yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #70896
[Bug 1747434] Re: caught SIGTERM, shutting down on juju update hook.
Reported in the charm launchpad, sorry for the noise.
** Changed in: horizon
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1747434
Title:
caught SIGTERM, shutting down on juju update hook.
Status in OpenStack Dashboard (Horizon):
Invalid
Bug description:
On a mitaka openstack deployment where dashboard is deployed on HA, every juju update hook
I can read the following output on /var/log/apache2/error.log:
[Mon Feb 05 12:21:57.599471 2018] [core:notice] [pid 45036:tid 140322761824128] AH00094: Command line: '/usr/sbin/apache2'
[Mon Feb 05 12:27:15.038971 2018] [mpm_event:notice] [pid 45036:tid 140322761824128] AH00491: caught SIGTERM, shutting down
[Mon Feb 05 12:27:16.133030 2018] [ssl:warn] [pid 1116:tid 139686050834304] AH01909: juju-baab69-29-lxd-2.maas:433:0 server certificate does NOT include an ID which matches the server name
[Mon Feb 05 12:27:16.149425 2018] [ssl:warn] [pid 1117:tid 139686050834304] AH01909: juju-baab69-29-lxd-2.maas:433:0 server certificate does NOT include an ID which matches the server name
[Mon Feb 05 12:27:16.151705 2018] [mpm_event:notice] [pid 1117:tid 139686050834304] AH00489: Apache/2.4.10 (Ubuntu) OpenSSL/1.0.1f mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Mon Feb 05 12:27:16.151729 2018] [core:notice] [pid 1117:tid 139686050834304] AH00094: Command line: '/usr/sbin/apache2'
[Mon Feb 05 12:31:49.834311 2018] [mpm_event:notice] [pid 1117:tid 139686050834304] AH00491: caught SIGTERM, shutting down
[Mon Feb 05 12:31:50.931838 2018] [ssl:warn] [pid 6030:tid 139668206278528] AH01909: juju-baab69-29-lxd-2.maas:433:0 server certificate does NOT include an ID which matches the server name
[Mon Feb 05 12:31:50.947896 2018] [ssl:warn] [pid 6031:tid 139668206278528] AH01909: juju-baab69-29-lxd-2.maas:433:0 server certificate does NOT include an ID which matches the server name
[Mon Feb 05 12:31:50.950319 2018] [mpm_event:notice] [pid 6031:tid 139668206278528] AH00489: Apache/2.4.10 (Ubuntu) OpenSSL/1.0.1f mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Mon Feb 05 12:31:50.950349 2018] [core:notice] [pid 6031:tid 139668206278528] AH00094: Command line: '/usr/sbin/apache2'
[Mon Feb 05 12:37:45.785726 2018] [mpm_event:notice] [pid 6031:tid 139668206278528] AH00491: caught SIGTERM, shutting down
[Mon Feb 05 12:37:46.882574 2018] [ssl:warn] [pid 11545:tid 140014746675072] AH01909: juju-baab69-29-lxd-2.maas:433:0 server certificate does NOT include an ID which matches the server name
[Mon Feb 05 12:37:46.898069 2018] [ssl:warn] [pid 11546:tid 140014746675072] AH01909: juju-baab69-29-lxd-2.maas:433:0 server certificate does NOT include an ID which matches the server name
[Mon Feb 05 12:37:46.900170 2018] [mpm_event:notice] [pid 11546:tid 140014746675072] AH00489: Apache/2.4.10 (Ubuntu) OpenSSL/1.0.1f mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Mon Feb 05 12:37:46.900195 2018] [core:notice] [pid 11546:tid 140014746675072] AH00094: Command line: '/usr/sbin/apache2'
[Mon Feb 05 12:43:00.907437 2018] [mpm_event:notice] [pid 11546:tid 140014746675072] AH00491: caught SIGTERM, shutting down
[Mon Feb 05 12:43:02.002314 2018] [ssl:warn] [pid 16737:tid 140561918715776] AH01909: juju-baab69-29-lxd-2.maas:433:0 server certificate does NOT include an ID which matches the server name
[Mon Feb 05 12:43:02.017202 2018] [ssl:warn] [pid 16738:tid 140561918715776] AH01909: juju-baab69-29-lxd-2.maas:433:0 server certificate does NOT include an ID which matches the server name
[Mon Feb 05 12:43:02.019455 2018] [mpm_event:notice] [pid 16738:tid 140561918715776] AH00489: Apache/2.4.10 (Ubuntu) OpenSSL/1.0.1f mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Mon Feb 05 12:43:02.019479 2018] [core:notice] [pid 16738:tid 140561918715776] AH00094: Command line: '/usr/sbin/apache2'
Also, but not all the update hooks, it's possible to see the following
output:
[Mon Feb 05 13:08:32.034604 2018] [:error] [pid 34010] [remote 100.86.0.145:54985] mod_wsgi (pid=34010): Exception occurred processing WSGI script '/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi'.
[Mon Feb 05 13:08:32.034682 2018] [:error] [pid 34010] [remote 100.86.0.145:54985] IOError: failed to write data
The configuration looks like:
$ juju config openstack-dashboard
application: openstack-dashboard
charm: openstack-dashboard
settings:
action-managed-upgrade:
default: true
description: |
If True enables openstack upgrades for this charm via juju actions.
You will still need to set openstack-origin to the new repository but
instead of an upgrade running automatically across all units, it will
wait for you to execute the openstack-upgrade action for this charm on
each unit. If False it will revert to existing behavior of upgrading
all units on config change.
type: boolean
value: false
cinder-backup:
description: Enable cinder backup panel.
type: boolean
value: true
customization-module:
default: true
description: |
Module that overriding layout for customization.
This is available from Liberty
type: string
value: ""
database:
default: true
description: Database name for Horizon (if enabled)
type: string
value: horizon
database-user:
default: true
description: Username for Horizon database access (if enabled)
type: string
value: horizon
debug:
description: Show Django debug messages.
type: string
value: "false"
default-role:
default: true
description: |
Default role for Horizon operations that will be created in
Keystone upon introduction of an identity-service relation.
type: string
value: Member
default-theme:
default: true
description: |
Specify path to theme to use
(relative to /usr/share/openstack-dashboard/openstack_dashboard/themes/).
NOTE: This setting is supported when deploying OpenStack Liberty or
newer. This setting and ubuntu-theme setting are mutually exclusive.
type: string
dns-ha:
default: true
description: |
Use DNS HA with MAAS 2.0. Note if this is set do not set vip
settings below.
type: boolean
value: false
endpoint-type:
description: |
Specifies the endpoint types to use for endpoints in the Keystone
service catalog. Valid values are 'publicURL', 'internalURL',
and 'adminURL'. Both the primary and secondary endpoint types can
be specified by providing multiple comma delimited values.
type: string
value: publicURL
enforce-ssl:
default: true
description: |
If True, redirects plain http requests to https port 443. For this option
to have an effect, SSL must be configured.
type: boolean
value: false
ha-bindiface:
default: true
description: |
Default network interface on which HA cluster will bind to communication
with the other members of the HA Cluster.
type: string
value: ethX
ha-mcastport:
default: true
description: |
Default multicast port number that will be used to communicate between
HA Cluster nodes.
type: int
value: 5410
haproxy-client-timeout:
default: true
description: |
Client timeout configuration in ms for haproxy, used in HA
configurations. If not provided, default value of 30000ms is used.
type: int
haproxy-connect-timeout:
default: true
description: |
Connect timeout configuration in ms for haproxy, used in HA
configurations. If not provided, default value of 5000ms is used.
type: int
haproxy-queue-timeout:
default: true
description: |
Queue timeout configuration in ms for haproxy, used in HA
configurations. If not provided, default value of 5000ms is used.
type: int
haproxy-server-timeout:
default: true
description: |
Server timeout configuration in ms for haproxy, used in HA
configurations. If not provided, default value of 30000ms is used.
type: int
harden:
description: |
Apply system hardening. Supports a space-delimited list of modules
to run. Supported modules currently include os, ssh, apache and mysql.
type: string
value: apache
nagios_check_http_params:
default: true
description: Parameters to pass to the nrpe plugin check_http.
type: string
value: -H localhost -I 127.0.0.1 -u '/' -e 200,301,302
nagios_context:
default: true
description: |
Used by the nrpe-external-master subordinate charm.
A string that will be prepended to instance name to set the host name
in nagios. So for instance the hostname would be something like:
.
juju-postgresql-0
.
If you're running multiple environments with the same services in them
this allows you to differentiate between them.
type: string
value: juju
nagios_servicegroups:
default: true
description: |
A comma-separated list of nagios servicegroups. If left empty, the
nagios_context will be used as the servicegroup.
type: string
value: ""
neutron-network-dvr:
default: true
description: |
Enable Neutron distributed virtual router (DVR) feature in the
Router panel.
type: boolean
value: false
neutron-network-firewall:
default: true
description: Enable neutron firewall service panel.
type: boolean
value: false
neutron-network-l3ha:
default: true
description: |
Enable HA (High Availability) mode in Neutron virtual router in
the Router panel.
type: boolean
value: false
neutron-network-lb:
default: true
description: Enable neutron load balancer service panel.
type: boolean
value: false
neutron-network-vpn:
default: true
description: Enable neutron vpn service panel.
type: boolean
value: false
offline-compression:
default: true
description: Use pre-generated Less compiled JS and CSS.
type: string
value: "yes"
openstack-origin:
description: |
Repository from which to install. May be one of the following:
distro (default), ppa:somecustom/ppa, a deb url sources entry,
or a supported Cloud Archive release pocket.
Supported Cloud Archive sources include:
cloud:<series>-<openstack-release>
cloud:<series>-<openstack-release>/updates
cloud:<series>-<openstack-release>/staging
cloud:<series>-<openstack-release>/proposed
For series=Precise we support cloud archives for openstack-release:
* icehouse
For series=Trusty we support cloud archives for openstack-release:
* juno
* kilo
* ...
NOTE: updating this setting to a source that is known to provide
a later version of OpenStack will trigger a software upgrade.
type: string
value: cloud:trusty-mitaka/updates
openstack-origin-git:
default: true
description: |
Specifies a default OpenStack release name, or a YAML dictionary
listing the git repositories to install from.
The default Openstack release name may be one of the following, where
the corresponding OpenStack github branch will be used:
* liberty
* mitaka
* newton
* master
The YAML must minimally include requirements and horizon repositories,
and may also include repositories for other dependencies:
repositories:
- {name: requirements,
repository: 'git://github.com/openstack/requirements',
branch: master}
- {name: horizon,
repository: 'git://github.com/openstack/horizon',
branch: master}
release: master
type: string
os-admin-hostname:
default: true
description: |
The hostname or address of the admin endpoints created for
openstack-dashboard.
This value will be used for admin endpoints. For example, an
os-admin-hostname set to 'horizon.admin.example.com' with will create
the following admin endpoint for the swift-proxy:
https://horizon.admin.example.com/horizon
type: string
os-admin-network:
description: |
The IP address and netmask of the OpenStack Admin network (e.g., 192.168.0.0/24).
This network will be used for admin endpoints.
type: string
value: X.X.X.X/Y
os-internal-hostname:
default: true
description: |
The hostname or address of the internal endpoints created for
openstack-dashboard.
This value will be used for internal endpoints. For example, an
os-internal-hostname set to 'horizon.internal.example.com' with will
create the following internal endpoint for the swift-proxy:
https://horizon.internal.example.com/horizon
type: string
os-internal-network:
default: true
description: |
The IP address and netmask of the OpenStack Internal network (e.g., 192.168.0.0/24).
This network will be used for internal endpoints.
type: string
os-public-hostname:
default: true
description: |
The hostname or address of the public endpoints created for
openstack-dashboard.
This value will be used for public endpoints. For example, an
os-public-hostname set to 'horizon.example.com' with will create
the following public endpoint for the swift-proxy:
https://horizon.example.com/horizon
type: string
os-public-network:
default: true
description: |
The IP address and netmask of the OpenStack Public network (e.g., 192.168.0.0/24).
This network will be used for public endpoints.
type: string
password-retrieve:
description: Enable "Retrieve password" instance action.
type: boolean
value: true
prefer-ipv6:
default: true
description: |
If True enables IPv6 support. The charm will expect network
interfaces to be configured with an IPv6 address. If set to False
(default) IPv4 is expected.
.
NOTE: these charms do not currently support IPv6 privacy extension.
In order for this charm to function correctly, the privacy extension
must be disabled and a non-temporary address must be
configured/available on your network interface.
type: boolean
value: false
profile:
default: true
description: Default profile for the dashboard. Eg. cisco.
type: string
secret:
description: |
Secret for Horizon to use when securing internal data; set this when
using multiple dashboard units.
type: string
value: <valid_secret>
ssl_ca:
description: |
Base64-encoded certificate authority. This CA is used in conjunction
with keystone https endpoints and must, therefore, be the same CA
used by any endpoint configured as https/ssl.
type: string
value: |-
<my_key_here>
ssl_cert:
description: |
Base64-encoded SSL certificate to install and use for Horizon.
juju set openstack-dashbaord ssl_cert="$(cat cert| base64)" \
ssl_key="$(cat key| base64)"
type: string
value: |-
<my_key_here>
ssl_key:
description: |
Base64-encoded SSL key to use with certificate specified as ssl_cert.
type: string
value: |-
<my_key_here>
ubuntu-theme:
default: true
description: Use Ubuntu theme for the dashboard.
type: string
value: "yes"
use-syslog:
description: |
Setting this to True will allow supporting services to log to syslog.
type: boolean
value: true
vip:
description: |
Virtual IP to use to front openstack dashboard ha configuration.
type: string
value: X.X.X.X
vip_cidr:
default: true
description: |
Default CIDR netmask to use for HA vip when it cannot be automatically
determined.
type: int
value: 24
vip_iface:
default: true
description: |
Default network interface to use for HA vip when it cannot be
automatically determined.
type: string
value: ethY
webroot:
description: |
Directory where application will be accessible, relative to
http://$hostname/.
type: string
value: /
Any tip what can be producing this continuous restart is appreciated.
Thanks!
José.
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1747434/+subscriptions
References
