Bug 1554283 - [downstream clone - 4.1.11] hosted-engine --get-shared-config rewrites all the hosted-engine configuration files loosing spm id
Summary: [downstream clone - 4.1.11] hosted-engine --get-shared-config rewrites all th...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-hosted-engine-ha
Version: unspecified
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: ovirt-4.1.11
: ---
Assignee: Martin Sivák
QA Contact: Nikolai Sednev
URL:
Whiteboard:
Depends On: 1543988
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-03-12 10:18 UTC by RHV bug bot
Modified: 2020-05-28 09:27 UTC (History)
11 users (show)

Fixed In Version: ovirt-hosted-engine-ha-2.1.11-1.el7ev
Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Previously, /etc/hosted-engine/hosted-engine.conf was overwritten each time hosted-engine --get-shared-config was used due to a problem distinguishing between reload and refresh. In this release, hosted-engine --get-shared-config and hosted-engine --set-shared-config contain new options that enable local values to be correctly distinguished from shared values. The following configuration "types" (--type) were changed/added: - he_conf is now represented by he_local (local /etc) - he_shared (shared version of he_local used for newly deployed hosts)
Clone Of: 1543988
Environment:
Last Closed: 2019-02-22 08:35:05 UTC
oVirt Team: Integration
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
oVirt gerrit 88804 0 v2.1.z MERGED Refactor configuration file loader 2020-05-28 09:26:50 UTC
oVirt gerrit 88805 0 v2.1.z MERGED Put timestamp into local vm.conf 2020-05-28 09:26:50 UTC
oVirt gerrit 88806 0 v2.1.z MERGED Add support for ini formatted config files 2020-05-28 09:26:49 UTC
oVirt gerrit 88807 0 v2.1.z MERGED Make local hosted engine conf editable 2020-05-28 09:26:49 UTC
oVirt gerrit 88808 0 v2.1.z MERGED Change config types to something the user can understand 2020-05-28 09:26:49 UTC
oVirt gerrit 88809 0 v2.1.z MERGED Download the legacy vm.conf before reading it 2020-05-28 09:26:49 UTC
oVirt gerrit 88810 0 v2.1.z MERGED Use self._logger as property not a method 2020-05-28 09:26:49 UTC
oVirt gerrit 88811 0 v2.1.z MERGED Legacy vm.conf is called just vm.conf in the archive 2020-05-28 09:26:48 UTC
oVirt gerrit 88830 0 ovirt-hosted-engine-setup-2.1 MERGED core: fix constants to match HA client 2020-05-28 09:26:48 UTC
oVirt gerrit 88862 0 v2.1.z MERGED Reload he config file when checking for local maintenance 2020-05-28 09:26:48 UTC

Description RHV bug bot 2018-03-12 10:18:10 UTC 
+++ This bug is an upstream to downstream clone. The original bug is: +++
+++   bug 1543988 +++
======================================================================

Description of problem:

hosted-engine --get-shared-config will write vm.conf with wrong ownership if not present 

[root@c74he20180108h1 ~]# ls -l /var/run/ovirt-hosted-engine-ha/vm.conf 
-rw-r--r--. 1 vdsm kvm 8113  9 feb 18.56 /var/run/ovirt-hosted-engine-ha/vm.conf
[root@c74he20180108h1 ~]# rm -f /var/run/ovirt-hosted-engine-ha/vm.conf; hosted-engine --get-shared-config gateway

gateway : 192.168.1.1, type : he_conf

[root@c74he20180108h1 ~]# ls -l /var/run/ovirt-hosted-engine-ha/vm.conf 
-rw-r--r--. 1 root root 8113  9 feb 18.56 /var/run/ovirt-hosted-engine-ha/vm.conf

ovirt-ha-agent runs as vdsm and so it will fail trying to refresh vm.conf

MainThread::INFO::2018-02-09 18:58:59,561::ovf_store::118::ovirt_hosted_engine_ha.lib.ovf.ovf_store.OVFStore::(scan) Found OVF_STORE: imgUUID:7482540b-ea01-4f8c-93d4-a9d46e93e6eb, volUUID:b7130665-8e41-44a3-970d-f97809bda7e7
MainThread::INFO::2018-02-09 18:59:00,132::ovf_store::118::ovirt_hosted_engine_ha.lib.ovf.ovf_store.OVFStore::(scan) Found OVF_STORE: imgUUID:c78da68d-fc54-48a1-9e99-bcd1f9712b21, volUUID:37e76796-21f3-4531-85a1-97e213fb534f
MainThread::INFO::2018-02-09 18:59:01,372::ovf_store::149::ovirt_hosted_engine_ha.lib.ovf.ovf_store.OVFStore::(getEngineVMOVF) OVF_STORE volume path: /var/run/vdsm/storage/997acd46-4433-4154-b6ea-99ff26da6fe9/c78da68d-fc54-48a1-9e99-bcd1f9712b21/37e76796-21f3-4531-85a1-97e213fb534f
MainThread::ERROR::2018-02-09 18:59:01,385::agent::144::ovirt_hosted_engine_ha.agent.agent.Agent::(_run_agent) Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/ovirt_hosted_engine_ha/agent/agent.py", line 131, in _run_agent
    return action(he)
  File "/usr/lib/python2.7/site-packages/ovirt_hosted_engine_ha/agent/agent.py", line 55, in action_proper
    return he.start_monitoring()
  File "/usr/lib/python2.7/site-packages/ovirt_hosted_engine_ha/agent/hosted_engine.py", line 424, in start_monitoring
    self._config.refresh_vm_conf()
  File "/usr/lib/python2.7/site-packages/ovirt_hosted_engine_ha/env/config.py", line 523, in refresh_vm_conf
    if self._publish_local_conf_file(VM, content):
  File "/usr/lib/python2.7/site-packages/ovirt_hosted_engine_ha/env/config.py", line 409, in _publish_local_conf_file
    with open(localcopy_filename, 'w') as target:
IOError: [Errno 13] Permission denied: '/var/run/ovirt-hosted-engine-ha/vm.conf'



Version-Release number of selected component (if applicable):
2.2.8

How reproducible:
100%

Steps to Reproduce:
1. rm -f /var/run/ovirt-hosted-engine-ha/vm.conf; hosted-engine --get-shared-config gateway (as root)
2. ls -l /var/run/ovirt-hosted-engine-ha/vm.conf 
3.

Actual results:
/var/run/ovirt-hosted-engine-ha/vm.conf is owned by root:root

Expected results:
/var/run/ovirt-hosted-engine-ha/vm.conf is owned by vdsm:kvm

Additional info:

(Originally by Simone Tiraboschi)
Comment 1 RHV bug bot 2018-03-12 10:18:16 UTC 
This looks by far worst than I though.
/etc/ovirt-hosted-engine/hosted-engine.conf got also rewrote by the copy on the shared storage and so all the host where hosted-engine --get-shared-config get executed will end with host_id=1 causing an spm collision almost for sure.

(Originally by Simone Tiraboschi)
Comment 3 RHV bug bot 2018-03-12 10:18:23 UTC 
This looks by far worst than I though.
/etc/ovirt-hosted-engine/hosted-engine.conf got also rewrote by the copy on the shared storage and so all the host where hosted-engine --get-shared-config get executed will end with host_id=1 causing an spm collision almost for sure.

(Originally by Simone Tiraboschi)
Comment 4 RHV bug bot 2018-03-12 10:18:27 UTC 
I think it affects 4.1 as well.

(Originally by Simone Tiraboschi)
Comment 5 Simone Tiraboschi 2018-03-19 13:09:41 UTC 
All the patches are included in ovirt-hosted-engine-ha-2.1.11-1.el7ev and https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=661953 has this in its changelog.
ovirt-hosted-engine-ha-2.1.11-1.el7ev is in https://errata.devel.redhat.com/advisory/32648 but it skipped this bug, maybe something wrong in the changelog syntax.
Comment 9 Sandro Bonazzola 2018-03-19 14:28:33 UTC 
Postponing to 4.1.11 for allowing QE time to properly verifying this, despite the fix is already including in 4.1.10.
Comment 11 Nikolai Sednev 2018-03-21 12:56:06 UTC 
Looks like its too early for this bug to reach QA, forth to our conversation with Anton, 4.1.11 is not yet scheduled.
Moving back to assigned.
Comment 12 Nikolai Sednev 2018-03-21 12:56:31 UTC 
To modified.
Comment 13 Martin Sivák 2018-03-21 14:07:06 UTC 
Nikolai, have you seen comment #9?
Comment 14 Nikolai Sednev 2018-03-21 14:43:48 UTC 
(In reply to Martin Sivák from comment #13)
> Nikolai, have you seen comment #9?

No, I didn't. Anyway I will test it on 4.1.11 instead of 4.1.10 forth to that comment.
Comment 15 Simone Tiraboschi 2018-04-11 09:05:26 UTC 
Moving now to ON_QA: no other builds are required for 4.1.11 since the fix was already in 4.1.10.
Comment 16 Nikolai Sednev 2018-04-12 15:34:19 UTC 
Forth to discussion with Simone, moving this bug to verified.
Tested on these components:
ovirt-hosted-engine-setup-2.1.4.2-1.el7ev.noarch
ovirt-hosted-engine-ha-2.1.11-1.el7ev.noarch
rhvm-appliance-4.1.20180125.0-1.el7.noarch
Red Hat Enterprise Linux Server release 7.5 (Maipo)
Linux 3.10.0-862.el7.x86_64 #1 SMP Wed Mar 21 18:14:51 EDT 2018 x86_64 x86_64 x86_64 GNU/Linux

1.Deployed 2 ha-hosts.
2.Set global maintenance.
3.SHE-VM is running on first host.
4."cat /etc/ovirt-hosted-engine/hosted-engine.conf | grep host_id"
host_id=2
5."hosted-engine --set-shared-config gateway <some pingable IP> --type=he_shared"
6."rm -f /var/run/ovirt-hosted-engine-ha/vm.conf".
7."ls -l /var/run/ovirt-hosted-engine-ha/vm.conf"
-rw-r--r--. 1 vdsm kvm 2369 Apr 12 18:29 /var/run/ovirt-hosted-engine-ha/vm.conf
8."cat /etc/ovirt-hosted-engine/hosted-engine.conf | grep host_id"
host_id=2.
Note You need to log in before you can comment on or make changes to this bug.