Comment 5 for bug 1479812
Revision history for this message
| Byron McCollum (byron-g-mccollum) wrote | #5 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
The SSH MaxStartups default of 10:30:100 can cause SSH connection issues when Ansible forks > 10.
In v10, MaxStartups was being set to 500 (500:30:500), however this setting is no longer being managed in v11.
The underlying issue is with the way delegate_to works. If there is a task for multiple hosts, but that task is delegated to a single host, Ansible doesn't serialize the delegated tasks for that single host. What can happen is a flood of SSH connection to the delegated to host, up to the number of allowable forks. In the case of some of the container management tasks using delegate_to, this is exactly what is happening.
With the MaxStartups default of 10:30:100, if there are more than 10 simultaneous unauthenticated connections, new connections will be refused with a probability of 30%. This percentage increases linearly as you approach the maximum number of simultaneous unauthenticated connections, which is 100 by default (10:30:100).
In an AIO deployment with high container affinity, and a high number of forks, you will encounter lots of SSH connection failures.