pgpool node detached for no reason?
I have a two-node PostgreSQL cluster running on VMs where each VM runs both the pgpool service and a Postgres server.
due to insufficient memory configuration the Postgres server crashed, so I've bumped the VM memory and the changed Postgres memory config in the postgresql.conf file. since that memory changes the slave pgpool node detaches every night at a specific time, though when looking at node_exporter metrics regarding CPU, load, processes disk usage or memory didn't show any spikes or sudden changes.
the slave node detaching happened before but not day after day. I've stumbled upon this thread and read this part of the documentation about the failover but Since the Postgres server didn't crash and existing connections to the slave node were working (it kept serving existing connections but didn't take new ones) so network issues seemed irrelevant, especially after consulting with our OPS team on whether they noticed any abnormal network or DNS activity that could explain that. Unfortunately, they didn't notice any interesting findings.
I have pg_exporter, postgres_exporter and node_exporter on each node to monitor the server and VM behavior, what should I be looking for to debug this? what should I ask of our OPS team to check specifically? our pgpool log file only states the failure to access the other node but no exact reason, as the aforementioned docs say:
Pgpool-II does not distinguish each case and just decides that the particular PostgreSQL node is not available if health check fails.
could it still be a network\DNS issue? and if so. how would I confirm this?
thnx for reading and taking your time to assist me in this conundrum
that was interesting
If summing the gist of it,
it was part of the OPS team infrastructure backups
Now the entire process went like that:
setting the ambiance: we run on-prem on top of VMWare vCenter cluster backing up on the infra side with VMWare VM snapshot and Veeamm VM backup where the vmdk files\ESXi datastores reside on a NetApp storage based on NFS.
when checking node exporter metrics in Node Exporter Full Dashboard I saw network traffic drop in the order of up to 2 packets per second for about 5 to 15 minutes consistently through the last few months, increasing dramatically in phenomenon length in the last month (around the same time late at night).
Rough illustration:
After checking again with our OPS team they indicated it could be the host configurations\Veeam Backups.
It turns out that because the storage for the VMs (including the one that runs the Veeam backup) is attached via network and not directly on the ESXi hosts, the final snapshot saved\consolidated at that late-night time -
node detaches every night at a specific time
With the way NFS works with disk locking (limiting IOPs to existing data) along with the high IOPs requirements from the Veeam backup cause the server to hang\freeze and sometimes on rare occasions even a VM restart. here's the quote from the Veeam issue doc:
The snapshot removal process significantly lowers the total IOPS that can be delivered by the VM because of additional locks on the VMFS storage due to the increase in metadata updates
the snapshot removal process will easily push that into the 80%+ mark and likely much higher. Most storage arrays will see a significant latency penalty once IOP's get into the 80%+ mark which will of course be detrimental to application performance.
This issue occurs when the target virtual machine and the backup appliance [proxy] reside on two different hosts, and the NFSv3 protocol is used to mount NFS datastores. A limitation in the NFSv3 locking method causes a lock timeout, which pauses the virtual machine being backed up [during snapshot removal].
Obviously, that would interfere at the very least with Postgres functionality especially configured as a cluster with replication that requires a near-constant connection between the Postgres servers. A similar thread on SO using a different DB server
a solution is suggested including solving the issue presented in the last quote in this link, though for the time being, we removed the usage of Veeam backup for sensitive VMs until the solution can be verified locally (will update in the future if tried and fixed issue)
additional incidents documentation: similar issue case, suggested solution info from Veeam, third party site solution (around the same problem as a temp fix as I see it), Reddit thread acknowledging the issue and suggesting options
- c# Detect when ClientWebSocket is disconnected (closed)
- Failed to create a TAP device using ioctl
- How to access the web server which is installed on Google colab through my local computer browser without using SSH or ngrok
- Android check internet connection
- go-ssh: How to gracefully close the connection in a simple server
- Unity game cannot access to internet
- Swift 3.0: Data to JSON [String : Any]
- How do `ip netns` and `unshare` save their persistent network namespaces? Can they use each others?
- How to organize the receive msg and user current input in C network such that it's clean
- Automatic way of enabling the access to port 4900 from the internet
- How do I ssh into a KVM with minimal configuration/infrastructure?
- How to monitor all network traffic from a specific process in linux?
- Networking between VMs on VMware Workstation
- How to Add Http Proxy Authentication Credentials in VPNService on Android?
- "Replay" tcpdump file
- Docker container and host network VPN
- How do i verify that port 5555 is open?
- Why Last-Modified can be strong validator
- Endianness and Socket Programming in C
- How to subdivide CIDR subnet in Terraform with cidrsubnet Function?
- What is the difference between ss and lsof -i
- UDP hole-punch explanation
- AxiosError: Network Error on iOS (GET request ) with Expo, working fine on Android
- How does a server work and different clients?
- Multiple send() method calls and 1 receive method. Is this normal?
- Public Route53 CNAME Record to Private API Gateway
- How to capture packets for single docker container
- Are UDP packets dropped when UDP header checksum is incorrect?
- protobuf vs gRPC
- Who is listening on a given TCP port on Mac OS X?