Regression in haproxy check since LP#1713165
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ceph RADOS Gateway Charm |
Fix Released
|
High
|
Unassigned | ||
Charm Helpers |
Fix Released
|
Undecided
|
Unassigned | ||
OpenStack Ceilometer Charm |
Fix Released
|
High
|
Unassigned | ||
OpenStack Cinder Charm |
Fix Released
|
High
|
Unassigned | ||
OpenStack Dashboard Charm |
Fix Released
|
High
|
Unassigned | ||
OpenStack Glance Charm |
Fix Released
|
High
|
Unassigned | ||
OpenStack Heat Charm |
Fix Released
|
High
|
Unassigned | ||
OpenStack Keystone Charm |
Fix Released
|
High
|
Unassigned | ||
OpenStack Neutron API Charm |
Fix Released
|
High
|
Unassigned | ||
OpenStack Nova Cloud Controller Charm |
Fix Released
|
High
|
Unassigned | ||
OpenStack Swift Proxy Charm |
Fix Released
|
High
|
Unassigned |
Bug Description
The original bug reported in LP#1713165 [0] suggested that the following part of the haproxy check was a problem when there were backups of the config file present, as it recursively greps the haproxy config directory.
AUTH=$(grep -r "stats auth" /etc/haproxy | awk 'NR=1{print $4}')
The suggestion fix was -
AUTH=$(egrep "stats auth" /etc/haproxy/
The implemented fix was -
AUTH=$(egrep "stats auth" /etc/haproxy/
Note the awk token was not correct, and per comments on the original bug [1] and GitHub PR [2]
Despite this, this change has also made it into the OpenStack charms via a charmhelpers sync, which means we also have a regression in the Charms.
In addition to this, the fix also needs to be applied to 'check_
So far, I have found this has been merged into the following OpenStack charms, but I suspect that there are likely many more charms which would have synced the latest charmhelpers -
* ceilometer
* ceilometer-agent
* ceph-radosgw
* cinder
* cinder-backup
* cinder-ceph
* glance
* heat
* neutron-api
* neutron-gateway
* neutron-openvswitch
* nova-cloud-
* nova-compute
* openstack-dashboard
* rabbitmq-server
* swift-proxy
* swift-storage
The impact is that all of these charms install NRPE checks for haproxy, which report all backends as being down (which is a critical level alert) falsely due to not being able to grab status API credentials correctly.
[0] https:/
[1] https:/
[2] https:/
Related branches
- James Page (community): Disapprove
- VCS imports: Pending requested
-
Diff: 25 lines (+2/-2)2 files modifiedcharmhelpers/contrib/openstack/files/check_haproxy.sh (+1/-1)
charmhelpers/contrib/openstack/files/check_haproxy_queue_depth.sh (+1/-1)
I have added the charm projects as well, as they will all need to be addressed by syncing a fixed charmhelpers version.