AtScale Fails to Sync Users Due to Timeout Issues with LDAPs Configured in the Environment

SYMPTOM

If AtScale is syncing a group with more than 50 users, it can timeout since the default timeout is set to 5 seconds.

RESOLUTION

While no specific flag/configuration in AtScale can increase the timeout, this can be set at the JVM level at start-up.  Use the steps below to set this up:

1. Check the time how long the LDAP search takes approximately

2. Open the following file on the AtScale node:
/opt/atscale/current/pkg/engine/bin/engine

3. Add JVM option "-Dcom.sun.jndi.ldap.read.timeout=35000" after "execRunner "$java_cmd" \".  

It should look something like this:

From :
  # run sbt
  execRunner "$java_cmd" \
    ${java_opts[@]} \
    "${java_args[@]}" \
    -cp "$(fix_classpath "$app_classpath")" \
    "${mainclass[@]}" \
    "${app_commands[@]}" \
    "${residual_args[@]}"

To :
 # run sbt
  execRunner "$java_cmd" \
  -Dcom.sun.jndi.ldap.read.timeout=35000 \
    ${java_opts[@]} \
    "${java_args[@]}" \
    -cp "$(fix_classpath "$app_classpath")" \
    "${mainclass[@]}" \
    "${app_commands[@]}" \
    "${residual_args[@]}"

4. Restart the engine and verify that the engine process picked up this configuration by executing "ps -ef |grep engine|grep 35000":

For example :

[atscaler@atscale-ha-node-01 bin]$ /opt/atscale/bin/atscale_service_control restart engine
engine: stopped
engine: started

[atscaler@atscale-ha-node-01 bin]$ ps -ef |grep engine|grep 35000
atscaler 23542 23507 99 11:59 ?        00:01:04 /opt/atscale/versions/2020.3.1.2003/pkg/jdk/bin/java -Dcom.sun.jndi.ldap.read.timeout=35000 
-XX:+UseStringDeduplication -Xms250m -server -Xmx8192M -XX:+UseG1GC 
-XX:+UseAdaptiveGCBoundary 
-Datscale.config=/opt/atscale/versions/2020.3.1.2003/conf/engine/bootstrap.conf ...

Was this article helpful?

0 out of 0 found this helpful