> >>> At that point it will determine the server is offline. >>> >>> What we may do is to retry immediately once, I do not recall if we do >>> that. >>> >>> Simo. >>> >> Let me try again... >> >> SSSD sends a request to the central server because something triggered a >> lookup. >> How long SSSD waits to declare that server is not reachable before >> trying another server? >> What is the length of this timeout and is it configurable and how? >> >> Does the question makes sense now? > It depends on a number of factors, as communication to the server > depends on various components like dns resolution. > > For dns resolution we have a config option called dns_resolver_timeout > (default 5 sec), then for ldap we have other knobs like > ldap_search_timeout, ldap_enumeration_search_timeout, > ldap_network_timeout, ldap_opt_timeout, as well as > ldap_connection_expire_timeout > > See the sssd-ldap manpage for details about these timeouts. > > Simo. > > Sure. It is just hard to understand how they all play together. This is why the person on the thread is asking.
-- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
