The problem is I cannot reproduce the issue here (I created '/etc/default/pveproxy' like you have it, but with different IP addresses - it works as expected, without any hanging worker processes)...
Could I ask you to provide your (unchanged) '/etc/default/pveproxy' file - if you don't want to share it publicly - you can send it to me via e-mail (s.ivanov _at_ proxmox.com)
I prepared a patch which adds a few debug-statements to the method, which handles the allow_from and deny_form settings - would you be willing to add it in your environment and let pveproxy run with it for a short while?
The file is attached.
* Download it to the server
* Apply it by running:
Code:
patch /usr/share/perl5/PVE/APIServer/AnyEvent.pm /path/to/0001-debug-add-debug-log-for-check_host_access.patch.txt
systemctl restart pveproxy
* It will print (quite a bit of) debug information to /var/log/pveproxy/access.log
after you've observed that a few of the hanging worker-processes have accumulated - stop pveproxy, collect the log (and provide it here or via e-mail to me), and reinstall libpve-http-server-perl to get rid of the debug-code:
Code:
apt install --reinstall libpve-http-server-perl
Thanks for helping us finding the issue!
