[Bug 1533724] Re: [SRU] keystone-signing folders fill /tmp and seriously slow down reboots
Corey Bryant
corey.bryant at canonical.com
Mon Jul 11 19:02:02 UTC 2016
** Description changed:
+ [Impact]
+
During a night maintenance and reboot of a control (non-keystone node)
that had been up for around 300 days, we found that we have over 144k
keystone-signing- folders in /tmp. This caused the maintenance window to
be missed because it took so long to clean /tmp on reboot. It is my
understanding that these folders are for PKI. We don't use PKI and would
like to the option to disable the creation of these folders.
[PROD] root at control-002:/tmp# ls -al | grep keystone-sign | wc -l
144200
more info, the folders are owned by non-keystone services, mainly glance
for us:
drwx------ 2 glance glance 4096 Jul 9 2015 keystone-signing-zZocUc
drwx------ 2 glance glance 4096 Jul 20 07:55 keystone-signing-ZZOibD
drwx------ 2 designate designate 4096 May 26 2015 keystone-signing-ZZoKgT
drwx------ 2 glance glance 4096 Jul 14 2015 keystone-signing-zzOmtb
drwx------ 2 glance glance 4096 Jul 12 2015 keystone-signing-zzOubp
drwx------ 2 glance glance 4096 Jul 15 17:22 keystone-signing-zzpD6x
drwx------ 2 designate designate 4096 Jun 9 2015 keystone-signing-ZzPeNQ
drwx------ 2 glance glance 4096 Jul 2 2015 keystone-signing-ZZPJ4H
drwx------ 2 glance glance 4096 Jul 9 2015 keystone-signing-zZPnd0
drwx------ 2 designate designate 4096 May 20 2015 keystone-signing-ZZQK3i
drwx------ 2 glance glance 4096 Jun 30 2015 keystone-signing-ZZQmEI
+
+ [Test Case]
+
+ See above.
+
+ [Regression Potential]
+
+ The fix is contained in an upstream stable point release which we're
+ releasing to ubuntu xenial. The regression potential is fairly minimal
+ since upstream is very careful with what gets into stable point
+ releases.
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1533724
Title:
[SRU] keystone-signing folders fill /tmp and seriously slow down
reboots
Status in Ubuntu Cloud Archive:
Triaged
Status in Ubuntu Cloud Archive mitaka series:
Triaged
Status in keystonemiddleware:
Fix Released
Status in python-keystonemiddleware package in Ubuntu:
Fix Released
Status in python-keystonemiddleware source package in Xenial:
Triaged
Bug description:
[Impact]
During a night maintenance and reboot of a control (non-keystone node)
that had been up for around 300 days, we found that we have over 144k
keystone-signing- folders in /tmp. This caused the maintenance window
to be missed because it took so long to clean /tmp on reboot. It is my
understanding that these folders are for PKI. We don't use PKI and
would like to the option to disable the creation of these folders.
[PROD] root at control-002:/tmp# ls -al | grep keystone-sign | wc -l
144200
more info, the folders are owned by non-keystone services, mainly
glance for us:
drwx------ 2 glance glance 4096 Jul 9 2015 keystone-signing-zZocUc
drwx------ 2 glance glance 4096 Jul 20 07:55 keystone-signing-ZZOibD
drwx------ 2 designate designate 4096 May 26 2015 keystone-signing-ZZoKgT
drwx------ 2 glance glance 4096 Jul 14 2015 keystone-signing-zzOmtb
drwx------ 2 glance glance 4096 Jul 12 2015 keystone-signing-zzOubp
drwx------ 2 glance glance 4096 Jul 15 17:22 keystone-signing-zzpD6x
drwx------ 2 designate designate 4096 Jun 9 2015 keystone-signing-ZzPeNQ
drwx------ 2 glance glance 4096 Jul 2 2015 keystone-signing-ZZPJ4H
drwx------ 2 glance glance 4096 Jul 9 2015 keystone-signing-zZPnd0
drwx------ 2 designate designate 4096 May 20 2015 keystone-signing-ZZQK3i
drwx------ 2 glance glance 4096 Jun 30 2015 keystone-signing-ZZQmEI
[Test Case]
See above.
[Regression Potential]
The fix is contained in an upstream stable point release which we're
releasing to ubuntu xenial. The regression potential is fairly minimal
since upstream is very careful with what gets into stable point
releases.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1533724/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list