DC: subcloud remote install boots with ostree commit of Partial-Apply patch
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Christopher de Oliveira Souza |
Bug Description
Brief Description
-------
When a patch has been uploaded and applied, but not installed, it is in Partial-Apply state.
If a remote subcloud is installed via redfish (miniboot) at this point, it will end up running the patched software.
Severity
-------
<Major: System/Feature is usable but degraded>
Steps to Reproduce
-------------------
On system controller:
sudo sw-patch upload ./22.12_
sudo sw-patch apply 22.12_NRR_INSVC
sudo sw-patch query # (will show in Partial-Apply state)
Now check the ostree log of both ostree repos on the system controller:
ostree --repo=
ostree --repo=
This is normal. The feed repo has the new commit, but it is not 'running' yet (not in sysroot repo).
Now install a subcloud via redfish.
The problem will be seen by running the same two ostree log commands as above, but on the subcloud. You will see that the subcloud sysroot repo has the new commit, meaning the subcloud is running the patched software.
(see Logs section below for example).
Expected Behavior
-------
The subcloud should not be running the patched software.
Actual Behavior
-------
The sysroot repo on the subcloud has the patched ostree commit. The subcloud has booted running with this commit, meaning it is running the patch.
Root cause: This behaviour is caused by the subcloud doing an ostree repo pull from the system controller 'feed' repo (it has to because that repo is the only one available over http). It therefore ends up getting the patched commit.
Reproducibility
------------------
Reproducible
System Configuration
-------------------
DC
Load info (eg: 2022-03-
-------------------
N/A
Last Pass
-------------------
N/A
Timestamp/Logs
-------
If you examine the ostree log output on each you will see that the subcloud is running the Partial-Apply patch commit (as evidenced by the /sysroot/
On System Controller:
[sysadmin@
22.12_NRR_INSVC is already imported. Updated metadata only[sysadmin@
22.12_NRR_INSVC is now in the repo[sysadmin@
~(keystone_admin)]$ ostree --repo=
commit e92f4b31d1de372
ContentChecksum: 372d31488fabae9
Date: 2022-11-23 10:05:06 +0000 Commit-id: starlingx-
ContentChecksum: f8b58b64590d0fb
Date: 2022-11-23 09:14:09 +0000 Commit-id: starlingx-
[sysadmin@
commit e8294f0f26922ff
ContentChecksum: f8b58b64590d0fb
Date: 2022-11-23 09:14:09 +0000 Commit-id: starlingx-
On installed subcloud:
sysadmin@
commit e92f4b31d1de372
ContentChecksum: 372d31488fabae9
Date: 2022-11-23 10:05:06 +0000 Commit-id: starlingx-
sysadmin@
commit e92f4b31d1de372
ContentChecksum: 372d31488fabae9
Date: 2022-11-23 10:05:06 +0000 Commit-id: starlingx-
ContentChecksum: f8b58b64590d0fb
Date: 2022-11-23 09:14:09 +0000 Commit-id: starlingx-
Alarms
------------------
N/A
Test Activity
------------------
Developer Testing
Workaround
------------------
N/A
Changed in starlingx: | |
assignee: | nobody → Christopher de Oliveira Souza (cdeolive) |
Changed in starlingx: | |
importance: | Undecided → Medium |
tags: | added: stx.9.0 stx.distcloud |
Fix proposed to branch: master /review. opendev. org/c/starlingx /distcloud/ +/873369
Review: https:/