-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Services] Restart NAT service upon unexpected critical process exit. #4208
[Services] Restart NAT service upon unexpected critical process exit. #4208
Conversation
if one of its critical processes crashed or exited unexpectedly. Signed-off-by: Yong Zhao <yozhao@microsoft.com>
supervisord.conf file. Signed-off-by: Yong Zhao <yozhao@microsoft.com>
…d be added into container image. Signed-off-by: Yong Zhao <yozhao@microsoft.com>
Retest vsimage please |
@yozhao101, @kirankella, @AkhileshSamineni, wondering what'd be the impact to existing NAT entries/connections when the NAT service is restarted? Thanks. |
@rlhui , Whenever NAT service/docker is restarted, the iptables and conntrack entries are cleared and also sends a cleanup notification to OA to delete all the NAT entries from appl-db and asic-db. |
What I did
Restart NAT service if one of critical processes running in NAT container exited or crashed abnormally.
How I did it
Generally I follow the framework created by Joe to implement this feature in NAT container.
First, add supervisor-proc-exit-listener event listener option in Supervisord configuration file in NAT docker container. Supervisord will read a list of critical processes for which to monitor the unexpected crashed and exited.
Second, configure nat.service to always auto-restart the service if it stops, with a delay of 30 seconds. Also set a rate limit of 3 restarts within 20 minutes (1200 seconds).
How to verify it
On your switch device, please use
docker ps
command to list all running docker containers.Then use
docker exec -it container_id bash
to login target container. Typingtop
commandon the shell will display all the processes dynamically and you will spot the process id of one
of the critical processes. Finally type the command
kill -9 process_id
to terminate one process.After exiting the container, you can use
watch -n 1 docker ps
to dynamically see the restartof database container.