On Tue, April 24, 2012 11:10, Petr Spacek wrote: > On 04/24/2012 10:03 AM, Sigbjorn Lie wrote: > >> Hi >> >> >> I have an issue that occured before, but I did not figure out what it was. >> It happened again >> today, and the issue is related to high load on the LDAP servers. >> >> I ran a batch job that added a lot of users to different groups, using the >> "ipa >> group-add-member --users="$members" $group" command. This caused high CPU >> load across all the >> LDAP servers as the >> changes we're replicating between the servers. >> >> After a few minutes DNS stopped working and errors started to occur in the >> messages log. >> >> >> The only way to get around it is to stop the batch job to lower the CPU load >> on the LDAP >> servers, and then kill the named daemon with kill -9 and restart named. >> "service named restart" >> timed out while stopping named and did not manage to restart the named >> daemon. >> >> This happened across all 3 IPA servers almost at the same time, taking the >> entire environment >> down. >> >> A rather nasty bug. >> >> >> >> Apr 24 09:32:08 ipa03 named[31837]: LDAP error: Invalid DN syntax >> Apr 24 09:32:08 ipa03 named[31837]: connection to the LDAP server was lost >> Apr 24 09:32:09 ipa03 named[31837]: LDAP error: Invalid DN syntax >> Apr 24 09:32:09 ipa03 named[31837]: connection to the LDAP server was lost >> >> >> >> >> Regards, >> Siggi >> > > Hello, > > > you are right, it's very nasty bug. > > We know about this problem with "Invalid DN syntax". Patch is already done and > on the way to upstream, please stay tuned. >
Thanks for the reply. Will it be released as an update to RHEL 6.2, or will it not make it until RHEL 6.3? Rgds, Siggi _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
