Bug 30441 - boot of a ucc client takes a very long time (5min) if the ucs master is not reachable
boot of a ucc client takes a very long time (5min) if the ucs master is not r...
Status: CLOSED FIXED
Product: Univention Corporate Client (UCC)
Classification: Unclassified
Component: General
unspecified
Other Linux
: P5 normal
: UCC 1.0-errata
Assigned To: Erik Damrose
Felix Botner
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-02-14 13:30 CET by Felix Botner
Modified: 2013-04-24 17:26 CEST (History)
3 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Felix Botner univentionstaff 2013-02-14 13:30:07 CET
Setup:

UCS Master and UCS Slave, DHCP DNS Policy with both hosts as nameservers and a UCC Client with ldap/server/addition set to the slave.


Booting the client if the master is down takes about 5 minutes. 

The Problem is the self.lo.start_tls_s call on an unreachable ldapserver in uldap.py in the initrd (e.g., /usr/sbin/univention-ucc-boot-option --read). 

uldap.py:access.__open calls self.lo.start_tls_s and this takes forever, if it is called in the initrd. If the system has booted correctly self.lo.start_tls_s takes about 3 seconds which is tolerable.

initrd:
-> chroot /root /usr/sbin/univention-ucc-boot-option --read
real    1m20.590s
user    0m0.200s
sys     0m0.56s


booted system:
-> time usr/sbin/univention-ucc-boot-option --read
real    0m4.227s
user    0m0.348s
sys     0m0.272s

With strace is see.

-> strace ...
connect(3, {sa_family=AF_INET, sin_port=htons(7389), sin_addr=inet_addr("10.200.7.120")}, 16

(10.200.7.120 is the deactivated ucs master)

For testing purposes, I added a ldap timeout in uldap.py:access.__open

  self.lo.set_option(ldap.OPT_NETWORK_TIMEOUT, 3)

before

  self.lo.start_tls_s()

and it took less time.

But the question is, why it takes so much longer when started in the initrd.
Comment 1 Erik Damrose univentionstaff 2013-04-08 17:19:31 CEST
The increased delay seems to originate from two sources. 

1) dnsmasq is not running in the initrd. DNS requests are first executed against the non-running master, which increase the runtime for about 15 seconds.

2) there is a difference in how the connect()'s are handling the request in the initrd and a completely booted client: in the initrd the connect fails with a timeout -1 ETIMEDOUT (Connection timed out); when the client is booted the connect fails almost immediately with a EHOSTUNREACH (No route to host).
Comment 2 Stefan Gohmann univentionstaff 2013-04-09 06:13:29 CEST
(In reply to comment #1)
> 1) dnsmasq is not running in the initrd. DNS requests are first executed
> against the non-running master, which increase the runtime for about 15
> seconds.

In UCS we often use the option "options timeout:2" in /etc/resolv.conf.
Comment 3 Erik Damrose univentionstaff 2013-04-09 09:08:38 CEST
options timeout:2 is already written to resolv.conf by the initscript ucc immediately after a ip address has been obtained.
Comment 4 Erik Damrose univentionstaff 2013-04-09 13:08:02 CEST
The startup delay has been greatly reduced by starting the loopback interface in the initramfs script ucc. Start time to login greeter is now around 1:20 minutes down from 4:30 minutes.

univention-ucc-initramfs 1.0.19-3.73.201304091246
2013-04-09-univention-ucc-initramfs.yaml

The remaining delay is due to 3 seperate scripts who contact the ldap-server and each have to wait for a timeout. As this is beyond the errata scope, bug 31001 has been created.
Comment 5 Felix Botner univentionstaff 2013-04-10 16:50:56 CEST
OK - ucc-errata

     boot time without running primary dns server reduced to 1.5 min

OK - YAML
Comment 6 Janek Walkenhorst univentionstaff 2013-04-24 17:26:26 CEST
http://errata.univention.de/ucc/1.0/7.html