Title
------
alarm for https_enabled clears five minutes before config is updated
Brief Description
-----------------
alarm for https_enabled clears five minutes before config is updated; fm alarm-list shows 250.001 alarm is absent promptly after running 'system modify --https_enabled true', but the system continues respond to http rather than https for several minutes.
Severity
--------
Minor
Steps to Reproduce
------------------
# system modify --https_enabled true; date;
# fm alarm-list | grep 250.001
# grep "\(Raise\|Clear\) system config alarm" /var/log/sysinv.log
# while true; do { grep "bind.*ssl" /etc/haproxy/haproxy.cfg && break; sleep 1; }; done; date
Expected Behavior
------------------
Alarm remains until cfg file us updated
Actual Behavior
----------------
Alarm clears promptly, but config file is not updated for another 5 minutes
Reproducibility
---------------
Reproducible
System Configuration
--------------------
standard controller
Branch/Pull Time/Commit
-----------------------
2019-01-16_20-18-01
starlingx/master
Timestamp/Logs
--------------
# system modify --https_enabled true; date;
...
| https_enabled | True |
...
Fri Jan 18 13:43:52 UTC 2019
grplist="$( echo "update https to.*https_enabled
req-6e6ec72b-a833-4a8e-8485-625e616d7bf3
281203db-dcb2-4843-94ca-6d0bbbbe188a
6f80f124-3d7d-4aa2-9ab9-18e4b9391bfd
Clear system config alarm
Raise system config alarm" | sed ':a;N;$!ba;s/\n/\\\|/g' )"
grep "$grplist" /var/log/sysinv.log"
2019-01-18 13:43:46.693 7253 INFO sysinv.api.controllers.v1.system [-] update https to {u'vswitch_type': u'ovs-dpdk', u'sdn_enabled': False, u'shared_services': u'[]', u'https_enabled': True, u'kubernetes_enabled': False, u'region_config': False}
2019-01-18 13:43:46.730 3994 INFO sysinv.conductor.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] _config_selfsigned_certificate mode=ssl file=/etc/ssl/private/self-signed-server-cert.pem
2019-01-18 13:43:46.734 3994 INFO sysinv.conductor.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] config_certificate signature=ssl_18300269710244239027
2019-01-18 13:43:46.789 3994 WARNING sysinv.conductor.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] controller-0: iconfig out of date: target 281203db-dcb2-4843-94ca-6d0bbbbe188a, applied 413b831f-52dc-4885-ab3c-4b87e3d6aa92
2019-01-18 13:43:46.789 3994 WARNING sysinv.conductor.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] SYS_I Raise system config alarm: host controller-0 config applied: 413b831f-52dc-4885-ab3c-4b87e3d6aa92 vs. target: 281203db-dcb2-4843-94ca-6d0bbbbe188a.
2019-01-18 13:43:46.906 3994 INFO sysinv.conductor.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] _config_update_hosts config_uuid=281203db-dcb2-4843-94ca-6d0bbbbe188a
2019-01-18 13:43:49.647 8394 INFO sysinv.agent.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] Agent config applied 281203db-dcb2-4843-94ca-6d0bbbbe188a
2019-01-18 13:43:49.746 3994 WARNING sysinv.conductor.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] controller-0: iconfig out of date: target 6f80f124-3d7d-4aa2-9ab9-18e4b9391bfd, applied 413b831f-52dc-4885-ab3c-4b87e3d6aa92
2019-01-18 13:43:49.747 3994 WARNING sysinv.conductor.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] SYS_I Raise system config alarm: host controller-0 config applied: 413b831f-52dc-4885-ab3c-4b87e3d6aa92 vs. target: 6f80f124-3d7d-4aa2-9ab9-18e4b9391bfd.
2019-01-18 13:43:49.810 3994 INFO sysinv.conductor.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] _config_update_hosts config_uuid=6f80f124-3d7d-4aa2-9ab9-18e4b9391bfd
2019-01-18 13:43:49.898 3994 INFO sysinv.conductor.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] SYS_I Clear system config alarm: controller-0
2019-01-18 13:43:52.814 8394 INFO sysinv.agent.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] config_apply_runtime_manifest: 6f80f124-3d7d-4aa2-9ab9-18e4b9391bfd {u'classes': [u'platform::haproxy::runtime', u'openstack::keystone::endpoint::runtime', u'openstack::horizon::runtime', u'openstack::nova::api::runtime', u'openstack::heat::engine::runtime'], u'force': False, u'personalities': [u'controller']} controller
2019-01-18 13:43:52.815 8394 INFO sysinv.agent.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] controller-active
2019-01-18 13:43:52.816 8394 INFO sysinv.agent.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] _apply_runtime_manifest with hieradata_path = '/opt/platform/puppet/19.01/hieradata'
2019-01-18 13:46:42.767 7252 INFO sysinv.api.controllers.v1.host [-] controller-0 ihost_patch_start_2019-01-18-13-46-42 patch
2019-01-18 13:46:42.768 7252 INFO sysinv.api.controllers.v1.host [-] controller-0 ihost_patch_end. No changes from mtce/1.0.
2019-01-18 13:50:10.581 8394 INFO sysinv.agent.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] Agent config applied 6f80f124-3d7d-4aa2-9ab9-18e4b9391bfd
2019-01-18 13:50:10.679 3994 INFO sysinv.conductor.manager [req-6e6ec72b-a833-4a8e-8485-625e616d7bf3 admin admin] SYS_I Clear system config alarm: controller-0
Minor issue; does not gate the upcoming release, but could be a good learning opportunity for someone ramping up on StarlingX.