Red Hat Summit Red Hat SummitSupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 6. Verifying the optimal number of KDC worker processes using IdM Healthcheck

You can use the Healthcheck tool in Identity Management (IdM) to verify that the Kerberos Key Distribution Center (KDC) is configured to use the optimal number of krb5kdc worker processes, which should be equal to the number of CPU cores on the host.

Prerequisites

  • You are using RHEL 8.7 or later.
  • You have root privileges.

Procedure

  • Enter: 

    # ipa-healthcheck --source ipahealthcheck.ipa.kdc
    Copy to Clipboard Toggle word wrap

    • The --source ipahealthcheck.ipa.kdc option ensures that IdM Healthcheck only performs the KDCWorkersCheck test.

      If the number of KDC worker processes matches the number of CPU cores, the test returns SUCCESS as a result: 

      {
	"source": "ipahealthcheck.ipa.kdc",
	"check": "KDCWorkersCheck",
	"result": "SUCCESS",
	"uuid": "68f6e20a-0aa9-427d-8fdc-fbb8196d56cd",
	"when": "20230105162211Z",
	"duration": "0.000157",
	"kw": {
  	"key": "workers"
	}
}
      Copy to Clipboard Toggle word wrap

      The test returns a WARNING if the number of worker processes does not match the number of CPU cores. In the following example, a host with 2 cores is configured to have only one KDC worker process: 

      {
    "source": "ipahealthcheck.ipa.kdc",
    "check": "KDCWorkersCheck",
    "result": "WARNING",
    "uuid": "972b7782-1616-48e0-bd5c-49a80c257895",
    "when": "20230105122236Z",
    "duration": "0.203049",
    "kw": {
      "key": ‘workers’,
      "cpus": 2,
      "workers": 1,
      "expected": "The number of CPUs {cpus} does not match the number of workers {workers} in {sysconfig}"
    }
}
      Copy to Clipboard Toggle word wrap

      The test also outputs a WARNING if there are no configured workers. In the following example, the KRB5KDC_ARGS variable is missing from the /etc/sysconfig/krb5kdc configuration file: 

      {
    "source": "ipahealthcheck.ipa.kdc",
    "check": "KDCWorkersCheck",
    "result": "WARNING",
    "uuid": "5d63ea86-67b9-4638-a41e-b71f4
56efed7",
    "when": "20230105162526Z",
    "duration": "0.000135",
    "kw": {
      "key": "workers",
      "sysconfig": "/etc/sysconfig/krb5kdc",
      "msg": "KRB5KDC_ARGS is not set in {sysconfig}"
    }
  }
    Copy to Clipboard Toggle word wrap
Nach oben
Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Theme

© 2025 Red Hat