** Description changed: - Similar to, but slightly different from bug 1712444, we have found the - upgrade of the openvswitch-switch package by unattended-upgrade (or - otherwise) will trigger the service restart of openvswitch-switch within - the neutron-openvswitch charm if the config-changed hook is called. + [Impact] + * When using OpenvSwitch in a modeled or configuration managed environment unmotivated changes to configuration files like /etc/default/openvswitch-switch will lead unnecessary service restarts on future events in a deployment. + + * Restarting the openvswitch-switch service impacts datapath and should + be avoided. Any future updates or security updates to this package will + cause problems for existing users and I believe the package in the + stable release should be updated because of this. + + * I also believe having a package change existing configuration files + to be in conflict with best practices set out in the config files + section of the Debian Policy. + + * The proposed fix addresses the issue by removing the processing of + /etc/default/openvsiwtch-switch from the postinst script. The template + for this processing is installed in + /usr/share/openvswitch/switch/default.template should the user want to + view comments added there in future updates. + + [Test Case] + + * apt install openvswitch-switch + * edit /etc/default/openvswitch-switch, removing one of the commented out sections + * apt remove openvswitch-switch + * stat /etc/default/openvswitch-switch + * Observe that your modified configuration file remains + * apt install openvswitch-switch + * stat /etc/default/openvswitch-switch + * Observe that the openvswitch-switch package has added comments to your modified configuration file + + * Repeat these steps with the proposed fix and observe that the + configuration file is no longer modified by the package postinst script. + + [Regression Potential] + + * The current postinst script aims at adding non-existing sections of + the template to the default file in /etc. These sections are commented + out and have no effect on the running service. + + * End users will find any new configuration options in the template + + [Original Bug Description] + Similar to, but slightly different from bug 1712444, we have found the upgrade of the openvswitch-switch package by unattended-upgrade (or otherwise) will trigger the service restart of openvswitch-switch within the neutron-openvswitch charm if the config-changed hook is called. While this is a reasonable behavior based on an assumption that if the /etc/default/openvswitch-switch file changes due to upgrade and the charm resets it to the charm-configured version of the file, we should want to restart the service to be on the latest code. However, the restart of the service causes between 6-12 seconds of network outage for the tenant VMs utilizing OVS. Would it be possible to have a config-flag to disable the charm's ability to restart the openvswitch-switch service outside of the install hook to avoid automated network outages due to package upgrades? Elsewise, is there a way to serialize the resulting restarts in such a way that only one member of the neutron-openvswitch application/service is restarting at a time along with a buffer to allow for high availability applications to failover and fail back and not be afflicted by multiple nodes' switches being restarted simultaneously.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1723480 Title: openvswitch-switch package postinst modifies existing configuration To manage notifications about this bug go to: https://bugs.launchpad.net/charm-neutron-openvswitch/+bug/1723480/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
