Conntrack check does not work in LXD containers
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
NRPE Charm |
Fix Released
|
Medium
|
Paul Gear |
Bug Description
Juju 2.1.1
MAAS 2.1.3
Deploying NRPE rev. 13 to monitor the latest stable OpenStack charms (all but ceph-mon and ceph-osd) with Nagios rev. 15 ends up as critical with the status "NRPE: Unable to read output"
Other checks are all OK.
Running the local check_conntrack.sh on the unit results in the following output:
ubuntu@
sysctl: cannot stat /proc/sys/
sysctl: cannot stat /proc/sys/
/usr/local/
Is there a way to disable the check?
Related branches
- Haw Loeung: Approve
-
Diff: 52 lines (+16/-6)2 files modifiedfiles/plugins/check_conntrack.sh (+10/-2)
hooks/nrpe_helpers.py (+6/-4)
description: | updated |
Changed in nrpe-charm: | |
status: | New → Confirmed |
importance: | Undecided → Medium |
tags: | added: landscape |
Changed in nrpe-charm: | |
assignee: | nobody → Paul Gear (paulgear) |
status: | Confirmed → In Progress |
summary: |
- Conntrack checks do not work + Conntrack check does not work in LXD containers |
I think the check should automatically detect when it should not apply (in this case, inside a container where /proc/sys/ net/netfilter/ nf_conntrack_ {count, max} do not exist) and return an appropriate value. My initial inclination is to return 3 (UNKNOWN), with a second preference of 0 (OK). Do you have any thoughts/ preferences regarding this?