Closed bluecmd closed 3 years ago
For now I have configured a hourly restart of httpsd
to contain the issue on this particular Fortigate:
config system automation-action
edit "restart httpsd for mem leaks"
set action-type cli-script
set required enable
set script "fnsysctl killall httpsd"
next
end
config system automation-stitch
edit "restart httpsd for mem leaks"
set trigger "restart httpsd for mem leaks"
set action "restart httpsd for mem leaks"
next
end
config system automation-trigger
edit "restart httpsd for mem leaks"
set trigger-type scheduled
set trigger-frequency hourly
set trigger-minute 13
next
end
From my point of view this can only be a Fortigate issue.
So I'm not sure about the bug
label. Maybe a device
or environment
label would be better fit here. 🤔
I created a Fortigate-issue label for these things.
I have verified this behavior on Fortigate-VM 6.2.7 as well.
I ran: while true; do curl 'localhost:9710/probe?target=https://a-fortivm' > /dev/null; done
It seems FortiOS was able to reclaim some memory at times but in the end it stopped responding to HTTPS requests. On the console I see this:
On the events view I see this:
I am not able to log in on the local console
I will repeat the experiment using 6.4.5 on Fortigate-VM.
Using 6.4.5 this issue seems to have disappeared:
Upgraded my -61F from 6.2.7 to 6.4.5 and disabled the workaround. Memory usage has been stable for the entire day.
Suggest we create a Known Issues part of the README where we do not recommend running the exporter without adding the workaround for versions below 6.4.x
WDYT @secustor ?
Yeah, that is for sure a good idea.
Closing this, as we have documented this now.
Noticed it in Fortigate 100F also. Exclusively using SNMP for now.
@amitkatti If you feel like you have the time, submitting a case to Fortigate would be appreciated. Otherwise you should be fine on 6.4.x or with the workaround posted above.
I will open a ticket if we decide not to go with the upgrade.
Just FYI - We still have the same issue with 7.0.12 - It seems to be a problem with the API access in general. That's what Fortinet submitted to our tickets at least.
On my home Fortigate, a -61F running v6.2.7 build1190 (GA). I am entering conserve mode after ~12hr of polling at 15s intervals. I am not observing this on v6.4.4 build1803 (GA) on a Fortigate-VM server.
I then restart
httpsd
like this:fnsysctl killall httpsd
. The result is:Log for
httpsd
in debug level -1 attached but I cannot seem to detect any odd things. httpsd.logGiven that I am not observing this leak on my Fortigate-VM instance, I am thinking this memory leak is probably one of the following:
I should be able to upgrade to 6.4.4 soon enough and give that a shot on my 61F. I might also be able to spin up a Fortigate-VM 6.2.7 and see if that has the same behavior.
I have not reported this issue to Fortinet as of yet.
Maybe interesting is that the memory usage is reported to belong to the
main
VDOM which is my traffic forwarding VDOM, not the management one (root
).