[Freeipa-users] periodic failures on replicas ...
Rich Megginson
rmeggins at redhat.com
Mon Nov 8 21:06:19 UTC 2010
Kambiz Aghaiepour wrote:
> I'm seeing our IPA replicas periodically failing with errors of:
>
> [08/Nov/2010:08:12:02 -0500] - Not listening for new connections - too
> many fds open
> [08/Nov/2010:08:12:02 -0500] - Listening for new connections again
> [08/Nov/2010:08:12:02 -0500] - Not listening for new connections - too
> many fds open
> [08/Nov/2010:08:12:02 -0500] - Listening for new connections again
>
> It's not clear to me what's triggering this condition.
You have too many connections to the directory server and it is running
out of file descriptors. You'll have to increase the number of file
descriptors the directory server can use, or figure out if there are
"rogue" clients opening too many connections but not closing them
properly. You can use logconv.pl to analyze your access logs. See also
http://directory.fedoraproject.org/wiki/Performance_Tuning#Linux and man
sysctl - the parameter fs.file-max
> When it happens,
> we're restarting services on the replica (ipactl restart), and things go
> back to normal for several days, until the next failure. I notice the
> following during "normal" running of services :
>
> NSMMReplicationPlugin - repl_set_mtn_referrals: could not set referrals
> for replica dc=example,dc=org: 1
>
I think this is benign (but annoying)
> (on both the consumers and provider). Is this an error I should worry
> about ?
>
> Kambiz
>
More information about the Freeipa-users
mailing list