Followup on today lists.ovirt.org http outage
Ewoud Kohl van Wijngaarden
ewoud+ovirt at kohlvanwijngaarden.nl
Tue Jun 17 13:55:30 UTC 2014
On Tue, Jun 17, 2014 at 03:47:14PM +0200, Michael Scherer wrote:
> Brian pinged me on a failure on lists.ovirt.org around 13h15 UTC. After
> scratching my head for a while ( since everything was running fine,
> despites regular Out of memory on the server ), it turned out to be a
> user trying to get the iso with a download accelerator. I first added
> more server, but without luck.
>
> So as I am more of the kind "shoot first, ask later", I did kill the
> connexion with iptables, then limit it with iptables ( but with some
> side effect ), then installed mod_limitipconn to limit to 10 tcp
> connexion per IP.
I'm all in favor of this. Maybe we should mention we have mirrors with
MUCH more bandwith in our README.
> in short :
> - yum install mod_limitipconn
> - add
> <IfModule mod_limitipconn.c>
> MaxConnPerIP 10
> </IfModule>
> to /etc/httpd/conf.d/resources.ovirt.org.conf
>
> I guess we should add this in some puppet module somewhere ?
We should, but the whole apache config isn't puppetized yet. I've been
slacking on that because we want to move away from that server, but
maybe we should bite the bullet and do it on the current server.
More information about the Infra
mailing list