if you use :latest for as a tag for containers, they are not rebuilt if the container is updated

Bug #1895974 reported by Alex Schultz on 2020-09-17
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tripleo
High
Alex Schultz

Bug Description

If you use latest as the tag, the containers are fetched but they are not rebuilt to use the new container image. The old containers remain in place using the previous version of the container image. I haven't checked if the ansible managed containers still suffer from this problem, but the paunch managed containers do.

Reviewed: https://review.opendev.org/752569
Committed: https://git.openstack.org/cgit/openstack/paunch/commit/?id=be9f6a3c46f53e81fe63e8a86a0e827164474e9e
Submitter: Zuul
Branch: stable/queens

commit be9f6a3c46f53e81fe63e8a86a0e827164474e9e
Author: Alex Schultz <email address hidden>
Date: Thu Sep 17 13:19:35 2020 -0600

    Trigger container update on image id update

    NOTE: Adapted to queens due to missing backports in rocky.

    If you reuse a container tag for a new image, paunch does not currently
    rebuild the container to get the new image. This change adds logic to
    the updated check to also check the image id defined in the container
    instance against the image id for the image to see if the container
    image has changed.

    Closes-Bug: #1895974
    Change-Id: I2710497282eb4d6fa8f68dc6d50044c1ce68eb35
    (cherry picked from commit 4ae7d886db604f1ac00102803a5ea1fa2b3a479b)

tags: added: in-stable-queens
tags: added: in-stable-ussuri

Reviewed: https://review.opendev.org/752307
Committed: https://git.openstack.org/cgit/openstack/paunch/commit/?id=4ae7d886db604f1ac00102803a5ea1fa2b3a479b
Submitter: Zuul
Branch: stable/ussuri

commit 4ae7d886db604f1ac00102803a5ea1fa2b3a479b
Author: Alex Schultz <email address hidden>
Date: Wed Sep 16 14:08:28 2020 -0600

    Trigger container update on image id update

    If you reuse a container tag for a new image, paunch does not currently
    rebuild the container to get the new image. This change adds logic to
    the updated check to also check the image id defined in the container
    instance against the image id for the image to see if the container
    image has changed.

    Closes-Bug: #1895974
    Change-Id: I2710497282eb4d6fa8f68dc6d50044c1ce68eb35

Changed in tripleo:
importance: Undecided → High

Reviewed: https://review.opendev.org/752937
Committed: https://git.openstack.org/cgit/openstack/paunch/commit/?id=0cad8b341954ae77c426b177ea1d7a110a9ad7f0
Submitter: Zuul
Branch: stable/train

commit 0cad8b341954ae77c426b177ea1d7a110a9ad7f0
Author: Alex Schultz <email address hidden>
Date: Wed Sep 16 14:08:28 2020 -0600

    Trigger container update on image id update

    If you reuse a container tag for a new image, paunch does not currently
    rebuild the container to get the new image. This change adds logic to
    the updated check to also check the image id defined in the container
    instance against the image id for the image to see if the container
    image has changed.

    Closes-Bug: #1895974
    Change-Id: I2710497282eb4d6fa8f68dc6d50044c1ce68eb35
    (cherry picked from commit 4ae7d886db604f1ac00102803a5ea1fa2b3a479b)

tags: added: in-stable-train

Reviewed: https://review.opendev.org/752939
Committed: https://git.openstack.org/cgit/openstack/paunch/commit/?id=7779c4bc40016dfc481027ec5a288705db11fc0e
Submitter: Zuul
Branch: stable/rocky

commit 7779c4bc40016dfc481027ec5a288705db11fc0e
Author: Alex Schultz <email address hidden>
Date: Thu Sep 17 13:19:35 2020 -0600

    [ROCKY-Only] Trigger container update on image id update

    NOTE: Rocky is missing a few backports so this patch is rocky specific.

    If you reuse a container tag for a new image, paunch does not currently
    rebuild the container to get the new image. This change adds logic to
    the updated check to also check the image id defined in the container
    instance against the image id for the image to see if the container
    image has changed.

    Closes-Bug: #1895974
    Change-Id: I2710497282eb4d6fa8f68dc6d50044c1ce68eb35
    (cherry picked from commit 4ae7d886db604f1ac00102803a5ea1fa2b3a479b)

tags: added: in-stable-rocky

Reviewed: https://review.opendev.org/753082
Committed: https://git.openstack.org/cgit/openstack/paunch/commit/?id=e2306816b1e0efa5f3062236080435179599d8b1
Submitter: Zuul
Branch: stable/queens

commit e2306816b1e0efa5f3062236080435179599d8b1
Author: Alex Schultz <email address hidden>
Date: Mon Sep 21 10:13:17 2020 -0600

    [QUEENS Only] Always do a image pull

    In queens we use paunch to manage the images and containers. Container
    images are not updated if the image has changed but the container tag
    has not because we simply check if the container exists on disk. This
    change drops the exists check and just issues a pull for all containers
    to ensure they are up to date. In newer versions we always pre-fetch the
    containers as part of the deployment so we don't need to do this
    image management in paunch (or ansible).

    Change-Id: Icb5b949c0d9cd41328e1af3d4ec3066d6971c6fd
    Closes-Bug: #1895974

Reviewed: https://review.opendev.org/753026
Committed: https://git.openstack.org/cgit/openstack/tripleo-ansible/commit/?id=804d0ae51e83600c31e1efdb427086044347c600
Submitter: Zuul
Branch: master

commit 804d0ae51e83600c31e1efdb427086044347c600
Author: Alex Schultz <email address hidden>
Date: Mon Sep 21 09:23:45 2020 -0600

    Add image id compare

    If the image has been updated on disk, the podman_container isn't
    rebuild to use the new container. This change adds an image id check to
    the image check to see if the image name and tag are the same but the id
    of the image has changed. It should be noted that the podman_container
    does not fetch the updated image as it simply checks if it exists. A
    user needs to use podman_image with force: True prior to running
    podman_container to hit this condition.

    Change-Id: Icb718d1c1ea9b829a532c37844ffb3c8b5db5dbe
    Related-Bug: #1895974

Reviewed: https://review.opendev.org/753030
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=920c04bab8cb8e3c0c07d7b19c531c186168de1f
Submitter: Zuul
Branch: master

commit 920c04bab8cb8e3c0c07d7b19c531c186168de1f
Author: Alex Schultz <email address hidden>
Date: Mon Sep 21 09:26:00 2020 -0600

    Force container fetch

    If a user uses :latest, the container is not updated when running the
    podman_image nor is it updated by podman_container. Since
    podman_container will only pull if the container image doesn't exist, we
    need to force the container pull here to ensure we get updated
    containers as part of our deployment and updates processes.

    Depends-On: https://review.opendev.org/#/c/753026/
    Change-Id: Ia16cee016fb1af7b31e0f1c6da1e059221039ca4
    Closes-Bug: #1895974

Changed in tripleo:
status: In Progress → Fix Released

Reviewed: https://review.opendev.org/753777
Committed: https://git.openstack.org/cgit/openstack/tripleo-ansible/commit/?id=de51462d23eea30b6f67dfbed9f5669c8a492197
Submitter: Zuul
Branch: stable/ussuri

commit de51462d23eea30b6f67dfbed9f5669c8a492197
Author: Alex Schultz <email address hidden>
Date: Mon Sep 21 09:23:45 2020 -0600

    Add image id compare

    If the image has been updated on disk, the podman_container isn't
    rebuild to use the new container. This change adds an image id check to
    the image check to see if the image name and tag are the same but the id
    of the image has changed. It should be noted that the podman_container
    does not fetch the updated image as it simply checks if it exists. A
    user needs to use podman_image with force: True prior to running
    podman_container to hit this condition.

    Change-Id: Icb718d1c1ea9b829a532c37844ffb3c8b5db5dbe
    Related-Bug: #1895974
    (cherry picked from commit 804d0ae51e83600c31e1efdb427086044347c600)

Reviewed: https://review.opendev.org/753778
Committed: https://git.openstack.org/cgit/openstack/tripleo-ansible/commit/?id=aad08b2688edf1ba750e6dd542eb4f7eb3f619f4
Submitter: Zuul
Branch: stable/train

commit aad08b2688edf1ba750e6dd542eb4f7eb3f619f4
Author: Alex Schultz <email address hidden>
Date: Mon Sep 21 09:23:45 2020 -0600

    Add image id compare

    If the image has been updated on disk, the podman_container isn't
    rebuild to use the new container. This change adds an image id check to
    the image check to see if the image name and tag are the same but the id
    of the image has changed. It should be noted that the podman_container
    does not fetch the updated image as it simply checks if it exists. A
    user needs to use podman_image with force: True prior to running
    podman_container to hit this condition.

    Change-Id: Icb718d1c1ea9b829a532c37844ffb3c8b5db5dbe
    Related-Bug: #1895974
    (cherry picked from commit 804d0ae51e83600c31e1efdb427086044347c600)

Reviewed: https://review.opendev.org/755303
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=114c9551bf7c49fcdeb3994c2729c9cdf5889edc
Submitter: Zuul
Branch: stable/train

commit 114c9551bf7c49fcdeb3994c2729c9cdf5889edc
Author: Alex Schultz <email address hidden>
Date: Mon Sep 21 09:26:00 2020 -0600

    Force container fetch

    If a user uses :latest, the container is not updated when running the
    podman_image nor is it updated by podman_container. Since
    podman_container will only pull if the container image doesn't exist, we
    need to force the container pull here to ensure we get updated
    containers as part of our deployment and updates processes.

    Depends-On: https://review.opendev.org/#/c/753778
    Change-Id: Ia16cee016fb1af7b31e0f1c6da1e059221039ca4
    Closes-Bug: #1895974
    (cherry picked from commit 920c04bab8cb8e3c0c07d7b19c531c186168de1f)

Reviewed: https://review.opendev.org/755302
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=cd0448f0123337fdf3b64b07aecffce1b24c245a
Submitter: Zuul
Branch: stable/ussuri

commit cd0448f0123337fdf3b64b07aecffce1b24c245a
Author: Alex Schultz <email address hidden>
Date: Mon Sep 21 09:26:00 2020 -0600

    Force container fetch

    If a user uses :latest, the container is not updated when running the
    podman_image nor is it updated by podman_container. Since
    podman_container will only pull if the container image doesn't exist, we
    need to force the container pull here to ensure we get updated
    containers as part of our deployment and updates processes.

    Depends-On: https://review.opendev.org/#/c/753026/
    Change-Id: Ia16cee016fb1af7b31e0f1c6da1e059221039ca4
    Closes-Bug: #1895974
    (cherry picked from commit 920c04bab8cb8e3c0c07d7b19c531c186168de1f)

Reviewed: https://review.opendev.org/752938
Committed: https://git.openstack.org/cgit/openstack/paunch/commit/?id=6b64778ecfbf2c7d9f7de146dfe725db543df27e
Submitter: Zuul
Branch: stable/stein

commit 6b64778ecfbf2c7d9f7de146dfe725db543df27e
Author: Alex Schultz <email address hidden>
Date: Wed Sep 16 14:08:28 2020 -0600

    Trigger container update on image id update

    If you reuse a container tag for a new image, paunch does not currently
    rebuild the container to get the new image. This change adds logic to
    the updated check to also check the image id defined in the container
    instance against the image id for the image to see if the container
    image has changed.

    Closes-Bug: #1895974
    Change-Id: I2710497282eb4d6fa8f68dc6d50044c1ce68eb35
    (cherry picked from commit 4ae7d886db604f1ac00102803a5ea1fa2b3a479b)

tags: added: in-stable-stein

This issue was fixed in the openstack/paunch 5.4.0 release.

This issue was fixed in the openstack/tripleo-heat-templates 11.4.0 release.

This issue was fixed in the openstack/paunch rocky-eol release.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers