[pike] novajoin user

Bug #1714991 reported by Cédric Jeanneret deactivated
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
puppet-nova
High
Juan Antonio Osorio Robles

Bug Description

Dear Stackers,

Since Pike, the novajoin-server and novajoin-notify servies run as "novajoin" user. In Ocata, it was running as "nova" user.

If you upgrade from Ocata to Pike, the novajoin services won't be able to write in their log anymore because of the services user change - the logfiles ownership aren't updated.

One might think "ok there's logrotate", but logrotate won't rotate the file anymore as well:
it's rotating based on two rules:
- log file is older than 1 week (weekly)
- log file is bigger than 10M
Those rules are applied with an logical AND - since the log aren't written anymore, the sizde won't increase, thus logrotate won't rotate the logs, thus…

This situation might lead to a (very) high load on the undercloud server due to python trying and trying over to write its logs in a file it can't write.

The spec file shipped with the novajoin package does take care of the /var/log/novajoin directory, but not of its content.

A solution would be to ensure with puppet the files exist (doesn't break anything) and with the right ownership - I don't know if rpm can do the same for files as it does for the directory.

Thank you for your work!

Cheers,

C.

Changed in tripleo:
importance: Undecided → High
Changed in tripleo:
milestone: none → pike-rc2
assignee: nobody → Juan Antonio Osorio Robles (juan-osorio-robles)
status: New → Triaged
affects: tripleo → puppet-nova
Changed in puppet-nova:
milestone: pike-rc2 → none
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to puppet-nova (master)

Reviewed: https://review.openstack.org/500690
Committed: https://git.openstack.org/cgit/openstack/puppet-nova/commit/?id=0a71535c4ead69b3d93473d75f986c2b63ab0fd3
Submitter: Jenkins
Branch: master

commit 0a71535c4ead69b3d93473d75f986c2b63ab0fd3
Author: Juan Antonio Osorio Robles <email address hidden>
Date: Tue Sep 5 09:58:09 2017 +0300

    Ensure novajoin's log directory ownership is correct

    From ocata to pike, the log ownership changed. So here we make sure that
    it changes on update via puppet.

    Change-Id: I767b53801bc40a22a403c3e89498c3aa099bc162
    Closes-Bug: #1714991

Changed in puppet-nova:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to puppet-nova (stable/pike)

Fix proposed to branch: stable/pike
Review: https://review.openstack.org/501665

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to puppet-nova (stable/pike)

Reviewed: https://review.openstack.org/501665
Committed: https://git.openstack.org/cgit/openstack/puppet-nova/commit/?id=a4a6ca8b43ea644a81bee9cec2facea7a866e460
Submitter: Jenkins
Branch: stable/pike

commit a4a6ca8b43ea644a81bee9cec2facea7a866e460
Author: Juan Antonio Osorio Robles <email address hidden>
Date: Tue Sep 5 09:58:09 2017 +0300

    Ensure novajoin's log directory ownership is correct

    From ocata to pike, the log ownership changed. So here we make sure that
    it changes on update via puppet.

    Change-Id: I767b53801bc40a22a403c3e89498c3aa099bc162
    Closes-Bug: #1714991
    (cherry picked from commit 0a71535c4ead69b3d93473d75f986c2b63ab0fd3)

tags: added: in-stable-pike
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/puppet-nova 11.4.0

This issue was fixed in the openstack/puppet-nova 11.4.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/puppet-nova 12.0.0

This issue was fixed in the openstack/puppet-nova 12.0.0 release.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers