-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CA-383852: Fix output from sar -A
, move sar
to cap(system-load)
#13
CA-383852: Fix output from sar -A
, move sar
to cap(system-load)
#13
Conversation
sar -A
, moving sar to "system-load"sar -A
, moving sar to "system-load"
sar -A
, moving sar to "system-load"sar -A
, move "sar" to "system-load"
sar -A
, move "sar" to "system-load"sar -A
, move sar
to cap(system-load)
sar -A
, move sar
to cap(system-load)
sar -A
, move sar
to cap(system-load)
Fix `sar -A` from timing out: This issue was that when the human-readable output of `sar -A` was added in April to `--entries=xenserver-logs`, the timeout for the capability was not defined. The capability `xenserver-logs` uses the default timeout of -1 which is racey for commands as they are immediately stopped due to timeout of -1 running out unless they are very brief. To fix this, it was suggested that `sar` (a system load report) could be moved to a new capability. Also, it should be noted that `sar` records are binary system load records, not XenServer specific log files. Therefore, create a new capability (`system_load`), responsible for collecting the sar data files (and the human-readable of output of `sar -A`) with a timeout of 30 seconds and a `max_size` of 70 MB. Signed-off-by: Bernhard Kaindl <bernhard.kaindl@cloud.com>
b93ef68
to
78823aa
Compare
@@ -426,6 +427,7 @@ cap(CAP_PERSISTENT_STATS, PII_NO, max_size=50*MB, | |||
max_time=60, checked=False, hidden=True) | |||
cap(CAP_PROCESS_LIST, PII_YES, max_size=30*KB, | |||
max_time=60) | |||
cap(CAP_SYSTEM_LOAD, PII_MAYBE, max_size=70*MB, max_time=30) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we remove this max_size from the CAP_XENSERVER_LOGS to avoid growing the size of the status report?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For CAP_SYSTEM_LOAD: The files in /var/log/sa which are collected in it now is ~33 MB (it keeps 60 binary in fixed binary format, so the size should not grow beyond that):
du -sch /var/log/sa
33M /var/log/sa
33M total
For CAP_XENSERVER_LOGS: Yes, I think not setting a max_size for CAP_XENSERVER_LOGS would simplify the code as it currently recalculates and updates its size, which may not be needed then. But we can keep that as it is now. If I understand this correctly, this can be done later when we clean up the code.
CA-383852: Fix a recently added feature:
Fix '
sar -A
' from timing out:To fix this, the reporter of the issue suggested that
sar
(a system load report) could be moved to a new capability.Also, it should be noted that
sar
records are binary system load records, not XenServer specific log files:I've set the personally identifiable information setting of
system-load
PII_MAYBE because of a private review comment (due to time pattern, maybe someone could make a guess based on activity data. That is definitely safe as the list of network interfaces and similar information is also currently set to MAYBE for other caps.).