[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: max open files

> On Fri, Mar 12, 2010 at 7:10 AM, Aaron Richton
> <richton@nbcs.rutgers.edu> wrote:
>         On Wed, 10 Mar 2010, Klemens Kittan wrote:
>                 Mar  1 14:45:15 ldap1 slapd[25320]:
>                 warning: /etc/hosts.allow, line 19:
>                 cannot open /etc/hosts.allow: Too many open files
>                 cat /proc/sys/fs/file-max:
>                  203609
>                 cat /proc/<slapd pid>/limits:
>                  Max open files 4096 4096 files
>         Sounds like you're mostly on the right track, but I didn't
>         hear mention of compiling with a suitable OPENLDAP_FD_SETSIZE.
>         Are your CPPFLAGS set accordingly?
> Klemens, 
> Few weeks ago I had a similar issue, I found this thread very useful:
> http://www.sunmanagers.org/pipermail/summaries/2005-March/006226.html
> but at the end the issue seemed to come from avahi daemon.  I'm not
> familiar with avahi but the config had: 
> [rlimits]
> #rlimit-as=
> rlimit-core=0
> rlimit-data=4194304
> rlimit-fsize=0
> rlimit-nofile=30
> rlimit-stack=4194304
> rlimit-nproc=3
> The machine restarted and started avahi(it was stopped before but not
> disabled) and when ldap started to get some connections I received the
> same output:
> Feb 18 00:49:05 ldap01 slapd[3704]: warning: cannot
> open /etc/hosts.deny: Too many open files

I looked at that thread. They recommend exactly the things I tried
already, e.g. setting ulimit in the startup script. I checked that with
cat /proc/<slapd pid>/limits. Nevertheless the LDAP stopped responding
after 1024 open connections. 
I didn't change "idletimeout" in slapd.conf for I found the follwing in
the LDAP documentation (and we use syncrepl):

"... Caution: This is a server wide value so that all bind connections
are affected by it. If this server is either a replication consumer
(using the syncrepl directive with a type value of refreshAndPersist) or
a provider (using the overlay syncprov directive with a one of more
consumers with a type of refreshAndPersist) then it is highly likely
that these links will remain idle for prolonged periods of time. Extreme
caution should be used when defining the idletimeout directive in either
of these conditions because the net effect may be to change such
replication connections into type refreshOnly which may not be a welcome
side effect..."

On my systems the avahi daemon is not installed.

Klemens Kittan

Uni-Potsdam, Inst. f. Informatik
August-Bebel-Str. 89
14482 Potsdam

Tel.    : +49-331-9773125
Fax.    : +49-331-9773122
eMail   : kittan@cs.uni-potsdam.de

gpg --recv-keys --keyserver wwwkeys.de.pgp.net 6EA09333

Attachment: signature.asc
Description: This is a digitally signed message part