Solved: /etc fills up due to likewise causing 503 error

NHCSCharles · ‎05-18-2021

Hi all,

I am getting "503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http16LocalServiceSpecE:0x00000024c9208340] _serverNamespace = / action = Allow _port = 8309)" due to the likewise service filling up the /etc ramdisk. I have this VM host joined to the domain.

First, Is it possible to setup the likewise service/lsass/AD Joined part so it does not sync every user in the domain? In fact, I would be happy if it didn't sync any users at all and just did the auth on the fly. But maybe I don't understand how it works.

Second, is there a way to make it not create a "new" file? I have lsass-adcache.filedb.DOMAIN.COM and lsass-adcache.filedb.DOMAIN.COM.new. Why is it creating the new file?

Thank you,
Charles

Ank_S · ‎05-20-2021

Hello Charles,

Follow the below mentioned steps :

1) Clear cache entries :

/usr/lib/vmware/likewise/bin/lw-lsa ad-cache --delete-all

2) Set a 10 MB limit :

/usr/lib/vmware/likewise/bin/lwregshell set_value '[HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory]' MemoryCacheSizeCap 10485760

3) Confirm it is set to 10MB:

/usr/lib/vmware/likewise/bin/lwregshell list_values '[HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory]'

The output should appear with a line similar to the following:

+ "MemoryCacheSizeCap" REG_DWORD 0x00a00000 (10485760)

4) Restart the service lsass :

/usr/lib/vmware/likewise/bin/lwsm restart lsass

PS: Mark kudos or correct answer as appropriate

View solution in original post

NHCSCharles · ‎05-18-2021

I'm sorry. I forgot to mention that this is ESXi 6.7 build 9484548

Ank_S · ‎05-18-2021

Hello Charles,

Can you share the exact size of those files ?

You can attempt to limit the size of those files so that it does not cause the /etc ramdisk to go full and cause the host to be non-responsive.

NHCSCharles · ‎05-19-2021

The base file is 18864780 and the .new file is 10141696.

How do I go about limiting the size?

Thank you
Charles

Ank_S · ‎05-20-2021

Hello Charles,

Follow the below mentioned steps :

1) Clear cache entries :

/usr/lib/vmware/likewise/bin/lw-lsa ad-cache --delete-all

2) Set a 10 MB limit :

/usr/lib/vmware/likewise/bin/lwregshell set_value '[HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory]' MemoryCacheSizeCap 10485760

3) Confirm it is set to 10MB:

/usr/lib/vmware/likewise/bin/lwregshell list_values '[HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory]'

The output should appear with a line similar to the following:

+ "MemoryCacheSizeCap" REG_DWORD 0x00a00000 (10485760)

4) Restart the service lsass :

/usr/lib/vmware/likewise/bin/lwsm restart lsass

PS: Mark kudos or correct answer as appropriate

NHCSCharles · ‎05-20-2021

Thank you for the reply. I have implemented this change and I am waiting to see what happens next. So far, it has not regenerated the files.

I still had to delete the files and restart services for the website to come back up.

I will monitor this today and see what it looks like tomorrow and let you know.

Thank you for your help
Charles

NHCSCharles · ‎05-21-2021

The file came back but it is only 5mb in size. I would say this is a success. Thank you again.

lhuk · ‎07-06-2021

Many thanks for this fix. I found this statement in a VMware KB:

By default, the likewise agent has 25MB of memory allocated, while the memory cache cap is set to unlimited.

What could possibly go wrong...