cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Simon Weller <swel...@ena.com>
Subject Re: slow firewall
Date Thu, 29 Sep 2016 20:32:21 GMT
What happens if you try and do a network restart with the cleanup option selected?


________________________________
From: Janis Andersons | Failiem.lv <ja@failiem.lv>
Sent: Thursday, September 29, 2016 6:25 AM
To: users@cloudstack.apache.org
Subject: Re: slow firewall

Also If I try to restart network it ends with: Failed to restart network
management log files:
2016-09-29 14:21:18,486 DEBUG    Seq 27-2522015791327480407: Processing:
{ Ans: , MgmtId: 95537004648, via: 27, Ver: v1, Flags: 10,
[{"com.cloud.agent.api.Answer":{"result":false,"details":"Timed out in
waiting SSH execution result","wait":0}}] }
2016-09-29 14:21:18,487 DEBUG    ctx-d2b04874) (logid:93af951b) Seq
27-2522015791327480407: Received: { Ans: , MgmtId: 95537004648, via:
27(xs4.failiem.lv), Ver: v1, Flags: 10, { Answer } }
2016-09-29 14:21:18,487 WARN    ctx-d2b04874) (logid:93af951b) Failed to
re-program the network as a part of network Ntwk[248|Guest|67] implement
due to aggregated commands execution failure!
2016-09-29 14:21:18,490 WARN    ctx-d2b04874) (logid:93af951b) Failed to
implement network Ntwk[248|Guest|67] elements and resources as a part of
network restart due to
com.cloud.exception.ResourceUnavailableException: Resource
[DataCenter:9]    to apply network rules as a part of network
Ntwk[248|Guest|67] implement

J. Andersons

On 29.09.2016 14:08, Janis Andersons | Failiem.lv wrote:
> Also adding Load balancer rules takes about 3 minutes.
>
>
> On 29.09.2016 14:07, Janis Andersons | Failiem.lv wrote:
>> I have total 20 firewall rules and 50 port forwarding rules for 12
>> VMs and it takes more than 60 seconds to add new rule.
>> If new IP is acquired adding new rule takes about 80 seconds even if
>> there is no rules set for new IP.
>> If I try to add multiple rules it takes much more time for first rule
>> and sometimes another rules fails.
>>
>> Have tried to change service offering for router to 2 CPUs, 1GB ram
>> but that doesn't help.
>>
>> Cloudstack 4.8, Xenserver, Shared Storage
>> Virtual Router: Firewall, Vpn, Dhcp, SourceNat, PortForwarding, Lb,
>> UserData, Dns.
>>
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message