[OpenAFS] Slow loading of virtually hosted web content

Kendrick Hernandez kendrick.hernandez@umbc.edu
Tue, 14 Dec 2021 12:51:57 -0500 

--00000000000022916705d31ed9dc
Content-Type: text/plain; charset="UTF-8"

On Fri, Dec 10, 2021 at 6:25 PM Jeffrey E Altman <jaltman@auristor.com>
wrote:

> On 11/29/2021 1:11 PM, Kendrick Hernandez (kendrick.hernandez@umbc.edu)
> wrote:
>
> We were able to narrow the problem down to DNS timeouts from an internal
> DNS server that had reached its limit for NF connection tracking. Once that
> limit was increased, the issue went away.
> Along with some forwarded insights from the folks at CMU and some isolated
> testing, we were able to confirm that disabling dynamic root and DNS-based
> server discovery on the cache manager also worked around issue.
>
> I'm glad you identified a solution.
>
> Do you know what the issued DNS queries were for?
>
We believe they were triggered by requests for /afs/.htaccess, as these web
servers have it enabled.


> The primary reason to avoid disabling dynamic root is the machine restarts
> and the OpenAFS cache manager cannot read the "root.afs" volume from the
> cell, the system will panic.  This could be due to the machine booting
> without a network interface or a failure of the cell similar to what
> occurred on January 14th of this year.
>
> The afsd -afsdb option is not required for a web server that will only be
> serving content from the local cell if the cell's location service list of
> servers is present in the local CellServDB file.   Sites that want the
> option of being able to dynamically relocate their location service
> instances will want to avoid local CellServDB entries.
>
Ah, good to know. Thanks!

k-

-- 
Kendrick Hernandez
*UNIX Systems Administrator*
Division of Information Technology
University of Maryland, Baltimore County

--00000000000022916705d31ed9dc
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div dir=3D"ltr"><br></div><br><div class=3D"gmail_quote">=
<div dir=3D"ltr" class=3D"gmail_attr">On Fri, Dec 10, 2021 at 6:25 PM Jeffr=
ey E Altman &lt;<a href=3D"mailto:jaltman@auristor.com">jaltman@auristor.co=
m</a>&gt; wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin=
:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"=
>
 =20
   =20
 =20
  <div>
    <div>On 11/29/2021 1:11 PM, Kendrick
      Hernandez (<a href=3D"mailto:kendrick.hernandez@umbc.edu" target=3D"_=
blank">kendrick.hernandez@umbc.edu</a>) wrote:<br>
    </div>
    <blockquote type=3D"cite">
     =20
      <div dir=3D"ltr">We were able to narrow the problem down to DNS
        timeouts from an internal DNS server that had reached its limit
        for NF connection tracking. Once that limit was increased, the
        issue went away. <br>
        <div>Along with some forwarded insights from the folks at CMU
          and some isolated testing, we were able to confirm that
          disabling dynamic root and DNS-based server discovery on the
          cache manager also worked around issue. <br>
        </div>
        <br>
      </div>
    </blockquote>
    <p>I&#39;m glad you identified a solution.</p>
    <p>Do you know what the issued DNS queries were for? <br></p></div></bl=
ockquote><div>We believe they were triggered by requests for /afs/.htaccess=
, as these web servers have it enabled. <br></div><div>=C2=A0</div><blockqu=
ote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px=
 solid rgb(204,204,204);padding-left:1ex"><div><p></p>
    <p>The primary reason to avoid disabling dynamic root is the machine
      restarts and the OpenAFS cache manager cannot read the &quot;root.afs=
&quot;
      volume from the cell, the system will panic.=C2=A0 This could be due =
to
      the machine booting without a network interface or a failure of
      the cell similar to what occurred on January 14th of this year.</p>
    <p>The afsd -afsdb option is not required for a web server that will
      only be serving content from the local cell if the cell&#39;s locatio=
n
      service list of servers is present in the local CellServDB file.=C2=
=A0=C2=A0
      Sites that want the option of being able to dynamically relocate
      their location service instances will want to avoid local
      CellServDB entries.=C2=A0 <br>
    </p></div>
</blockquote></div><div>Ah, good to know. Thanks!</div><div><br></div><div>=
k-<br> </div><div><br>-- <br><div dir=3D"ltr" class=3D"gmail_signature"><di=
v dir=3D"ltr">Kendrick Hernandez<br><i>UNIX Systems Administrator</i><br>Di=
vision of Information Technology<br><span style=3D"font-family:georgia,seri=
f">University of Maryland, Baltimore County</span><br></div></div></div></d=
iv>

--00000000000022916705d31ed9dc--