[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slow cn=config changes; Re: Correct procedure to backup LDAP?

To: Eric Irrgang <erici@motown.cc.utexas.edu>
Subject: Re: slow cn=config changes; Re: Correct procedure to backup LDAP?
From: Howard Chu <hyc@symas.com>
Date: Mon, 14 Aug 2006 16:58:23 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <Pine.GSO.4.63.0608141700010.21552@grapevine.cc.utexas.edu>
References: <44E0A386.4010109@voicesignal.com> <B8C765660781A60918AF80AE@SW-90-717-287-3.stanford.edu> <44E0ABE6.6050609@voicesignal.com> <44E0B90D.4060603@proscrutiny.com> <Pine.GSO.4.63.0608141700010.21552@grapevine.cc.utexas.edu>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060716 SeaMonkey/1.5a

Eric Irrgang wrote:

I'm trying to migrate to a reliable live update mechanism and I have tried using slapcat after putting the directory into read-only mode, but that seems to bring up additional issues.
In OL 2.3.24 with hdb, how supported is it to do the following?
$ ldapmodify
dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcReadOnly
olcReadOnly: TRUE
-
^D
It seems to work, usually in about a second, but sometimes can take upwards of a minute, during which time the directory seems to be in some sort of stop-the-world state where connections just hang, preventing it from being the non-intrusive backup approach I'd hoped for. The CPU usage doesn't spike and the disk usage appears normal. I've seen similar behavior with other cn=config changes.

Has anyone else encountered this? Is it supposed to work better? Any ideas what might be going on or what I should look for? There don't seem to be any runaway polling loops or lwp fights going on. A truss shows a little bit of lwp polling activity and some writes going on, but nothing suspicious like the hang early in 2.3.x when shutting down with gentlehup.

This sounds pretty normal. When you issue a modify on cn=config, it suspends the thread pool. That means that no new operations can start, and cn=config waits for any currently running operations to finish, then it does the modification you requested. The busier the server, the longer you have to wait before that modification can execute.

On Mon, 14 Aug 2006, Sameer N Ingole wrote:
Hey all.
I work at a medium-sized software company and we're about 70-100 users big now.

We have 2 LDAP servers, and they need to be backed up regularly, *while* LDAP is running - if possible.
I've seen 'slapcat' as a solution, but I've also read that it's not a
good idea to run this command while LDAP is running.

--
 -- Howard Chu
 Chief Architect, Symas Corp.  http://www.symas.com
 Director, Highland Sun        http://highlandsun.com/hyc
 OpenLDAP Core Team            http://www.openldap.org/project/

Follow-Ups:
- Re: slow cn=config changes; Re: Correct procedure to backup LDAP?
  - From: Howard Chu <hyc@symas.com>

References:
- Correct procedure to backup LDAP?
  - From: Jeff Grant <jgrant@voicesignal.com>
- Re: Correct procedure to backup LDAP?
  - From: Quanah Gibson-Mount <quanah@stanford.edu>
- Re: Correct procedure to backup LDAP?
  - From: Jeff Grant <jgrant@voicesignal.com>
- Re: Correct procedure to backup LDAP?
  - From: Sameer N Ingole <strike@proscrutiny.com>
- slow cn=config changes; Re: Correct procedure to backup LDAP?
  - From: Eric Irrgang <erici@motown.cc.utexas.edu>

Prev by Date: slow cn=config changes; Re: Correct procedure to backup LDAP?
Next by Date: Re: slow cn=config changes; Re: Correct procedure to backup LDAP?
Index(es):
- Chronological
- Thread