LDAP Connection Leak Issue?

Hi,

We’re currently using RoR v1.18.4 and ELK 6.8.2. We’ve noticed an issue where over time, the number of connections RoR is making to our LDAP server increases over time, eventually maxing out the number of LDAP connections allowed for the user. The only way to clear the connections seems to be to restart Elasticsearch. The number of connections does not increase linearly, but rather seems to increase in steps. It looks like this is happening when we edit the RoR config in Kibana and save - each save seems to generate a new set of LDAP connections, on top of the existing ones. The total connections exceeds the configured LDAP connection pool settings - see settings below.

We’ve also briefly tested this with v1.19.0 and it seems like the same behaviour exists.

Have you every seen any issue like this? Any ideas how to resolve or at least to investigate further?

Thanks,

  • Adrian

ldaps:
- name: ldap1
host: “xxxx”
ssl_enabled: false
bind_dn: “domain\user”
bind_password: “password”
search_user_base_DN: “OU=XXX Users,DC=XXX,DC=ie”
search_groups_base_DN: “DC=XXX,DC=ie”
user_id_attribute: “cn”
#groups_from_user: true
groups_from_user_attribute: “memberOf”
unique_member_attribute: “member”
cache_ttl_in_sec: 60
connection_pool_size: 10
connection_timeout_in_sec: 2
request_timeout_in_sec: 2

Hi @aidofitz, thanks for reporting this.
@coutoPL is this related to this PR? https://github.com/sscarduzio/elasticsearch-readonlyrest-plugin/pull/551/files

I don’t think so. IMO it’s related to graceful close of old core on reload. Seems that it’s rather related to the jira, Wojtek is working on ATM.

1 Like