Bug 1121727

Summary: Openshift overwrites postgresql.conf during restart, destroying SSL configuration
Product: OpenShift Online Reporter: JVerstry <tshikatshikaaa>
Component: ImageAssignee: Ben Parees <bparees>
Status: CLOSED CURRENTRELEASE QA Contact: libra bugs <libra-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 2.xCC: bmeng, chunchen, jialiu, jokerman, jurgencuiza, lmeyer, mmccomas, tshikatshikaaa
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-10 00:49:14 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
development logs none

Description JVerstry 2014-07-21 17:40:00 UTC 
Description of problem:

Openshift overwrites PostgreSql configuration file when an application restart is performed (with rhc for example or when pushing changes).

Implementing SSL communications to database requires adding 'ssl = on' in postgresql.conf. The restart overwrites the existing configuration file (as confirmed by someone on IRC). 

Version-Release number of selected component (if applicable):

Unknown


How reproducible:

Steps to Reproduce:
1. Create an application with a PostgreSql database. 
2. Modify postgresql.conf.
3. Restart the application.


Actual results:

Overwriting of postgresql.conf.


Expected results:

No overwritting of postgresql.conf


Additional info:

A question has been opened on Stackoverflow: http://stackoverflow.com/questions/24869485/openshift-overwrites-postgresql-conf-during-restart
Comment 1 Dan McPherson 2014-07-21 17:42:34 UTC 
We'll need to add a new env var for turning ssl on.
Comment 2 Ben Parees 2014-07-21 18:37:44 UTC 
Will add logic such that if OPENSHIFT_POSTGRESQL_SSL_ENABLED is set to "true" (case insensitive), "ssl = on" will be added to the config whenever it is generated.

Note that postgres still requires significant other configuration to enable ssl (generation and placement of certs), which I am not addressing with this fix:

http://www.postgresql.org/docs/8.4/static/ssl-tcp.html
Comment 3 Ben Parees 2014-07-22 19:49:52 UTC 
https://github.com/openshift/origin-server/pull/5635
Comment 4 chunchen 2014-07-23 03:19:11 UTC 
Checked on devenv_4996, the Postgresql can not be restarted after setting the OPENSHIFT_POSTGRESQL_SSL_ENABLED variable, please refer to the following results:

1. Create an app with postgresql
rhc app create cphp php-5.4 postgresql-9 --no-git 

2. Set the OPENSHIFT_POSTGRESQL_SSL_ENABLED variable
rhc env-set  OPENSHIFT_POSTGRESQL_SSL_ENABLED="true" -a cphp
OR
rhc env-set  OPENSHIFT_POSTGRESQL_SSL_ENABLED=true -a cphp

3. Try to restart Postgresql
rhc cartridge restart postgresql -a cphp

Results:
Using postgresql-9.2 (PostgreSQL 9.2) for 'postgresql'
Restarting postgresql-9.2 ... 
Failed to execute: 'control restart' for /var/lib/openshift/53cf5ddc4d319b165900000a/postgresql

FYI, please also refer to the logs at attachment.
Comment 5 chunchen 2014-07-23 03:21:12 UTC 
Created attachment 920080 [details]
development logs
Comment 6 Ben Parees 2014-07-23 04:13:14 UTC 
This is expected per comment 2.  Additional configuration is required to enable ssl. I will see if a more useful error can be logged when the configuration is not present.
Comment 7 Ben Parees 2014-07-24 22:21:57 UTC 
After further reflection, without going down a path of generating useful messages for every possible misconfiguration, I don't think there's something smart we can do here.

I debated dumping the log file to the console, but again, that's not something we do for any other cartridge that fails to start, so I'm hesistant to do it here.


So I'm marking this back to ON_QA, with emphasis on the fact that configuring SSL on postgres requires more than just setting this env var, there are manual steps required to define appropriate certs, this fix is only intended to ensure that the SSL configuration can be properly enabled in the conf file by the user and is not lost on restart.  It assumes the user has done the other necessary steps, described here:



http://www.postgresql.org/docs/8.4/static/ssl-tcp.html
Comment 8 chunchen 2014-07-25 05:28:49 UTC 
checked on devenv_5008, according to comment 7, after adding server.key and server.crt under ~/postgresql/data, the app can be restarted, so mark it as VERIFIED.
Comment 9 Jurgen 2014-07-26 04:33:49 UTC 
Regarding the overwriting of postgresql.conf, can i ask if there is or will be a way to change Locale and Formatting variables in postgres.conf? specifically i need to change the default values for datestyle, lc_messages, lc_monetary, lc_numeric, lc_time.
Comment 10 Ben Parees 2014-07-26 20:19:56 UTC 
If you open a new bug we can look into making those values also configurable via environment value so that the regenerated conf file will contain your desired value.  (as was done with the ssl configuration value).  Will that work for you?