Ubuntu
ceph package

civetweb does not allow tuning of maximum socket connections

Bug #1838109 reported by Jesse Williamson
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ceph
Fix Released
Unknown
Ceph RADOS Gateway Charm
Triaged
Medium
Unassigned
Ubuntu Cloud Archive
Fix Released
Medium
Unassigned
Queens
Fix Released
Medium
Unassigned
Rocky
Fix Released
Medium
Unassigned
Stein
Fix Released
Medium
Unassigned
Train
Fix Released
Medium
Unassigned
ceph (Ubuntu)
Fix Released
Medium
Jesse Williamson
Bionic
Fix Released
Medium
Jesse Williamson
Disco
Fix Released
Medium
Jesse Williamson
Eoan
Fix Released
Medium
Jesse Williamson

Bug Description

[Impact]
RADOS gateway can run out of sockets prior to consuming the CPU and memory resources on the server on which it is running.

[Test Case]
Deploy RGW to a large server; scale test - RGW processes will only be able to service around 100 open connections.

[Regression Potential]
Medium; the fix introduces a new configuration option for civetweb (the web connector for RGW) to allow the max connections to be set via configuration, rather than being set during compilation; improvement has been accepted upstream in the civetweb project.

[Original Bug Report]
Civetweb does not offer an option for configuring the maximum number of sockets available. Some users run out of sockets and are left with no workaround.

This patch adds a new user-configurable parameter, "max_connections".

See:
https://github.com/civetweb/civetweb/issues/775

See original description
Jesse Williamson (chardan)
description: updated
Jorge Niedbalski (niedbalski)
affects: ubuntu → ceph (Ubuntu)
Jesse Williamson (chardan)
description: updated
Jorge Niedbalski (niedbalski)
tags: added: sts
Jorge Niedbalski (niedbalski)
Changed in ceph (Ubuntu Eoan):
milestone: eoan-updates → none
Jesse Williamson (chardan)
Changed in ceph (Ubuntu Eoan):
status: New → In Progress
Revision history for this message
Jesse Williamson (chardan) wrote :

https://github.com/civetweb/civetweb/pull/776

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ceph - 14.2.2-0ubuntu2

---------------
ceph (14.2.2-0ubuntu2) eoan; urgency=medium

  [ Eric Desrochers ]
  * Ensure that daemons are not automatically restarted during package
    upgrades (LP: #1840347):
    - d/rules: Use "--no-restart-after-upgrade" and "--no-stop-on-upgrade"
      instead of "--no-restart-on-upgrade".
    - d/rules: Drop exclusion for ceph-[osd,mon,mds] for restarts.

  [ Jesse Williamson ]
  * d/p/civetweb-755-1.8-somaxconn-configurable*.patch: Backport changes
    to civetweb to allow tuning of SOMAXCONN in Ceph RADOS Gateway
    deployments (LP: #1838109).

  [ James Page ]
  * d/p/ceph-volume-wait-for-lvs.patch: Cherry pick inflight fix to
    ensure that required wal and db devices are present before
    activating OSD's (LP: #1828617).

  [ Steve Beattie ]
  * SECURITY UPDATE: RADOS gateway remote denial of service
    - d/p/CVE-2019-10222.patch: rgw: asio: check the remote endpoint
      before processing requests.
    - CVE-2019-10222

 -- James Page <email address hidden> Thu, 29 Aug 2019 13:54:25 +0100

Changed in ceph (Ubuntu Eoan):
status: In Progress → Fix Released
James Page (james-page)
description: updated
no longer affects: cloud-archive/pike
James Page (james-page)
Changed in ceph (Ubuntu Bionic):
importance: Undecided → Medium
status: New → In Progress
Changed in ceph (Ubuntu Disco):
importance: Undecided → Medium
status: New → In Progress
Changed in ceph (Ubuntu Eoan):
importance: Undecided → Medium
Dan Hill (hillpd)
description: updated
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Please test proposed package

Hello Jesse, or anyone else affected,

Accepted ceph into disco-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/ceph/13.2.6-0ubuntu0.19.04.4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-disco to verification-done-disco. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-disco. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in ceph (Ubuntu Disco):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-disco
Revision history for this message
Łukasz Zemczak (sil2100) wrote :

Hello Jesse, or anyone else affected,

Accepted ceph into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/ceph/12.2.12-0ubuntu0.18.04.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in ceph (Ubuntu Bionic):
status: In Progress → Fix Committed
tags: added: verification-needed-bionic
Bug Watch Updater (bug-watch-updater)
Changed in ceph:
status: Unknown → New
Revision history for this message
James Page (james-page) wrote :

Hello Jesse, or anyone else affected,

Accepted ceph into rocky-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:rocky-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-rocky-needed to verification-rocky-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-rocky-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-rocky-needed
Revision history for this message
James Page (james-page) wrote :

Hello Jesse, or anyone else affected,

Accepted ceph into stein-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:stein-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-stein-needed to verification-stein-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-stein-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-stein-needed
Eric Desrochers (slashd)
Changed in ceph (Ubuntu Disco):
assignee: nobody → Jesse Williamson (chardan)
Changed in ceph (Ubuntu Bionic):
assignee: nobody → Jesse Williamson (chardan)
Revision history for this message
Jesse Williamson (chardan) wrote :

verification-done-bionic
verification-done-disco

Procedure:

* run: strings radosgw | grep max_connections
max_connections
max_connections value "%s" is invalid

run: sudo systemctl restart ceph-radosgw.target
...see no error in logs.
r
* edit /etc/ceph/ceph.conf
change:
    rgw frontends = civetweb port=70
to:
    rgw frontends = civetweb port=70 max_connections=1099329233823823823823832823832832
...see error in logs.

...restart with value in range (say, 1000), no error message.

* in the code there is no codepath setting this value without using the variable, internally: so seeing this behavior is evidence the feature is present.

tags: added: verification-done-bionic verification-done-disco
removed: verification-needed-bionic verification-needed-disco
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Update Released

The verification of the Stable Release Update for ceph has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ceph - 13.2.6-0ubuntu0.19.04.4

---------------
ceph (13.2.6-0ubuntu0.19.04.4) disco; urgency=medium

  [ Eric Desrochers ]
  * Ensure that daemons are not automatically restarted during package
    upgrades (LP: #1840347):
    - d/rules: Use "--no-restart-after-upgrade" and "--no-stop-on-upgrade"
      instead of "--no-restart-on-upgrade".
    - d/rules: Drop exclusion for ceph-[osd,mon,mds] for restarts.

  [ James Page ]
  * d/p/ceph-volume-wait-for-lvs.patch: Cherry pick inflight fix to
    ensure that required wal and db devices are present before
    activating OSD's (LP: #1828617).

  [ Jesse Williamson ]
  * d/p/civetweb-755-1.8-somaxconn-configurable*.patch: Backport changes
    to civetweb to allow tuning of SOMAXCONN in Ceph RADOS Gateway
    deployments (LP: #1838109).

 -- James Page <email address hidden> Fri, 30 Aug 2019 10:10:04 +0100

Changed in ceph (Ubuntu Disco):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ceph - 12.2.12-0ubuntu0.18.04.3

---------------
ceph (12.2.12-0ubuntu0.18.04.3) bionic; urgency=medium

  [ James Page ]
  * d/p/ceph-volume-wait-for-lvs.patch: Cherry pick inflight fix to
    ensure that required wal and db devices are present before
    activating OSD's (LP: #1828617).

  [ Jesse Williamson ]
  * d/p/civetweb-755-1.8-somaxconn-configurable*.patch: Backport changes
    to civetweb to allow tuning of SOMAXCONN in Ceph RADOS Gateway
    deployments (LP: #1838109).

  [ James Page ]
  * d/p/rgw-gc-use-aio.patch: Cherry pick fix to switch to using AIO for
    garbage collection of objects in the Ceph RADOS Gateway
    (LP: #1838858).

  [ Eric Desrochers ]
  * Ensure that daemons are not automatically restarted during package
    upgrades (LP: #1840347):
    - d/rules: Use "--no-restart-after-upgrade" and "--no-stop-on-upgrade"
      instead of "--no-restart-on-upgrade".
    - d/rules: Drop exclusion for ceph-[osd,mon,mds] for restarts.

 -- James Page <email address hidden> Fri, 30 Aug 2019 10:11:09 +0100

Changed in ceph (Ubuntu Bionic):
status: Fix Committed → Fix Released
Revision history for this message
James Page (james-page) wrote : Please test proposed package

Hello Jesse, or anyone else affected,

Accepted ceph into queens-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:queens-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-queens-needed to verification-queens-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-queens-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-queens-needed
Revision history for this message
James Page (james-page) wrote :

This bug is still pending verification for UCA pockets.

Revision history for this message
James Page (james-page) wrote : Update Released

The verification of the Stable Release Update for ceph has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
James Page (james-page) wrote :

This bug was fixed in the package ceph - 13.2.6-0ubuntu0.19.04.4~cloud0
---------------

 ceph (13.2.6-0ubuntu0.19.04.4~cloud0) bionic-stein; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 ceph (13.2.6-0ubuntu0.19.04.4) disco; urgency=medium
 .
   [ Eric Desrochers ]
   * Ensure that daemons are not automatically restarted during package
     upgrades (LP: #1840347):
     - d/rules: Use "--no-restart-after-upgrade" and "--no-stop-on-upgrade"
       instead of "--no-restart-on-upgrade".
     - d/rules: Drop exclusion for ceph-[osd,mon,mds] for restarts.
 .
   [ James Page ]
   * d/p/ceph-volume-wait-for-lvs.patch: Cherry pick inflight fix to
     ensure that required wal and db devices are present before
     activating OSD's (LP: #1828617).
 .
   [ Jesse Williamson ]
   * d/p/civetweb-755-1.8-somaxconn-configurable*.patch: Backport changes
     to civetweb to allow tuning of SOMAXCONN in Ceph RADOS Gateway
     deployments (LP: #1838109).

Revision history for this message
James Page (james-page) wrote :

The verification of the Stable Release Update for ceph has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
James Page (james-page) wrote :

This bug was fixed in the package ceph - 13.2.6-0ubuntu0.18.10.3~cloud0
---------------

 ceph (13.2.6-0ubuntu0.18.10.3~cloud0) bionic; urgency=medium
 .
   [ Eric Desrochers ]
   * Ensure that daemons are not automatically restarted during package
     upgrades (LP: #1840347):
     - d/rules: Use "--no-restart-after-upgrade" and "--no-stop-on-upgrade"
       instead of "--no-restart-on-upgrade".
     - d/rules: Drop exclusion for ceph-[osd,mon,mds] for restarts.
 .
   [ James Page ]
   * d/p/ceph-volume-wait-for-lvs.patch: Cherry pick inflight fix to
     ensure that required wal and db devices are present before
     activating OSD's (LP: #1828617).
 .
   [ Jesse Williamson ]
   * d/p/civetweb-755-1.8-somaxconn-configurable*.patch: Backport changes
     to civetweb to allow tuning of SOMAXCONN in Ceph RADOS Gateway
     deployments (LP: #1838109).

Revision history for this message
Edward Hope-Morley (hopem) wrote :

Presumably we will need a way for the charm to apply this setting if needs be so adding charm-ceph-radosgw.

Changed in charm-ceph-radosgw:
importance: Undecided → Medium
milestone: none → 20.01
Alex Kavanagh (ajkavanagh)
Changed in charm-ceph-radosgw:
status: New → Triaged
Revision history for this message
Edward Hope-Morley (hopem) wrote :

xenial-queens verified

test output:

root@juju-662fa0-xq-sru-test-7:~# sed -i -r 's/(rgw frontends = civetweb port=70).*/\1 max_connections=10000000000000000000000000000000/g' /etc/ceph/ceph.conf
root@juju-662fa0-xq-sru-test-7:~# systemctl restart ceph-radosgw@rgw.`hostname`
root@juju-662fa0-xq-sru-test-7:~# lsof -i :70
root@juju-662fa0-xq-sru-test-7:~# grep max_conn /var/log/ceph/ceph-client.rgw.juju-662fa0-xq-sru-test-7.log
2019-10-30 11:11:22.085139 7f8c89268000 0 civetweb: 0x55e1294108e0: max_connections value "10000000000000000000000000000000" is invalid
2019-10-30 11:11:23.446174 7f961780d000 0 civetweb: 0x55d4401128e0: max_connections value "10000000000000000000000000000000" is invalid
2019-10-30 11:11:25.497004 7f3569786000 0 civetweb: 0x555c414398e0: max_connections value "10000000000000000000000000000000" is invalid
root@juju-662fa0-xq-sru-test-7:~# sed -i -r 's/(rgw frontends = civetweb port=70).*/\1 max_connections=1000/g' /etc/ceph/ceph.conf
root@juju-662fa0-xq-sru-test-7:~# systemctl restart ceph-radosgw@rgw.`hostname`
root@juju-662fa0-xq-sru-test-7:~# lsof -i :70
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
radosgw 7663 ceph 37u IPv4 25171 0t0 TCP *:gopher (LISTEN)
root@juju-662fa0-xq-sru-test-7:~# grep max_conn /var/log/ceph/ceph-client.rgw.juju-662fa0-xq-sru-test-7.log
2019-10-30 11:11:22.085139 7f8c89268000 0 civetweb: 0x55e1294108e0: max_connections value "10000000000000000000000000000000" is invalid
2019-10-30 11:11:23.446174 7f961780d000 0 civetweb: 0x55d4401128e0: max_connections value "10000000000000000000000000000000" is invalid
2019-10-30 11:11:25.497004 7f3569786000 0 civetweb: 0x555c414398e0: max_connections value "10000000000000000000000000000000" is invalid
2019-10-30 11:11:26.860549 7fbbe5e42000 0 civetweb: 0x55b8810748e0: max_connections value "10000000000000000000000000000000" is invalid
2019-10-30 11:11:28.070096 7f093f962000 0 civetweb: 0x55c44a9ac8e0: max_connections value "10000000000000000000000000000000" is invalid
2019-10-30 11:12:15.341958 7f14baf35000 1 mgrc service_daemon_register rgw.juju-662fa0-xq-sru-test-7 metadata {arch=x86_64,ceph_version=ceph version 12.2.12 (1436006594665279fe734b4c15d7e08c13ebd777) luminous (stable),cpu=Intel Xeon E312xx (Sandy Bridge, IBRS update),distro=ubuntu,distro_description=Ubuntu 16.04.6 LTS,distro_version=16.04,frontend_config#0=civetweb port=70 max_connections=1000,frontend_type#0=civetweb,hostname=juju-662fa0-xq-sru-test-7,kernel_description=#195-Ubuntu SMP Tue Oct 1 09:35:25 UTC 2019,kernel_version=4.4.0-166-generic,mem_swap_kb=0,mem_total_kb=2047984,num_handles=1,os=Linux,pid=7663,zone_id=a3fe50ec-b375-4b10-ba6a-8e3bb8a15e89,zone_name=default,zonegroup_id=c35bd079-a42d-4540-acd1-bf77ba2ee5c8,zonegroup_name=default}

tags: added: verification-queens-done
removed: verification-queens-needed
Revision history for this message
Edward Hope-Morley (hopem) wrote :

Since the others are already released ill mark them as verification-done as well.

tags: added: verification-done verification-rocky-done verification-stein-done
removed: verification-needed verification-rocky-needed verification-stein-needed
Revision history for this message
James Page (james-page) wrote :

The verification of the Stable Release Update for ceph has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
James Page (james-page) wrote :

This bug was fixed in the package ceph - 12.2.12-0ubuntu0.18.04.3~cloud0
---------------

 ceph (12.2.12-0ubuntu0.18.04.3~cloud0) xenial-queens; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 ceph (12.2.12-0ubuntu0.18.04.3) bionic; urgency=medium
 .
   [ James Page ]
   * d/p/ceph-volume-wait-for-lvs.patch: Cherry pick inflight fix to
     ensure that required wal and db devices are present before
     activating OSD's (LP: #1828617).
 .
   [ Jesse Williamson ]
   * d/p/civetweb-755-1.8-somaxconn-configurable*.patch: Backport changes
     to civetweb to allow tuning of SOMAXCONN in Ceph RADOS Gateway
     deployments (LP: #1838109).
 .
   [ James Page ]
   * d/p/rgw-gc-use-aio.patch: Cherry pick fix to switch to using AIO for
     garbage collection of objects in the Ceph RADOS Gateway
     (LP: #1838858).
 .
   [ Eric Desrochers ]
   * Ensure that daemons are not automatically restarted during package
     upgrades (LP: #1840347):
     - d/rules: Use "--no-restart-after-upgrade" and "--no-stop-on-upgrade"
       instead of "--no-restart-on-upgrade".
     - d/rules: Drop exclusion for ceph-[osd,mon,mds] for restarts.

Bug Watch Updater (bug-watch-updater)
Changed in ceph:
status: New → Fix Released
James Page (james-page)
Changed in charm-ceph-radosgw:
milestone: 20.01 → 20.05
David Ames (thedac)
Changed in charm-ceph-radosgw:
milestone: 20.05 → 20.08
Edward Hope-Morley (hopem)
tags: removed: sts
James Page (james-page)
Changed in charm-ceph-radosgw:
milestone: 20.08 → none
Chris MacNaughton (chris.macnaughton)
Changed in cloud-archive:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.