diff options
| author | Tomas Babej <tbabej@redhat.com> | 2013-08-06 17:09:15 +0200 |
|---|---|---|
| committer | Petr Viktorin <pviktori@redhat.com> | 2013-08-26 13:07:17 +0200 |
| commit | 6961cf2e77cca8f3784a6d82cebeb0bb8df1f535 (patch) | |
| tree | f2cde5969b8cdfe45408e5189665ad7d0bf16e64 /ipapython/platform/redhat/service.py | |
| parent | 34342b9a972a3a454b979dc64d0a510c5af24894 (diff) | |
| download | freeipa.git-6961cf2e77cca8f3784a6d82cebeb0bb8df1f535.tar.gz freeipa.git-6961cf2e77cca8f3784a6d82cebeb0bb8df1f535.tar.xz freeipa.git-6961cf2e77cca8f3784a6d82cebeb0bb8df1f535.zip | |
Perform dirsrv tuning at platform level
When configuring the 389 Directory Server instance, we tune it
so that number of file descriptors available to the DS is increased
from the default 1024 to 8192.
There are platform specific steps that need to be conducted
differently on systemd compatible platforms and sysV compatible
platforms.
systemd: set LimitNOFILE to 8192 in /etc/sysconfig/dirsrv.systemd
sysV: set ulimit -n 8192 in /etc/sysconfig/dirsrv
set ulimit - nofile 8192 in /etc/security/limits.conf
https://fedorahosted.org/freeipa/ticket/3823
Diffstat (limited to 'ipapython/platform/redhat/service.py')
| -rw-r--r-- | ipapython/platform/redhat/service.py | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/ipapython/platform/redhat/service.py b/ipapython/platform/redhat/service.py index 61511b48..6e8097ca 100644 --- a/ipapython/platform/redhat/service.py +++ b/ipapython/platform/redhat/service.py @@ -25,6 +25,7 @@ from ipapython.ipa_log_manager import root_logger from ipapython.platform import base from ipalib import api + class RedHatService(base.PlatformService): def __wait_for_open_ports(self, instance_name=""): """ @@ -107,11 +108,74 @@ class RedHatHTTPDService(RedHatService): time.sleep(5) self.start(instance_name, capture_output, wait) + +class RedHatDirectoryService(RedHatService): + + # This has been moved from dsinstance.py here to platform-level + # to continue support sysV services + + def tune_nofile_platform(self, num=8192, fstore=None): + """ + Increase the number of files descriptors available to directory server + from the default 1024 to 8192. This will allow to support a greater + number of clients out of the box. + + This is a part of the implementation that is sysV-specific. + + Returns False if the setting of the nofile limit needs to be skipped. + """ + + DS_USER = 'dirsrv' + + # check limits.conf + need_limits = True + + with open("/etc/security/limits.conf", "r") as f: + for line in f: + sline = line.strip() + if not sline.startswith(DS_USER) or sline.find('nofile') == -1: + continue + + # ok we already have an explicit entry for user/nofile + need_limits = False + + # check sysconfig/dirsrv + need_sysconf = True + + with open("/etc/sysconfig/dirsrv", "r") as f: + for line in f: + sline = line.strip() + if not sline.startswith('ulimit') or sline.find('-n') == -1: + continue + + # ok we already have an explicit entry for file limits + need_sysconf = False + + #if sysconf or limits are set avoid messing up and defer to the admin + if need_sysconf and need_limits: + if fstore: + fstore.backup_file("/etc/security/limits.conf") + + with open("/etc/security/limits.conf", "a+") as f: + f.write('%s\t\t-\tnofile\t\t%s\n' % (DS_USER, str(num))) + + with open("/etc/sysconfig/dirsrv", "a+") as f: + f.write('ulimit -n %s\n' % str(num)) + + else: + root_logger.info("Custom file limits are already set! Skipping\n") + return False + + return True + + def redhat_service(name): if name == 'sshd': return RedHatSSHService(name) elif name == 'httpd': return RedHatHTTPDService(name) + elif name == 'dirsrv': + return RedHatDirectoryService(name) return RedHatService(name) class RedHatServices(base.KnownServices): |