Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

remote fileclient not working in case of a master restart during states execution #7987

Closed
kiorky opened this issue Oct 20, 2013 · 3 comments
Closed

remote fileclient not working in case of a master restart during states execution #7987

kiorky opened this issue Oct 20, 2013 · 3 comments
Labels
Bug broken, incorrect, or confusing behavior
Milestone
Outstanding Bugs

Comments

@kiorky
Copy link
Contributor

kiorky commented Oct 20, 2013

When we have a remote fileclient cached and the salt master is restarted in - between the execution, the fileclient becomes unusable.

Consider this sls:

test:
  file.managed:
    - name: /tmp/test-restart-salt0
    - source: salt://test.sls
    - require_in:
      - cmd: trigger-restart

test2:
  file.managed:
    - name: /tmp/test-restart-salt2
    - source: salt://test.sls
    - require_in:
      - cmd: trigger-restart

trigger-restart:
  cmd.run:
    - name: rm -f /tmp/test-restart-salt{0,1,2}
    - require_in:
      - service: salt-master

salt-master:
  cmd.run:
    - name: service salt-master stop;service salt-master start
    - require_in:
      - cmd: test-1

test-1:
  file.managed:
    - name: /tmp/test-restart-salt1
    - source: salt://test.sls

cleanup:
  cmd.run:
    - name: rm -f /tmp/test-restart-salt{0,1,2}
    - order: last

It will actually fail with

----------
    State: - file
    Name:      /tmp/test-restart-salt1
    Function:  managed
        Result:    False
        Comment:   An exception occurred in this state: Traceback (most recent call last):
  File "/srv/salt/makina-states/src/salt/salt/state.py", line 1260, in call
    *cdata['args'], **cdata['kwargs'])
  File "/srv/salt/makina-states/src/salt/salt/states/file.py", line 1115, in managed
    **kwargs
  File "/srv/salt/makina-states/src/salt/salt/modules/file.py", line 1605, in get_managed
    source_sum = __salt__['cp.hash_file'](source, env)
  File "/srv/salt/makina-states/src/salt/salt/modules/cp.py", line 424, in hash_file
    return __context__['cp.fileclient'].hash_file(path, env)
  File "/srv/salt/makina-states/src/salt/salt/fileclient.py", line 796, in hash_file
    60)
  File "/srv/salt/makina-states/src/salt/salt/crypt.py", line 424, in loads
    data = self.decrypt(data)
  File "/srv/salt/makina-states/src/salt/salt/crypt.py", line 401, in decrypt
    raise AuthenticationError('message authentication failed')
AuthenticationError: message authentication failed

        Changes:
----------

This can be easily mitigated by renogating the authentication crypticle with the restarted master, see incoming attached pull request
@kiorky kiorky mentioned this issue Oct 20, 2013
Merged
thatch45 added a commit that referenced this issue Oct 20, 2013
@thatch45
Merge pull request #7988 from makinacorpus/issue-7987
b3981a8 
Pr for #7987
@kiorky kiorky mentioned this issue Oct 21, 2013
Closed
@basepi
Copy link
Contributor

basepi commented Oct 21, 2013

Issues with attached pull requests are my favorite. =)

basepi pushed a commit that referenced this issue Oct 30, 2013
@kiorky @basepi
Fix(fileclient): friendly renegotiate authentication
038832f 
In case of authentication error, try to renegotiate the crypticle
handshake to mitigate master restart

This fixes #7987

Conflicts:
	salt/fileclient.py
@krak3n
Copy link
Contributor

krak3n commented Nov 11, 2013

Any chance of this getting merged into the up coming 0.17.2 release?

@basepi
Copy link
Contributor

basepi commented Nov 11, 2013

Already done. 038832f is the cherry-pick.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug broken, incorrect, or confusing behavior
Projects
None yet
Milestone
Outstanding Bugs
Development

No branches or pull requests
3 participants
@kiorky @krak3n @basepi