[Date Prev][Date Next]
Openldap occasional hunging
- To: firstname.lastname@example.org
- Subject: Openldap occasional hunging
- From: Nick Milas <email@example.com>
- Date: Tue, 14 Dec 2010 14:23:20 +0200
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:184.108.40.206) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7
I am experiencing the following problem: Occasionally but consistently
(about once a month), one of my ldap servers will hung - usually after
some entry update. I find out the hung due to problems with the services
which are dependent on ldap (mail, dns, see below).
The question is: Why does this happen, and how can I avoid it? All
servers are production systems, and need maximum reliability.
When the problem occurs, I need to stop ldap service. If I try to start
it again, I get:
Checking configuration files for slapd: bdb_db_open: unclean
shutdown detected; attempting recovery.
bdb_db_open: Recovery skipped in read-only mode. Run manual recovery
if errors are encountered.
Then (as I have found from researching the problem), I must issue (as root):
# service ldap stop
# slapd_db_recover -v -h /var/lib/ldap
# chown ldap:ldap /var/lib/ldap/*
# service ldap start
Then, everything works fine again.
My setup is: one master (provider) openldap server (where all
modifications take place) with 3 slaves (consumers), one of which is
used with postfix/dovecot, and the other two with powerdns (ldap
backend). Sync is being done with syncrepl, type=refreshAndPersist.
Modifications are carried out using phpLDAPadmin (1.0.7), JXplorer, and
other custom php scripts. The DIT is small (less than 2000 entries in
total) and DIT changes are relatively few (max ~50 modifications per
day, sometimes no modifications are made for several days).
The hung can occur to anyone of the ldap servers (either master or
slave), with the same frequency (about once per month)! One of the
servers is affected each time.
All servers run CentOS 5.5 with the latest openldap packages available:
# slapd_db_upgrade -V
Sleepycat Software: Berkeley DB 4.4.20: (January 10, 2006)
I wonder: Could such a database corruption problem occur in case:
1. An entry is being modified at the same time as it is being read by
2. An entry is being modified "concurrently" by two different
Could the problem be resolved with upgrading to a more recent
openldap/bdb version? Can anyone suggest RPM (RHEL5 or Centos 5)
packages to use safely (with TLS, cyrus-sasl, slapi, overlays=mod,
plugins, modules) ?
Thanks in advance,