diff options
author | Tomas Babej <tbabej@redhat.com> | 2013-08-06 17:09:15 +0200 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2013-08-26 13:07:17 +0200 |
commit | 6961cf2e77cca8f3784a6d82cebeb0bb8df1f535 (patch) | |
tree | f2cde5969b8cdfe45408e5189665ad7d0bf16e64 /ipaserver | |
parent | 34342b9a972a3a454b979dc64d0a510c5af24894 (diff) | |
download | freeipa-6961cf2e77cca8f3784a6d82cebeb0bb8df1f535.tar.gz freeipa-6961cf2e77cca8f3784a6d82cebeb0bb8df1f535.tar.xz freeipa-6961cf2e77cca8f3784a6d82cebeb0bb8df1f535.zip |
Perform dirsrv tuning at platform level
When configuring the 389 Directory Server instance, we tune it
so that number of file descriptors available to the DS is increased
from the default 1024 to 8192.
There are platform specific steps that need to be conducted
differently on systemd compatible platforms and sysV compatible
platforms.
systemd: set LimitNOFILE to 8192 in /etc/sysconfig/dirsrv.systemd
sysV: set ulimit -n 8192 in /etc/sysconfig/dirsrv
set ulimit - nofile 8192 in /etc/security/limits.conf
https://fedorahosted.org/freeipa/ticket/3823
Diffstat (limited to 'ipaserver')
-rw-r--r-- | ipaserver/install/dsinstance.py | 63 |
1 files changed, 12 insertions, 51 deletions
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 84e19d15e..f543efadc 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -29,7 +29,7 @@ import base64 import stat from ipapython.ipa_log_manager import * -from ipapython import ipautil, sysrestore, dogtag, ipaldap +from ipapython import ipautil, sysrestore, ipaldap from ipapython import services as ipaservices import service import installutils @@ -815,58 +815,19 @@ class DsInstance(service.Service): number of clients out of the box. """ - # check limits.conf - need_limits = True - fd = open("/etc/security/limits.conf", "r") - lines = fd.readlines() - fd.close() - for line in lines: - sline = line.strip() - if not sline.startswith(DS_USER): - continue - if sline.find('nofile') == -1: - continue - # ok we already have an explicit entry for user/nofile - need_limits = False - - # check sysconfig/dirsrv - need_sysconf = True - fd = open("/etc/sysconfig/dirsrv", "r") - lines = fd.readlines() - fd.close() - for line in lines: - sline = line.strip() - if not sline.startswith('ulimit'): - continue - if sline.find('-n') == -1: - continue - # ok we already have an explicit entry for file limits - need_sysconf = False - - #if sysconf or limits are set avoid messing up and defer to the admin - if need_sysconf and need_limits: - self.fstore.backup_file("/etc/security/limits.conf") - fd = open("/etc/security/limits.conf", "a+") - fd.write('%s\t\t-\tnofile\t\t%s\n' % (DS_USER, str(num))) - fd.close() - - fd = open("/etc/sysconfig/dirsrv", "a+") - fd.write('ulimit -n %s\n' % str(num)) - fd.close() + # Do the platform-specific changes + proceed = ipaservices.knownservices.dirsrv.tune_nofile_platform( + num=num, fstore=self.fstore) - else: - root_logger.info("Custom file limits are already set! Skipping\n") - print "Custom file limits are already set! Skipping\n" - return - - # finally change also DS configuration - # NOTE: dirsrv will not allow you to set max file descriptors unless - # the user limits allow it, so we have to restart dirsrv before - # attempting to change them in cn=config - self.__restart_instance() + if proceed: + # finally change also DS configuration + # NOTE: dirsrv will not allow you to set max file descriptors unless + # the user limits allow it, so we have to restart dirsrv before + # attempting to change them in cn=config + self.__restart_instance() - nf_sub_dict = dict(NOFILES=str(num)) - self._ldap_mod("ds-nfiles.ldif", nf_sub_dict) + nf_sub_dict = dict(NOFILES=str(num)) + self._ldap_mod("ds-nfiles.ldif", nf_sub_dict) def __tuning(self): self.tune_nofile(8192) |