[Bugs] [Bug 1746615] New: SSL Volumes Fail Intermittently in 6.5

bugzilla at redhat.com bugzilla at redhat.com
Thu Aug 29 00:21:07 UTC 2019 

https://bugzilla.redhat.com/show_bug.cgi?id=1746615

            Bug ID: 1746615
           Summary: SSL Volumes Fail Intermittently in 6.5
           Product: GlusterFS
           Version: 6
          Hardware: x86_64
                OS: Linux
            Status: NEW
         Component: glusterd
          Assignee: bugs at gluster.org
          Reporter: billycole at mail.com
                CC: bugs at gluster.org
  Target Milestone: ---
    Classification: Community



Description of problem: Volumes fail to mount properly with client/server.ssl
enabled on volumes.  This seems to apply to multiple volume types, though have
only tested it with distributed and dispersed.  The mount command succeeds, but
accessing the volume gives several intermittent "Transport endpoint is not
connected" errors.  This results in odd behavior such as `ls` returning
nothing, then erroring, then occasionally returning a result.

Similarly, when issuing `df` commands in succession on the mount, it will start
reporting the full drive size, then slowly "shrink" until it starts to throw
"transport endpoint is not connected" errors.

[test at ip-10-10-30-220 ~]$ df -h /gscratch
Filesystem                              Size  Used Avail Use% Mounted on
ip-10-10-31-10.ec2.internal:/scratch   44T  496G   44T   2% /gscratch
[test at ip-10-10-30-220 ~]$ df -h /gscratch
Filesystem                              Size  Used Avail Use% Mounted on
ip-10-10-31-10.ec2.internal:/scratch   44T  496G   44T   2% /gscratch
[test at ip-10-10-30-220 ~]$ df -h /gscratch
Filesystem                              Size  Used Avail Use% Mounted on
ip-10-10-31-10.ec2.internal:/scratch   44T  496G   44T   2% /gscratch
[test at ip-10-10-30-220 ~]$ df -h /gscratch
Filesystem                              Size  Used Avail Use% Mounted on
ip-10-10-31-10.ec2.internal:/scratch   44T  496G   44T   2% /gscratch
[test at ip-10-10-30-220 ~]$ df -h /gscratch
Errors.

It almost seems as if the connection is established and then immediately killed
after an attempt to push data over it, and waiting a few seconds causes the
connections to re-establish.

Disabling the "client.ssl" and "server.ssl" settings on the volume cause these
errors to go away.


Version-Release number of selected component (if applicable): glusterfs 6.5


How reproducible:  It seems to be consistent on the cluster that I have. 


Steps to Reproduce:
1. Follow docs here on setting up certs:
https://docs.gluster.org/en/latest/Administrator%20Guide/SSL/
2. Create new volume, enable client ssl and server ssl.  Start volume.
3. Mount volume on client.
4. Try to create a new file on the mount, ls the drive, or issue the df
command.

Actual results: Intermittent transport errors.


Expected results: The drive should be mountable.


Additional info:

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.

More information about the Bugs mailing list