Project

General

Profile

Actions

Bug #7288

open

Policy does not get deleted when changing relays

Added by Janos Mattyasovszky about 9 years ago. Updated 6 months ago.

Status:
New
Priority:
N/A
Category:
Server components
Target version:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
Infrequent - complex configurations | third party integrations
Effort required:
Large
Priority:
0
Name check:
Fix check:
Regression:
No

Description

Sometimes we re-balance and change the policy server (relay) a node is connected to.
I have noticed the old relay's policy for the nodes do not get removed then.

rudder-root:/var/rudder/share # ls -d /var/rudder/share/*/share/* | gawk -F/ '{print $NF}' | sort | uniq -c | grep -c -w 2
604

=> not a unique issue.

The date is also showing this:

drwx------ 3 root root 18 Sep 22 23:25 /var/rudder/share/9ee3f1c5-d83c-4daa-9465-2555476521fb/share/00208aa8-f4d1-11e4-b6d9-11cb081228de
drwxrwx--- 3 root root 18 Oct 17 22:38 /var/rudder/share/c49a0a1c-1100-11e5-9959-76b2081228de/share/00208aa8-f4d1-11e4-b6d9-11cb081228de
...
drwx------ 3 root root 18 Sep 23 00:00 /var/rudder/share/9ee3f1c5-d83c-4daa-9465-2555476521fb/share/0013855c-f377-11e4-b4af-33e8081228de
drwxrwx--- 3 root root 18 Oct 17 22:38 /var/rudder/share/78169036-10f9-11e5-b8f7-afb7081228de/share/0013855c-f377-11e4-b4af-33e8081228de

When a node changes the policy server, that policy server should get the node's folder removed.

Edit FAR: Proposed solution: each policy server has a base share directory (/var/rudder/share for root, /var/rudder/share/9ee3f1c5-d83c-4daa-9465-2555476521fb/share for relay with uuid 9ee3f1c5-d83c-4daa-9465-2555476521fb, etc recursively). At the end of the generation, we just need to check that the base share of a policy server only contains nodes directly managed by it.


Related issues 3 (1 open2 closed)

Related to Scale-out relay - Bug #7751: When we delete a relay, all system groups and directive related to this relay are not deletedNewElaad FURREEDANActions
Related to Rudder - Bug #8046: Change of Policy Server does not trigger a PolicyupdateRejectedFrançois ARMAND2016-03-08Actions
Related to Rudder - Question #9719: Node deletes are not properly cleaned upResolvedActions
Actions #1

Updated by Janos Mattyasovszky about 9 years ago

  • Description updated (diff)
Actions #2

Updated by Vincent MEMBRÉ about 9 years ago

  • Assignee set to Nicolas CHARLES

Thanks for reproting Janos!

You are right, the content of shared promises should only contains promises for nodes that are managed by this relay

Nicolas, what would be the easiest way to do this ?

Actions #3

Updated by Jonathan CLARKE about 9 years ago

  • Assignee changed from Nicolas CHARLES to François ARMAND

François, I'm sure you have an idea about this? :)

Actions #4

Updated by Janos Mattyasovszky about 9 years ago

How about detecting during the inventory processing, if it reports to a different policy server then known until now, and after a successful policy generation remove the old dir-tree below the old policy server?

I will work around it by a cronjob, some LDAP query, and checking all directory below the policy servers, if it's still valid.

Additional question: do the policies get deleted when I remove a node over GUI / API?

Actions #5

Updated by François ARMAND almost 9 years ago

I think we should "just" add the list of node managed by the relay in some accessible way on the relay, and a post-hook after promise transfert which will diff the managed node / actual directories present. The garbage collecting can be done asynchronously to avoid long processing time.

The proposed solution may imply more work to always calculate the list of nodes for a relay, not sure we have that information at all time.

Some more context information: we are not able to just remove all directories not updated on last promise transfert, because valid nodes may not have gotten updated policies on last round.

Actions #6

Updated by François ARMAND over 8 years ago

  • Related to Bug #7751: When we delete a relay, all system groups and directive related to this relay are not deleted added
Actions #7

Updated by François ARMAND over 8 years ago

  • Related to Bug #4709: When a node is deleted, its generated promises are not removed added
Actions #8

Updated by François ARMAND over 8 years ago

OK, so it seems I misunderstood the root cause, and it should be in fact much easier than thought to correct.

The problem is that on the root server, we don't clean the deleted nodes, and so it is more linked to #4709 (kind of an amplificated version of it).

Nicolas, you had concerned about the following proposed solution. Does that still hold for relays ?

I put them back here:

- trigger a rm -rf ${nodeid} or something alike from rudder UI when a node is deleted;
- on each promise generation, delete all unknown files in /var/rudder/share to keep only existing nodes;
- have a cfengine (sytem) promise making the cleaning for us based on the list of all "currently valide node" (accepting that ${node_id_of_relay}/${node_id} is a valid one)

Actions #9

Updated by François ARMAND over 8 years ago

  • Translation missing: en.field_tag_list set to Next minor release
Actions #10

Updated by Janos Mattyasovszky over 8 years ago

  • Related to Bug #8046: Change of Policy Server does not trigger a Policyupdate added
Actions #11

Updated by Janos Mattyasovszky over 8 years ago

  • Related to deleted (Bug #8046: Change of Policy Server does not trigger a Policyupdate)
Actions #12

Updated by François ARMAND over 8 years ago

  • Related to Bug #8046: Change of Policy Server does not trigger a Policyupdate added
Actions #13

Updated by Benoît PECCATTE over 8 years ago

  • Target version set to 2.11.21
Actions #14

Updated by Jonathan CLARKE over 8 years ago

  • Translation missing: en.field_tag_list deleted (Next minor release)
Actions #15

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 2.11.21 to 2.11.22
Actions #16

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 2.11.22 to 2.11.23
Actions #17

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 2.11.23 to 2.11.24
Actions #18

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 2.11.24 to 308
Actions #19

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 308 to 3.1.14
Actions #20

Updated by Vincent MEMBRÉ about 8 years ago

  • Target version changed from 3.1.14 to 3.1.15
Actions #21

Updated by Vincent MEMBRÉ about 8 years ago

  • Target version changed from 3.1.15 to 3.1.16
Actions #22

Updated by Vincent MEMBRÉ about 8 years ago

  • Target version changed from 3.1.16 to 3.1.17
Actions #23

Updated by Janos Mattyasovszky about 8 years ago

  • Related to Question #9719: Node deletes are not properly cleaned up added
Actions #24

Updated by Vincent MEMBRÉ about 8 years ago

  • Target version changed from 3.1.17 to 3.1.18
Actions #25

Updated by Vincent MEMBRÉ almost 8 years ago

  • Target version changed from 3.1.18 to 3.1.19
Actions #26

Updated by Jonathan CLARKE almost 8 years ago

  • Severity set to Minor - inconvenience | misleading | easy workaround
  • User visibility set to Infrequent - complex configurations | third party integrations
Actions #27

Updated by Benoît PECCATTE over 7 years ago

  • Priority set to 5
Actions #28

Updated by François ARMAND over 7 years ago

  • Related to deleted (Bug #4709: When a node is deleted, its generated promises are not removed)
Actions #29

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 3.1.19 to 3.1.20
Actions #30

Updated by Jonathan CLARKE over 7 years ago

  • Assignee deleted (François ARMAND)
Actions #31

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 3.1.20 to 3.1.21
Actions #32

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 3.1.21 to 3.1.22
Actions #33

Updated by Benoît PECCATTE over 7 years ago

  • Priority changed from 5 to 18
Actions #34

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 3.1.22 to 3.1.23
Actions #35

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 3.1.23 to 3.1.24
Actions #36

Updated by Vincent MEMBRÉ about 7 years ago

  • Target version changed from 3.1.24 to 3.1.25
Actions #37

Updated by Vincent MEMBRÉ about 7 years ago

  • Target version changed from 3.1.25 to 387
Actions #38

Updated by Vincent MEMBRÉ about 7 years ago

  • Target version changed from 387 to 4.1.10
Actions #39

Updated by Vincent MEMBRÉ almost 7 years ago

  • Target version changed from 4.1.10 to 4.1.11
Actions #40

Updated by Vincent MEMBRÉ over 6 years ago

  • Target version changed from 4.1.11 to 4.1.12
Actions #41

Updated by Vincent MEMBRÉ over 6 years ago

  • Target version changed from 4.1.12 to 4.1.13
Actions #42

Updated by Vincent MEMBRÉ over 6 years ago

  • Target version changed from 4.1.13 to 4.1.14
Actions #43

Updated by Benoît PECCATTE over 6 years ago

  • Target version changed from 4.1.14 to 4.1.15
Actions #44

Updated by Vincent MEMBRÉ about 6 years ago

  • Target version changed from 4.1.15 to 4.1.16
Actions #45

Updated by Vincent MEMBRÉ about 6 years ago

  • Target version changed from 4.1.16 to 4.1.17
Actions #46

Updated by Vincent MEMBRÉ about 6 years ago

  • Target version changed from 4.1.17 to 4.1.18
Actions #47

Updated by Vincent MEMBRÉ almost 6 years ago

  • Target version changed from 4.1.18 to 4.1.19
Actions #48

Updated by Alexis Mousset almost 6 years ago

  • Target version changed from 4.1.19 to 4.1.20
  • Priority changed from 18 to 19
Actions #49

Updated by François ARMAND almost 6 years ago

  • Target version changed from 4.1.20 to 4.1.21
Actions #50

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.1.21 to 4.1.22
Actions #51

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.1.22 to 4.1.23
Actions #52

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.1.23 to 4.1.24
Actions #53

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.1.24 to 588
Actions #54

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 588 to 5.0.13
Actions #55

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 5.0.13 to 5.0.14
  • Priority changed from 19 to 20
Actions #56

Updated by Vincent MEMBRÉ about 5 years ago

  • Target version changed from 5.0.14 to 5.0.15
Actions #57

Updated by François ARMAND about 5 years ago

  • Description updated (diff)
  • Effort required set to Very Small
  • Priority changed from 20 to 47

The proposed solution seems really simple to implement.

Actions #58

Updated by Vincent MEMBRÉ about 5 years ago

  • Status changed from New to In progress
  • Assignee set to Vincent MEMBRÉ
Actions #59

Updated by Vincent MEMBRÉ about 5 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
  • Pull Request set to https://github.com/Normation/rudder/pull/2591
Actions #60

Updated by Vincent MEMBRÉ about 5 years ago

  • Target version changed from 5.0.15 to 5.0.16
Actions #61

Updated by Alexis Mousset almost 5 years ago

  • Target version changed from 5.0.16 to 5.0.17
  • Priority changed from 47 to 48
Actions #62

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.17 to 5.0.18
  • Priority changed from 48 to 49
Actions #63

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.18 to 5.0.19
  • Priority changed from 49 to 50
Actions #64

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.19 to 5.0.20
Actions #65

Updated by Vincent MEMBRÉ about 4 years ago

  • Target version changed from 5.0.20 to 797
Actions #66

Updated by Vincent MEMBRÉ almost 4 years ago

  • Status changed from Pending technical review to New
Actions #67

Updated by Benoît PECCATTE over 3 years ago

  • Target version changed from 797 to 6.1.14
Actions #68

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.14 to 6.1.15
Actions #69

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.15 to 6.1.16
Actions #70

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.16 to 6.1.17
Actions #71

Updated by Vincent MEMBRÉ about 3 years ago

  • Target version changed from 6.1.17 to 6.1.18
Actions #72

Updated by Vincent MEMBRÉ about 3 years ago

  • Target version changed from 6.1.18 to 6.1.19
Actions #73

Updated by François ARMAND almost 3 years ago

  • Effort required changed from Very Small to Large
  • Priority changed from 50 to -7

This happen to be non trivial regarding perf, see all the comments under PR.

This likely need an other approach than the one we tried, like tracking when a node change policy server (ie when we notice it when an inventory is received) and at the moment delete corresponding policies on old policy server.

Actions #74

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 6.1.19 to 6.1.20
Actions #75

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 6.1.20 to 6.1.21
Actions #76

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 6.1.21 to old 6.1 issues to relocate
Actions #77

Updated by François ARMAND about 1 year ago

  • Target version changed from old 6.1 issues to relocate to 7.3.10
  • Priority changed from -7 to 0
  • Regression set to No
Actions #78

Updated by Vincent MEMBRÉ about 1 year ago

  • Target version changed from 7.3.10 to 7.3.11
Actions #79

Updated by Vincent MEMBRÉ 11 months ago

  • Target version changed from 7.3.11 to 7.3.12
Actions #80

Updated by Vincent MEMBRÉ 10 months ago

  • Target version changed from 7.3.12 to 7.3.13
Actions #81

Updated by Vincent MEMBRÉ 10 months ago

  • Target version changed from 7.3.13 to 7.3.14
Actions #82

Updated by Vincent MEMBRÉ 8 months ago

  • Target version changed from 7.3.14 to 7.3.15
Actions #83

Updated by Vincent MEMBRÉ 7 months ago

  • Target version changed from 7.3.15 to 7.3.16
Actions #84

Updated by Vincent MEMBRÉ 6 months ago

  • Target version changed from 7.3.16 to 7.3.17
Actions

Also available in: Atom PDF