I have multiple servers that are running OES Linux (SLES 10 sp3 with OES sp3) on them. The issue I'm having is that rtvscand seems to randomly jump to 100% utilization and stay there. The end result being the server becomes unresponsive and becomes inaccessible until rebooted.
I have built the kernel modules for the version of the kernel I'm running, before this the server would just panic and crash or lockup pretty quickly.
This does not occur on every server, though of the ones that is seems to occur they do have compressed NSS volumes on them.
I am not able to recreate this anywhere except in our production enviroment. it seems as if in testing all goes well until I begin to roll out AV.
At one point I had attmpted to use CLAM AV instead which had resulted in similar results to Symantec AV, where the server became unresponsive and inaccessible, though it took a little longer before it was inaccessible with clam.
I suspect this may be due to a combination of the compression on the volumes and the size of the volumes ( in my test enviroment I don't have anywhere near the capacity of the servers in production). some servers have multiple volumes in the range of 1.5-5.5 TB in size.
This appears to happen on both servers connected to san based storage and local storage.
one thing I had thought of trying, but not had a chance to implement is attempting to run a cronjob that looks for rtvscand and attempts to renice and ionice it, but am still testing that.
ex.
--------------
#!/bin/bash
scannice=`ps -eo "%n %p %c" |grep rtvscand |awk '{print $1}'`
if [ $scannice != 10 ] ; then
ionice -c3 -p`ps -A |grep rtvscand |awk '{print $1}'`
renice 10 `ps -A |grep rtvscand |awk '{print $1}'`
echo "nicing rtvscand"
else
echo "rtvscan has already been niced"
fi
-----------------
Has anyone had similar issues? or have any suggestions on how to get this to work?