[ceph-users] ceph monitors using 6-96GB RAM and crashing [nautilus]
Hello, we have recently moved our ceph monitors from small, 4GB RAM servers to big servers, because we saw memory pressure on the machines. However even on our big machines (64GB ~ 1TB RAM) we are seeing ceph-mon processes being killed at around 90-94GB of RAM. Now, my understanding is that a ceph-mon should be a rather "small" process, so allocating 90GB RAM seems to be a bit.. atypical? This cluster runs ceph version 14.2.9 (581f22da52345dba46ee232b73b990f06029a2a0) nautilus (stable), about 90 osds, about 620TB data. Any input is appreciated. Best regards, Nico PID TID MINFLT MAJFLT VSTEXTVSLIBS VDATA VSTACKVSIZE RSIZEPSIZE VGROWRGROWSWAPSZ RUID EUID MEMCMD1/1 36244 - 2907312K15156K 95.1G 912K95.3G 94.9G 0K 0K 0K0K ceph ceph 9% ceph-mon -- Renewable hosting with full IPv6 support. Checkout www.datacenterlight.ch for details. ___ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
[ceph-users] share haproxy config for radosgw
I was wondering if someone could post a config for haproxy. Is there something specific to configure? Like binding clients to a specific backend server, client timeouts, security specific to rgw etc. ___ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
[ceph-users] Device is not available after zap
Hi, With v15.2.8, after zap a device on OSD node, it's still not available. The reason is "locked, LVM detected". If I reboot the whole OSD node, then the device will be available. There must be something no being cleaned up. Any clues? Thanks! Tony ___ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
[ceph-users] Re: Device is not available after zap
I checked pvscan, vgscan, lvscan and "ceph-volume lvm list" on the OSD node, that zapped device doesn't show anywhere. Anything missing? Thanks! Tony From: Tony Liu Sent: February 7, 2021 05:27 PM To: ceph-users Subject: [ceph-users] Device is not available after zap Hi, With v15.2.8, after zap a device on OSD node, it's still not available. The reason is "locked, LVM detected". If I reboot the whole OSD node, then the device will be available. There must be something no being cleaned up. Any clues? Thanks! Tony ___ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io ___ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
[ceph-users] Re: Device is not available after zap
I built a new cluster from scratch, everything works fine. Could anyone help to find out what is stuck here? Another issue, devices don't show up after adding a host, could be the same cause. Any details about the workflow would be helpful too, like how mon gets devices when a host is added, is it pushed by something (mgr?) or pulled by mon? Thanks! Tony > -Original Message- > From: Tony Liu > Sent: Sunday, February 7, 2021 5:32 PM > To: ceph-users > Subject: [ceph-users] Re: Device is not available after zap > > I checked pvscan, vgscan, lvscan and "ceph-volume lvm list" on the OSD > node, that zapped device doesn't show anywhere. > Anything missing? > > Thanks! > Tony > > From: Tony Liu > Sent: February 7, 2021 05:27 PM > To: ceph-users > Subject: [ceph-users] Device is not available after zap > > Hi, > > With v15.2.8, after zap a device on OSD node, it's still not available. > The reason is "locked, LVM detected". If I reboot the whole OSD node, > then the device will be available. There must be something no being > cleaned up. Any clues? > > Thanks! > Tony > ___ > ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an > email to ceph-users-le...@ceph.io > ___ > ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an > email to ceph-users-le...@ceph.io ___ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
[ceph-users] Re: share haproxy config for radosgw
Something like this works…
# HAProxy configuration
#--
# Global settings
#--
global
log /dev/loglocal0
log /dev/loglocal1 notice
user haproxy
group haproxy
chroot /var/lib/haproxy
daemon
stats socket /var/lib/haproxy/stats mode 660 level admin
maxconn 65536
spread-checks 4
tune.ssl.default-dh-param2048
ssl-default-bind-ciphers
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl-default-bind-ciphersuites
TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
ssl-default-server-ciphers
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl-default-server-ciphersuites
TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
#--
# common defaults that all the 'listen' and 'backend' sections will
# use- if not designated in their block
#--
defaults
log global
mode http
retries 3
balance roundrobin
option abortonclose
option redispatch
option dontlognull
option log-health-checks
maxconn 20480
timeout connect 5s
timeout client 50s
timeout server 50s
timeout http-request20s
timeout http-keep-alive 30s
timeout check 10s
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
#--
# frontend instances
#--
frontend ext-http-in
bind 10.1.2.10:80 name s3
bind 10.1.2.10:443 ssl crt certificate.pem name secure-s3
maxconn 25000
option forwardfor if-none
option http-server-close
option httplog
default_backend be_rgw-zone1
use_backend be_rgw-zone1 if host_s3
#--
# backend instances
#--
backend be_rgw-zone1
mode http
option http-server-close
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
server radosgw-vip1 10.1.2.1:80 check
server radosgw-vip2 10.1.2.2:80 check
server radosgw-vip3 10.1.2.3:80 check
From: Szabo, Istvan (Agoda)
Date: Sunday, February 7, 2021 at 8:25 PM
To: Marc , ceph-users@ceph.io
Subject: [ceph-users] Re: share haproxy config for radosgw
Let me join to this thread, I'd be interested also with HTTPS and beast
configuration on HA+Proxy level. Haven't managed to make it ever work.
-Original Message-
From: Marc
Sent: Monday, February 8, 2021 5:19 AM
To: ceph-users@ceph.io
Subject: [ceph-users] share haproxy config for radosgw
Email received from outside the company. If in doubt don't click links nor open
attachments!
I was wondering if someone could post a config for haproxy. Is there something
specific to configure? Like binding clients to a specific backend server,
client timeouts, security specific to rgw etc.
___
ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to
ceph-users-le...@ceph.io
This message is confidential and is for the sole use of the intended
recipient(s). It may also be privileged or otherwise protected by copyright or
other legal rules. If you have received it by mistake please let us know by
reply email and delete it from your system. It is prohibited to copy this
message or disclose its content to anyone. Any confidentiality or privilege is
not waived or lost by any mistaken delivery or unauthorized disclosure of the
message. All messages sent to and from Agoda may be monitored to ensure
compliance with company policies, to protect the company's interests and to
remove potential malware. Electronic messages may be intercepted, amended, lost
or deleted, or contain viruses.
___
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io
___
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io
[ceph-users] Re: share haproxy config for radosgw
Let me join to this thread, I'd be interested also with HTTPS and beast configuration on HA+Proxy level. Haven't managed to make it ever work. -Original Message- From: Marc Sent: Monday, February 8, 2021 5:19 AM To: ceph-users@ceph.io Subject: [ceph-users] share haproxy config for radosgw Email received from outside the company. If in doubt don't click links nor open attachments! I was wondering if someone could post a config for haproxy. Is there something specific to configure? Like binding clients to a specific backend server, client timeouts, security specific to rgw etc. ___ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io This message is confidential and is for the sole use of the intended recipient(s). It may also be privileged or otherwise protected by copyright or other legal rules. If you have received it by mistake please let us know by reply email and delete it from your system. It is prohibited to copy this message or disclose its content to anyone. Any confidentiality or privilege is not waived or lost by any mistaken delivery or unauthorized disclosure of the message. All messages sent to and from Agoda may be monitored to ensure compliance with company policies, to protect the company's interests and to remove potential malware. Electronic messages may be intercepted, amended, lost or deleted, or contain viruses. ___ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
