[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] Test etcd configuration with TLS



Spyros,

 

Do you have a link handy to the etcd bug?

 

Thx,

britt

 

From: <atomic-devel-bounces projectatomic io> on behalf of Spyros Trigazis <strigazi gmail com>
Date: Wednesday, March 22, 2017 at 10:36 AM
To: "atomic-devel projectatomic io" <atomic-devel projectatomic io>
Subject: [atomic-devel] Test etcd configuration with TLS

 

Hi all.

 

Recently, I discovered a bug on etcd which had a serious performance

impact. When etcd 3.0.x was built with golang 1.7.x, it was throwing

the following exception constantly:

etcd[2386]: transport: http2Client.notifyError got notified that the client transport was broken unexpected EOF.

This bug was introduced because of golang v1.7.x and was fixed in

etcd v3.1.x. In our kubernetes cluster configuration, we have some master

nodes which contain, etcd, kube-apiserver, kube-scheduler and

kube-controller-manager. Because of the above bug, the apiserver wasn't

responding due to high cpu load coming from etcd. So, in any application,

if etcd is running in powerless machine, will be unresponsive or if other

applications run in the same machine their performance will be affected.

 

I propose to add a test for etcd, configured with TLS certs similar to my

reproducer for this bug [1]. The reasoning is that, this bug appeared only

when etcd was configured with TLS, other bugs might occur

with that setting in the future.

 

I'm new to the packaging process of fedora and I don't know where to

start.

 

Cheers,

Spyros

 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]