search

bugfest / tor-controller

Tor toolkit for Kubernetes (Tor instances, onion services and more)
Apache License 2.0
98 stars 17 forks source link

[BUG] Error Onionbalance service #71

Closed MaticPoh closed 3 months ago

MaticPoh commented 7 months ago

onion balance is not working the container keeps restarting several times in the latest version of helm, I tested it in the previous version 0.9 but the same occurs, at the moment I do not know the cause of this I am investigating but at the moment I have no idea what it could be I leave here the information we have and I am available to help with any test

image

I1127 23:07:50.775677 1 request.go:665] Waited for 1.026324567s due to client-side throttling, not priority and fairness, request: GET:https://10.96.0.1:443/apis/config.k8s.torproject.org/v2?timeout=32s time="2023-11-27T23:07:50Z" level=info msg="Listening for events" time="2023-11-27T23:07:50Z" level=info msg="Running event controller" time="2023-11-27T23:07:50Z" level=info msg="Starting controller" W1127 23:07:50.933732 1 shared_informer.go:372] The sharedIndexInformer has started, run more than once is not allowed time="2023-11-27T23:07:50Z" level=info msg="Added onionBalancedService: networking/public-ingress-onion" time="2023-11-27T23:07:52Z" level=info msg="Getting key networking/public-ingress-onion" time="2023-11-27T23:07:52Z" level=info msg="Updating onionbalance config for networking/public-ingress-onion" time="2023-11-27T23:07:52Z" level=info msg="reloading onionbalance..." time="2023-11-27T23:07:52Z" level=info msg="starting onionbalance..." 2023-11-27 23:07:53,787 [WARNING]: Initializing onionbalance (version: 0.2.2)... Stream closed EOF for networking/public-ingress-onion-tor-daemon-65d6588c46-6h82g (onionbalance) it's possible to replicate the error using the example configurations in the repository, but here's my configuration

`apiVersion: tor.k8s.torproject.org/v1alpha2 kind: OnionBalancedService metadata: name: public-ingress-onion namespace: networking spec: backends: 3 balancerTemplate:

Resource limits for the balancer deployments "tor" container

torResources:
  limits:
    cpu: 500m
    memory: 128Mi
# Resource limits for the balancer deployments "onionbalance" container
balancerResources:
  limits:
    cpu: 500m
    memory: 128Mi

template: spec: version: 3 template:

Resource limits for the backend onion service pods

    resources:
      limits:
        cpu: 500m
        memory: 128Mi
  rules:
    - port:
        number: 80
      backend:
        service:
          name: public-nginx-controller
          port:
            number: 80
    # - port:
    #     number: 443
    #   backend:
    #     service:
    #       name: public-nginx-controller
    #       port:
    #         number: 443

  extraConfig: |
    HiddenServiceNumIntroductionPoints 5
    HiddenServiceEnableIntroDoSDefense 1
    HiddenServiceEnableIntroDoSRatePerSec 10
    HiddenServiceEnableIntroDoSBurstPerSec 100
    HiddenServiceMaxStreams 10
    HiddenServiceMaxStreamsCloseCircuit 1
    HiddenServicePoWDefensesEnabled 1
    HiddenServicePoWQueueRate 2
    HiddenServicePoWQueueBurst 4

    #HiddenServiceExportCircuitID haproxy
    `
MaticPoh commented 5 months ago

removing the torResources settings made onion banlanced work

bugfest commented 5 months ago

Thanks @MaticPoh, was it then the pod didn't have enough resources to run?