Apache runs on high cpu "AH01323: Purge of LDAP cache failed"

UCS - Univention Corporate Server
,
#1

Hello!

I got an error in my apache error logs that sais:

[ldap:error] [pid 1491] AH01323: Purge of LDAP cache failed

Seems that thisx problem hangs up a machine within 3-4 hours resulting a lot of apache scripts running at 2-3% cpu bringing everything else offline.

Thanks!

EDIT:
I just had a problem again, but this time i did not see the warning in the log. I just saw a lot of requests from z-push and my android-Outlook raising the processcount of apache. I just shut down the Outlook on Android. I do not see any hanging inctances for apache coming up until now. I’ll keep you updated.

Thanks

#2

Hello! Today again. I thought it was the outlook app but sill getting the error again:

[Sat Jun 22 07:42:00.711731 2019] [ldap:error] [pid 22915] AH01323: Purge of LDAP cache failed

over 100 times in the log.

Any Ideas how i can fix this?

Thanks!

#3

Looks like this bug in Apache. The bug doesn’t mention a workaround, unfortunately. Possible ways to deal with it are:

  1. Rebuild the Apache Debian package and modify the build process to apply the patch from that bug. Drawback: each time Apache is updated from Univention you’ll have to rebuild that new version with your patch.
  2. File a bug in Univention’s bug tracker and ask them to do 1. with their official package. This would benefit all Univention users, but it wouldn’t be an immediate solution to your problem.
  3. Write a script that monitors Apache’s error log and restarts it as soon as the message is encountered.

m.

#4

Hi! Thanks
I thought about submitting this to the bugtracker - but i have no idea how to reproduce the error again.

I uninstalled the UCS-Dashboard and Prometheus.

Since 2 days (after uninstalling the UCS Dashboard - Grafana and Prometheus) it did not happen again.

#5

I have the same issue… time to time i get a lot of apache process the server completly lagged.
After restart the apache service is stay ok for more some days… i suspected from ucs dashboard… so i think this is a confirmation.

Thanks

#6

It’s good to have more information. Please open a bug report in the UCS bug tracker and reference the Apache bug track entry I’ve posted above.

#7

I want to open a bug, but i just wanted to get further informations. I want to wait some 24h more to get shure if it could be the admin dashbord - on the other hand i am not shure and just do not what to throw bug like “Here is the error - go for it” :slight_smile:

@codedmind - Do you also have Kopano or anything else installed? I have an installation where i moved Kopano to a seperate Domain Member - and i do not see the error here. Since what time do you see the error?

Thanks.

#8

@chackl nop, basic installation, only samba for windows domain and ucs dashboard, with the latest update of ucs dashboard and ucs 4.4 this behaviour appear

#9

Ok - Just testing around a little here.
I saw also no problems coming up using the default prometheus config - i added some custom scripts to fetch some extra metrics i got the error again.
Did you also modify the prometheus config with extra jobs to get other metrics into the dashboard?

#10

@chackl yes i do… i change so i can get metricsfrom other machines as well

#11

Ok - Me too. So i think it is Prometheus.
What interval do you check the custom metrics and are they using apache for their communication? (Something like RevereProxy / ProxyPass?)
I have some PHP scripts fetching me data with fping each 5 secs. The PHP script is executed by apache somewhere on /var/www

#12

@chackl what i’m using is what is in this topic

I use http scraps and 1m interval