From f0d42b1ce399a3a7aa33d92c8bfb052c03010ac7 Mon Sep 17 00:00:00 2001 From: Scott Koranda Date: Mon, 22 Oct 2018 05:32:22 -0500 Subject: [PATCH] Default maximum open file descriptors for slapd Added a default maximum open file descriptors set with ulimit -n for the slapd process. See https://github.com/moby/moby/issues/8231 for a discussion of how this helps decrease the memory used by slapd when running inside a container. --- comanage-registry-slapd-base/comanage_ldap_utils.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/comanage-registry-slapd-base/comanage_ldap_utils.sh b/comanage-registry-slapd-base/comanage_ldap_utils.sh index 46e9e42..8413f94 100755 --- a/comanage-registry-slapd-base/comanage_ldap_utils.sh +++ b/comanage-registry-slapd-base/comanage_ldap_utils.sh @@ -19,6 +19,9 @@ # See the License for the specific language governing permissions and # limitations under the License. +# Default for maximum number of open file descriptors for slapd. +SLAPD_MAXIMUM_OPEN_FILE_DESCRIPTORS=1024 + if [[ -n "${LDAP_DEBUG}" ]]; then OUTPUT=/dev/stdout set -x @@ -489,6 +492,7 @@ function comanage_ldap_utils::exec_slapd() { chown -R openldap:openldap /etc/ldap/slapd.d chown openldap:openldap /var/run/slapd + ulimit -n "${SLAPD_MAXIMUM_OPEN_FILE_DESCRIPTORS:-$SLAPD_MAXIMUM_OPEN_FILE_DESCRIPTORS_DEFAULT}" exec "$@" } @@ -535,6 +539,7 @@ function comanage_ldap_utils::exec_slapd_proxy() { chown -R openldap:openldap /etc/ldap/slapd.d chown openldap:openldap /var/run/slapd + ulimit -n "${SLAPD_MAXIMUM_OPEN_FILE_DESCRIPTORS:-$SLAPD_MAXIMUM_OPEN_FILE_DESCRIPTORS_DEFAULT}" exec "$@" } @@ -686,6 +691,7 @@ function comanage_ldap_utils::start_slapd_socket() { chown -R openldap:openldap /etc/ldap/slapd.d chown openldap:openldap /var/run/slapd + ulimit -n "${SLAPD_MAXIMUM_OPEN_FILE_DESCRIPTORS:-$SLAPD_MAXIMUM_OPEN_FILE_DESCRIPTORS_DEFAULT}" slapd -h ldapi:/// -u openldap -g openldap > "${OUTPUT}" 2>&1 }