Hi Quanah,
I have some question about Debian builds of openldap. Maybe you can answer any.
--On Wednesday, March 04, 2009 3:30 PM -0500 John Morrissey jwm@horde.net
wrote:
On Wed, Mar 04, 2009 at 12:13:49PM -0800, Quanah Gibson-Mount wrote:
--On Wednesday, March 04, 2009 1:55 PM -0500 John Morrissey
jwm@horde.net wrote:
After a few hours of uptime, slapd suddenly begins consuming enormous amounts of CPU (a three- to four-fold increase over less than a few minutes, and is sustained until slapd is restarted).
Interseting. I've seen this sort of CPU usage issue with OpenLDAP 2.3/BDB4.2.52 on Ubuntu 8. Do you know how BDB 4.7 was built? I.e., specifically, did it have the:
--enable-posixmutexes --with-mutex=POSIX/pthreads
options enabled?
It's the Debian packaging for BDB 4.7 (only available in sid, but it's a simple rebuild to backport to lenny). They do *not* appear to pass any mutex-related options to ./configure.
Yeah, that's a major problem in using Debian's builds of BDB. You want those options sent to configure when using BDB on Linux NPTL systems.
I try to reconfigure and backport the bdb4.7 package to lenny. The above mentioned mutex settings are now added.
The config statement in debian/rules is now:
CONFIGURE_SWITCHES = --prefix=/usr \ --mandir=$${prefix}/share/man \ --localstatedir=/var \ --sysconfdir=/etc \ --libexecdir=/usr/lib \ --enable-cxx \ --enable-compat185 \ --enable-rpc \ --enable-tcl \ --with-tcl=/usr/lib/tcl8.5 \ --enable-test \ --enable-posixmutexes \ --with-mutex=POSIX/pthreads
The build was successfull. Some warnings in the java-packages about unused variables. I believe that doesn't matter.
Also, are you using a shared memory key?
How can I realize that?
I've found that has a significant (positive) impact with BDB 4.7 on linux boxes.
We are not. Thanks, I'll give that a try.
No prob. :) You may have to adjust some settings in sysctl to do it. ;)
Can you tell me, what I should adjust in sysctl.
I have seen that the Debian package maintainers have modified the schema and ldif files of openldap. So, when I want to rebuild openldap, I suggest that I must flag the build as non-free. At least in Debian terminology.
They use gnutls as ssl package. I've found some bad mails about gnutls code quality. I believe that was in spring 2008. Should I build with openssl instead ?
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration