Bug #3912
closed
(Unecessary) Use of host-to-ip cause major slowdown of cf-promises on the rudder server when used with many nodes
Added by Nicolas CHARLES about 11 years ago.
Updated over 9 years ago.
Category:
Web - Config management
Description
On the rudder server, the cf-promises is terribly slow with hundreds of nodes.
coredumb reported 14 secondes with 77 nodes
2.37user 1.08system 0:14.64elapsed 23%CPU (0avgtext+0avgdata 24688maxresident)k
0inputs+0outputs (0major+22969minor)pagefaults 0swaps
I could reproduce it locally, with a large number of node
It is linked to the use of host2ip in the trustkeyfrom, allowconnect and allowallconnect, which seems suboptimally implemented, and I'm not sure we need it: these entries accept hostname, so why do we use host2ip ??
Documentation says it accept either hostname, or IP
But there no point into duplicating both
I don't really understand why using host2ip it is so slow, but it clearly has no use. Tested without it on 2.6, and it doesn't break anything.
Testing in 2.4
- Status changed from New to 8
- Priority changed from N/A to 2
- Target version set to 2.4.9
ok, in 2.4 it is not mandatory either.
i'll remove them for the promises generation
Oh, I forgot to explain the impact:
a long cf-promises causes a long promises generation !
- Status changed from 8 to Pending technical review
- Assignee changed from Nicolas CHARLES to Jonathan CLARKE
- Pull Request set to https://github.com/Normation/rudder-techniques/pull/181
- Subject changed from Major slowdown of cf-promises on the rudder server when used with many nodes to (Unecessary) Use of host-to-ip cause major slowdown of cf-promises on the rudder server when used with many nodes
- Status changed from Pending technical review to Discussion
- Assignee changed from Jonathan CLARKE to Nicolas CHARLES
This approach is not valid, as I explained in the Pull Request (https://github.com/Normation/rudder-techniques/pull/181). It is mandatory, at least in CFEngine 3.4, to have the IP addresses of nodes in cf-serverd config - hostnames are not sufficient. Therefore, we can't remove the use of host2ip.
However, maybe there's another way to avoid cf-promises spending time on these host2ip calls? Possibly by making the list IPs to accept come from elsewhere, a module maybe, that does the reverse lookups? Or by generating the list of IPs from Rudder's inventory of the machine, with a list of all IPs that fit in the allowed networks?
- Target version changed from 2.4.9 to 2.4.10
- Target version changed from 2.4.10 to 2.4.11
- Target version changed from 2.4.11 to 2.4.12
- Target version changed from 2.4.12 to 2.4.13
- Target version changed from 2.4.13 to 2.6.11
Since version 2.4 is not maintained anymore, retargeting to branch 2.6
- Target version changed from 2.6.11 to 2.6.12
- Target version changed from 2.6.12 to 2.6.13
- Status changed from Discussion to Rejected
- Category changed from 14 to Web - Config management
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by Jonathan CLARKE 
Updated by Nicolas PERRON 
Updated by 
Updated by