[SRU] keystone-signing folders fill /tmp and seriously slow down reboots
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Cloud Archive |
Fix Released
|
Medium
|
Unassigned | ||
Mitaka |
Fix Released
|
Medium
|
Unassigned | ||
keystonemiddleware |
Fix Released
|
Medium
|
Colleen Murphy | ||
python-keystonemiddleware (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Xenial |
Fix Released
|
Medium
|
Unassigned |
Bug Description
[Impact]
During a night maintenance and reboot of a control (non-keystone node) that had been up for around 300 days, we found that we have over 144k keystone-signing- folders in /tmp. This caused the maintenance window to be missed because it took so long to clean /tmp on reboot. It is my understanding that these folders are for PKI. We don't use PKI and would like to the option to disable the creation of these folders.
[PROD] root@control-
144200
more info, the folders are owned by non-keystone services, mainly glance for us:
drwx------ 2 glance glance 4096 Jul 9 2015 keystone-
drwx------ 2 glance glance 4096 Jul 20 07:55 keystone-
drwx------ 2 designate designate 4096 May 26 2015 keystone-
drwx------ 2 glance glance 4096 Jul 14 2015 keystone-
drwx------ 2 glance glance 4096 Jul 12 2015 keystone-
drwx------ 2 glance glance 4096 Jul 15 17:22 keystone-
drwx------ 2 designate designate 4096 Jun 9 2015 keystone-
drwx------ 2 glance glance 4096 Jul 2 2015 keystone-
drwx------ 2 glance glance 4096 Jul 9 2015 keystone-
drwx------ 2 designate designate 4096 May 20 2015 keystone-
drwx------ 2 glance glance 4096 Jun 30 2015 keystone-
[Test Case]
See above.
[Regression Potential]
The fix is contained in an upstream stable point release which we're releasing to ubuntu xenial. The regression potential is fairly minimal since upstream is very careful with what gets into stable point releases.
description: | updated |
description: | updated |
description: | updated |
tags: | added: performance |
affects: | keystone → keystonemiddleware |
Changed in python-keystonemiddleware (Ubuntu): | |
status: | New → Triaged |
importance: | Undecided → Medium |
Changed in python-keystonemiddleware (Ubuntu Xenial): | |
status: | New → Triaged |
importance: | Undecided → Medium |
Changed in cloud-archive: | |
status: | New → Triaged |
importance: | Undecided → Medium |
summary: |
- keystone-signing folders fill /tmp and seriously slow down reboots + [SRU] keystone-signing folders fill /tmp and seriously slow down reboots |
Changed in python-keystonemiddleware (Ubuntu): | |
status: | Triaged → Fix Released |
description: | updated |
information type: | Public → Private |
tags: | added: att-aic-contrail |
information type: | Private → Public |
I've check a few of my environments and I have the same problem.