Difference: HTTPTFSAMProbe (32 vs. 33)

Revision 332017-05-19 - OliverKeeble

Line: 1 to 1
 
META TOPICPARENT name="HTTPDeployment"

HTTP Deployment TF - Information for sites

Line: 154 to 154
  Failure to follow the following advice may lead to instabilities in the service. A puppet configuration will manage all this for you.
Changed:
<
<
Ensure that you are managing gridsite's session cache, which can exhaust the file system's inodes. This can be solved in two ways
  • cron job cleaning up the cache files (eg 0 * * * * /usr/bin/find /var/www/sessions -type f -cmin +1440 -delete)
  • setting MaxRequestsPerChild appropriately (eg 4000) for the apache MPM you're using (usually httpd.event). Gridsite will clean up after itself when restarted
>
>
Ensure that you are managing gridsite's session cache, which can exhaust the file system's inodes. Make sure you have the following in zlcgdm-dav.conf.
GridSiteGridHTTP off
GridSiteAutoPasscode off
 
Changed:
<
<
httpd has to be reloaded in order to read new CRLs, which means they can "expire" in long running processes. The solution is to periodically perform a /usr/sbin/apachectl graceful, ideally after fetch-crl is run, or otherwise for example every 6 hrs.
>
>
httpd has to be reloaded in order to read new CRLs, which means they can "expire" in long running processes. The solution is to periodically perform a /usr/sbin/apachectl graceful, ideally after fetch-crl is run, or otherwise for example every 6 hrs. Later version of lcgdm-dav-server install this by default.
 
Changed:
<
<
DPM has been distributed with an SSL config which does not enable all strong ciphers, leading to problems with modern clients (eg curl/Ubuntu, chrome) because there is no cipher overlap. Remove the following offending lines from zlcgdm-dav.conf
>
>
Older DPM versions were distributed with an SSL config which did not enable all strong ciphers, leading to problems with modern clients (eg curl/Ubuntu, chrome) because there is no cipher overlap. Remove the following offending lines from zlcgdm-dav.conf
 
    # This improves HTTPS performance when the client disables encryption
Line: 168 to 170
  SSLHonorCipherOrder on
Deleted:
<
<
A forthcoming update will fix this problem.
 
403 Forbidden
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback