On March 22nd we updated the 389-ds-base.x86_64 and 389-ds-base-libs.x86_64 packages on our eight RHEL 7.9 production servers from version 188.8.131.52-17.el7_9 to version 184.108.40.206-1.el7_9. We also updated the kernel from kernel 3.10.0-1160.80.1.el7.x86_64 to kernel-3.10.0-1160.88.1.el7.x86_64 during the same update.
Approximately 12 days later, on April 3rd, all the hosts started exhibiting memory growth issues whereby the “slapd” process was using over 90% of the available system memory of 32GB, which was NOT happening for a couple of years prior to applying any of the available package updates on the systems.
Two of the eight hosts act as Primaries (formerly referred to as masters), while 6 of the hosts act as read-only replicas. Three of the read-only replicas are used by our authorization system while the other three read-only replicas are used by customer-based applications.
Currently we use system controls to restrict the memory usage.
My question is whether this is something that other users also experience, and what is the recommended way to stabilize the DS servers in this type of situation?
389-ds-portal doesn't receive any development these days, but its issue
tracker on pagure is used by SEO spammers. I report them manually to
fedora-infrastructure, since pagure's UI doesn't have "report content"
Should we close the issue tracker there completely? Or should we move the
repo to GitHub 389ds organization? It's a bit easier to report content
there and would be nice to have all 389ds projects under the same roof.