RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 2080729 - fence_apc, fence_ilo_moonshot, fence_lpar: missing "import logging"
Summary: fence_apc, fence_ilo_moonshot, fence_lpar: missing "import logging"
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: fence-agents
Version: CentOS Stream
Hardware: x86_64
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Oyvind Albrigtsen
QA Contact: cluster-qe@redhat.com
URL:
Whiteboard:
Depends On:
Blocks: 2086559 2086838
TreeView+ depends on / blocked
 
Reported: 2022-05-01 11:28 UTC by Patrick Hibbs
Modified: 2022-11-08 10:02 UTC (History)
6 users (show)

Fixed In Version: fence-agents-4.2.1-95.el8
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 2086559 2086838 (view as bug list)
Environment:
Last Closed: 2022-11-08 09:26:47 UTC
Type: Bug
Target Upstream Version:
Embargoed:
pm-rhel: mirror+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github ClusterLabs fence-agents issues 485 0 None open Missing import in some agents 2022-05-16 07:55:56 UTC
Red Hat Issue Tracker RHELPLAN-122070 0 None None None 2022-05-16 08:03:00 UTC
Red Hat Product Errata RHBA-2022:7520 0 None None None 2022-11-08 09:27:39 UTC

Description Patrick Hibbs 2022-05-01 11:28:47 UTC 
Description of problem:
My setup uses a APC master switch (Specificly a RackPDU 7800.) to fence it's hosts. The APC unit configured for telnet access. The apc fence type is used by oVirt to handle this fencing type.

When /usr/bin/fence_apc is invoked by the user, the command succeeds. When the engine invokes the command, we see that the it has appended an extra string, (in this case a " -6"), to the open command given to the telnet binary. The extra string results in failure to fence the host. Although an IP address is used below, the same result occurs if the engine is given a DNS hostname.

---snip---
May 01 07:02:05 azura.codenet /fence_apc[18208]: Timeout exceeded.
                                                 <fencing.fspawn object at 0x7f6ffd503048>
                                                 command: /usr/bin/telnet
                                                 args: [b'/usr/bin/telnet']
                                                 buffer (last 100 chars): 'net> open 192.168.9.50 -6\r\ntelnet: 192.168.9.50: Address family for hostname not supported\r\nt>
                                                 before (last 100 chars): 'net> open 192.168.9.50 -6\r\ntelnet: 192.168.9.50: Address family for hostname not supported\r\nt>
                                                 after: <class 'pexpect.exceptions.TIMEOUT'>
                                                 match: None
                                                 match_index: None
                                                 exitstatus: None
                                                 flag_eof: False
                                                 pid: 18210
                                                 child_fd: 6
                                                 closed: False
                                                 timeout: 30
                                                 delimiter: <class 'pexpect.exceptions.EOF'>
                                                 logfile: None
                                                 logfile_read: None
                                                 logfile_send: None
                                                 maxread: 2000
                                                 ignorecase: False
                                                 searchwindowsize: None
                                                 delaybeforesend: 0.05
                                                 delayafterclose: 0.1
                                                 delayafterterminate: 0.1
                                                 searcher: searcher_re:
                                                     0: re.compile('(login\\s*: )|((?!Last )Login Name:  )|(username: )|(User Name :)')
May 01 07:02:05 azura.codenet /fence_apc[18208]: Unable to connect/login to fencing device

Version-Release number of selected component (if applicable):
ovirt-host-4.5.0-3.el8.x86_64
vdsm-4.50.0.13-1.el8.x86_64
fence-agents-apc-4.2.1-89.el8.noarch

How reproducible:
Always.

Steps to Reproduce:
1. Set up power management for a host in oVirt 4.5 to use the "apc" fence type, do not enable the secure option.

2. Attempt to fence the host. Or test the fence agent's configuration in the admin UI.

Actual results:
Failure to fence the host. Failure to get power management status. Test configuration fails.

Expected results:
Host can be fenced, power management status is retrievable, test configuration passes.

Additional info:
There seems to be a similar issue described in an old discussion on the oVirt users mailing list: https://lists.ovirt.org/archives/list/users@ovirt.org/thread/GBD7MUJKXDZE56TYUCBJNDE7TWS7CHTZ/
Comment 1 Patrick Hibbs 2022-05-01 13:48:37 UTC 
In the process of debugging this, I've found that the logging python library wasn't included by the fence_apc script despite it's use. Altering script to include the missing library seems to have fixed the issue.

I.e. adding "import logging" to the other import lines at the top of /usr/sbin/fence_apc.
Comment 2 Eli Mesika 2022-05-15 08:27:10 UTC 
I understood that you workaround that manually by adding the missing import to the agent python file.

Which version of fence-agents package are installed on the host that serves as a proxy to the fencing operation.
We have to check the sources and open a bug if the problem is a missing import in the Python code
Comment 3 Patrick Hibbs 2022-05-16 02:20:39 UTC 
According to the rpm -qa output on the host the fence-agents packages have these version numbers:

$ rpm -qa | grep fence-agent
fence-agents-brocade-4.2.1-93.el8.noarch
fence-agents-heuristics-ping-4.2.1-93.el8.noarch
fence-agents-intelmodular-4.2.1-93.el8.noarch
fence-agents-sbd-4.2.1-93.el8.noarch
fence-agents-apc-4.2.1-93.el8.noarch
fence-agents-eaton-snmp-4.2.1-93.el8.noarch
fence-agents-ilo-mp-4.2.1-93.el8.noarch
fence-agents-rhevm-4.2.1-93.el8.noarch
fence-agents-common-4.2.1-93.el8.noarch
fence-agents-apc-snmp-4.2.1-93.el8.noarch
fence-agents-cisco-ucs-4.2.1-93.el8.noarch
fence-agents-emerson-4.2.1-93.el8.noarch
fence-agents-ibmblade-4.2.1-93.el8.noarch
fence-agents-ilo-ssh-4.2.1-93.el8.noarch
fence-agents-ipmilan-4.2.1-93.el8.noarch
fence-agents-rsa-4.2.1-93.el8.noarch
fence-agents-vmware-rest-4.2.1-93.el8.noarch
fence-agents-kdump-4.2.1-93.el8.x86_64
fence-agents-bladecenter-4.2.1-93.el8.noarch
fence-agents-compute-4.2.1-93.el8.noarch
fence-agents-eps-4.2.1-93.el8.noarch
fence-agents-ifmib-4.2.1-93.el8.noarch
fence-agents-ilo2-4.2.1-93.el8.noarch
fence-agents-mpath-4.2.1-93.el8.noarch
fence-agents-rsb-4.2.1-93.el8.noarch
fence-agents-vmware-soap-4.2.1-93.el8.noarch
fence-agents-all-4.2.1-93.el8.x86_64
fence-agents-amt-ws-4.2.1-93.el8.noarch
fence-agents-drac5-4.2.1-93.el8.noarch
fence-agents-ilo-moonshot-4.2.1-93.el8.noarch
fence-agents-redfish-4.2.1-93.el8.x86_64
fence-agents-wti-4.2.1-93.el8.noarch
fence-agents-cisco-mds-4.2.1-93.el8.noarch
fence-agents-hpblade-4.2.1-93.el8.noarch
fence-agents-ipdu-4.2.1-93.el8.noarch
fence-agents-scsi-4.2.1-93.el8.noarch
Comment 4 Eli Mesika 2022-05-16 07:41:51 UTC 
Checked latest fence-agents code on github
I found all scripts affected 

I have opened an issue in fence-agents github [1] 

workaround :

Either downgrade to version 4.2.1-53 or fix manually until a new release fixing that is available and distributed 


[1] https://github.com/ClusterLabs/fence-agents/issues/485
Comment 5 Martin Perina 2022-05-16 07:55:57 UTC 
Based on above findings moving to the platform
Comment 7 Oyvind Albrigtsen 2022-05-16 09:06:00 UTC 
Fix: https://github.com/ClusterLabs/fence-agents/pull/486

fence_lpar patch that makes it use fail_usage() intead: https://github.com/ClusterLabs/fence-agents/pull/474.
Comment 8 Martin Perina 2022-05-16 12:36:18 UTC 
RHV 4.4 is staying on RHEL 8.6 LTS, so could this fix be also backported to RHEL 8.6.z?
Comment 17 errata-xmlrpc 2022-11-08 09:26:47 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (fence-agents bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:7520
Note You need to log in before you can comment on or make changes to this bug.