proxmox-mirrors/ceph
1
0
Fork 0
mirror of https://git.proxmox.com/git/ceph.git synced 2025-04-28 14:28:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
e45d466e43
ceph/patches/series
Friedrich Weber e45d466e43 fix #5213: ceph-osd postinst: add patch to avoid connection freezes 
Assume there is an open TCP connection to a VM, and ceph-osd is
installed/upgraded on the host on which the PVE firewall is active.
Currently, ceph-osd postinst reloads all sysctl settings. Thus,
installing/upgrading ceph-osd will set the sysctl setting
`net.bridge.bridge-nf-call-iptables` to 0. The PVE firewall will flip
the setting back to 1 in its next iteration (in <10 seconds). But
while the setting is 0, conntrack will not see packets of the existing
TCP connection. When the setting is flipped back to 1, conntrack will
see packets again, but may consider the seq/ack numbers of new packets
out-of-window, mark them as invalid and drop them. This will freeze
the TCP connection.

To avoid this, add a patch that modifies the ceph-osd postinst to only
apply settings from the sysctl settings file shipped with ceph-osd,
and only apply them on fresh install. As the ceph-osd sysctl settings
do not set `net.bridge.bridge-nf-call-iptables`, this will avoid the
temporary flip to 0 when installing/upgrading ceph-osd.

Signed-off-by: Friedrich Weber <f.weber@proxmox.com>
2024-02-15 14:01:02 +01:00

16 lines
850 B
Plaintext
Raw Blame History

0001-cmake-disable-version-from-git.patch
0002-debian-control-add-break-libpvestorage-perl.patch
0003-d-rules-fix-instaldoc-override-and-ship-upstream-cha.patch
0004-remove-legacy-pve-ceph-osd-activation-script-in-post.patch
0005-remove-legacy-init.d-ceph-script.patch
0006-ceph-mgr-only-suggest-mgr-plugins.patch
0007-Remove-failing-actions-from-prerm.patch
0008-fix-service-ordering-avoid-Before-remote-fs-pre.targ.patch
0009-fix-4759-run-ceph-crash-daemon-with-www-data-group-f.patch
0010-debian-add-missing-bcrypt-to-manager-.requires.patch
0011-fix-compatibility-with-CPUs-not-supporting-SSE-4.1-i.patch
0012-backport-mgr-dashboard-simplify-authentication-proto.patch
0013-mgr-dashboard-remove-ability-to-create-and-check-TLS.patch
0014-rocksb-inherit-parent-cmake-cxx-flags.patch
0015-ceph-osd-postinst-avoid-reloading-all-sysctl-setting.patch
Reference in New Issue View Git Blame Copy Permalink