[MESOS-5691] SSL downgrade support will leak sockets in CLOSE_WAIT status - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Blocker
Resolution: Fixed
Affects Version/s: 0.24.0, 0.25.0, 0.26.0, 0.27.0, 0.28.0
Fix Version/s: 0.28.3, 1.0.0
Component/s: libprocess
Labels:
- libprocess
- mesosphere

Epic Link:
SSL Tech Debt
Sprint:
Mesosphere Sprint 37
Story Points:
5

Description

Repro steps:
1) Start a master:

bin/mesos-master.sh --work_dir=/tmp/master

2) Start an agent with SSL and downgrade enabled:

# Taken from http://mesos.apache.org/documentation/latest/ssl/
openssl genrsa -des3 -f4 -passout pass:some_password -out key.pem 4096
openssl req -new -x509 -passin pass:some_password -days 365 -key key.pem -out cert.pem

SSL_KEY_FILE=key.pem SSL_CERT_FILE=cert.pem SSL_ENABLED=true SSL_SUPPORT_DOWNGRADE=true sudo -E bin/mesos-agent.sh --master=localhost:5050 --work_dir=/tmp/agent

3) Start a framework that launches lots of executors, one after another:

sudo src/balloon-framework --master=localhost:5050 --task_memory=64mb --task_memory_usage_limit=256mb --long_running

4) Check FDs, repeatedly

sudo lsof -i | grep mesos | grep CLOSE_WAIT | wc -l

The number of sockets in CLOSE_WAIT will increase linearly with the number of launched executors.

Attachments

Activity

People

Assignee:: Joseph Wu

Reporter:: Joseph Wu

Shepherd:: Benjamin Mahler

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 23/Jun/16 01:58

Updated:: 22/Mar/19 16:40

Resolved:: 23/Jun/16 02:25