charm-sysconfig

Setting nf_conntrack under sysctl config fails.

Bug #2020136 reported by Felipe Alencastro on 2023-05-18

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	charm-sysconfig	Won't Fix	Wishlist	Unassigned

Bug Description

By setting a value for net.nf_conntrack_max on the sysctl config the charm gets stuck on a error state. This happens because module nf_conntrack isn't loaded by default.

juju config sysconfig-baremetal sysctl='{ net.nf_conntrack_max : 1000000 }'

juju status 45
...
ubuntu-baremetal/32 active idle 45 100.94.0.225
canonical-livepatch/70 active idle 100.94.0.225 Running kernel 5.4.0-148.165-generic, patchState: nothing-to-apply (source version/commit f1e83ae)
sysconfig-baremetal/42 error idle 100.94.0.225 hook failed: "juju-info-relation-joined"
...

Workaround is to manually modprobe nf_conntrack and then issue a juju resolved on the affected unit.

Tags:

Eric Chen (eric-chen) on 2023-05-19

tags:

added: bseng-1218

Revision history for this message

Andrea Ieri (aieri) wrote on 2023-05-19:

Felipe, could you please describe a bit more what you are trying to achieve and why you need to increase the conntrack table size? Also: which principal application are you trying to tune for?

Ricardo Tiecher (tiecher) on 2023-05-19

information type:

Public → Public Security

Felipe Alencastro (falencastro) on 2023-05-19

information type:

Public Security → Public

Revision history for this message

Felipe Alencastro (falencastro) wrote on 2023-05-19:

Andrea, this is for our openstack deployment, charms like nova-compute and ceph-osd have sysctl settings and in some cases when they're on the same host, sysctl settings overlap, so I moved all sysctl settings to sysconfig charm which gets deployed on all of our physical hosts. This is working properly with the caveat that whenever I deploy a new physical host I must modprobe nf_conntrack manually before charm installation.

Revision history for this message

Eric Chen (eric-chen) wrote on 2023-08-01:

Felipe,

We have a new library for the priciple charm to setup sysctl settings. Please use this solution to setup system configuration and handle reboot/modprobe in principle charm too.

PR: https://github.com/canonical/operator-libs-linux/pull/99

Spec:
https://docs.google.com/document/d/1qcRsFbiu8fld1P7NqdmUXZn8EDUjTAWxthMjwXQQnqM/edit

Changed in charm-sysconfig:
importance:	Undecided → Wishlist
status:	New → Won't Fix

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.