puppet-nova

[pike] novajoin user

Bug #1714991 reported by Cédric Jeanneret deactivated on 2017-09-04

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	puppet-nova	Fix Released	High	Juan Antonio Osorio Robles

Bug Description

Dear Stackers,

Since Pike, the novajoin-server and novajoin-notify servies run as "novajoin" user. In Ocata, it was running as "nova" user.

If you upgrade from Ocata to Pike, the novajoin services won't be able to write in their log anymore because of the services user change - the logfiles ownership aren't updated.

One might think "ok there's logrotate", but logrotate won't rotate the file anymore as well:
it's rotating based on two rules:
- log file is older than 1 week (weekly)
- log file is bigger than 10M
Those rules are applied with an logical AND - since the log aren't written anymore, the sizde won't increase, thus logrotate won't rotate the logs, thus…

This situation might lead to a (very) high load on the undercloud server due to python trying and trying over to write its logs in a file it can't write.

The spec file shipped with the novajoin package does take care of the /var/log/novajoin directory, but not of its content.

A solution would be to ensure with puppet the files exist (doesn't break anything) and with the right ownership - I don't know if rpm can do the same for files as it does for the directory.

Thank you for your work!

Cheers,

Tags:

Juan Antonio Osorio Robles (juan-osorio-robles) on 2017-09-04

Changed in tripleo:
importance:	Undecided → High

Emilien Macchi (emilienm) on 2017-09-04

Changed in tripleo:
milestone:	none → pike-rc2
assignee:	nobody → Juan Antonio Osorio Robles (juan-osorio-robles)
status:	New → Triaged

Juan Antonio Osorio Robles (juan-osorio-robles) on 2017-09-05

affects:	tripleo → puppet-nova
Changed in puppet-nova:
milestone:	pike-rc2 → none
status:	Triaged → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-09-07: Fix merged to puppet-nova (master)

Reviewed: https://review.openstack.org/500690
Committed: https://git.openstack.org/cgit/openstack/puppet-nova/commit/?id=0a71535c4ead69b3d93473d75f986c2b63ab0fd3
Submitter: Jenkins
Branch: master

commit 0a71535c4ead69b3d93473d75f986c2b63ab0fd3
Author: Juan Antonio Osorio Robles <email address hidden>
Date: Tue Sep 5 09:58:09 2017 +0300

Ensure novajoin's log directory ownership is correct

From ocata to pike, the log ownership changed. So here we make sure that
it changes on update via puppet.

Change-Id: I767b53801bc40a22a403c3e89498c3aa099bc162
Closes-Bug: #1714991

Changed in puppet-nova:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-09-07: Fix proposed to puppet-nova (stable/pike)

Fix proposed to branch: stable/pike
Review: https://review.openstack.org/501665

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-09-07: Fix merged to puppet-nova (stable/pike)

Reviewed: https://review.openstack.org/501665
Committed: https://git.openstack.org/cgit/openstack/puppet-nova/commit/?id=a4a6ca8b43ea644a81bee9cec2facea7a866e460
Submitter: Jenkins
Branch: stable/pike

commit a4a6ca8b43ea644a81bee9cec2facea7a866e460
Author: Juan Antonio Osorio Robles <email address hidden>
Date: Tue Sep 5 09:58:09 2017 +0300

Ensure novajoin's log directory ownership is correct

From ocata to pike, the log ownership changed. So here we make sure that
it changes on update via puppet.

    Change-Id: I767b53801bc40a22a403c3e89498c3aa099bc162
    Closes-Bug: #1714991
    (cherry picked from commit 0a71535c4ead69b3d93473d75f986c2b63ab0fd3)