Problem:
After installing/configuring/managing 206 subclouds,
"Can't contact LDAP server" errors were reported when
running sudo commands, and it took a long time to get
to a password prompt when running sudo.
Noted lots of 'Too many open files' logs in local4.log for
the slapd process.
Fix:
We increase the soft limit on the number of open
files for ldap up to the current hard limit of 4096,
from the previous soft limit of 1024.
We do this by running ulimit in the init script for
ldap. The right way to do this would've been to add
the following systemd config file to the system:
/etc/systemd/system/slapd.service.d/limits.conf
with content:
[Service]
LimitNOFILE=4096
But it doesn't work. It looks like launching the daemon
from systemd via init scripts interferes with the systemd
ulimit mechanism in some way.
Also openldap source has been checked to see if it can handle
4096 open files, and yes, the FD_SETSIZE is at 4096
already. Going beyond 4096 will require a change to the
hard limit and source code change to openldap to get a
larger FD_SETSIZE defined.
Change-Id: I0c2da8e7a149a5ea41d8fbde5ecfb3ffac7765e0
Closes-Bug: 1888874
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
29b55438df