4:23 a.m.
Hi,
I've got a squid proxy set up for my ovirt console, which works great.
However, if I'm connected to a (non-graphic) console and step away for
several minutes (somewhere between 15-30 -- I haven't figured out exactly
how long), the console will freeze. My TCP connections still seem to be
active (they don't disconnect) -- I still see the connection between my
remote-console and squid, and between the squid and console host. However
if I type into the console I see nothing.
Has anyone seen this issue and know how to correct it?
This is with ovirt 4.0.5 on centos 7.2. The guest doesn't seem to matter
-- I've seen this issue with different guests.
Thanks,
-derek
--
Derek Atkins 617-623-3745
derek(a)ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
3:30 a.m.
Hi again,
"Derek Atkins" <derek(a)ihtfp.com> writes:
Hi,
I've got a squid proxy set up for my ovirt console, which works great.
However, if I'm connected to a (non-graphic) console and step away for
several minutes (somewhere between 15-30 -- I haven't figured out exactly
how long), the console will freeze. My TCP connections still seem to be
active (they don't disconnect) -- I still see the connection between my
remote-console and squid, and between the squid and console host. However
if I type into the console I see nothing.
Has anyone seen this issue and know how to correct it?
This is with ovirt 4.0.5 on centos 7.2. The guest doesn't seem to matter
-- I've seen this issue with different guests.
I've done a bit more testing on this. I've tried turing on TCP
keepalives within squid, but here's what happens:
1) remote-viewer opens up 4 TCP connections through the proxy
2) About 15 minutes later one connection closes. At this point, the
remote console still works.
3) At some point in the future (I'm not exactly sure what triggers this,
yet), a second connection closes. It's at this point the remote
console stops working. It's still there/visible, but no typing makes
it across (the window appears hung).
4) When I close the window, the final two connections close.
Here's the squid access log:
{ Opened remote console at 16:13:37 }
{ Typed into it again at 16:21 }
[2016/11/29 16:28:32.032] 900277 <my client IP> TCP_MISS/200 2828 CONNECT
X.Y.Z.70:5910 - HIER_DIRECT/X.Y.Z.70 -
{ still works after first connection dropped. Left viewer minimized. }
{ retested at 17:33:08 -- still works when it was minimized. Now leaving open }
[2016/11/29 18:26:41.936] 7990181 <my client IP> TCP_MISS/200 12224 CONNECT
X.Y.Z.70:5910 - HIER_DIRECT/X.Y.Z.70 -
{ tested at 18:31: no longer working }
So I guess my questions are:
1) Why are there 4 connections opened?
2) Why do two die "early"?
3) How do I keep them open longer/permanently?
I'll note that this looks a lot like this email thread, but I know it's
got nothing to do with a firewall if for no other reason that not all
connections are exiting simultaneously.
http://virt-tools-list.redhat.narkive.com/7rE6ZtZ8/virtviewer-and-tcp-kee...
Any suggestions?
-derek
--
Derek Atkins 617-623-3745
derek(a)ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
10:35 a.m.
On Wed, Nov 30, 2016 at 1:30 AM, Derek Atkins <derek(a)ihtfp.com> wrote:
Hi again,
Hello,
I opened a similar thread here:
http://lists.ovirt.org/pipermail/users/2016-November/044142.html
Do you experiment your problem both with user and admin portal?
In my case I have the same but only when I opne the remote console from web
admin portal. From user portal it is ok.
I'm going to do more tests...
12:04 a.m.
Hi,
Gianluca Cecchi <gianluca.cecchi(a)gmail.com> writes:
On Wed, Nov 30, 2016 at 1:30 AM, Derek Atkins <derek(a)ihtfp.com>
wrote:
Hi again,
Hello,
I opened a similar thread here:
http://lists.ovirt.org/pipermail/users/2016-November/044142.html
This thread seems to be slightly different than mine, at least at first
glance. My issue is that I can connect to the console and it works fine
for a while, but if it sits idle for "too long" then it stops working
(where "too long" seems to vary a bit -- another trial today lasted only
20 minutes).
Do you experiment your problem both with user and admin portal?
I only tried with the admin portal. I just now tried the user portal
but something seems to be broken -- when I log in to the user portal
with my admin@internal credentials I don't see any of my VMs! I know I
tried this at the onset with 4.0.4, but I haven't tried it recently
since I upgraded to 4.0.5. Not sure what's going on there.
I just tried logging in with another user and I see the authorized VMs.
So there's something about admin@internal and the user portal in 4.0.5
that's causing me issues.
In my case I have the same but only when I opne the remote console
from web
admin portal. From user portal it is ok.
I'm going to do more tests...
I just tested from my user account. I opened a console to a VM and let
it sit idle. After 15 minutes the first connection closed (the same as
the admin portal). The second connection closed after about 70 minutes
at which point the console became unusable. This implies to me that
user vs admin portal does not affect the console becoming unusable after
some period of idle time, after which the second of four connections
drops.
Is there anything else you'd like me to test?
-derek
--
Derek Atkins 617-623-3745
derek(a)ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
2914
days inactive
2917
days old
3 comments
2 participants
participants (2)
-
Derek Atkins -
Gianluca Cecchi