haproxy fails to start after subcloud upgrade-activate
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Andy |
Bug Description
Brief Description
-----------------
After running upgrade-activate on the subcloud haproxy went offline. This caused an outage of many services. This was caused by an empty /etc/ssl/
There were no errors in the logs from 85-update-
We need to at least validate the data before we write it to the admin-ep-cert.pem file. It the data is empty or not an x509 cert we need to fail the script and leave the file intact.
Severity
--------
Major
Steps to Reproduce
------------------
Upgrade subcloud from 20.06 to 20.12
Run upgrade-activate
Expected Behavior
------------------
admin-ep-cert.pem is populated correctly. haproxy restarts successfully
Actual Behavior
----------------
admin-ep-cert.pem is empty. haproxy fails to start
Reproducibility
---------------
Likely intermittent
System Configuration
-------
VBox DC system. AIO-DX system controller, AIO-SX subcloud
Branch/Pull Time/Commit
-------
Latest from master
Last Pass
---------
Unknown
Timestamp/Logs
--------------
Starts around
2021-01-
Test Activity
-------------
Developer Testing
Workaround
----------
Run
kubectl --kubeconfig=
kubectl --kubeconfig=
Write the output to
/etc/ssl/
cp /etc/ssl/
Changed in starlingx: | |
assignee: | nobody → Andy (andy.wrs) |
status: | New → In Progress |
tags: | added: stx.5.0 stx.update |
Changed in starlingx: | |
importance: | Undecided → Medium |
Review: https:/ /review. opendev. org/c/starlingx /config/ +/776716
Merged on: 2021-02-26