manila-share service restarted when certificates-relation-changed(upgrading vault)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Manila-Ganesha Charm |
In Progress
|
High
|
Alex Kavanagh |
Bug Description
the customer has issue with manila-ganesha service after they upgraded vault charm.
after upgrading, manila-ganesha charm get certificates-
then install nfs-ganesha-ceph.
WARNING unit.manila-
WARNING unit.manila-
WARNING unit.manila-
INFO unit.manila-
and the customer faces downtime.
I guess certificates-
I'm analyzing my local env as well. and it calls the same hook when vault is upgraded.
I'll update the case if there is anything more.
tags: | added: sts |
Changed in charm-manila-ganesha: | |
status: | New → Triaged |
importance: | Undecided → High |
assignee: | nobody → Alex Kavanagh (ajkavanagh) |
Changed in charm-manila-ganesha: | |
status: | Triaged → In Progress |
I'll add more context to this bug after some investigation. Actually manila-ganesha is masking the relation- changed hook is called. This occurs through the charms.openstack code that manages this hook that eventually ends up calling the install() method of manila ganesha which intentionally masks manila-share with this reasoning:
manila-share service every time the certificates-
# Use goal-state to determine if we are expecting multiple units
# and, if so, mask the manila-share service so that it only ever
# gets run by pacemaker.
The backtrace to get to the install() method call is this:
File "/var/lib/ juju/agents/ unit-manila- ganesha- 0/charm/ hooks/certifica tes-relation- changed" , line 22, in <module> juju/agents/ unit-manila- ganesha- 0/.venv/ lib/python3. 8/site- packages/ charms/ reactive/ __init_ _.py", line 74, in main dispatch( restricted= restricted_ mode) juju/agents/ unit-manila- ganesha- 0/.venv/ lib/python3. 8/site- packages/ charms/ reactive/ bus.py" , line 390, in dispatch other_handlers) juju/agents/ unit-manila- ganesha- 0/.venv/ lib/python3. 8/site- packages/ charms/ reactive/ bus.py" , line 359, in _invoke invoke( ) juju/agents/ unit-manila- ganesha- 0/.venv/ lib/python3. 8/site- packages/ charms/ reactive/ bus.py" , line 181, in invoke _action( *args) juju/agents/ unit-manila- ganesha- 0/charm/ reactive/ layer_openstack .py", line 150, in default_ configure_ certificates configure_ tls(tls) juju/agents/ unit-manila- ganesha- 0/.venv/ lib/python3. 8/site- packages/ charms_ openstack/ charm/classes. py", line 987, in configure_tls configure_ apache( ) juju/agents/ unit-manila- ganesha- 0/.venv/ lib/python3. 8/site- packages/ charms_ openstack/ charm/classes. py", line 774, in configure_apache
main()
File "/var/lib/
bus.
File "/var/lib/
_invoke(
File "/var/lib/
handler.
File "/var/lib/
self.
File "/var/lib/
instance.
File "/var/lib/
self.
File "/var/lib/
self.install()
I think it is important to understand if manila-ganesha actually needs a relation with vault and if it does not we should not allow it to be established.