You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2020/01/30 07:52:20 UTC
[GitHub] [cloudstack] rhtyd opened a new issue #3853: SystemVM agent seen in
Disconnected or Alert state on XenServer
rhtyd opened a new issue #3853: SystemVM agent seen in Disconnected or Alert state on XenServer
URL: https://github.com/apache/cloudstack/issues/3853
On slow/resource-constraint XenServer environments, when SSVM/CPVM starts TLS certificates are provisioned via the default root CA provider which sometimes may fail the initial setup or fail due to not enough system entropy. Due to this the agent will then fail to connect and maybe stuck in Disconnected/Alert state and this would be seen:
The management server logs would report the SSVM/CPVM client was presenting invalid certificates, for example:
```
2020-01-30 07:31:43,843 ERROR [c.c.u.n.Link] (AgentManager-SSLHandshakeHandler-165:null) (logid:) SSL error caught during wrap data: Empty server certificate chain, for local address=/10.2.3.131:8250, remote address=/10.2.8.51:39178.
2020-01-30 07:31:43,858 INFO [c.c.a.m.AgentManagerImpl] (AgentManager-Handler-2:null) (logid:) Connection from /10.2.8.51 closed but no cleanup was done.
```
Note: the issue is not always reproducible.
##### ISSUE TYPE
<!-- Pick one below and delete the rest -->
* Bug Report
##### COMPONENT NAME
<!--
Categorize the issue, e.g. API, VR, VPN, UI, etc.
-->
~~~
SSVM, CPVM
~~~
##### CLOUDSTACK VERSION
<!--
New line separated list of affected versions, commit ID for issues on master branch.
-->
~~~
4.14/master with JDK11
~~~
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [cloudstack] DaanHoogland commented on issue #3853: SystemVM agent
seen in Disconnected or Alert state on XenServer
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on issue #3853: SystemVM agent seen in Disconnected or Alert state on XenServer
URL: https://github.com/apache/cloudstack/issues/3853#issuecomment-580140568
@rhtyd this sounds like it is not jdk specific. Have we never seen this in jdk8?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [cloudstack] rhtyd commented on issue #3853: SystemVM agent seen in
Disconnected or Alert state on XenServer
Posted by GitBox <gi...@apache.org>.
rhtyd commented on issue #3853: SystemVM agent seen in Disconnected or Alert state on XenServer
URL: https://github.com/apache/cloudstack/issues/3853#issuecomment-580157067
You're right @DaanHoogland but it could be a combination of things why this is sometimes reproducible, but no concrete facts to blame jdk11 yet. One workaround fix I've done in #3601 is to stop the cloudstack agent before the key/crt is setup and start it after it is imported to the keystore; that would cause some CPU contention to be reduced.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services