From 6961cf2e77cca8f3784a6d82cebeb0bb8df1f535 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Tue, 6 Aug 2013 17:09:15 +0200 Subject: Perform dirsrv tuning at platform level When configuring the 389 Directory Server instance, we tune it so that number of file descriptors available to the DS is increased from the default 1024 to 8192. There are platform specific steps that need to be conducted differently on systemd compatible platforms and sysV compatible platforms. systemd: set LimitNOFILE to 8192 in /etc/sysconfig/dirsrv.systemd sysV: set ulimit -n 8192 in /etc/sysconfig/dirsrv set ulimit - nofile 8192 in /etc/security/limits.conf https://fedorahosted.org/freeipa/ticket/3823 --- ipaserver/install/dsinstance.py | 63 ++++++++--------------------------------- 1 file changed, 12 insertions(+), 51 deletions(-) (limited to 'ipaserver/install/dsinstance.py') diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 84e19d15..f543efad 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -29,7 +29,7 @@ import base64 import stat from ipapython.ipa_log_manager import * -from ipapython import ipautil, sysrestore, dogtag, ipaldap +from ipapython import ipautil, sysrestore, ipaldap from ipapython import services as ipaservices import service import installutils @@ -815,58 +815,19 @@ class DsInstance(service.Service): number of clients out of the box. """ - # check limits.conf - need_limits = True - fd = open("/etc/security/limits.conf", "r") - lines = fd.readlines() - fd.close() - for line in lines: - sline = line.strip() - if not sline.startswith(DS_USER): - continue - if sline.find('nofile') == -1: - continue - # ok we already have an explicit entry for user/nofile - need_limits = False - - # check sysconfig/dirsrv - need_sysconf = True - fd = open("/etc/sysconfig/dirsrv", "r") - lines = fd.readlines() - fd.close() - for line in lines: - sline = line.strip() - if not sline.startswith('ulimit'): - continue - if sline.find('-n') == -1: - continue - # ok we already have an explicit entry for file limits - need_sysconf = False - - #if sysconf or limits are set avoid messing up and defer to the admin - if need_sysconf and need_limits: - self.fstore.backup_file("/etc/security/limits.conf") - fd = open("/etc/security/limits.conf", "a+") - fd.write('%s\t\t-\tnofile\t\t%s\n' % (DS_USER, str(num))) - fd.close() - - fd = open("/etc/sysconfig/dirsrv", "a+") - fd.write('ulimit -n %s\n' % str(num)) - fd.close() + # Do the platform-specific changes + proceed = ipaservices.knownservices.dirsrv.tune_nofile_platform( + num=num, fstore=self.fstore) - else: - root_logger.info("Custom file limits are already set! Skipping\n") - print "Custom file limits are already set! Skipping\n" - return - - # finally change also DS configuration - # NOTE: dirsrv will not allow you to set max file descriptors unless - # the user limits allow it, so we have to restart dirsrv before - # attempting to change them in cn=config - self.__restart_instance() + if proceed: + # finally change also DS configuration + # NOTE: dirsrv will not allow you to set max file descriptors unless + # the user limits allow it, so we have to restart dirsrv before + # attempting to change them in cn=config + self.__restart_instance() - nf_sub_dict = dict(NOFILES=str(num)) - self._ldap_mod("ds-nfiles.ldif", nf_sub_dict) + nf_sub_dict = dict(NOFILES=str(num)) + self._ldap_mod("ds-nfiles.ldif", nf_sub_dict) def __tuning(self): self.tune_nofile(8192) -- cgit