Hi,
We had similar problem before, but I am not sure if it is related to your
case.
The file descriptors that were opened by the ns-slapd process was all in a
CLOSE_WAIT state. You can try execute "netstat -anput | grep CLOSE_WAIT"
and see if there's a lot of dangling CLOSE_WAIT socket opened by ns-slapd.
If that was the case, I suggest you to update to the latest version of 389
directory because that has been fixed.
This is the bugzilla ticket that I submitted awhile back.
https://bugzilla.redhat.com/show_bug.cgi?id=567429
- David
2010/8/28 Andrey Ivanov <andrey.ivanov(a)polytechnique.fr>
Hi,
You can try to change the following parameters to reduce the timeouts of
the connections :
* system parameters (reduce keepalive time to 700 seconds):
echo "net.ipv4.tcp_keepalive_time =
700" >> /etc/sysctl.conf
sysctl -p
* 389 parameters in cn=config (change the maximum time limit per search
operation to 120 sec & set idle connection timeout to 600 sec):
nsslapd-timelimit: 120
nsslapd-idletimeout: 600
The file descriptor number used by a connecton can be seen in access log
(fd=139) :
[28/Aug/2010:14:35:08 +0200] conn=58377 fd=139 slot=139 SSL connection from
x.x.x.x to x.x.x.x
You may also use /logconv.pl utility to see the long requests, number of
parallel/oncurrent connections and file descriptor usage ('Highest FD
taken')
Total Connections: 2855
Peak Concurrent Connections: 4
Total Operations: 157116
Total Results: 157139
Overall Performance: 100.0%
...
FDs Taken: 3112
FDs Returned: 3112
Highest FD Taken: 143
...
----- Top 20 Most Frequent etimes -----
156965 etime=0
58 etime=1
58 etime=3
58 etime=2
@+
2010/8/27 Angel Bosch Mora <angbosch(a)conselldemallorca.net>
hi,
>
> i had problems with "too many fds open" on some instances and after
> digging a bit i've found that ns-slapd dont die.
>
> i got 5 similar installations and this is happening just in two of them
> and i can't identify what is about.
>
>
> i've been recollecting process informations and i know for sure that the
> only process that keep increasing is ns-slapd and eventually, after some
> weeks, 389 starts refusing new connections and i got the "too many fds
open"
> message.
>
> i can increase max fds but the problem of processes keeping alive is still
> there.
>
> anyone facing similar situation?
>
> regards,
>
> abosch
> --
> 389 users mailing list
> 389-users(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users