Uploaded image for project: 'CloudStack'
  1. CloudStack
  2. CLOUDSTACK-2492

System VM Clock Drift

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Blocker
    • Resolution: Fixed
    • pre-4.0.0
    • 4.2.0
    • ISO
    • Security Level: Public (Anyone can view this level - this is the default.)
    • devcloud/Xen

    Description

      Testing of S3-backed Secondary Storage has revealed that the SSVM (and likely all other system VMs) have no provision for clock synchronization (e.g. NTP to dom0 for Xen, vmware-tools for VMWare, etc). In particular, the S3 protocol is sensitive to drift between clients and S3. As an example, the following is the stack trace caused by clock drift S3:

      2013-05-14 06:51:55,400 DEBUG [cloud.utils.S3Utils] (agentRequest-Handler-3 Putting directory /mnt/SecStorage/93fd0cb0-033b-3248-bcd0-ef6d460635ef/template/tmpl/1/5 in S3 bucket jsb-cloudstack-templates.
      2013-05-14 06:51:55,401 DEBUG [cloud.utils.S3Utils] (agentRequest-Handler-3 Creating S3 client with configuration: [protocol: https, connectionTimeOut: 50000, maxErrorRetry: 3, socketTimeout: 50000]
      2013-05-14 06:51:55,403 DEBUG [storage.resource.NfsSecondaryStorageResource] (agentRequest-Handler-3 Determining key using account id 1 and template id 5
      2013-05-14 06:51:55,403 DEBUG [cloud.utils.S3Utils] (agentRequest-Handler-3 Putting file /mnt/SecStorage/93fd0cb0-033b-3248-bcd0-ef6d460635ef/template/tmpl/1/5/template.properties into bucket jsb-cloudstack-templates with key template/tmpl/1/5/template.properties.
      2013-05-14 06:51:55,578 ERROR [storage.resource.NfsSecondaryStorageResource] (agentRequest-Handler-3 Failed to upload template id 5
      Status Code: 403, AWS Service: Amazon S3, AWS Request ID: 970A274E132A9ACB, AWS Error Code: RequestTimeTooSkewed, AWS Error Message: The difference between the request time and the current time is too large., S3 Extended Request ID: 9w8a6YBxTn+WlBg96s9stxWuuP8oQ7ksZtg6++wVRHJfE2qmucrilhoEJVetJui4
      at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:609)
      at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:309)
      at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:164)
      at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:2863)
      at com.amazonaws.services.s3.AmazonS3Client.putObject(AmazonS3Client.java:1100)
      at com.amazonaws.services.s3.AmazonS3Client.putObject(AmazonS3Client.java:963)
      at com.cloud.utils.S3Utils.putDirectory(S3Utils.java:282)
      at com.cloud.storage.resource.NfsSecondaryStorageResource.execute(NfsSecondaryStorageResource.java:414)
      at com.cloud.storage.resource.NfsSecondaryStorageResource.executeRequest(NfsSecondaryStorageResource.java:212)
      at com.cloud.agent.Agent.processRequest(Agent.java:525)
      at com.cloud.agent.Agent$AgentRequestHandler.doTask(Agent.java:852)
      at com.cloud.utils.nio.Task.run(Task.java:83)
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)

      In addition to impacting S3, this clock drift also makes log correlation between the management server and system VMs very difficult, if not, impossible. Finally, there are suspicions that the clock drift could also impact operation of console proxy and virtual router VMs.

      Attachments

        Activity

          People

            chiradeep Chiradeep Vittal
            jburwell John Burwell
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: