Hi, I've upgraded freeipa 4.6.x environment on Fedora 27 to 4.8.4 on fedora 31. - remove old replica - install fedora 31 - connect as new replica...
now: 389-ds-base-1.4.2.8-3.fc31.x86_64 freeipa-server-4.8.4-2.fc31.x86_64
after that, I have many errors: setup_pr_read_pds - Not listening for new connections - too many fds open
It looks like fd limit 1024 I've checked:
nsslapd-maxdescriptors: ldapsearch -xLLL -b "cn=config" -D 'cn=Directory Manager' -W cn=config nsslapd-maxdescriptors Enter LDAP Password: dn: cn=config nsslapd-maxdescriptors: 524288
/proc/limits: cat /proc/2164872/limits Limit Soft Limit Hard Limit Units
Max cpu time unlimited unlimited seconds
Max file size unlimited unlimited bytes
Max data size unlimited unlimited bytes
Max stack size 8388608 unlimited bytes
Max core file size unlimited unlimited bytes
Max resident set unlimited unlimited bytes
Max processes 515206 515206 processes Max open files 524288 524288 files
Max locked memory 65536 65536 bytes
Max address space unlimited unlimited bytes
Max file locks unlimited unlimited locks
Max pending signals 515206 515206 signals
Max msgqueue size 819200 819200 bytes
Max nice priority 0 0 Max realtime priority 0 0 Max realtime timeout unlimited unlimited us
dirsrv log: [17/Mar/2020:09:12:18.119324801 +0100] - INFO - main - Setting the maximum file descriptor limit to: 524288
find /proc/2164872/fd | wc -l 1037
It looks like 1024 is connection limit.
Any idea what I've done wrong?
Best regards, Ender - Lukasz Jaworski
Hi,
At startup DS creates a connection table with a fixed size. The message "setup_pr_read_pds - Not listening for new connections - too many fds open" means that the number of established connections exhausted the table limit.
What are the values of nsslapd-conntablesize and nsslapd-reservedescriptors ? How many established connections (logconv on access logs or SRCH cn=monitor) ?
regards thierry
On 3/17/20 9:35 AM, Lukasz Jaworski via FreeIPA-users wrote:
Hi, I've upgraded freeipa 4.6.x environment on Fedora 27 to 4.8.4 on fedora 31.
- remove old replica
- install fedora 31
- connect as new replica...
now: 389-ds-base-1.4.2.8-3.fc31.x86_64 freeipa-server-4.8.4-2.fc31.x86_64
after that, I have many errors: setup_pr_read_pds - Not listening for new connections - too many fds open
It looks like fd limit 1024 I've checked:
nsslapd-maxdescriptors: ldapsearch -xLLL -b "cn=config" -D 'cn=Directory Manager' -W cn=config nsslapd-maxdescriptors Enter LDAP Password: dn: cn=config nsslapd-maxdescriptors: 524288
/proc/limits: cat /proc/2164872/limits Limit Soft Limit Hard Limit Units Max cpu time unlimited unlimited seconds Max file size unlimited unlimited bytes Max data size unlimited unlimited bytes Max stack size 8388608 unlimited bytes Max core file size unlimited unlimited bytes Max resident set unlimited unlimited bytes Max processes 515206 515206 processes Max open files 524288 524288 files Max locked memory 65536 65536 bytes Max address space unlimited unlimited bytes Max file locks unlimited unlimited locks Max pending signals 515206 515206 signals Max msgqueue size 819200 819200 bytes Max nice priority 0 0 Max realtime priority 0 0 Max realtime timeout unlimited unlimited us
dirsrv log: [17/Mar/2020:09:12:18.119324801 +0100] - INFO - main - Setting the maximum file descriptor limit to: 524288
find /proc/2164872/fd | wc -l 1037
It looks like 1024 is connection limit.
Any idea what I've done wrong?
Best regards, Ender - Lukasz Jaworski
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
Hi,
nsslapd-conntablesize = 1024 - I’ve changed on one server to 2028 nsslapd-reservedescriptors: 64 - I don’t know if increase this value? currentconnections: 960
opened fd (chnaged conntablesize): find /proc/23515/fd | wc -l 1043
on bad server: currentconnections: 958 (bad no errors at this moment) find /proc/172473/fd|wc -l 1028
It looks like change nsslapd-conntablesize fix my. problems.
Best regards, Ender
On 17 Mar 2020, at 09:49, thierry bordaz via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Hi,
At startup DS creates a connection table with a fixed size. The message "setup_pr_read_pds - Not listening for new connections - too many fds open" means that the number of established connections exhausted the table limit.
What are the values of nsslapd-conntablesize and nsslapd-reservedescriptors ? How many established connections (logconv on access logs or SRCH cn=monitor) ?
regards thierry
On 3/17/20 9:35 AM, Lukasz Jaworski via FreeIPA-users wrote:
Hi, I've upgraded freeipa 4.6.x environment on Fedora 27 to 4.8.4 on fedora 31.
- remove old replica
- install fedora 31
- connect as new replica...
now: 389-ds-base-1.4.2.8-3.fc31.x86_64 freeipa-server-4.8.4-2.fc31.x86_64
after that, I have many errors: setup_pr_read_pds - Not listening for new connections - too many fds open
It looks like fd limit 1024 I've checked:
nsslapd-maxdescriptors: ldapsearch -xLLL -b "cn=config" -D 'cn=Directory Manager' -W cn=config nsslapd-maxdescriptors Enter LDAP Password: dn: cn=config nsslapd-maxdescriptors: 524288
/proc/limits: cat /proc/2164872/limits Limit Soft Limit Hard Limit Units Max cpu time unlimited unlimited seconds Max file size unlimited unlimited bytes Max data size unlimited unlimited bytes Max stack size 8388608 unlimited bytes Max core file size unlimited unlimited bytes Max resident set unlimited unlimited bytes Max processes 515206 515206 processes Max open files 524288 524288 files Max locked memory 65536 65536 bytes Max address space unlimited unlimited bytes Max file locks unlimited unlimited locks Max pending signals 515206 515206 signals Max msgqueue size 819200 819200 bytes Max nice priority 0 0 Max realtime priority 0 0 Max realtime timeout unlimited unlimited us
dirsrv log: [17/Mar/2020:09:12:18.119324801 +0100] - INFO - main - Setting the maximum file descriptor limit to: 524288
find /proc/2164872/fd | wc -l 1037
It looks like 1024 is connection limit.
Any idea what I've done wrong?
Best regards, Ender - Lukasz Jaworski
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
— Łukasz Jaworski
On 3/17/20 12:14 PM, Lukasz Jaworski via FreeIPA-users wrote:
Hi,
nsslapd-conntablesize = 1024 - I’ve changed on one server to 2028 nsslapd-reservedescriptors: 64 - I don’t know if increase this value? currentconnections: 960
opened fd (chnaged conntablesize): find /proc/23515/fd | wc -l 1043
on bad server: currentconnections: 958 (bad no errors at this moment) find /proc/172473/fd|wc -l 1028
It looks like change nsslapd-conntablesize fix my. problems.
Great ! Indeed nsslapd-maxdescriptors is a limitation of the connection table in case conntablesize is set too high.
thierry
Best regards, Ender
On 17 Mar 2020, at 09:49, thierry bordaz via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Hi,
At startup DS creates a connection table with a fixed size. The message "setup_pr_read_pds - Not listening for new connections - too many fds open" means that the number of established connections exhausted the table limit.
What are the values of nsslapd-conntablesize and nsslapd-reservedescriptors ? How many established connections (logconv on access logs or SRCH cn=monitor) ?
regards thierry
On 3/17/20 9:35 AM, Lukasz Jaworski via FreeIPA-users wrote:
Hi, I've upgraded freeipa 4.6.x environment on Fedora 27 to 4.8.4 on fedora 31.
- remove old replica
- install fedora 31
- connect as new replica...
now: 389-ds-base-1.4.2.8-3.fc31.x86_64 freeipa-server-4.8.4-2.fc31.x86_64
after that, I have many errors: setup_pr_read_pds - Not listening for new connections - too many fds open
It looks like fd limit 1024 I've checked:
nsslapd-maxdescriptors: ldapsearch -xLLL -b "cn=config" -D 'cn=Directory Manager' -W cn=config nsslapd-maxdescriptors Enter LDAP Password: dn: cn=config nsslapd-maxdescriptors: 524288
/proc/limits: cat /proc/2164872/limits Limit Soft Limit Hard Limit Units Max cpu time unlimited unlimited seconds Max file size unlimited unlimited bytes Max data size unlimited unlimited bytes Max stack size 8388608 unlimited bytes Max core file size unlimited unlimited bytes Max resident set unlimited unlimited bytes Max processes 515206 515206 processes Max open files 524288 524288 files Max locked memory 65536 65536 bytes Max address space unlimited unlimited bytes Max file locks unlimited unlimited locks Max pending signals 515206 515206 signals Max msgqueue size 819200 819200 bytes Max nice priority 0 0 Max realtime priority 0 0 Max realtime timeout unlimited unlimited us
dirsrv log: [17/Mar/2020:09:12:18.119324801 +0100] - INFO - main - Setting the maximum file descriptor limit to: 524288
find /proc/2164872/fd | wc -l 1037
It looks like 1024 is connection limit.
Any idea what I've done wrong?
Best regards, Ender - Lukasz Jaworski
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
— Łukasz Jaworski
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
freeipa-users@lists.fedorahosted.org