Once I put in place DB_CONFIG I should stop slapd then run this to reinitialize the database with the new runtime configuration:sudo -u ldap /usr/bin/db_recover -h /var/lib/ldap/domain -vOn Wed, Aug 30, 2017 at 10:06 AM, Douglas Duckworth <email@example.com> wrote:This seems to helpuser@ldap[~]$ sudo -u ldap /usr/bin/db_stat -h /var/lib/ldap/domain -c566 Last allocated locker ID0x7fffffff Current maximum unused locker ID9 Number of lock modes1000 Maximum number of locks possible1000 Maximum number of lockers possible1000 Maximum number of lock objects possible80 Number of lock object partitions16 Number of current locks986 Maximum number of locks at any one time14 Maximum number of locks in any one bucket303 Maximum number of locks stolen by for an empty partition18 Maximum number of locks stolen for any one partition90 Number of current lockers130 Maximum number of lockers at any one time16 Number of current lock objects519 Maximum number of lock objects at any one time8 Maximum number of lock objects in any one bucket0 Maximum number of objects stolen by for an empty partition0 Maximum number of objects stolen for any one partition348M Total number of locks requested (348174715)348M Total number of locks released (348174394)0 Total number of locks upgraded112 Total number of locks downgraded10622 Lock requests not available due to conflicts, for which we waited <------ sounds bad0 Lock requests not available due to conflicts, for which we did not wait2 Number of deadlocks0 Lock timeout value0 Number of locks that have timed out0 Transaction timeout value0 Number of transactions that have timed out744KB The size of the lock region221341 The number of partition locks that required waiting (0%)5041 The maximum number of times any partition lock was waited for (0%)1 The number of object queue operations that required waiting (0%)40577 The number of locker allocations that required waiting (0%)0 The number of region locks that required waiting (0%)8 Maximum hash bucket length
Only four clients are currently using this cluster so perhaps I should actually use DB_CONFIG before putting it into production.On Tue, Aug 29, 2017 at 2:13 PM, Douglas Duckworth <firstname.lastname@example.org> wrote:Adding# checkpointing - added 8/29/2017checkpoint 128 10To slapd.conf then runningsudo db_archive -d -h /var/lib/ldap/domainRemoved the old log files. /var now using under 1GB.Thanks Howard!Our LDAP server contains about 4000 entries. At what point would adding DB_CONFIG be needed for performance reasons? How would I even ascertain that there's performance issues?On Mon, Aug 28, 2017 at 10:19 AM, Douglas Duckworth <email@example.com> wrote:Thanks for the reply, Howard.Thanks for pointing me in the right direction. From what I have read there are two options.1) Copy /usr/share/openldap-serve
rs/DB_CONFIG.example to /var/lib/domain then rebuild the database.2) Enable checkpointing in slapd.confDoes enabling checkpointing in slapd.conf require rebuilding the database or can I simply restart slapd.conf? We are not using online configuration.BestDougOn Fri, Aug 25, 2017 at 8:55 AM, Howard Chu <firstname.lastname@example.org> wrote:Douglas Duckworth wrote:
> I am running openldap-servers-2.4.40-16.el6
.x86_64 cluster on Centos 6.9. MyIf the db_archive command doesn't remove anything, that means it thinks all of
> /var/lib/ldap directory contains many 10MB log files. /var partition rather
> I've read they can be removed either by running "sudo db_archive -d -h
> /var/lib/ldap/domain" or by defining "DB_LOG_AUTOREMOVE" within the file
> "DB_CONFIG." That file does not presently exist whereas the db_archive
> command does not actually remove any of the log files.
the log files are still in active use.
Read the docs more carefully.
com/v2/url?u=http-3A__docs.ora cle.com_cd_E17076-5F05_html_pr ogrammer-5Freference_transapp- 5Flogfile.html&d=DwICaQ&c=lb62 iw4YL4RFalcE2hQUQealT9-RXrryqt 9KZX2qu2s&r=2Fzhh_78OGspKQpl_e -CbhH6xUjnRkaqPFUS2wTJ2cw&m=WP 95x8mwSiEHHqUWRqJv6WdpfcTtJDAU AKN756yEEDA&s=Kfi27b4v7vABZjPQ YMkeo4xBqUyDGZeyB8pHAFin8xY&e=
> Can I remove the old log files manually using rm?
Not if the above is true, you will corrupt the logs and the DB will fail to
open on a subsequent restart.
> If not should I create
> /var/lib/ldap/DB_CONFIG then restart slapd to make this removal automatic?
> Do you have any idea why db_archive does not work or produce any helpful error
> to stdout?
There's no error message because there's no error, everything is working as
You need to do periodic checkpoints to allow log files to be closed, and then
db_archive will be able to remove some of them.
-- Howard Chu
CTO, Symas Corp. https://urldefense.proofpoint
.com/v2/url?u=http-3A__www.sym as.com&d=DwICaQ&c=lb62iw4YL4RF alcE2hQUQealT9-RXrryqt9KZX2qu2 s&r=2Fzhh_78OGspKQpl_e-CbhH6xU jnRkaqPFUS2wTJ2cw&m=WP95x8mwSi EHHqUWRqJv6WdpfcTtJDAUAKN756yE EDA&s=IT7tNF72SCugdO8WpRd-oNsk 4nPNpdjE2aUFL4R4X_M&e=
Director, Highland Sun https://urldefense.proofpoint
.com/v2/url?u=http-3A__highlan dsun.com_hyc_&d=DwICaQ&c=lb62i w4YL4RFalcE2hQUQealT9-RXrryqt9 KZX2qu2s&r=2Fzhh_78OGspKQpl_e- CbhH6xUjnRkaqPFUS2wTJ2cw&m= WP95x8mwSiEHHqUWRqJv6WdpfcTtJD AUAKN756yEEDA&s=XqfYCnjG9ibPbe W05QZOlWdl9u0ZH-7IXkxx0gh238k& e=
Chief Architect, OpenLDAP https://urldefense.proofpoint.
com/v2/url?u=http-3A__www.open ldap.org_project_&d=DwICaQ&c=l b62iw4YL4RFalcE2hQUQealT9-RXrr yqt9KZX2qu2s&r=2Fzhh_78OGspKQp l_e-CbhH6xUjnRkaqPFUS2wTJ2cw&m =WP95x8mwSiEHHqUWRqJv6WdpfcTtJ DAUAKN756yEEDA&s=-tGdeTJRpeaRb ljBBUq49XgfNWzVElqiGEgv0LeqspU &e=