Intermittent TFTP Failure
I am currently struggling with my FOG server.
Last week up updated from .32 to 1.1.2. I am running my FOG server on Ubuntu 11.10.
Prior to the upgrade FOG had been working flawlessly for almost 2 years.
Now I am having intermittent issues with TFTP. It goes like this:
Upload an image, deploy an image. All works as it should. Then, randomly, I start getting TFTP open timeout errors on clients that are trying to boot to the network.
I follow the instructions here http://www.fogproject.org/wiki/index.php/Tftp_timeout… to check tftp from both windows and the fog server. Pre-TFTP open timeout error, I get the responses, just like I should. Post I get no response from either.
I restart the tftp service, and everything starts working again.
It typically keeps working for the rest of the day, and then fails sometime after I leave for work.
I checked the system logs and I found what I suspect is the issue.
Jul 14 09:47:58 CLS-FOG kernel: : (CRON) error (grandchild #7213 failed with exit status 1)
along with a bunch of
Jul 14 15:08:39 CLS-FOG in.tftpd: tftp: client does not accept options, but this, I gather, is normal.
I am not particularly familiar with ubuntu beyond the basic stuff, and am not sure where to look from here. Can anyone point me in the right direction?
One thing I just noticed, the timestamp on your tftpd entries in syslog are all really weird, I’m not sure why, and I don’t see how it could cause a problem, but it is odd.
I’m not sure at the moment. I’ll take a look at your syslog later, it certainly still looks like a memory leak in some process to me (my guess would be gnome somewhere - if you don’t need a desktop on your fog server just uninstall it).
If you don’t want to uninstall gnome just yet make sure you apt-get update && apt-get upgrade the system. It’s possible whatever program is leaking has been fixed already.
If you want to try the system without a desktop for a while you could try
$ sudo service lightdm stop
You should end up at a black console with white text. Run your upload/download tests and see if the problem is fixed.
Alright, here is the latest:
It appears that the failures are somehow related to Image uploads to Fog. After 2 days without failure, I started an image upload, went to a meeting, and two hours later, when I got back, tftp was broken. The failure doesn’t seem to happen immediately, since I’ve seen clients continue to connect to Fog immediately after an image upload.
The info you requested is here:
No problem. I hope it works for you
I haven’t forgotten about your reply. I was just waiting for tftp to fail so that the logs and responses I give you are actually useful. Its been two days, and I haven’t had to restart once.
The only thing I’ve done differently is not uploaded a new image. I have one that is almost ready for upload, so I’ll do that and see if I can get it to fail again. If that works, I should have the requested info soon.
Thanks again for your help.
OK, the network sounds clear and those error messages you were getting from tftp.hpa are very suspicious.
I don’t have an ubuntu system to test with, but on CentOS systems tftpd is started by inetd, if ubuntu is the same then when a client makes an incoming connection to the fog server for tftp, inetd spawns an instance of in.tftpd to handle the connection. It looks like, in your case, when that happens your system can’t allocate memory for tftpd so it never gets spawned, that is why your tftp sessions fail. The difficult part is figuring out why there is no memory for tftpd.
As I mentioned above, I don’t think it is a physical problem, 4GB seems like plenty of RAM - I get by with much less. It is possible that some runnaway process is eating up all of your ram, but if your system was genuinely memory starved I would expect more problems than just a failing tftpd server.
Could you attach a copy of your /var/log/messages or /var/log/syslog file? We might be able to spot the root cause in there.
Also could you periodically have a look for any tftp processes
$ ps -ef | grep tftp root 5007 1138 0 12:38 ? 00:00:00 in.tftpd -s /tftpboot root 5010 4980 0 12:38 pts/0 00:00:00 grep tftp
It would be interesting to see if it is running and if more than one process is spawned.
Finally after your machine has been running for a while you can get a list of the most memory hungry processes by running ps, e.g.
$ ps -eo pid,rss,vsz,comm= | sort -n -k 3 | tail -n 20 5461 688 100944 tail 5459 996 108124 ps 1192 1540 108168 mysqld_safe 4980 1924 108308 bash 1406 1360 117300 crond 5460 868 155432 sort 955 1560 249084 rsyslogd 1413 11140 250640 FOGTaskSchedule 1427 10944 250640 FOGImageReplica 1420 11212 250896 FOGMulticastMan 1398 9544 271660 httpd 1462 10548 370800 httpd 1460 10576 370808 httpd 1458 10480 371024 httpd 1461 10764 371024 httpd 1457 10724 371040 httpd 1463 18528 378748 httpd 1459 18280 378752 httpd 1456 19196 379668 httpd 1294 27708 640800 mysqld
If you could do this around the time that tftp dies we might have a chance of catching the reason why.
Results of iptables -nL looked exactly like yours.
Running sestatus gives me "The program ‘sestatus’ is currently not installed’. I assume that this means SELinux is not installed also?
hosts.allow and hosts.deny both had only comments in them.
Thanks for your help. I appreciate the inclusion of the commands I need to find the info out. Saves me a lot of digging.:)
I think you should be OK for memory, 4GB seems like plenty. As I said, my setup is only using 1GB and I’m not seeing the problems, before you dig too deep looking for answers, you should check that the problem isn’t firewalling.
If 0.32 was working and there have been no network changes since then there probably isn’t a network firewall, but you should double/triple check that the fog server doesn’t have one. On Ubuntu 11.10 you should check
$ sudo iptables -nL Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination $ sestatus
You should also check SELINUX, make sure it is either disabled or in permissive mode
$ sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: permissive Mode from config file: permissive Policy version: 24 Policy from config file: targeted
And you might want to just double check that you are NOT using tcp_wrappers: just check that /etc/hosts.allow and /etc/hosts.deny are empty or only have comments in them. Once you have confirmed those things we can start tracking down the problem without going in circles
The “Cannot allocate memory” messages look a bit worrying to me. Does the machine have enough RAM? Could you try running “free -m” in a command window? e.g. here is my fog server
total used free shared buffers cached Mem: 996 565 431 0 11 382 -/+ buffers/cache: 172 824 Swap: 2043 0 2043
My fog server is a virtual machine with 1GB of ram, from the numbers above I have 431Mb free and around 400Mb in cache.