LVS should handle losing a NIC on eqiad and codfw
Open, MediumPublic
Actions

Assigned To

None

Authored By

	Vgutierrez
	Jul 19 2021, 3:50 PM

Description

Our current LVS setup assumes that the NICs are able to be properly setup to the point that the proper routing rules are created. If for some reason that fails to happen (a down port for example) the traffic for that row would reach the realservers via the default route on the LVS box. This is undesired cause it would make the pybal healthchecks mark the affected servers as up and pool them but ipvs traffic won't be able to reach the mentioned servers.

A potential fix for this would be injecting static routes of type unreachable or blackhole with a lower metric. This would avoid that row specific traffic will reach the realservers through another row via the default route.

Follows-up https://wikitech.wikimedia.org/wiki/Incident_documentation/2021-07-16_asw-a2-codfw_network

Related Objects

Mentioned Here: T114979: Run IPVS in a separate network namespace

Event Timeline

Vgutierrez created this task.Jul 19 2021, 3:50 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 19 2021, 3:50 PM

cmooney subscribed.Jul 19 2021, 3:52 PM

Maintenance_bot added a project: SRE.Jul 19 2021, 4:45 PM

Vgutierrez added a project: Sustainability (Incident Followup).Jul 22 2021, 12:50 PM

[ Setting priority as part of clinic duty, please retriage if incorrect ]

Legoktm unsubscribed.Jul 26 2021, 11:14 PM

Krinkle renamed this task from LVS can't handle losing a NIC on eqiad and codfw to LVS should handle losing a NIC on eqiad and codfw.Aug 18 2021, 4:46 AM

Krinkle updated the task description. (Show Details)

Krinkle updated the task description. (Show Details)Aug 18 2021, 4:49 AM

BBlack moved this task from Backlog to Icebox-Temp on the Traffic board.Oct 8 2021, 7:29 PM

The swap of Traffic for Traffic-Icebox in this ticket's set of tags was based on a bulk action for all tickets that aren't are neither part of our current planned work nor clearly a recent, higher-priority emergent issue. This is simply one step in a larger task cleanup effort. Further triage of these tickets (and especially, organizing future potential project ideas from them into a new medium) will occur afterwards! For more detail, have a look at the extended explanation on the main page of Traffic-Icebox . Thank you!

BBlack moved this task from Backlog to Revive/Active? on the Traffic-Icebox board.Apr 13 2022, 7:31 PM

BBlack moved this task from Revive/Active? to Minor TODO on the Traffic-Icebox board.Apr 13 2022, 7:41 PM

@Vgutierrez Since there is a project to replace LVS in the horizon, is this still worth pursuing?

Removing SRE, has already been triaged to a more specific SRE subteam

Volans added a project: SRE-Sprint-Week-Sustainability-March2023.Mar 21 2023, 10:31 AM

Volans moved this task from Backlog to E_TOO_BIG_MAYBE_OKR? on the SRE-Sprint-Week-Sustainability-March2023 board.

Another approach is to put them in a distinct namespace (one without a default route) see T114979: Run IPVS in a separate network namespace

In T286924#8717679, @ayounsi wrote:

Another approach is to put them in a distinct namespace (one without a default route) see T114979: Run IPVS in a separate network namespace

My own instincts would be to avoid all that complexity. Definitely an interesting suggestion, but given we are working towards a new L4LB I think maybe such a major change is best avoided.

A simple blackhole route for each range with high metric ought to do the trick?

BCornwall moved this task from Minor TODO to Backlog on the Traffic-Icebox board.Mar 29 2023, 6:33 PM

LVS should handle losing a NIC on eqiad and codfwOpen, MediumPublicActions

Description

Related Objects

Event Timeline

LVS should handle losing a NIC on eqiad and codfw
Open, MediumPublic
Actions