[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Lock is no longer valid / deferring operation

To: openldap-software@openldap.org
Subject: Re: Lock is no longer valid / deferring operation
From: Buchan Milne <bgmilne@staff.telkomsa.net>
Date: Thu, 5 Jul 2007 19:53:42 +0200
Cc: Gavin Henry <ghenry@suretecsystems.com>, Toby Blake <toby@inf.ed.ac.uk>
In-reply-to: <Pine.LNX.4.64.0707051211510.1446@syd.inf.ed.ac.uk>
Organization: Telkom Internet
References: <Pine.LNX.4.64.0707041320590.23577@syd.inf.ed.ac.uk> <54029.212.159.59.85.1183629866.squirrel@webmail.suretecsystems.com> <Pine.LNX.4.64.0707051211510.1446@syd.inf.ed.ac.uk>
User-agent: KMail/1.9.6

On Thursday, 5 July 2007, Toby Blake wrote:
> Hi again Gavin,
>
> <most stuff snipped>
>
> >> As for what services they provide, general desktop services, but also
> >> could be running long-running or intensive jobs.  Many of the machines
> >> are also in a condor pool and this does seem to cause more problems.
> >>
> >> Do you know if slapd gets unhappy if other processes use up lots of
> >> memory?  This is my current line of investigation - I'll try to make
> >> it unhappy by using increasing amounts of memory.
> >
> > Yes.
> >
> >> I suppose what I'm trying to determine is - is it the client activity
> >> that's causing problems (i.e. a misbehaving client or similar) or is
> >> it slapd itself getting unhappy for other reasons (possibly due to
> >> resources being used by other programs)?  Or a combination of both?
> >
> > Probably both. If a client keeps sending lots of bind/search requests at
> > once, slapd will queue/defer them.
>
> Excellent, this does look to be the case.  I've just run a bit of a
> test by eating up all memory and swap and seeing if I could upset
> slapd - it seemed OK for a while, then a full search of the directory
> triggered off a "Lock is no longer valid" and it's now distinctly
> unhappy.  So, a client that not only eats memory, but also uses up
> other resources, to the detriment of slapd, can only produce
> problems.

Yes, it is probably advisable not to use only a local daemon to provide a 
service required by other processes that will take away resources from the 
daemon they rely on ...

> I suppose the way forward is to migrate away from running local slapd
> everywhere, perhaps to a proxy-caching type of solution, but this is
> going to require some proper planning and investigation.

Are you using nscd ? Yes, I know the point of the local slapd is similar to 
that of nscd, but if you don't use nscd, each binary that does any user/group 
lookups will have a connection to your ldap server. Using nscd should not 
require any planning/investigation, just testing.

If nscd is unsuitable, you may also consider nss_db and nss_updatedb (this may 
require planning/investigation).

Oh, and your custom replication method looks a lot like syncrepl ...

Regards,
Buchan

-- 
Buchan Milne
ISP Systems Specialist - Monitoring/Authentication Team Leader
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)
http://en.wikipedia.org/wiki/List_of_Internet_slang_phrases

Attachment: pgpeoIEfbW5ki.pgp
Description: PGP signature

References:
- Lock is no longer valid / deferring operation
  - From: Toby Blake <toby@inf.ed.ac.uk>
- Re: Lock is no longer valid / deferring operation
  - From: "Gavin Henry" <ghenry@suretecsystems.com>
- Re: Lock is no longer valid / deferring operation
  - From: Toby Blake <toby@inf.ed.ac.uk>

Prev by Date: Re: reference to other entry - question
Next by Date: Re: Lock is no longer valid / deferring operation
Index(es):
- Chronological
- Thread