[Date Prev][Date Next]
Re: (ITS#3512) LDAP Sync Replication stops after single server failure
>Full_Name: Darren Gamble
>OS: Linux (2.6.9 kernel)
>Submission from: (NULL) (188.8.131.52)
>A few days ago, we had our ldapsync provider slapd fail due to too many open
>files (unable to open hosts.allow).
>We restarted the service and increased the maximum number of open files on the
>machine, to prevent that from happening again.
>However, after the failure, LDAP Sync Replication appears to have stopped. Now,
>none of the entries added to the provider server are replicated to any of the
>slaves. There is no information on this in the ldap logs, which are set to the
>default logging level.
>Deleting the LDAP database directory (save for DB_CONFIG) on a consumer and
>resyncing it causes it to get the entries its missed, and also allows it to get
>future changes. I'm guessing we can do this on each of our slaves to recover,
>but we have a very large number of them, so (safely) recovering from this will
>take some time.
>Is there a log level that would provide more information on why the entries
>aren't replicated, or any other information on why syncrepl has stopped?
In OpenLDAP 2.3 there is a new LDAP_DEBUG_SYNC debug level used by the
consumer. Nothing special for the provider.
You didn't mention whether you're using refreshOnly or
refreshAndPersist; if using Persist mode you need to configure a retry
parameter for the consumer otherwise no automatic retries occur.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
Symas: Premier OpenSource Development and Support