On 01/22/2015 09:00 AM, Lukas Slebodnik wrote: > On (21/01/15 11:22), Orion Poplawski wrote: >> On 01/06/2015 05:06 PM, Orion Poplawski wrote: >>> We're having some trouble with sssd on centos 7 under load on a VPS. 389ds >>> ldap server for id/auth. Part may be an issue with the VPS, but I'm trying >>> to >>> track down all possible issues. >>> >>> Also, we realized that we were running in a bit of a bad state - the primary >>> ldap server was not available, but the backup was. >> >>> Trouble: >>> (Tue Jan 6 22:30:31 2015) [sssd[be[default]]] >>> [sss_ldap_init_sys_connect_done] (0x0020): sdap_async_sys_connect request >>> failed. >>> (Tue Jan 6 22:30:31 2015) [sssd[be[default]]] [sdap_sys_connect_done] >>> (0x0020): sdap_async_connect_call request failed. >> >> I ended up filing https://fedorahosted.org/sssd/ticket/2562 as it seems like >> sssd's handling of the ldap connection is not ideal. >> > I checked strace log file and I can confirm you are right. > But I have no idea how to reproduce or fix it. > Output from strace is not sufficient. > > We would need to see sssd log files with high debug_level. > You mentined the most problematic part of VPS is I/0. > So increasing debug_level can just complicate situation.
I'll see what I can do. > I can just give you an advice about *sync calls you mentioned in ticket. > > It is not visible in strace log but fdatasync() and msync() are used on file > descriptor of sssd cache (/var/lib/sss/db/cache_*.ldb. They are used in > ldb/tdb > for transactions. > > If you do not need offline authentication you can mount tmpfs to directory > /var/lib/sss/db/. > > tmpfs /var/lib/sss/db/ tmpfs > size=300M,mode=0700,noauto,rootcontext=system_u:object_r:sssd_var_lib_t:s0 0 0 That is a good idea, thanks. Offline auth should work though unless the machine got rebooted, correct? -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA, Boulder/CoRA Office FAX: 303-415-9702 3380 Mitchell Lane [email protected] Boulder, CO 80301 http://www.nwra.com _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
