Comment 10 for bug 1434680
Revision history for this message
| Menno Finlay-Smits (menno.smits) wrote Re: 1.22.0 cannot upgrade to 1.23-beta1 or 1.24-alpha1 | #10 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
The root cause is actually fairly convoluted.
Rev 3734d91 exposed the problem but it isn't actually the source. That change makes only a small non-functional cleanup to the juju-db upstart script. However, because the upstart script has changed, jujud writes out a new server.pem and restarts juju-db as it starts up into 1.23 or 1.24.
The issue is that the new server.pem is generated from the same cert and key as is the API server and since version 1.22 the certupdater worker keeps API server cert in sync with state server address changes. It also identifies the certifcate as originating from the "localhost" and "juju-apiserver" hostnames. Juju's mongodb client connection code expects a certificate for "juju-mongodb" causes connections to mongo to fail once mongo is using the new certificate file.
Although it is possible to trigger this problem through upgrades, the bug isn't really upgrade related. It is also possible to trigger it with 1.22 alone by making any edit to juju-db upstart script and restarting jujud.
Updating the ticket title to reflect this.