| 2017-10-13 17:00:16 |
Drew Freiberger |
bug |
|
|
added bug |
| 2017-10-13 18:13:32 |
Junien F |
bug |
|
|
added subscriber Junien Fridrick |
| 2017-10-17 07:43:43 |
Frode Nordahl |
bug task added |
|
openvswitch (Ubuntu) |
|
| 2017-10-17 07:44:16 |
Frode Nordahl |
summary |
openvswitch-switch package upgrade triggers openvswitch-switch service restart |
openvswitch-switch package upgrade overwrites /etc/default/openvswitch-switch |
|
| 2017-10-17 07:45:32 |
Frode Nordahl |
charm-neutron-openvswitch: status |
New |
Invalid |
|
| 2017-10-17 07:48:28 |
Frode Nordahl |
openvswitch (Ubuntu): importance |
Undecided |
High |
|
| 2017-10-17 07:48:36 |
Frode Nordahl |
openvswitch (Ubuntu): assignee |
|
Frode Nordahl (fnordahl) |
|
| 2017-10-17 07:48:42 |
Frode Nordahl |
openvswitch (Ubuntu): status |
New |
Triaged |
|
| 2017-10-17 07:53:15 |
Frode Nordahl |
openvswitch (Ubuntu): status |
Triaged |
Confirmed |
|
| 2017-10-17 12:48:01 |
Frode Nordahl |
summary |
openvswitch-switch package upgrade overwrites /etc/default/openvswitch-switch |
openvswitch-switch package postinst modifies existing configuration |
|
| 2017-10-17 16:29:42 |
Frode Nordahl |
attachment added |
|
openvswitch.patch https://bugs.launchpad.net/ubuntu/+source/openvswitch/+bug/1723480/+attachment/4973848/+files/openvswitch.patch |
|
| 2017-10-17 16:43:50 |
Frode Nordahl |
attachment added |
|
openvswitch-zesty.patch https://bugs.launchpad.net/ubuntu/+source/openvswitch/+bug/1723480/+attachment/4973882/+files/openvswitch-zesty.patch |
|
| 2017-10-17 16:44:19 |
Frode Nordahl |
attachment added |
|
openvswitch-xenial.patch https://bugs.launchpad.net/ubuntu/+source/openvswitch/+bug/1723480/+attachment/4973883/+files/openvswitch-xenial.patch |
|
| 2017-10-17 16:50:28 |
Frode Nordahl |
bug watch added |
|
mailto:dev@openvswitch.org |
|
| 2017-10-17 16:50:28 |
Frode Nordahl |
bug task added |
|
openvswitch |
|
| 2017-10-17 17:57:28 |
Ryan Beisner |
tags |
canonical-bootstack canonical-is sts |
canonical-bootstack canonical-is sts uosci |
|
| 2017-10-17 20:18:45 |
James Page |
nominated for series |
|
Ubuntu Zesty |
|
| 2017-10-17 20:18:45 |
James Page |
bug task added |
|
openvswitch (Ubuntu Zesty) |
|
| 2017-10-17 20:18:45 |
James Page |
nominated for series |
|
Ubuntu Artful |
|
| 2017-10-17 20:18:45 |
James Page |
bug task added |
|
openvswitch (Ubuntu Artful) |
|
| 2017-10-17 20:18:45 |
James Page |
nominated for series |
|
Ubuntu Xenial |
|
| 2017-10-17 20:18:45 |
James Page |
bug task added |
|
openvswitch (Ubuntu Xenial) |
|
| 2017-10-17 20:18:51 |
James Page |
openvswitch (Ubuntu Zesty): status |
New |
Triaged |
|
| 2017-10-17 20:18:53 |
James Page |
openvswitch (Ubuntu Xenial): status |
New |
Triaged |
|
| 2017-10-17 20:18:55 |
James Page |
openvswitch (Ubuntu Zesty): importance |
Undecided |
High |
|
| 2017-10-17 20:18:57 |
James Page |
openvswitch (Ubuntu Xenial): importance |
Undecided |
High |
|
| 2017-10-17 20:19:00 |
James Page |
openvswitch (Ubuntu Artful): status |
Confirmed |
Triaged |
|
| 2017-10-17 20:19:33 |
James Page |
openvswitch: status |
New |
Invalid |
|
| 2017-10-17 20:19:44 |
James Page |
bug task added |
|
cloud-archive |
|
| 2017-10-17 20:19:49 |
Ubuntu Foundations Team Bug Bot |
tags |
canonical-bootstack canonical-is sts uosci |
canonical-bootstack canonical-is patch sts uosci |
|
| 2017-10-17 20:19:56 |
Ubuntu Foundations Team Bug Bot |
bug |
|
|
added subscriber Ubuntu Sponsors Team |
| 2017-10-17 20:20:08 |
James Page |
nominated for series |
|
cloud-archive/newton |
|
| 2017-10-17 20:20:08 |
James Page |
bug task added |
|
cloud-archive/newton |
|
| 2017-10-17 20:20:08 |
James Page |
nominated for series |
|
cloud-archive/pike |
|
| 2017-10-17 20:20:08 |
James Page |
bug task added |
|
cloud-archive/pike |
|
| 2017-10-17 20:20:08 |
James Page |
nominated for series |
|
cloud-archive/mitaka |
|
| 2017-10-17 20:20:08 |
James Page |
bug task added |
|
cloud-archive/mitaka |
|
| 2017-10-17 20:20:08 |
James Page |
nominated for series |
|
cloud-archive/ocata |
|
| 2017-10-17 20:20:08 |
James Page |
bug task added |
|
cloud-archive/ocata |
|
| 2017-10-17 20:20:18 |
James Page |
cloud-archive/mitaka: importance |
Undecided |
High |
|
| 2017-10-17 20:20:18 |
James Page |
cloud-archive/mitaka: status |
New |
Triaged |
|
| 2017-10-17 20:20:31 |
James Page |
cloud-archive/newton: importance |
Undecided |
High |
|
| 2017-10-17 20:20:31 |
James Page |
cloud-archive/newton: status |
New |
Triaged |
|
| 2017-10-17 20:20:42 |
James Page |
cloud-archive/ocata: importance |
Undecided |
High |
|
| 2017-10-17 20:20:42 |
James Page |
cloud-archive/ocata: status |
New |
Triaged |
|
| 2017-10-17 20:20:52 |
James Page |
cloud-archive/pike: importance |
Undecided |
High |
|
| 2017-10-17 20:20:52 |
James Page |
cloud-archive/pike: status |
New |
Triaged |
|
| 2017-10-18 08:24:06 |
Frode Nordahl |
description |
Similar to, but slightly different from bug 1712444, we have found the upgrade of the openvswitch-switch package by unattended-upgrade (or otherwise) will trigger the service restart of openvswitch-switch within the neutron-openvswitch charm if the config-changed hook is called.
While this is a reasonable behavior based on an assumption that if the /etc/default/openvswitch-switch file changes due to upgrade and the charm resets it to the charm-configured version of the file, we should want to restart the service to be on the latest code. However, the restart of the service causes between 6-12 seconds of network outage for the tenant VMs utilizing OVS.
Would it be possible to have a config-flag to disable the charm's ability to restart the openvswitch-switch service outside of the install hook to avoid automated network outages due to package upgrades?
Elsewise, is there a way to serialize the resulting restarts in such a way that only one member of the neutron-openvswitch application/service is restarting at a time along with a buffer to allow for high availability applications to failover and fail back and not be afflicted by multiple nodes' switches being restarted simultaneously. |
[Impact]
* When using OpenvSwitch in a modeled or configuration managed environment unmotivated changes to configuration files like /etc/default/openvswitch-switch will lead unnecessary service restarts on future events in a deployment.
* Restarting the openvswitch-switch service impacts datapath and should be avoided. Any future updates or security updates to this package will cause problems for existing users and I believe the package in the stable release should be updated because of this.
* I also believe having a package change existing configuration files to be in conflict with best practices set out in the config files section of the Debian Policy.
* The proposed fix addresses the issue by removing the processing of /etc/default/openvsiwtch-switch from the postinst script. The template for this processing is installed in /usr/share/openvswitch/switch/default.template should the user want to view comments added there in future updates.
[Test Case]
* apt install openvswitch-switch
* edit /etc/default/openvswitch-switch, removing one of the commented out sections
* apt remove openvswitch-switch
* stat /etc/default/openvswitch-switch
* Observe that your modified configuration file remains
* apt install openvswitch-switch
* stat /etc/default/openvswitch-switch
* Observe that the openvswitch-switch package has added comments to your modified configuration file
* Repeat these steps with the proposed fix and observe that the configuration file is no longer modified by the package postinst script.
[Regression Potential]
* The current postinst script aims at adding non-existing sections of the template to the default file in /etc. These sections are commented out and have no effect on the running service.
* End users will find any new configuration options in the template
[Original Bug Description]
Similar to, but slightly different from bug 1712444, we have found the upgrade of the openvswitch-switch package by unattended-upgrade (or otherwise) will trigger the service restart of openvswitch-switch within the neutron-openvswitch charm if the config-changed hook is called.
While this is a reasonable behavior based on an assumption that if the /etc/default/openvswitch-switch file changes due to upgrade and the charm resets it to the charm-configured version of the file, we should want to restart the service to be on the latest code. However, the restart of the service causes between 6-12 seconds of network outage for the tenant VMs utilizing OVS.
Would it be possible to have a config-flag to disable the charm's ability to restart the openvswitch-switch service outside of the install hook to avoid automated network outages due to package upgrades?
Elsewise, is there a way to serialize the resulting restarts in such a way that only one member of the neutron-openvswitch application/service is restarting at a time along with a buffer to allow for high availability applications to failover and fail back and not be afflicted by multiple nodes' switches being restarted simultaneously. |
|
| 2017-10-18 08:34:10 |
Frode Nordahl |
tags |
canonical-bootstack canonical-is patch sts uosci |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci |
|
| 2017-10-19 10:10:42 |
James Page |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2017-10-19 10:10:43 |
James Page |
removed subscriber Ubuntu Sponsors Team |
|
|
|
| 2017-10-19 10:18:25 |
Adam Conrad |
openvswitch (Ubuntu Artful): status |
Triaged |
Fix Committed |
|
| 2017-10-19 10:18:28 |
Adam Conrad |
bug |
|
|
added subscriber SRU Verification |
| 2017-10-19 10:18:31 |
Adam Conrad |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-needed verification-needed-artful |
|
| 2017-10-19 10:21:12 |
Adam Conrad |
openvswitch (Ubuntu Zesty): status |
Triaged |
Fix Committed |
|
| 2017-10-19 10:21:17 |
Adam Conrad |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-needed verification-needed-artful |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-needed verification-needed-artful verification-needed-zesty |
|
| 2017-10-19 10:22:44 |
Adam Conrad |
openvswitch (Ubuntu Xenial): status |
Triaged |
Fix Committed |
|
| 2017-10-19 10:22:50 |
Adam Conrad |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-needed verification-needed-artful verification-needed-zesty |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-needed verification-needed-artful verification-needed-xenial verification-needed-zesty |
|
| 2017-10-19 12:20:24 |
Launchpad Janitor |
openvswitch (Ubuntu Artful): status |
Fix Committed |
Fix Released |
|
| 2017-10-19 12:32:09 |
Frode Nordahl |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-needed verification-needed-artful verification-needed-xenial verification-needed-zesty |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-needed verification-needed-xenial verification-needed-zesty |
|
| 2017-10-19 19:24:11 |
Corey Bryant |
cloud-archive/pike: status |
Triaged |
Fix Committed |
|
| 2017-10-19 19:24:13 |
Corey Bryant |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-needed verification-needed-xenial verification-needed-zesty |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-needed verification-needed-xenial verification-needed-zesty verification-pike-needed |
|
| 2017-10-20 08:08:19 |
Frode Nordahl |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-needed verification-needed-xenial verification-needed-zesty verification-pike-needed |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-done-xenial verification-needed verification-needed-zesty verification-pike-needed |
|
| 2017-10-20 08:15:28 |
James Page |
cloud-archive/mitaka: status |
Triaged |
Fix Committed |
|
| 2017-10-20 08:15:29 |
James Page |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-done-xenial verification-needed verification-needed-zesty verification-pike-needed |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-done-xenial verification-mitaka-needed verification-needed verification-needed-zesty verification-pike-needed |
|
| 2017-10-20 08:15:53 |
James Page |
cloud-archive/ocata: status |
Triaged |
Fix Committed |
|
| 2017-10-20 08:15:54 |
James Page |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-done-xenial verification-mitaka-needed verification-needed verification-needed-zesty verification-pike-needed |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-done-xenial verification-mitaka-needed verification-needed verification-needed-zesty verification-ocata-needed verification-pike-needed |
|
| 2017-10-20 08:32:20 |
Frode Nordahl |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-done-xenial verification-mitaka-needed verification-needed verification-needed-zesty verification-ocata-needed verification-pike-needed |
canonical-bootstack canonical-is done patch sts sts-sru-needed uosci verification-done-artful verification-done-xenial verification-mitaka-needed verification-needed verification-needed-zesty verification-ocata-needed verification-pike- |
|
| 2017-10-20 08:36:49 |
Frode Nordahl |
tags |
canonical-bootstack canonical-is done patch sts sts-sru-needed uosci verification-done-artful verification-done-xenial verification-mitaka-needed verification-needed verification-needed-zesty verification-ocata-needed verification-pike- |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-done-xenial verification-done-zesty verification-mitaka-needed verification-needed verification-ocata-needed verification-pike-done |
|
| 2017-10-20 08:46:50 |
Frode Nordahl |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-done-xenial verification-done-zesty verification-mitaka-needed verification-needed verification-ocata-needed verification-pike-done |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-done-xenial verification-done-zesty verification-mitaka-needed verification-needed verification-ocata-done verification-pike-done |
|
| 2017-10-20 09:59:56 |
Frode Nordahl |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done-artful verification-done-xenial verification-done-zesty verification-mitaka-needed verification-needed verification-ocata-done verification-pike-done |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done verification-done-artful verification-done-xenial verification-done-zesty verification-mitaka-done verification-ocata-done verification-pike-done |
|
| 2017-10-25 12:02:01 |
Eric Desrochers |
openvswitch (Ubuntu Zesty): assignee |
|
Frode Nordahl (fnordahl) |
|
| 2017-10-25 12:02:26 |
Eric Desrochers |
openvswitch (Ubuntu Xenial): assignee |
|
Frode Nordahl (fnordahl) |
|
| 2017-10-26 15:15:17 |
Ćukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2017-10-26 15:23:24 |
Launchpad Janitor |
openvswitch (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
| 2017-10-26 15:25:26 |
Launchpad Janitor |
openvswitch (Ubuntu Zesty): status |
Fix Committed |
Fix Released |
|
| 2017-10-30 14:47:57 |
James Page |
cloud-archive/mitaka: status |
Fix Committed |
Fix Released |
|
| 2017-10-30 14:48:55 |
James Page |
cloud-archive/ocata: status |
Fix Committed |
Fix Released |
|
| 2017-10-30 14:49:47 |
James Page |
cloud-archive/pike: status |
Fix Committed |
Fix Released |
|
| 2017-10-30 14:49:53 |
James Page |
cloud-archive: status |
Fix Committed |
Fix Released |
|
| 2017-10-31 12:06:05 |
James Page |
cloud-archive/newton: status |
Triaged |
Fix Committed |
|
| 2017-10-31 12:06:08 |
James Page |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done verification-done-artful verification-done-xenial verification-done-zesty verification-mitaka-done verification-ocata-done verification-pike-done |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done verification-done-artful verification-done-xenial verification-done-zesty verification-mitaka-done verification-newton-needed verification-ocata-done verification-pike-done |
|
| 2017-11-21 09:14:46 |
Dominique Poulain |
bug |
|
|
added subscriber Dominique Poulain |
| 2017-11-21 09:28:14 |
Frode Nordahl |
tags |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done verification-done-artful verification-done-xenial verification-done-zesty verification-mitaka-done verification-newton-needed verification-ocata-done verification-pike-done |
canonical-bootstack canonical-is patch sts sts-sru-needed uosci verification-done verification-done-artful verification-done-xenial verification-done-zesty verification-mitaka-done verification-newton-done verification-ocata-done verification-pike-done |
|
| 2017-12-04 14:46:50 |
James Page |
cve linked |
|
2017-9214 |
|
| 2017-12-04 14:46:50 |
James Page |
cve linked |
|
2017-9263 |
|
| 2017-12-04 14:46:50 |
James Page |
cve linked |
|
2017-9264 |
|
| 2017-12-04 14:46:50 |
James Page |
cve linked |
|
2017-9265 |
|
| 2017-12-04 14:46:52 |
James Page |
cloud-archive/newton: status |
Fix Committed |
Fix Released |
|
