Enable maintenance mode while updating package

[PVince81]

Steps to reproduce

1. Setup ownCloud from package, for example RPM package
2. Continuously access ownCloud, make HTTP request
3. Update the ownCloud package

Expected result

Maintenance mode should be enabled before the package is extracted
Or if possible, all access to ownCloud should be blocked somehow.

Actual result

It seems that ownCloud is still accessible, but HTTP calls fail with Internal Server Error due to missing classes, possibly because the code is half-updated.

Note: this is probably more a corner case related to packaging.
Normally I manually set maintenance mode to true before updating the package.

@jnweiger what do you think ?
Not sure how it's done for other packaged web applications.

[jnweiger]

The packages do not know much about updating.
I assume we should add preinstall and postinstall hooks to enter and leave maintenance mode.
Currently there is nothing like that. The new code just unpacks ontop of the old code.
Could somebody please suggest what steps should be done in pre / post?

[MTRichards]

In the config file, just set the "maintenance mode" flag (see config.sample.php). Then upgrade, and when complete, remove the maintenance mode flag in the config.php file.

Is that what you mean?

[PVince81]

Yes, but I'm not sure whether it is right to have this be done by the package (preinstall/postinstall hooks).

[MTRichards]

Probably better done by the updater code itself.

[jnweiger]

I don't really understand hoe the updater works its magic. My assumption was, that once some php files are overwritten during package install, we are in an unsafe state.
This is where typically pre/post get employed to wrap the update into a proper transaction.

[PVince81]

Let's not confuse the "updater".

This here is the lifecycle of an update based on the OBS package:

1. Admin runs zypper update owncloud
2. Package manager downloads the package
3. Package manager extracts the package in-place and replaces the old code
4. Admin opens the web UI and clicks "Update now" (or runs ./occ upgrade)
5. Updater: sets maintenance mode to true
6. Updater: updates the DB for apps, runs repairs steps, etc
7. Updater: sets maintenance mode to false

The problem I mentioned can happen if between step 3) and 4) someone is accessing ownCloud, then they will get unpredictable results because the code is half-there.

The other updater is from the update center, this one also downloads, replaces. But that's for a separate discussion.

[PVince81]

Basically to be safe the admin needs to do the following:

1. Admin manually sets maintenance flag to true
2. Admin runs zypper update owncloud
3. Package manager downloads the package
4. Package manager extracts the package in-place and replaces the old code
5. Admin manually sets maintenance flag to false (else he won't get access to the update button)
6. Admin opens the web UI and clicks "Update now" (or runs ./occ upgrade)
7. Updater: sets maintenance mode to true
8. Updater: updates the DB for apps, runs repairs steps, etc
9. Updater: sets maintenance mode to false

[jnweiger]

The important step for me is to set maintenance mode in preinstall, so that nothing bad happens if Admin forgets to do step 1 (or runs unattended updates): set maintenance flag to true manually.

The better (but more intrusive) solution is to change the packager install scripts to extract to a temporary place. The running installation should not be touched, except for a notification, that the admin may want to initiate an "Update now".

[jnweiger]

@PVince81 The owncloud 8 server packages now set maintenance mode before they start the upgrade.
Does that complete the packaging part of this issue?

[PVince81]

I see in the spec that you also stop Apache2 now ?
Thinking of it stopping Apache2 might not be enough due to possibly running cron jobs.

So, disabling maintenance mode is indeed the way to go.
I see in the spec that in %post it will also run ./occ upgrade which will automatically run the upgrade.

So, that's done.

[jnweiger]

There is not much we can do about cron jobs. Killing them is bad.
Enhancement idea:
Is occ able to tell me that a backgorund job is running? If so, we could wait and poll for a few minutes.

[PVince81]

Not sure. I remember there were talks about creating a cron lock file ? Was this done ? @icewind1991 @DeepDiver1975 ?