ECS:登录特定节点或向特定节点进行身份验证时遇到延迟
Summary: 使用 ssh 登录系统或运行要求对远程会话进行身份验证的命令时遇到延迟或响应缓慢。
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
与节点建立 ssh 连接、运行 sudo 或任何其他需要身份验证的命令时,会遇到延迟。延迟后,命令运行正常。 节点负载不重,正常运行时间显示正常负载平均值。
如果使用 -vvv 为 ssh 连接启用了详细模式,则登录延迟发生在“pledge: exec”
示例:
暂停 20+ 秒后,登录将正常进行。
在出现问题的节点上,如果选中 dbus 服务状态,则会报告超时:
在 /var/log/messages 中找到类似的超时消息
如果使用 -vvv 为 ssh 连接启用了详细模式,则登录延迟发生在“pledge: exec”
示例:
admin:~> ssh 169.254.1.2 -vvv OpenSSH_7.2p2, OpenSSL 1.0.2p-fips 14 Aug 2018 debug1: Reading configuration data /home/admin/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 25: Applying options for * debug2: resolving "169.254.1.2" port 22 debug2: ssh_connect_direct: needpriv 0 debug1: Connecting to 169.254.1.2 [169.254.1.2] port 22. debug1: Connection established. ... <truncated debugging> debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug3: send packet: type 90 debug1: Requesting no-more-sessions@openssh.com debug3: send packet: type 80 debug1: Entering interactive session. debug1: pledge: exec
暂停 20+ 秒后,登录将正常进行。
在出现问题的节点上,如果选中 dbus 服务状态,则会报告超时:
admin:~> sudo systemctl status dbus
● dbus.service - D-Bus System Message Bus
Loaded: loaded (/usr/lib/systemd/system/dbus.service; static; vendor preset: disabled)
Active: active (running) since Fri 2024-01-23 04:56:00 UTC; 1 months 2 days ago
Docs: man:dbus-daemon(1)
Main PID: 3060 (dbus-daemon)
Tasks: 1 (limit: 512)
Memory: 5.8M
CPU: 10h 45min 897ms
CGroup: /system.slice/dbus.service
└─3060 /bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
Mar 22 18:28:54 <ecs-node-fqdn> dbus[3060]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30000ms)
Mar 22 18:28:54 <ecs-node-fqdn> dbus[3060]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30000ms)
Mar 22 18:28:54 <ecs-node-fqdn> dbus[3060]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30000ms)
Mar 22 18:28:54 <ecs-node-fqdn> dbus[3060]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30000ms)
Mar 22 18:28:54 <ecs-node-fqdn> dbus[3060]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30000ms)
Mar 22 18:28:54 <ecs-node-fqdn> dbus[3060]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30000ms)
Mar 22 18:29:22 <ecs-node-fqdn> dbus[3060]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30009ms)
Mar 22 18:29:24 <ecs-node-fqdn> dbus[3060]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30002ms)
Mar 22 18:29:54 <ecs-node-fqdn> dbus[3060]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30000ms)
Mar 22 18:30:01 <ecs-node-fqdn> dbus[3060]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30000ms)
在 /var/log/messages 中找到类似的超时消息
Cause
达到 dbus 服务的连接限制,导致登录和/或身份验证延迟
Resolution
可以通过重新启动 dbus 服务以及主节点的 dnsmasq 服务来纠正此问题。预计不会产生影响,但如果需要,请获得客户批准。
从出现问题的节点中,使用以下命令重新启动 dbus:
命令完成后,通过运行以下命令检查 dbus 服务的状态,以确保其处于“活动(正在运行)”状态:
如果节点是主节点(通常为节点 1),则还需要使用以下命令重新启动 dnsmasq:
重新启动 dnsmasq 后,使用以下命令验证服务是否处于“活动(正在运行)”状态:
重新启动服务后,使用 ssh 或运行 sudo 命令测试对节点的访问,以观察延迟是否已解决。
从出现问题的节点中,使用以下命令重新启动 dbus:
sudo systemctl restart dbus admin:~> sudo systemctl restart dbus此命令预计不会有输出。
命令完成后,通过运行以下命令检查 dbus 服务的状态,以确保其处于“活动(正在运行)”状态:
sudo systemctl status dbus
admin ~> sudo systemctl status dbus
● dbus.service - D-Bus System Message Bus
Loaded: loaded (/usr/lib/systemd/system/dbus.service; static; vendor preset: disabled)
Active: active (running) since Fri 2024-07-19 18:07:00 UTC; 5s ago
Docs: man:dbus-daemon(1)
Main PID: 19340 (dbus-daemon)
Tasks: 1 (limit: 512)
Memory: 884.0K
CPU: 22ms
CGroup: /system.slice/dbus.service
└─19340 /bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
如果节点是主节点(通常为节点 1),则还需要使用以下命令重新启动 dnsmasq:
sudo systemctl restart dnsmasq admin:~> sudo systemctl restart dnsmasq此命令预计不会有输出。
重新启动 dnsmasq 后,使用以下命令验证服务是否处于“活动(正在运行)”状态:
sudo systemctl status dnsmasq
admin~> sudo systemctl status dnsmasq
● dnsmasq.service - DNS caching server.
Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; disabled; vendor preset: disabled)
Drop-In: /run/systemd/generator/dnsmasq.service.d
└─50-insserv.conf-$named.conf
Active: active (running) since Fri 2024-07-19 18:14:47 UTC; 2s ago
Process: 61272 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
Main PID: 61297 (dnsmasq)
Tasks: 1 (limit: 512)
Memory: 2.1M
CPU: 8ms
CGroup: /system.slice/dnsmasq.service
└─61297 /usr/sbin/dnsmasq --log-async --enable-dbus --keep-in-foreground
重新启动服务后,使用 ssh 或运行 sudo 命令测试对节点的访问,以观察延迟是否已解决。
Affected Products
ECS, ECS Appliance, ECS Appliance Gen 1, ECS Appliance Gen 2, ECS Appliance Gen 3, ECS Appliance Hardware Gen1 U-Series, ECS Appliance Hardware Gen1 C-Series, ECS Appliance Hardware Gen2 C-Series, ECS Appliance Hardware Gen2 D-Series
, ECS Appliance Hardware Gen2 U-Series
...
Products
ECS Appliance Hardware Gen3 EX5000, ECS Appliance Hardware Gen3 EX300, ECS Appliance Hardware Gen3 EX3000, ECS Appliance Hardware Gen3 EX500, ECS Appliance Hardware Gen3 EXF900, ECS Appliance Hardware Series, ECS Appliance Software with Encryption
, ECS Appliance Software without Encryption, ECS Software
...
Article Properties
Article Number: 000227096
Article Type: Solution
Last Modified: 02 Aug 2024
Version: 1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.