[Bug 1723480] Please test proposed package

James Page james.page at ubuntu.com
Tue Oct 31 12:06:01 UTC 2017


Hello Drew, or anyone else affected,

Accepted openvswitch into newton-proposed. The package will build now
and be available in the Ubuntu Cloud Archive in a few hours, and then in
the -proposed repository.

Please help us by testing this new package. To enable the -proposed
repository:

  sudo add-apt-repository cloud-archive:newton-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-newton-needed to verification-newton-done. If it does
not fix the bug for you, please add a comment stating that, and change
the tag to verification-newton-failed. In either case, details of your
testing will help us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in
advance!

** Changed in: cloud-archive/newton
       Status: Triaged => Fix Committed

** Tags added: verification-newton-needed

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1723480

Title:
  openvswitch-switch package postinst modifies existing configuration

Status in OpenStack neutron-openvswitch charm:
  Invalid
Status in Ubuntu Cloud Archive:
  Fix Released
Status in Ubuntu Cloud Archive mitaka series:
  Fix Released
Status in Ubuntu Cloud Archive newton series:
  Fix Committed
Status in Ubuntu Cloud Archive ocata series:
  Fix Released
Status in Ubuntu Cloud Archive pike series:
  Fix Released
Status in openvswitch:
  Invalid
Status in openvswitch package in Ubuntu:
  Fix Released
Status in openvswitch source package in Xenial:
  Fix Released
Status in openvswitch source package in Zesty:
  Fix Released
Status in openvswitch source package in Artful:
  Fix Released

Bug description:
  [Impact] 
   * When using OpenvSwitch in a modeled or configuration managed environment unmotivated changes to configuration files like  /etc/default/openvswitch-switch will lead unnecessary service restarts on future events in a deployment.

   * Restarting the openvswitch-switch service impacts datapath and
  should be avoided. Any future updates or security updates to this
  package will cause problems for existing users and I believe the
  package in the stable release should be updated because of this.

   * I also believe having a package change existing configuration files
  to be in conflict with best practices set out in the config files
  section of the Debian Policy.

   * The proposed fix addresses the issue by removing the processing of
  /etc/default/openvsiwtch-switch from the postinst script. The template
  for this processing is installed in
  /usr/share/openvswitch/switch/default.template should the user want to
  view comments added there in future updates.

  [Test Case]

   * apt install openvswitch-switch
   * edit /etc/default/openvswitch-switch, removing one of the commented out sections
   * apt remove openvswitch-switch
   * stat /etc/default/openvswitch-switch
   * Observe that your modified configuration file remains
   * apt install openvswitch-switch
   * stat /etc/default/openvswitch-switch
   * Observe that the openvswitch-switch package has added comments to your modified configuration file

   * Repeat these steps with the proposed fix and observe that the
  configuration file is no longer modified by the package postinst
  script.

  [Regression Potential]

   * The current postinst script aims at adding non-existing sections of
  the template to the default file in /etc. These sections are commented
  out and have no effect on the running service.

   * End users will find any new configuration options in the template

  [Original Bug Description]
  Similar to, but slightly different from bug 1712444, we have found the upgrade of the openvswitch-switch package by unattended-upgrade (or otherwise) will trigger the service restart of openvswitch-switch within the neutron-openvswitch charm if the config-changed hook is called.

  While this is a reasonable behavior based on an assumption that if the
  /etc/default/openvswitch-switch file changes due to upgrade and the
  charm resets it to the charm-configured version of the file, we should
  want to restart the service to be on the latest code.  However, the
  restart of the service causes between 6-12 seconds of network outage
  for the tenant VMs utilizing OVS.

  Would it be possible to have a config-flag to disable the charm's
  ability to restart the openvswitch-switch service outside of the
  install hook to avoid automated network outages due to package
  upgrades?

  Elsewise, is there a way to serialize the resulting restarts in such a
  way that only one member of the neutron-openvswitch
  application/service is restarting at a time along with a buffer to
  allow for high availability applications to failover and fail back and
  not be afflicted by multiple nodes' switches being restarted
  simultaneously.

To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-neutron-openvswitch/+bug/1723480/+subscriptions



More information about the Ubuntu-openstack-bugs mailing list