Reserving libvirt default migration port range

The default live-migration port range (49152-49215) that is specified by libvirt and used by qemu (qemu.conf) conflicts with CentOS ephemeral port range (32768-60999) and eventually it leads to connection errors during live-migration operations. Reserving this port range from ephemeral range on worker nodes, so only explicit port binding will be available for those ports. Closes-Bug: #1941646 Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windriver.com> Change-Id: I8a8705bf3939aa4fe1faf8f5d487ac64096ea880
2021-08-27 17:39:39 -03:00 · 2021-08-27 17:39:39 -03:00 · 804a345185
parent 1ce29c9fda
commit 804a345185
1 changed files with 20 additions and 1 deletions
--- a/puppet-manifests/src/modules/platform/manifests/sysctl.pp
+++ b/puppet-manifests/src/modules/platform/manifests/sysctl.pp
@ -102,8 +102,13 @@ class platform::sysctl::controller::reserve_ports
  # from the ephemeral port range. This will avoid potential port conflicts
  # that will cause the tiller pod to crash when the port is assigned to
  # another client/server
+  #
+  # libvirt v4.7.0 hardcodes the ports 49152-49215 as its default port range
+  # for migrations (qemu.conf). Reserve them from the ephemeral port range.
+  # This will avoid potential port conflicts that will cause migration
+  # failures when the port is assigned to another service
  sysctl::value { 'net.ipv4.ip_local_reserved_ports':
-    value => '35357,44134-44136'
+    value => '35357,44134-44136,49152-49215'
  }
 }

@ -164,6 +169,7 @@ class platform::sysctl::controller

 class platform::sysctl::compute {
  include ::platform::sysctl
+  include ::platform::sysctl::compute::reserve_ports

  # Increase min_free_kbytes to 128 MiB from 88 MiB, helps prevent OOM
  sysctl::value { 'vm.min_free_kbytes':
@ -171,6 +177,19 @@ class platform::sysctl::compute {
  }
 }

+class platform::sysctl::compute::reserve_ports
+  inherits ::platform::sysctl::params {
+
+  # Reserve ports in the ephemeral port range:
+  #
+  # libvirt v4.7.0 hardcodes the ports 49152-49215 as its default port range
+  # for migrations (qemu.conf). Reserve them from the ephemeral port range.
+  # This will avoid potential port conflicts that will cause migration
+  # failures when the port is assigned to another service
+  sysctl::value { 'net.ipv4.ip_local_reserved_ports':
+    value => '49152-49215'
+  }
+}

 class platform::sysctl::storage {
  include ::platform::sysctl