Reduce the number of threads in nslcd
Slapd process has more than 2500 open files in DC10 with 500 subclouds. Given that the process limit set at 4096, as such, it will hit limit before reaches 1000 subcloud target. By default, nslcd starts 5 threads that can handle requests and perform LDAP queries. Each thread opens a separate connection to the LDAP server. nslcd runs on every host including the System Controller. The number of open files from 500 subclouds would be 2500. This update reduces the number of threads to 2 that should be sufficient for user/group authentication. This will support 1000 DX subclouds. It also adds 10 minutes inactivity timeout to close idle connections. Story: 2008960 Task: 42612 Change-Id: I4d43e39a3212e6763ab3f5184dd5ef1e8b2a8af8 Signed-off-by: Tao Liu <tao.liu@windriver.com>
This commit is contained in:
parent
3f1484556b
commit
2155ce4d17
@ -6,6 +6,8 @@ class platform::ldap::params (
|
||||
$ldapserver_remote = false,
|
||||
$ldapserver_host = undef,
|
||||
$bind_anonymous = false,
|
||||
$nslcd_threads = 2,
|
||||
$nslcd_idle_timelimit = 600,
|
||||
) {}
|
||||
|
||||
class platform::ldap::server
|
||||
|
@ -20,6 +20,10 @@ gid ldap
|
||||
#
|
||||
uri ldap://<%= @ldapserver_host %>
|
||||
|
||||
# Specifies the number of threads to start that can handle requests
|
||||
# and perform LDAP queries. The default is to start 5 threads.
|
||||
threads <%= @nslcd_threads %>
|
||||
|
||||
# The distinguished name of the search base.
|
||||
base dc=cgcs,dc=local
|
||||
|
||||
@ -58,7 +62,8 @@ rootpwmoddn cn=ldapadmin,dc=cgcs,dc=local
|
||||
|
||||
# Idle timelimit. nslcd will close connections if the
|
||||
# server has not been contacted for the number of seconds.
|
||||
#idle_timelimit 3600
|
||||
#idle_timelimit 600
|
||||
idle_timelimit <%= @nslcd_idle_timelimit %>
|
||||
|
||||
# Use StartTLS without verifying the server certificate.
|
||||
#ssl start_tls
|
||||
|
Loading…
Reference in New Issue
Block a user