[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] sks.disunitedstates.com down and out
From: |
David Benfell |
Subject: |
Re: [Sks-devel] sks.disunitedstates.com down and out |
Date: |
Sat, 11 Apr 2015 00:39:31 -0700 |
User-agent: |
Horde Application Framework 5 |
Quoting Christian Felsing <address@hidden>:
Hello David,
as desired I removed your server from our membership file.
I am running SKS 1.1.5+ on CentOS6 (LXC container) and CentOS7 (KVM) for
a long time w/o problems. In the past I had similar problems, but
switching clocksource to tsc solved database problems. My current
installations are working with tsc (LXC) and kvm-clock (kvm)
You should give it a new try, may be it will work then.
This is on FreeBSD. The relevant sysctl variable for tsc is
kern.timecounter.invariant_tsc . It's on by default.
I'm not running on a virtual machine, so if I understand correctly,
kvm is irrelevant.
An other SKS server admin found a problem if sks recon is running via
haproxy tcp: SKS consumes lot of memory and does no longer gossip keys
then while tcp service is still available. This can be exploited only,
if there is a membership entry to such a server.
I'm not using haproxy.
If there is a documentation how recon works, I would consider to build a
new solution on Jetty with Hypersonic SQL or any other JDBC database.
BouncyCastle is able to analyze PGP keys. Java is considered to be more
spread than ocaml.
I tend to shy away from java. It, too, seems to be problematic, for a
number of reasons including memory leaks and CPU hogging. And I've
seen these problems with just about every java application I've tried
to leave running.
--
David Benfell <address@hidden>
pgp1FgsqZuoOE.pgp
Description: PGP Digital Signature