Debugging Gluster with Wireshark and SystemTap

Similar documents
GlusterFS and RHS for SysAdmins

GlusterFS Current Features & Roadmap

Scale-Out backups with Bareos and Gluster. Niels de Vos Gluster co-maintainer Red Hat Storage Developer

Demystifying Gluster. GlusterFS and RHS for the SysAdmin

Open Storage in the Enterprise

Gluster roadmap: Recent improvements and upcoming features

Demystifying Gluster. GlusterFS and RHS for the SysAdmin. Dustin L. Black, RHCA Sr. Technical Account Manager, Red Hat

Introduction To Gluster. Thomas Cameron RHCA, RHCSS, RHCDS, RHCVA, RHCX Chief Architect, Central US Red

-Presented By : Rajeshwari Chatterjee Professor-Andrey Shevel Course: Computing Clusters Grid and Clouds ITMO University, St.

Integration of Flexible Storage with the API of Gluster

GlusterFS Architecture & Roadmap

Gluster can t scale - Is it a reality or a past? Atin Mukherjee Engineering Manager, Red Hat Gluster Storage

Red Hat Storage Server for AWS

GlusterFS Cloud Storage. John Mark Walker Gluster Community Leader, RED HAT

Reasons to Migrate from NFS v3 to v4/ v4.1. Manisha Saini QE Engineer, Red Hat IRC #msaini

RED HAT GLUSTER STORAGE TECHNICAL PRESENTATION

Red Hat Storage (RHS) Performance. Ben England Principal S/W Engr., Red Hat

Data Distribution in Gluster. Niels de Vos Software Maintenance Engineer Red Hat UK, Ltd. February, 2012

Red Hat Gluster Storage performance. Manoj Pillai and Ben England Performance Engineering June 25, 2015

The Future of Storage

RedHat Gluster Storage Administration (RH236)

NFS: The Next Generation. Steve Dickson Kernel Engineer, Red Hat Wednesday, May 4, 2011

Red Hat Summit 2009 William Cohen

Distributed Storage with GlusterFS

Unit 2: Manage Files Graphically with Nautilus Objective: Manage files graphically and access remote systems with Nautilus

GlusterFS Distributed Replicated Parallel File System

Advanced Network Troubleshooting Using Wireshark (Hands-on)

rfs Remote File System Softwarepraktikum für Fortgeschrittene

CSE 486/586: Distributed Systems

IPtables and Netfilter

SA3 E7 Advanced Linux System Administration III Internet Network Services and Security

NFSv4.1 Using pnfs PRESENTATION TITLE GOES HERE. Presented by: Alex McDonald CTO Office, NetApp

Category: Informational October 1996

CIFS Geeks in Exile - or -

NFSv4.1 Plan for a Smooth Migration

"Charting the Course... RHCE Rapid Track Course. Course Summary

RALPH BÖHME, SERNET, SAMBA TEAM UNDERSTANDING AND IMPROVING SAMBA FILESERVER PERFORMANCE HOW I FELL IN LOVE WITH SYSTEMTAP AND PERF

Solving Linux File System Pain Points. Steve French Samba Team & Linux Kernel CIFS VFS maintainer Principal Software Engineer Azure Storage

Fundamentals of Linux Platform Security

Fundamentals of Linux Platform Security. Hands-On Network Security. Roadmap. Security Training Course. Module 1 Reconnaissance Tools

CIT 470: Advanced Network and System Administration. Topics. Filesystems and Namespaces. Filesystems

The CephFS Gateways Samba and NFS-Ganesha. David Disseldorp Supriti Singh

BeoLink.org. Design and build an inexpensive DFS. Fabrizio Manfredi Furuholmen. FrOSCon August 2008

Network Traffic Analysis - Course Outline

416 Distributed Systems. Distributed File Systems 1: NFS Sep 18, 2018

NFS around the world Tigran Mkrtchyan for dcache Team dcache User Workshop, Umeå, Sweden

Next Generation Storage for The Software-Defned World

EI 338: Computer Systems Engineering (Operating Systems & Computer Architecture)

Shared File System Requirements for SAS Grid Manager. Table Talk #1546 Ben Smith / Brian Porter

NFS Design Goals. Network File System - NFS

Linux Administration

Category: Informational October 1996

HANDLING PERSISTENT PROBLEMS: PERSISTENT HANDLES IN SAMBA. Ira Cooper Tech Lead / Red Hat Storage SMB Team May 20, 2015 SambaXP

2 SCANNING, PROBING, AND MAPPING VULNERABILITIES

Netfilter. Fedora Core 5 setting up firewall for NIS and NFS labs. June 2006

NFSv4 and rpcsec_gss for linux

Using WireShark to support the Application June 16, 2011

The RPC abstraction. Procedure calls well-understood mechanism. - Transfer control and data on single computer

Assignment 3 Firewalls

RHCE BOOT CAMP. File Sharing Services. Wednesday, November 28, 12

Lab I: Using tcpdump and Wireshark

Status of the Linux NFS client

NFS with Linux: Current and Future Efforts. Chuck Lever, Network Appliance, Inc Steve Dickson, Red Hat Red Hat Summit 2006

Linux System Administration, level 2

Kerberized NFS 2010 Kerberos Conference

So What is WireShark?

Red Hat System Administration I - RH124

Course Outline. LPIC-1 Exam 1 - Linux Server Professional Certification V4.0 (Course & Labs)

4. Note: This example has NFS version 3, but other settings such as NFS version 4 may also work better in some environments.

Course 55187B Linux System Administration

User-level file systems

MIT Kerberos & Red Hat

RHCSA Rapid Track Course (RH199)

Packet Capturing with TCPDUMP command in Linux

Introduction to the Network File System (NFS)

Systemtap times April 2009

Applied IT Security. System Security. Dr. Stephan Spitz 6 Firewalls & IDS. Applied IT Security, Dr.

Wolfram Richter Red Hat. OpenShift Container Netzwerk aus Sicht der Workload

Red Hat Gluster Storage 3.1 Administration Guide

System Wide Tracing User Need

Fuse Extension. version Erick Gallesio Université de Nice - Sophia Antipolis 930 route des Colles, BP 145 F Sophia Antipolis, Cedex France

Chapter 2: Operating-System Structures. Operating System Concepts 9 th Edit9on

Laboratory 2 Dynamic routing using RIP. Iptables. Part1. Dynamic Routing

Debugging Linux systems using GDB and QEMU. Khem Raj

Deploying BigFix Patches for Red Hat

CSC 474/574 Information Systems Security

Remote Procedure Call (RPC) and Transparency

Sun Certified System Administrator for the Solaris 10 OS Bootcamp

SUN SOLARIS. Course Catalog

Using Wireshark as an Applica1on Support Engineer Tim Poth. Senior Priority Response Analyst Bentley Systems, Inc.

Monitoring Network File Systems

ITDUMPS QUESTION & ANSWER. Accurate study guides, High passing rate! IT dumps provides update free of charge in one year!

dcache NFSv4.1 Tigran Mkrtchyan Zeuthen, dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 1

NFSv4 extensions for performance and interoperability

Configuring Virtual Servers

OpenShift + Container Native Storage (CNS)

Optimizing SDS for the Age of Flash. Krutika Dhananjay, Raghavendra Gowdappa, Manoj Hat

Capturing & Analyzing Network Traffic: tcpdump/tshark and Wireshark

OPERATING SYSTEM. Chapter 12: File System Implementation

Some of the slides borrowed from the book Computer Security: A Hands on Approach by Wenliang Du. Firewalls. Chester Rebeiro IIT Madras

Transcription:

Debugging Gluster with Wireshark and SystemTap Examples based on real user problems Sr. Software Maintenance Engineer Red Hat Global Support Services FISL 10 May 2014

Introduction Name: Company: Red Hat Department: Global Support Services Job title: Sr. Software Maintenance Engineer Duties: 2 assist with solving complex customer support cases, write bugfixes/patches, document solutions Sub-maintainer for Gluster/NFS, release-maintainer for glusterfs-3.5 (current stable version)

Agenda Gluster Overview Introduction in Wireshark Minimal explanation of SystemTap Use Cases Mount failures Hanging QEMU image access 3 Missing, or incorrect access time of files when writing through a CIFS/Samba mountpoint

Gluster Overview Debugging Gluster with Wireshark and SystemTap Examples based on real user problems

Terminology 5 Brick Fundamentally, a filesystem mountpoint A unit of storage used as a capacity building block Translator Logic between the file bits and the Global Namespace Layered to provide GlusterFS functionality

Terminology 6 Volume Bricks combined and passed through translators Ultimately, what's presented to the end user Peer / Node Server hosting the brick filesystems Runs the Gluster daemons and participates in volumes

Distributed Volume 7 Files evenly spread across bricks Similar to file-level RAID 0 Server/Disk failure could be catastrophic

GlusterFS Native Client (FUSE) 8 Specify mount to any GlusterFS server Native Client fetches volfile from mount server, then communicates directly with all nodes to access data The Virtual File System (VFS) from the Linux kernel communicates with the FUSE kernel module The FUSE kernel module has a connection (through /dev/fuse) with the GlusterFS-client daemon The GlusterFS-client relays the requests from the FUSE kernel module to the bricks

GlusterFS Native Client (FUSE) Fuse Native Network Interconnect 9

NFS and SMB/CIFS 10 Gluster/NFS: Standard NFS v3 clients Daemon as part of the glusterfs-server package SMB/CIFS: Samba vfs_glusterfs plugin based on libgfapi Configuration through the samba package A client mounts a single storage server The storage server acts like a GlusterFS-client and distributes/replicates the traffic Comparable with a gateway/proxy

NFS and SMB/CIFS Samba QEMU libgfapi NFS Network Interconnect 11 application

Introduction in Wireshark Debugging Gluster with Wireshark and SystemTap Examples based on real user problems

Introduction in Wireshark One of the most well known network protocol analyzers Can capture network traffic Can display hundreds of protocols Comes with several useful commandline tools 13 Version 1.8 and newer support GlusterFS tshark, editcap, capinfos,... Homepage: www.wireshark.org

Capturing network traffic 14 Capture with Wireshark Convenient, nice graphical interface Analyze on the system used for capturing Got (a recent) Wireshark on your server? Capture with tcpdump Headless, no graphical environment needed Separate production and analysis systems Save in a file for off-line analysis Can capture with rotating filenames

Capturing network traffic: examples Save to a file: -w glusterfs.pcap Capture on all interfaces: -i any Do not chop off packets: -s 0 Filters: Only TCP: tcp Ports 24007 to 240100: portrange 24007-240100 Result: # tcpdump glusterfs.pcap -i any -s 0 \ tcp and portrange 24007-24100 15

GlusterFS protocols Everything is TCP Based on SUN Remote Procedure Calls RFC 5531 Data is encoded in XDR (RFC 4506) Similarities with portmapper and NFS A number of sub-protocols are used 16 GlusterFS is the most important one (I/O)

Simple explanation of SystemTap Debugging Gluster with Wireshark and SystemTap Examples based on real user problems

SystemTap Introduction 18 Capable of dynamically inserting instrumentation in the Linux kernel This also is possible for userspace applications Similar to running through gdb with breakpoints and displaying of structures Useful for gathering statistics on function calls, including delays and timings.stp scripts get compiled as kernel modules and automatically loaded (temporary)

Excellent SystemTap documentation Many existing functions (tapsets) available for re-use 19 Located in /usr/share/systemtap/tapset Many examples with different purposes can be found in the SystemTap wiki /usr/share/doc/systemtap*/examples https://sourceware.org/systemtap/examples/

User Problem: mount failures Debugging Gluster with Wireshark and SystemTap Examples based on real user problems

User problem: Mount failures Example capture file: mount failure.pcap.gz Filter: tcp.len Protocol outline > 0 1.Gluster Handshake GETSPEC 2.Gluster DUMP DUMP (for each brick) 3.Gluster Portmap PORTBYBRICK (for each brick) 4.Should connect to each brick 21 Check reply packets Find area of the failure, remove filter

Solution: Mount failures 22 The client does not receive any replies from the bricks iptables target REJECT responds with ICMP replies iptables target DROP does not cause any replies Solution: verify the firewall on the client, storage servers and possibly any systems inbetween Sometimes it is needed to capture multiple tcpdumps on different locations in the network traject

User Problem: hanging QEMU image access Debugging Gluster with Wireshark and SystemTap Examples based on real user problems

User Problem: Hanging QEMU image access Create a qcow2 image over the gluster:// protocol # qemu img create f qcow2 \ gluster://storage 1.example.com/fisl/vm.img \ 512M Wait for the hang... SETVOLUME on remote host failed: Authentication failed... 24 Notice for the hang Also affects QEMU staring virtual machines

User Problem: Hanging QEMU image access 25 Example capture file: qemu img.pcap.gz Filter: tcp.len Filter: glusterfs.hndsk.proc Filter: glusterfs.hndsk.proc Expand the protocol tree of the RPC Reply > 0 && rpc.msgtyp == 1

Solution: Hanging QEMU image access The storage servers (bricks) return Permission Denied Solution: follow the documentation, and pay special attention to 'stopping and starting the volume'. Stopping and starting the volume is not the same as rebooting the storage server. Configuration Guide for libvirt/qemu with Gluster on the Gluster Community Wiki (http://www.gluster.org/community/documentation/index.php/libgfapi_with_qemu_libvirt) 26

User Problem: wrong/missing access time Debugging Gluster with Wireshark and SystemTap Examples based on real user problems

User Problem: wrong/missing access time 28 After writing to an existing file located on a share provided by Samba, the access time is...... not displayed in Windows Explorer... very far in the future on Linux Does not happen when the share is located on a FUSE mountpoint (exported by Samba) Only happens with the new vfs_glusterfs module for Samba (libgfapi integration)

Samba (CIFS) CIFS client Samba Network Interconnect 29 libgfapi

User Problem: wrong/missing access time Use systemtap to print the received and send access time: #!/usr/bin/stap probe process("/usr/lib*/libgfapi.so.*").function("glfs_utimens"), process("/usr/lib*/libgfapi.so.*").function("glfs_utimens") { printf("%s: atime >tv_sec=%ld\n", probefunc(), $times[0] >tv_sec); printf("%s: mtime >tv_sec=%ld\n", probefunc(), $times[1] >tv_sec); } probe process("/usr/lib*/samba/vfs/glusterfs.so").function("vfs_gluster_ntimes") { printf("%s: atime >tv_sec=%ld\n", probefunc(), $ft >atime >tv_sec); printf("%s: mtime >tv_sec=%ld\n", probefunc(), $ft >mtime >tv_sec); } 30

User Problem: wrong/missing access time Resulting output: vfs_gluster_ntimes: atime >tv_sec= 1 vfs_gluster_ntimes: atime >tv_nsec=0 vfs_gluster_ntimes: mtime >tv_sec=1389363885 vfs_gluster_ntimes: mtime >tv_nsec=0 glfs_utimens: atime >tv_sec= 1 glfs_utimens: atime >tv_nsec=0 glfs_utimens: mtime >tv_sec=1389363885 glfs_utimens: mtime >tv_nsec=0 glfs_utimens: atime >tv_sec= 1 glfs_utimens: atime >tv_nsec=0 glfs_utimens: mtime >tv_sec=1389363885 glfs_utimens: mtime >tv_nsec=0 31

Solution: wrong/missing access time The vfs_glusterfs module from Samba does not do any value checking of the access time In case the access time is -1, the access time should not get updated Libgfapi requires sending a access time Solution: in case the access time is -1, send the cached (in Samba) access time Upstream Samba report and patch: 32 http://thread.gmane.org/gmane.network.samba.internals/74524

Thank You! Slides Available at: http://people.redhat.com/ndevos/talks/fisl15 ndevos@redhat.com storage-sales@redhat.com @Glusterorg RHS: @RedHatStorage www.redhat.com/storage GlusterFS: Gluster www.gluster.org Red Hat Global Support Services: access.redhat.com/support Red Hat Storage Debugging Gluster with Wireshark and SystemTap Examples based on real user problems

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback