RDO tickets are now tracked in Jira https://issues.redhat.com/projects/RDO/issues/
Bug 1189347 - openstack-nova-* systemd unit files need NotifyAccess=all
Summary: openstack-nova-* systemd unit files need NotifyAccess=all
Keywords:
Status: CLOSED EOL
Alias: None
Product: RDO
Classification: Community
Component: openstack-nova
Version: Juno
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: Juno
Assignee: Alan Pevec
QA Contact: nlevinki
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-02-05 03:36 UTC by Lars Kellogg-Stedman
Modified: 2016-05-19 16:05 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-05-19 16:05:24 UTC
Embargoed:

Attachments (Terms of Use)

Description Lars Kellogg-Stedman 2015-02-05 03:36:43 UTC 
Most of the systemd units for Nova use:

  Type=notify

But they do not provide an explicit setting for NotifyAccess, which means it defaults to 'main', which means that systemd logs:

    openstack-nova-api.service: Got notification message from PID 23175, but reception only permitted for main PID 23161

An attempt to start the service will ultimately fail with an error:

    # systemctl start openstack-nova-api
    Job for openstack-nova-api.service failed. See "systemctl status openstack-nova-api.service" and "journalctl -xe" for details.

Even though the service is running.

It looks like the glance and keystone units have already received the NotifyAccess=all treatment.
Comment 1 Kashyap Chamarthy 2015-05-04 10:31:36 UTC 
There are about 15 Nova unit files:

    openstack-nova-api.service
    openstack-nova-cells.service
    openstack-nova-cert.service
    openstack-nova-compute.service
    openstack-nova-conductor.service
    openstack-nova-consoleauth.service
    openstack-nova-console.service
    openstack-nova-metadata-api.service
    openstack-nova-network.service
    openstack-nova-novncproxy.service
    openstack-nova-objectstore.service
    openstack-nova-scheduler.service
    openstack-nova-serialproxy.service
    openstack-nova-spicehtml5proxy.service
    openstack-nova-xvpvncproxy.service

And, all of them are set to Type=Simple.

Looking at systemd.service(5) documentation:

    "Behavior of notify is similar to simple; however, it is expected
    that the daemon sends a notification message via sd_notify(3) or an 
    equivalent call when it has finished starting up. systemd will
    proceed with starting follow-up units after this notification
    message has been sent. If this option is used, NotifyAccess= (see
    below) should be set to open access to the notification socket
    provided by systemd. If NotifyAccess= is not set, it will be
    implicitly set to main. Note that currently Type=notify will not
    work if used in combination with PrivateNetwork=yes."

So, how many of the 15 Nova services do we wish to convert from:

    Type=Simple 
    [. . .]

to:

    Type=notify 
    NotifyAccess=all
    [. . .]
    
?

Alan, do you have any comments?
Comment 2 Alan Pevec 2015-05-04 21:00:47 UTC 
In Juno main nova services were type=notify but this was making issues in master-packaging (aka Delorean) which I tried to address in https://review.gerrithub.io/13054
I've resubmitted it again for rpm-master and while we're figuring out the best way to solve it, I'll merge it to Rawhide/RDO Kilo and f22/RDO Juno:
https://review.gerrithub.io/232273
Comment 3 Mike McCune 2016-03-28 22:15:42 UTC 
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune with any questions
Comment 4 Chandan Kumar 2016-05-19 16:05:24 UTC 
This bug is against a Version which has reached End of Life.
If it's still present in supported release (http://releases.openstack.org), please update Version and reopen.
Note You need to log in before you can comment on or make changes to this bug.