MongoDB database locked

Started by doug_phoenix, August 26, 2023, 09:57:32 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
September 03, 2023, 10:16:33 PM #15
To be honest I ran the same hardware with OPNsense for almost a year now, never had any problems before the latest updates. I have opened a ticket, maybe Sunnyvalley can find something.

Other than that after a complete reinstall and reconfiguration (no restore) plus switch to Elasticsearch I have not had a problem yet. The vendor itself recommends that latter if you run into problems with MongoDB:

https://www.zenarmor.com/docs/introduction/hardware-requirements (green "Tip" box).

BR
September 04, 2023, 03:55:57 PM #16
Thanks. I used to run Elasticsearch, but with reinstallation I was not presented with the option to use local Elasticsearch. I'm running a Protectli VP2410 with 16 GB DRAM and 480 GB SSD. Should be plenty of storage, memory, and even processing speed.

Let us know if you learn more. Thanks.
September 04, 2023, 09:48:11 PM #17
If you know what you're doing, you may doctor the results of the hardware requirements test.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
September 18, 2023, 08:55:48 PM #18
I just reinstalled this morning. I'm using SQL again because I do not know how to enable local Elasticsearch on my hardware (and I don't want the overhead of setting up and maintaining a remote database).

I limited data retention to 1-day, even though I have plenty of storage.

So far, ZA is running well - CPU use is low, no obvious speed issues, memory use is < 35%. Will update after it's been running for awhile.
September 18, 2023, 11:56:14 PM #19
Well, it only took a few hours for OPNsense to lock up.

I had errors displayed on the console that were similar to before (netmap emulated adapter destroyed ... created etc.)

Yes, I was running the latest update.

I submitted a full report to Sunnyvalley (checked all options), as requested previously. Removing ZenArmor now.

I'm disappointed. I purchased this hardware specifically to run ZenArmor on OPNsense.
September 19, 2023, 03:22:43 AM #20 Last Edit: September 19, 2023, 03:27:24 AM by almodovaris
In my experience, if I give the VM 8 GB or 10 GB RAM, it misbehaves. Cutting its RAM to 4200 MB solved the problem, it learned to behave. I advise you to do the same: maybe it does not like having 16 GB RAM, give it only 4 GB.

In theory, the above should be bad advice. In practice, it works.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
September 20, 2023, 12:38:13 AM #21
I'm running OPNsense on bare metal (no VM). Did you mean to say that I could constrain available memory? I'm not quite sure how to do that. (Anything at the BIOS-level might be risky given other experience with this hardware.)

Thanks!
September 20, 2023, 03:30:09 AM #22
Why don't you install ProxMox on it? Just save your OPNsense config in the cloud beforehand.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
September 20, 2023, 04:15:10 AM #23
Quote from: doug_phoenix on September 20, 2023, 12:38:13 AM
I'm running OPNsense on bare metal (no VM). Did you mean to say that I could constrain available memory? I'm not quite sure how to do that. (Anything at the BIOS-level might be risky given other experience with this hardware.)

Thanks!

BIOS related other than ensuring you have the latest from Protectli there's not much to be done.

What version of OPNsense/Zenarmor are you running currently ? This sounds like a netmap issue
September 20, 2023, 05:05:55 PM #24
I'm running OPNsense 23.7.4-amd64. I've removed ZenArmor, but I downloaded snd installed the Plugins just yesterday, and ZA reported that the engine was the "latest."

Yes, it seems to me like a netmap issue too. I've had issues with native and emulated drivers.

Thank you.
September 20, 2023, 05:18:03 PM #25
Reply to @almodovaris

I suppose Proxmox is an option to leverage spare resources on the Protectli box. I might try that some day. But to solve the ZA issues (which seems netmap related) it looks like another rabbit hole. I've been down a few already...

Having never run VM's, my understanding is that Proxmox would consume a little overhead, and I would have concerns about the demands of both OPNsense/ZenArmor on one VM and another VM running Elasticsearch. My box runs a Celeron J4125.

Thanks.
September 26, 2023, 06:13:15 PM #26
Update:

SunnyValley has provided a patch that I have tested on my system. I am no longer seeing database or Netmap-related crashes.  :)

I had another issue. My temporary memory filled up within a few hours. Along with this, CPU use increased (60-85% with spikes to 100%, processer increased from 45 to 58 C. No crashes, but the firewall became sluggish. This was resolved by setting web controls from "moderate" to "permissive."

Feedback from tech support is that this issue is due to hardware insufficiency. My system uses a Celeron J4125.
Print
Go Up Pages 1 2
User actions