Il 17/06/2014 15:47, Michael Scherer ha scritto:
Hi,
Brian pinged me on a failure on lists.ovirt.org around 13h15 UTC. After scratching my head for a while ( since everything was running fine, despites regular Out of memory on the server ), it turned out to be a user trying to get the iso with a download accelerator. I first added more server, but without luck.
So as I am more of the kind "shoot first, ask later", I did kill the connexion with iptables, then limit it with iptables ( but with some side effect ), then installed mod_limitipconn to limit to 10 tcp connexion per IP.
in short : - yum install mod_limitipconn - add <IfModule mod_limitipconn.c> MaxConnPerIP 10 </IfModule> to /etc/httpd/conf.d/resources.ovirt.org.conf
I guess we should add this in some puppet module somewhere ?
Maybe also limit bandwidth per IP?
_______________________________________________ Infra mailing list Infra@ovirt.org http://lists.ovirt.org/mailman/listinfo/infra
-- Sandro Bonazzola Better technology. Faster innovation. Powered by community collaboration. See how it works at redhat.com