Bug 1017878

Summary: SNI Proxy needs migration for existing applications
Product: OpenShift Online Reporter: Rob Millner <rmillner>
Component: ContainersAssignee: Rob Millner <rmillner>
Status: CLOSED CURRENTRELEASE QA Contact: libra bugs <libra-bugs>
Severity: high Docs Contact:
Priority: high    
Version: 2.xCC: chunchen, mfisher
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-10-17 13:35:02 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Rob Millner 2013-10-10 16:38:44 UTC 
Description of problem:

Existing applications with aliases require a migration before they can add the SNI cartridge or the aliases will be inconsistent.

The API generally assumes that frontends have been created before using them and a new plugin will be a clean slate.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Disable the SNI proxy and restart mcollective
2. Create applications
3. Add aliases
4. Enable the SNI proxy and restart mcollective
5. run oo-frontend-plugin-modify --save

Actual results:
Step 5 fails on an exception

Expected results:
Step 5 succeeds to dump the frontend configuration for a gear.

Additional info:
Think about a module specific migration.  I don't like the idea of deleting the whole configuration and recreating it on a busy prod node.  That will cause downtime and make a mess.
Comment 1 Rob Millner 2013-10-10 18:33:49 UTC 
To disable and enable the SNI proxy, edit /etc/openshift/node.conf and remove or add "openshift-origin-frontend-haproxy-sni-proxy" to the OPENSHIFT_FRONTEND_HTTP_PLUGINS parameter.
Comment 2 openshift-github-bot 2013-10-10 20:03:07 UTC 
Commit pushed to master at https://github.com/openshift/origin-server

https://github.com/openshift/origin-server/commit/362257caf788bd985c72a93f5559873675fb1918
Bug 1017878 - Do not fail if the module was not initialized.
Comment 3 Rob Millner 2013-10-10 20:11:01 UTC 
Also added a migration script to be run on every application serving node:
rhc-populate-sni-proxy

https://github.com/openshift/li/pull/1971
Comment 4 chunchen 2013-10-11 07:51:57 UTC 
It's fixed, verified on devenv_3885, please refer to the followint results:

1. Disable the SNI proxy and restart mcollective
2. Create applications
rhc app create cmk20 mock-0.4 --no-git
3. Add aliases
rhc alias add cmk20 c.m.com
4. Enable the SNI proxy and restart mcollective
5. run oo-frontend-plugin-modify --save

# oo-frontend-plugin-modify --save
Backing up 14 frontends.
[
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"52578f1632d13e6593000007","fqdn":"cmk89-cdm.dev.rhcloud.com","container_name":"cmk89","namespace":"cdm","connections":[["TLS_PORT_1","127.1.244.1:8123",{"protocols":["tls"]}]],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"5257909132d13e6593000021","fqdn":"cmk8-cdm.dev.rhcloud.com","container_name":"cmk8","namespace":"cdm","connections":[["TLS_PORT_1","127.1.244.129:8123",{"protocols":["tls"]}]],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"525790da32d13e659300003b","fqdn":"cmk-cdm.dev.rhcloud.com","container_name":"cmk","namespace":"cdm","connections":[["TLS_PORT_1","127.1.245.1:8123",{"protocols":["tls"]}]],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"5257917132d13e6593000055","fqdn":"cmk1-cdm.dev.rhcloud.com","container_name":"cmk1","namespace":"cdm","connections":[["TLS_PORT_1","127.1.245.129:8123",{"protocols":["tls"]}]],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"5257921632d13e659300006f","fqdn":"crb18-cdm.dev.rhcloud.com","container_name":"crb18","namespace":"cdm","connections":[["","127.1.246.1:8080",{"protocols":["http","ws"],"connections":5,"bandwidth":100,"websocket":1}],["/health","",{"protocols":["http"],"health":1}]],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"525793b132d13e659300008a","fqdn":"cmk2-cdm.dev.rhcloud.com","container_name":"cmk2","namespace":"cdm","connections":[],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"5257941132d13e65930000a2","fqdn":"cmk3-cdm.dev.rhcloud.com","container_name":"cmk3","namespace":"cdm","connections":[],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"5257946e32d13e65930000ba","fqdn":"cmk4-cdm.dev.rhcloud.com","container_name":"cmk4","namespace":"cdm","connections":[],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"5257949b32d13e65930000d2","fqdn":"cmk5-cdm.dev.rhcloud.com","container_name":"cmk5","namespace":"cdm","connections":[],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"525794e032d13e65930000ea","fqdn":"cmk6-cdm.dev.rhcloud.com","container_name":"cmk6","namespace":"cdm","connections":[["TLS_PORT_1","127.1.248.129:8123",{"protocols":["tls"]}]],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"525795b632d13e6593000104","fqdn":"cmk7-cdm.dev.rhcloud.com","container_name":"cmk7","namespace":"cdm","connections":[],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"52579de332d13e6593000120","fqdn":"phpfirst-nweidomain.dev.rhcloud.com","container_name":"phpfirst","namespace":"nweidomain","connections":[["","127.1.249.129:8080",{"protocols":["http","ws"],"connections":5,"bandwidth":100,"websocket":1}],["/health","",{"protocols":["http"],"health":1}]],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"5257a4a932d13e6593000140","fqdn":"cmk18-cdm.dev.rhcloud.com","container_name":"cmk18","namespace":"cdm","connections":[["TLS_PORT_1","127.1.250.1:8123",{"protocols":["tls"]}]],"aliases":[],"ssl_certs":[],"idle":null,"sts":null}},
  {"json_class":"OpenShift::Runtime::FrontendHttpServer","data":{"container_uuid":"5257ac4b32d13e6593000172","fqdn":"cmk20-cdm.dev.rhcloud.com","container_name":"cmk20","namespace":"cdm","connections":[],"aliases":["c.m.com"],"ssl_certs":[],"idle":null,"sts":null}}
]