Bug 1362661 - NMI watchdog: BUG: soft lockup - for iptables-restore for openshift master/node
Summary: NMI watchdog: BUG: soft lockup - for iptables-restore for openshift master/node
Keywords:
Status: CLOSED DUPLICATE of bug 1318693
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 3.3.0
Hardware: x86_64
OS: Linux
high
medium
Target Milestone: ---
: ---
Assignee: Ben Bennett
QA Contact: Meng Bo
URL:
Whiteboard:
: 1372824 (view as bug list)
Depends On:
Blocks: OSOPS_V3
TreeView+ depends on / blocked
 
Reported: 2016-08-02 19:20 UTC by Elvir Kuric
Modified: 2017-08-28 13:34 UTC (History)
15 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-01-03 16:56:05 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Comment 12 Thomas Woerner 2016-09-02 13:46:31 UTC 
Can you give information about the firewall rule set that is already in place and the changes that will be added?

A firewall dump with iptables-save would show the current rules set. The restore files seem to be placed in /tmp. From the the example in comment 6 there are these iptables-restore calls:

iptables-restore --noflush --counters /tmp/kube-temp-iptables-restore-247982443 

One these files altogether with the rules set before the iptables-restore call would help to understand what is going on here. Please select one of the files, where the restore takes a lot of time.

As there does not seem to be a change in the IPv6 rules, it might not be needed to add them also.
Comment 13 Dan Williams 2016-09-15 22:08:02 UTC 
*** Bug 1372824 has been marked as a duplicate of this bug. ***
Comment 14 Florian Westphal 2016-11-30 17:58:09 UTC 
http://patchwork.ozlabs.org/patch/697722/

... might provide some speedup.
Note that I can't backport to rhel since this isn't upstream yet.
Note You need to log in before you can comment on or make changes to this bug.