Bug 1290923
Summary: | Ceph documentation should tell users to increase netfilter conntrack limits to prevent network issues | ||
---|---|---|---|
Product: | [Red Hat Storage] Red Hat Ceph Storage | Reporter: | Kyle Squizzato <ksquizza> |
Component: | Documentation | Assignee: | Bara Ancincova <bancinco> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | ceph-qe-bugs <ceph-qe-bugs> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 1.3.0 | CC: | asriram, bancinco, flucifre, fweimer, hnallurv, jowilkin, kdreyer, ksquizza, ngoswami, tganguly |
Target Milestone: | rc | Keywords: | Documentation, ZStream |
Target Release: | 1.3.2 | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-03-01 08:22:31 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1304004 | ||
Bug Blocks: |
Description
Kyle Squizzato
2015-12-11 22:29:57 UTC
Hi Bara, Can you please respond to the query asked in Comment 6 and Comment 7. Also in Redhat Installation guide: https://gitlab.cee.redhat.com/red-hat-ceph-storage-documentation/doc-Red_Hat_Ceph_Storage_1.3-Installation_Guide_for_Red_Hat_Enterprise_Linux/commit/2f0c61fa9e54c7444e9099922358b67c09f6d995 I don't see the Note Section: +NOTE: Running any form of the `iptables` rules can enable the `nf-conntrack` +modules again. Make sure to blacklist the modules before changing the +`iptables` rules. But in Ubuntu its present. Marking this as verified. We might need to change this recommendation; discussion in bug 1304004 What does the Ceph traffic look like which triggers this? Maybe there is a better way to avoid state table exhaustion rather than disabling the stateful firewall completely. *** Bug 1304004 has been marked as a duplicate of this bug. *** |