[Bug 960276] Re: a bad AMI can hang an entire compute node
Adam Gandelman
960276 at bugs.launchpad.net
Tue Mar 20 21:56:20 UTC 2012
We've been carrying a nova patch to resolve a possible DoS in Bug
#832507 ( libvirt-use-console-pipe.patch ) I've confirmed that this
patch introduces a deadlock somewhere when the serial console gets
spammed. 'dd if=/dev/urandom of=/dev/ttyS0 bs=1024 count=1500' from
within the instance is enough to basically lock nova-compute until the
KVM process is killed or nova-compute restarted.
We either need to fix this patch ASAP or back it out in favor of a
different solution for the original Bug #832507. This patch
constitutes the biggest delta we maintain across any Openstack component
and maintaining it so far has required a great deal of effort. The
regression its introduces is worse than the original bug, IMO.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/960276
Title:
a bad AMI can hang an entire compute node
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nova/+bug/960276/+subscriptions
More information about the Ubuntu-server-bugs
mailing list