On 04/14/2016 02:14 PM, Simone Tiraboschi wrote:
> On Thu, Apr 14, 2016 at 12:51 PM, Richard Neuboeck
> <h...@tbi.univie.ac.at> wrote:
>> On 04/13/2016 10:00 AM, Simone Tiraboschi wrote:
>>> On Wed, Apr 13, 2016 at 9:38 AM, Richard Neuboeck <h...@tbi.univie.ac.at> 
>>> wrote:
>>>> The answers file shows the setup time of both machines.
>>>>
>>>> On both machines hosted-engine.conf got rotated right before I wrote
>>>> this mail. Is it possible that I managed to interrupt the rotation with
>>>> the reboot so the backup was accurate but the update not yet written to
>>>> hosted-engine.conf?
>>>
>>> AFAIK we don't have any rotation mechanism for that file; something
>>> else you have in place on that host?
>>
>> Those machines are all CentOS 7.2 minimal installs. The only
>> adaptation I do is installing vim, removing postfix and installing
>> exim, removing firewalld and installing iptables-service. Then I add
>> the oVirt repos (3.6 and 3.6-snapshot) and deploy the host.
>>
>> But checking lsof shows that 'ovirt-ha-agent --no-daemon' has access
>> to the config file (and the one ending with ~):
>>
>> # lsof | grep 'hosted-engine.conf~'
>> ovirt-ha- 193446                   vdsm  351u      REG
>> 253,0        1021            135070683
>> /etc/ovirt-hosted-engine/hosted-engine.conf~
> 
> This is not that much relevant if the file was renamed after
> ovirt-ha-agent opened it.
> Try this:
> 
> [root@c72he20160405h1 ovirt-hosted-engine-setup]# tail -n1 -f
> /etc/ovirt-hosted-engine/hosted-engine.conf &
> [1] 28866
> [root@c72he20160405h1 ovirt-hosted-engine-setup]# port=
> 
> [root@c72he20160405h1 ovirt-hosted-engine-setup]# lsof | grep 
> hosted-engine.conf
> tail      28866                  root    3r      REG
> 253,0      1014    1595898 /etc/ovirt-hosted-engine/hosted-engine.conf
> [root@c72he20160405h1 ovirt-hosted-engine-setup]# mv
> /etc/ovirt-hosted-engine/hosted-engine.conf
> /etc/ovirt-hosted-engine/hosted-engine.conf_123
> [root@c72he20160405h1 ovirt-hosted-engine-setup]# lsof | grep 
> hosted-engine.conf
> tail      28866                  root    3r      REG
> 253,0      1014    1595898
> /etc/ovirt-hosted-engine/hosted-engine.conf_123
> [root@c72he20160405h1 ovirt-hosted-engine-setup]#
> 

I've issued the commands you suggested but I don't know how that
helps to find the process accessing the config files.

After moving the hosted-engine.conf file the HA agent crashed
logging the information that the config file is not available.

Here is the output from every command:

# tail -n1 -f /etc/ovirt-hosted-engine/hosted-engine.conf &
[1] 167865
[root@cube-two ~]# port=
# lsof | grep hosted-engine.conf
ovirt-ha- 166609                   vdsm    5u      REG
253,0        1021            134433491
/etc/ovirt-hosted-engine/hosted-engine.conf (deleted)
ovirt-ha- 166609                   vdsm    7u      REG
253,0        1021            134433453
/etc/ovirt-hosted-engine/hosted-engine.conf (deleted)
ovirt-ha- 166609                   vdsm    8u      REG
253,0        1021            134433489
/etc/ovirt-hosted-engine/hosted-engine.conf (deleted)
ovirt-ha- 166609                   vdsm    9u      REG
253,0        1021            134433493
/etc/ovirt-hosted-engine/hosted-engine.conf~
ovirt-ha- 166609                   vdsm   10u      REG
253,0        1021            134433495
/etc/ovirt-hosted-engine/hosted-engine.conf
tail      167865                   root    3r      REG
253,0        1021            134433493
/etc/ovirt-hosted-engine/hosted-engine.conf~
# mv /etc/ovirt-hosted-engine/hosted-engine.conf
/etc/ovirt-hosted-engine/hosted-engine.conf_123
# lsof | grep hosted-engine.conf
ovirt-ha- 166609                   vdsm    5u      REG
253,0        1021            134433491
/etc/ovirt-hosted-engine/hosted-engine.conf (deleted)
ovirt-ha- 166609                   vdsm    7u      REG
253,0        1021            134433453
/etc/ovirt-hosted-engine/hosted-engine.conf (deleted)
ovirt-ha- 166609                   vdsm    8u      REG
253,0        1021            134433489
/etc/ovirt-hosted-engine/hosted-engine.conf (deleted)
ovirt-ha- 166609                   vdsm    9u      REG
253,0        1021            134433493
/etc/ovirt-hosted-engine/hosted-engine.conf (deleted)
ovirt-ha- 166609                   vdsm   10u      REG
253,0        1021            134433495
/etc/ovirt-hosted-engine/hosted-engine.conf (deleted)
ovirt-ha- 166609                   vdsm   12u      REG
253,0        1021            134433498
/etc/ovirt-hosted-engine/hosted-engine.conf~
ovirt-ha- 166609                   vdsm   13u      REG
253,0        1021            134433499
/etc/ovirt-hosted-engine/hosted-engine.conf_123
tail      167865                   root    3r      REG
253,0        1021            134433493
/etc/ovirt-hosted-engine/hosted-engine.conf (deleted)


> The issue is understanding who renames that file on your host.

From what I've seen so far it looks like a child of vdsm accesses
/etc/ovirt-hosted-engine/hosted-engine.conf periodically but is not
responsible for the ~ file.

# auditctl -w /etc/ovirt-hosted-engine/hosted-engine.conf
and
# auditctl -w /etc/ovirt-hosted-engine/hosted-engine.conf~

auditd.log shows this:

type=SYSCALL msg=audit(1460639783.613:482590): arch=c000003e
syscall=2 success=yes exit=75 a0=7f29b400f0b0 a1=0 a2=1b6 a3=24
items=1 ppid=1 pid=3701 auid=4294967295 uid=36 gid=36 euid=36
suid=36 fsuid=36 egid=36 sgid=36 fsgid=36 tty=(none) ses=4294967295
comm="jsonrpc.Executo" exe="/usr/bin/python2.7"
subj=system_u:system_r:virtd_t:s0-s0:c0.c1023 key=(null)
type=CWD msg=audit(1460639783.613:482590):  cwd="/"
type=PATH msg=audit(1460639783.613:482590): item=0
name="/etc/ovirt-hosted-engine/hosted-engine.conf" inode=134433499
dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00
obj=system_u:object_r:etc_t:s0 objtype=NORMAL


Now that the HA agent is dead I'm removing the ~ file and starting
the HA agent again. The ~ file immediately appears again.

# rm hosted-engine.conf~
rm: remove regular file ‘hosted-engine.conf~’? y
[root@cube-two ovirt-hosted-engine]# ls -l
total 6800
-rw-r--r--. 1 root root    3252 Apr  8 10:35 answers.conf
-rw-r--r--. 1 root root 6948582 Apr 14 14:48 ha-trace.log
-rw-r--r--. 1 root root    1021 Apr 14 15:07 hosted-engine.conf
-rw-r--r--. 1 root root     413 Apr  8 10:35 iptables.example
[root@cube-two ovirt-hosted-engine]# systemctl start ovirt-ha-agent
[root@cube-two ovirt-hosted-engine]# ls -l
total 6804
-rw-r--r--. 1 root root    3252 Apr  8 10:35 answers.conf
-rw-r--r--. 1 root root 6948582 Apr 14 14:48 ha-trace.log
-rw-r--r--. 1 root root    1021 Apr 14 15:18 hosted-engine.conf
-rw-r--r--. 1 root root    1021 Apr 14 15:07 hosted-engine.conf~
-rw-r--r--. 1 root root     413 Apr  8 10:35 iptables.example

The auditd.log shows that ~ file is moved into place but not what
issued the mv:

type=CONFIG_CHANGE msg=audit(1460639919.277:482750): auid=4294967295
ses=4294967295 op="updated_rules"
path="/etc/ovirt-hosted-engine/hosted-engine.conf~" key=(null)
list=4 res=1
type=SYSCALL msg=audit(1460639919.277:482751): arch=c000003e
syscall=82 success=yes exit=0 a0=7ffe4b3c0e90 a1=7ffe4b3bf920
a2=7f68083a2778 a3=7ffe4b3bf680 items=5 ppid=170233 pid=170234
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 eg
id=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mv"
exe="/usr/bin/mv" subj=system_u:system_r:unconfined_service_t:s0
key=(null)
type=CWD msg=audit(1460639919.277:482751):  cwd="/"
type=PATH msg=audit(1460639919.277:482751): item=0
name="/etc/ovirt-hosted-engine/" inode=69555 dev=fd:00 mode=040755
ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:etc_t:s0 objtype=PARENT
type=PATH msg=audit(1460639919.277:482751): item=1
name="/etc/ovirt-hosted-engine/" inode=69555 dev=fd:00 mode=040755
ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:etc_t:s0 objtype=PARENT
type=PATH msg=audit(1460639919.277:482751): item=2
name="/etc/ovirt-hosted-engine/hosted-engine.conf" inode=134433453
dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00
obj=system_u:object_r:etc_t:s0 objtype=DELETE
type=PATH msg=audit(1460639919.277:482751): item=3
name="/etc/ovirt-hosted-engine/hosted-engine.conf~" inode=134433499
dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00
obj=system_u:object_r:etc_t:s0 objtype=DELETE
type=PATH msg=audit(1460639919.277:482751): item=4
name="/etc/ovirt-hosted-engine/hosted-engine.conf~" inode=134433453
dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00
obj=system_u:object_r:etc_t:s0 objtype=CREATE


> As a thumb rule, if a file name is appended with a tilde~, it only
> means that it is a backup created by a text editor or similar program.

If anyone except myself would have access to these systems I would
guess the same. But since I'm not editing anything in
/etc/ovirt-hosted-engine there must be another reason. And there is.

Aside from auditd I tried to strace the whole thing just to make
sure it comes from the HA agent.

[root@cube-two ~]# strace -o ha-trace.log -f
/usr/share/ovirt-hosted-engine-ha/ovirt-ha-agent --no-daemon

Looking at the trace log I found this:

183409 statfs("/etc/ovirt-hosted-engine/.", {f_type=0x58465342,
f_bsize=4096, f_blocks=13100800, f_bfree=12523576,
f_bavail=12523576, f_files=52428800, f_ffree=52379892,
f_fsid={64768, 0}, f_namelen=255, f_frsize=4096}) = 0
183409 rename("/etc/ovirt-hosted-engine/hosted-engine.conf",
"/etc/ovirt-hosted-engine/hosted-engine.conf~") = 0
183409 rename("/var/lib/ovirt-hosted-engine-ha/tmpNjTElr",
"/etc/ovirt-hosted-engine/hosted-engine.conf") = 0
183409 newfstatat(AT_FDCWD,
"/etc/ovirt-hosted-engine/hosted-engine.conf",
{st_mode=S_IFREG|0600, st_size=1021, ...}, AT_SYMLINK_NOFOLLOW) = 0
183409 open("/etc/ovirt-hosted-engine/hosted-engine.conf",
O_RDONLY|O_NOFOLLOW) = 3


Putting it all together I started reading the HA agent sources and
found the function _wrote_updated_conf_file in
/usr/lib/python2.7/site-packages/ovirt_hosted_engine_ha/lib/upgrade.py
which issues a mv -b which creates the ~ file.

The question now is why is this done so frequently. Especially
considering since there are no modifications to the file. Is this
behavior normal?

[root@cube-two ~]# diff /etc/ovirt-hosted-engine/hosted-engine.conf*
[root@cube-two ~]#


>>>> [root@cube-two ~]# ls -l /etc/ovirt-hosted-engine
>>>> total 16
>>>> -rw-r--r--. 1 root root 3252 Apr  8 10:35 answers.conf
>>>> -rw-r--r--. 1 root root 1021 Apr 13 09:31 hosted-engine.conf
>>>> -rw-r--r--. 1 root root 1021 Apr 13 09:30 hosted-engine.conf~
>>>>
>>>> [root@cube-three ~]# ls -l /etc/ovirt-hosted-engine
>>>> total 16
>>>> -rw-r--r--. 1 root root 3233 Apr 11 08:02 answers.conf
>>>> -rw-r--r--. 1 root root 1002 Apr 13 09:31 hosted-engine.conf
>>>> -rw-r--r--. 1 root root 1002 Apr 13 09:31 hosted-engine.conf~
>>>>
>>>> On 12.04.16 16:01, Simone Tiraboschi wrote:
>>>>> Everything seams fine here,
>>>>> /etc/ovirt-hosted-engine/hosted-engine.conf seams to be correctly
>>>>> created with the right name.
>>>>> Can you please check the latest modification time of your
>>>>> /etc/ovirt-hosted-engine/hosted-engine.conf~ and compare it with the
>>>>> setup time?
>>>>>
>>>>> On Tue, Apr 12, 2016 at 2:34 PM, Richard Neuboeck <h...@tbi.univie.ac.at> 
>>>>> wrote:
>>>>>> On 04/12/2016 11:32 AM, Simone Tiraboschi wrote:
>>>>>>> On Mon, Apr 11, 2016 at 8:11 AM, Richard Neuboeck 
>>>>>>> <h...@tbi.univie.ac.at> wrote:
>>>>>>>> Hi oVirt Group,
>>>>>>>>
>>>>>>>> in my attempts to get all aspects of oVirt 3.6 up and running I
>>>>>>>> stumbled upon something I'm not sure how to fix:
>>>>>>>>
>>>>>>>> Initially I installed a hosted engine setup. After that I added
>>>>>>>> another HA host (with hosted-engine --deploy). The host was
>>>>>>>> registered in the Engine correctly and HA agent came up as expected.
>>>>>>>>
>>>>>>>> However if I reboot the second host (through the Engine UI or
>>>>>>>> manually) HA agent fails to start. The reason seems to be that
>>>>>>>> /etc/ovirt-hosted-engine/hosted-engine.conf is empty. The backup
>>>>>>>> file ending with ~ exists though.
>>>>>>>
>>>>>>> Can you please attach hosted-engine-setup logs from your additional 
>>>>>>> hosts?
>>>>>>> AFAIK our code will never take a ~ ending backup of that file.
>>>>>>
>>>>>> ovirt-hosted-engine-setup logs from both additional hosts are
>>>>>> attached to this mail.
>>>>>>
>>>>>>>
>>>>>>>> Here are the log messages from the journal:
>>>>>>>> Apr 11 07:29:39 cube-two.tbi.univie.ac.at systemd[1]: Starting oVirt
>>>>>>>> Hosted Engine High Availability Monitoring Agent...
>>>>>>>> Apr 11 07:29:39 cube-two.tbi.univie.ac.at ovirt-ha-agent[3747]:
>>>>>>>> INFO:ovirt_hosted_engine_ha.agent.agent.Agent:ovirt-hosted-engine-ha
>>>>>>>> agent 1.3.5.3-0.0.master started
>>>>>>>> Apr 11 07:29:39 cube-two.tbi.univie.ac.at ovirt-ha-agent[3747]:
>>>>>>>> INFO:ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine:Found
>>>>>>>> certificate common name: cube-two.tbi.univie.ac.at
>>>>>>>> Apr 11 07:29:39 cube-two.tbi.univie.ac.at ovirt-ha-agent[3747]:
>>>>>>>> ovirt-ha-agent
>>>>>>>> ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine ERROR Hosted
>>>>>>>> Engine is not configured. Shutting down.
>>>>>>>> Apr 11 07:29:39 cube-two.tbi.univie.ac.at ovirt-ha-agent[3747]:
>>>>>>>> ERROR:ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine:Hosted
>>>>>>>> Engine is not configured. Shutting down.
>>>>>>>> Apr 11 07:29:39 cube-two.tbi.univie.ac.at ovirt-ha-agent[3747]:
>>>>>>>> INFO:ovirt_hosted_engine_ha.agent.agent.Agent:Agent shutting down
>>>>>>>> Apr 11 07:29:39 cube-two.tbi.univie.ac.at systemd[1]:
>>>>>>>> ovirt-ha-agent.service: main process exited, code=exited, 
>>>>>>>> status=255/n/a
>>>>>>>>
>>>>>>>> If I restore the configuration from the backup file and manually
>>>>>>>> restart the HA agent it's working properly.
>>>>>>>>
>>>>>>>> For testing purposes I added a third HA host which turn out to
>>>>>>>> behave exactly the same.
>>>>>>>>
>>>>>>>> Any help would be appreciated!
>>>>>>>> Thanks
>>>>>>>> Cheers
>>>>>>>> Richard
>>>>>>>>
>>>>>>>> --
>>>>>>>> /dev/null
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Users mailing list
>>>>>>>> Users@ovirt.org
>>>>>>>> http://lists.ovirt.org/mailman/listinfo/users
>>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> /dev/null
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users@ovirt.org
>>>> http://lists.ovirt.org/mailman/listinfo/users
>>>>
>>
>>
>> --
>> /dev/null
>>


-- 
/dev/null

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Reply via email to