Hi,
On 11. Sep 2023, at 12:38, sharukh.khan+stunnel--- via stunnel-users stunnel-users@stunnel.org wrote:
We're facing an issue where the stunnel process running on our AWS Ec2 enters a zombie state. This results in the nfs server timeout (We're using EFS). We're running Amazon Linux 2 (Kernel version 4.14.318-241.531) with stunnel version 5.6.4.
I’m going to use my crystal ball here. It tells me you might be using https://github.com/aws/efs-utils to mount those EFS volumes. Additionally, it tells me that the version of efs-utils you are using is smaller than 1.33.3, and that you are missing https://github.com/aws/efs-utils/commit/865892d275298da4d735a60296952c7f3c41.... Prior to this commit the efs-utils watchdog would restart stunnel with stdout and stderr connected to a pipe that the watchdog process never read from, which eventually caused stunnel to attempt to write to the pipe, but the pipe’s 4k buffer was full, so the kernel blocked the process during the write. To confirm that, check whether the hanging stunnel process uses a pipe on file descriptors 0 and 1 in /proc/$pid/fd/.
Is my crystal ball correct?
If so, this isn’t an issue with stunnel, it’s an issue with efs-utils. Ask for an update from the vendor of your efs-utils package.
HTH, Clemens