[Freeipa-devel] [PATCH] 350 Upgrade process should not crash on named restart

Tue Jan 15 15:05:14 UTC 2013

On 01/15/2013 03:44 PM, Simo Sorce wrote:
> On Tue, 2013-01-15 at 15:37 +0100, Martin Kosek wrote:
>> On 01/15/2013 02:43 PM, Simo Sorce wrote:
>>> On Tue, 2013-01-15 at 13:30 +0100, Martin Kosek wrote:
>>>> When either dirsrv or krb5kdc is down, named service restart in
>>>> ipa-upgradeconfig will fail and cause a crash of the whole upgrade
>>>> process.
>>>>
>>>> Rather only report a failure to restart the service and continue
>>>> with the upgrade as it does not need the named service running. Do
>>>> the same precaution for pki-ca service restart.
>>>>
>>>> https://fedorahosted.org/freeipa/ticket/3350
>>>
>>> Shouldn't we note it failed and retry later ?
>>> Is there a risk it will be down at the end of the upgrade process ?
>>>
>>> Simo.
>>>
>>
>> Seems like an overkill to me. It would not certainly help in this case, because
>> the processes that named requires are down. As Rob suggested, user upgrading
>> the IPA may be running in a lower run level for example, it that case I think
>> we may not even try to restart the service.
>
> Oh I guess I wasn't clear, I did not mean to try to restart the service
> immediately or multiple times, I meant to make sure that if the service
> was running when the *whole* update started to make sure it is still
> running when the whole update finishes.
>
> The scenario is:
>
> 1. ipa runnig
> 2. do upgrade
> 3. restart fails for some reason
> 4. update completes
>
> now what I would like to make sure is that if the restart failed at 3 we
> try a restart after 4 so that we try to get things up when all the
> updates are done.
>
> Makes sense ?

Sort of. To be able to do this, I think we would need to at first get a list of 
all running services (as user may have purposefully shut down some service), 
then run the upgrades and check that all services in this list are still 
running at the end of the upgrade. If not, try to amend it.

While this looks useful-ish, I would rather keep the patch 350 simple as we are 
close to the release and I do not want to get too wild.

>
>> Now when I am thinking about it, maybe we should only try to restart if the
>> service is running - because otherwise it would be started later and the
>> changes that were done in scope of upgrade script would be applied.
>
> Yes we should do a conditional restart only, and it is ok to proceeded
> if it fails, we want to complete the upgrade process in any case, not
> break out in the middle if at all possible.
>
> Simo.
>

Right, I will send an updated patch which restarts the named/pki-ca service 
only if it is running.

Martin