Problem

In some cases, the SecureTransport 5.4 services do not automatically start after reboot on SLES 12 because of a default limit of each task per service that is configured on the OS. Sporadic OOM (Out Of Memory) messages can also be observed throughout the /var/log/messages file and in the kernel log, while having plenty of free memory on the system.

Resolution

SYSTEMD is treating SecureTransport as one single service due to the fact that SecureTransport 5.4 is started by /etc/init.s/rc.SecureTransport01. On the other hand the default limit of tasks per SYSTEMD unit is 512. When SecureTransport attempts to spawn more than 512 tasks (threads + processes) newly created processes are then killed by the kernel. As result we can see the following messages in the kernel log:

[61.613404] cgroup: fork rejected by pids controller in /system.slice/rc.stransportSecureTransport01.service

and

Exception: java.lang.OutOfMemoryError thrown from the UncaughtExceptionHandler in thread "ConnectionTable.AcceptorThread"

In SecureTransport the following messages are written in the log:

java.io.IOException: error=11, Resource temporarily unavailable

To resolve the issue follow these steps:

Create a directory /etc/systemd/system/rc.stransportSecureTransport01.service.d if it doesn't already exist.

Add a file called override.conf in the directory /etc/systemd/system/rc.stransportSecureTransport01.service.d.

Add the following content to the override.conf file:

[Service]
TasksMax=4096

In heavy loaded environments the TasksMax may need to be increased above 4096, but no more than 24576.

Temporary solution

In case of lack of root access to the server, the below temporary solution can be used:

Kill all ST processes with pkill -9 -f SecureTransport

Remove all *.pid files from <FILEDRIVEHOME>/var/run

Run <FILEDRIVEHOME>bin/start_all manually