Task #11762
closed
The LDAP server, when in producer (master) mode, never removes the log files used to handle the replica changes
100%
Description
ldap uses a specialised set of log files, under /var/lib/ldap/accesslog, so that the consumers are able to get the changes without downloading all the DB at every synchronisation.
Those files are never removed by the master on our server, even if it's configured to delete logs older than two days. The only way to cleanly remove those files is to stop / start the slapd service.
Because those logs amount to tens of GBs of files, the stop / start procedure always fails because the slapd service needs several minutes to cleanup the accesslog before shutting down.
We have to find a way to restart the service reliably.
Updated by Andrea Dell'Amico almost 7 years ago
- Status changed from New to In Progress
Updated by Andrea Dell'Amico almost 7 years ago
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
I split the two cases.
- I added a cron job that runs at 5am every day. It tries a restart of the
slapdservice. The stop part always succeeds. - I then added a cron job that runs once a minute and starts the
slapdservice if there's no slapd running.
This way we also have a generic watchdog for the ldap service. The second cron job can be installed on the consumers too.
Updated by Andrea Dell'Amico almost 7 years ago
- Status changed from Feedback to Closed
Fixed a bug that prevented the script to find that the service was not running. Now it's reliable.
