Am 04.12.23 um 16:19 schrieb Ondřej Kuzník:
I will say it again: lloadd does not open any connections in response to client activity, they are established as part of its operation and until you have at least one, requests will be rejected with 52 Unavailable.
I Know: Starting the loadbalancer service the bind user (binddn=uid=lloadd,ou=users,dc=example,dc=net) will establish the connection to the ldap-server the user who will connect from a client will use these connection to "talk" to the ldap-server with it's own credentials. I can follow this using slapd.conf.
Using cn=config (now with "conns" as loglevel) I see on the loadbalancer: --------------- Dez 04 19:06:52 loadbalancer01 systemd[1]: Starting symas-openldap-server.service - Symas OpenLDAP Server Daemon... Dez 04 19:06:52 loadbalancer01 slapd[2102]: @(#) $OpenLDAP: slapd 2.6.6 (Aug 8 2023 21:23:03) $ openldap Dez 04 19:06:52 loadbalancer01 slapd[2102]: slapd starting Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: added 4r listener=(nil) Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: added 7r listener=0x562b0de0d550 Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: added 8r listener=0x562b0de0d640 Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: added 9r listener=0x562b0de0d790 Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: added 10r listener=0x562b0de0d970 Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: added 11r listener=0x562b0de0da60 Dez 04 19:06:52 loadbalancer01 systemd[1]: Started symas-openldap-server.service - Symas OpenLDAP Server Daemon. Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: epoll: listen=7 active_threads=0 tvp=zero Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: epoll: listen=8 active_threads=0 tvp=zero Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: epoll: listen=9 active_threads=0 tvp=zero Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: epoll: listen=10 active_threads=0 tvp=zero Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: epoll: listen=11 active_threads=0 tvp=zero Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: activity on 1 descriptor Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: activity on: Dez 04 19:06:52 loadbalancer01 slapd[2102]: Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: epoll: listen=7 active_threads=0 tvp=zero Dez 04 19:06:52 loadbalancer01 slapd[2102]: daemon: epoll: listen=8 active_threads=0 tvp=zero ... --------------- The last messages will repeat until I stop slapd.
On the ldap-server (also "conns" as loglevel) I see nothing at all.
If I look with "ss" on the loadbalancer I see: --------------- root@loadbalancer01:~# ss -tln | tail -n +1 State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess LISTEN 0 1024 0.0.0.0:1389 0.0.0.0:* LISTEN 0 2048 0.0.0.0:389 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 1024 0.0.0.0:1636 0.0.0.0:* LISTEN 0 2048 0.0.0.0:636 0.0.0.0:* ---------------
Then I tried to read the config with slapcat and I got: --------------------- root@loadbalancer01:~# slapcat -n0 lload_open_listener: bind(3) failed errno=98 (Address already in use) lload_open_listener: bind(3) failed errno=98 (Address already in use) lload_open_listener: failed on ldap://:1389 olcBkLloadListen: value #0: could not open a listener for ldap://:1389 config error processing olcBackend={0}lload,cn=config: could not open a listener for ldap://:1389 slapcat: bad configuration file! ---------------------
But looking at my configuration I see: --------- olcBkLloadListen: ldap://:1389 olcBkLloadListen: ldaps://:1636 ---------
If I change the order of ldap and ldaps I get the same only with ldaps. If I remove on line I get the message with the remaining protocol.
Btw I get all the same errors when I convert the slapd.conf with slaptest and use the result to start the loadbalancer. So I can't find an error here.
At the moment I don't know where to look next
Stefan