Project

General

Profile

Actions

Bug #16845

closed

Policy generation fails with many nodes in 6.0 after an upgrade

Added by Nicolas CHARLES almost 5 years ago. Updated almost 5 years ago.

Status:
Released
Priority:
N/A
Category:
Packaging
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
Checked
Regression:

Description

[2020-03-01 00:46:38] DEBUG policy.generation.timing - Node configuration written on filesystem in 2932775 ms
[2020-03-01 00:46:42] WARN  report.changes - Not updating changes by rule - disabled by configuration setting 'rudder_compute_changes' (set by REST API)
[2020-03-01 00:46:47] WARN  report.changes - Not updating changes by rule - disabled by configuration setting 'rudder_compute_changes' (set by REST API)
[2020-03-01 00:46:53] WARN  report.changes - Not updating changes by rule - disabled by configuration setting 'rudder_compute_changes' (set by REST API)
[2020-03-01 00:46:58] WARN  report.changes - Not updating changes by rule - disabled by configuration setting 'rudder_compute_changes' (set by REST API)
[2020-03-01 00:47:00] DEBUG policy.generation.timing - Generation-failure hooks ran in 10 ms
[2020-03-01 00:47:00] INFO  policy.generation.timing - Policy generation failed after: 53 min 52 s
[2020-03-01 00:47:00] ERROR policy.generation - Error when updating policy, reason was: Cannot write nodes configuration <- BackendException: Error when doing action 'modify' with and LDIF change request: null; cause was: com.unboundid.ldap.sdk.LDAPException: An error occurred while attempting to send the LDAP message to server localhost:389:  SocketException(Socket closed), ldapSDKVersion=4.0.7, revision=28484 
 -> com.normation.ldap.sdk.RwLDAPConnection.$anonfun$applyModify$2(LDAPConnection.scala:578)
 -> com.normation.ldap.sdk.RwLDAPConnection.$anonfun$applyMod$1(LDAPConnection.scala:513)
[2020-03-01 00:47:00] INFO  policy.generation - Flag file '/opt/rudder/etc/policy-update-running' successfully removed

slapd.conf file is missing the sockbuf_max_incoming_auth 1000000000 configuration

Actions #2

Updated by Nicolas CHARLES almost 5 years ago

  • Subject changed from Policy generation fails with many node in 6.0 to Policy generation fails with many nodes in 6.0 after an upgrade

This is interesting. We moved to systemd, so we don't need the

argsfile    /var/rudder/run/slapd.args

line anymore

yet init script does remove the line with sockbuf, and add it after the argsfile line

sed -i '/^[ \t]*sockbuf_max_incoming_auth/d' ${SLAPD_CONF_FILE}
sed -i 's/^\([ \t]*argsfile[ \t]\+\/.*\)/\1\nsockbuf_max_incoming_auth '${MAX_INCOMING_AUTH}'/' ${SLAPD_CONF_FILE}

it doesn't exists once file has been updated, but init script still does the replacement.
Chaos follow

Actions #3

Updated by Nicolas CHARLES almost 5 years ago

  • Status changed from New to In progress
  • Assignee set to Nicolas CHARLES
Actions #4

Updated by Nicolas CHARLES almost 5 years ago

  • Assignee changed from Nicolas CHARLES to Alexis Mousset
  • Pull Request set to https://github.com/Normation/rudder-packages/pull/2212
Actions #5

Updated by Nicolas CHARLES almost 5 years ago

  • Status changed from In progress to Pending technical review
Actions #6

Updated by Nicolas CHARLES almost 5 years ago

  • Status changed from Pending technical review to Pending release
Actions #8

Updated by Vincent MEMBRÉ almost 5 years ago

  • Target version changed from 6.0.5 to 6.0.4
Actions #9

Updated by Nicolas CHARLES almost 5 years ago

  • Fix check changed from To do to Checked
Actions #10

Updated by Vincent MEMBRÉ almost 5 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 6.0.4 which was released today.

Actions

Also available in: Atom PDF