[Date Prev][Date Next] [Chronological] [Thread] [Top]

Antwort: Re: openldap health monitoring [Virus checked]

>I'll note that all of your 3 problems were caused by you using MIT Kerberos
>instead of Heimdal.  Stanford has been using OpenLDAP in production for

I presume you are right. However:

1) Buchan has built the sasl & co against Heimdal for me, but I'm still having problems. It's better now, but I can still kill the server if I try hard enough. Probably good enough for the "real life", but...
(Possibly these packs aren't well done, or something is still missing, and this will solve itself on a few days.)
2) Even if the problem is solved, I would still prefer to have some script watching over it. That's what scripts are for. :-)

>Have a remote process that queries the server (from Nagios), that pages us
>if slapd stops responding.


This was the one that actually bothered me, because I wasn't sure how to assure that query returns (either result or failure) in reasonable time. In the meantime, I looked at perl::Net::LDAP, and saw that one can define the timeout there. Good enough 4 me.

>Have a local process that checks the resident and virtual sizes of slapd,
>and page us if they are exceed our boundries.

yes, this one is rather simple.

>Have a local process that checks every 5 minutes to see if slapd is
>running.  It will page the sys admins and restart slapd if it is not

even simpler, I know.

> Thankfully, none of these ever gets used, but it makes management happy.

Right. :-)

Any other stuff worth watching, i.e. likely to go wrong?