Bug 43863 – Docker member server entry is removed during the installation

Bug 43863 - Docker member server entry is removed during the installation


Summary:	Docker member server entry is removed during the installation

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	App Center
Version:	UCS 4.2
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.2
Assigned To:	Dirk Wiesenthal
QA Contact:	Stefan Gohmann

URL:
Keywords:	interim-3

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2017-03-15 07:32 CET by Stefan Gohmann
Modified:	2017-04-04 18:28 CEST (History)
CC List:	1 user (show)

See Also:
What kind of report is it?:	Development Internal
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Gohmann

2017-03-15 07:32:20 CET

The docker tests currently fail in UCS 4.2. The error message is something like this:

-----------------------------------------------------------------------------
App.verify(True)
● docker-app-dq8nlvfz7y.service - LSB: Start the Container for dq8nlvfz7y
   Loaded: loaded (/etc/init.d/docker-app-dq8nlvfz7y)
   Active: active (exited) since Mi 2017-03-15 07:18:54 CET; 2min 4s ago
  Process: 4928 ExecStart=/etc/init.d/docker-app-dq8nlvfz7y start (code=exited, status=0/SUCCESS)

Mär 15 07:18:50 master421 systemd[1]: Starting LSB: Start the Container for dq8nlvfz7y...
Mär 15 07:18:54 master421 docker-app-dq8nlvfz7y[4928]: Starting dq8nlvfz7y Container 9b1e6798b1d1485439da21d465fd3f0a815b303bfad9c9776da8499b881eaa3f ....
Mär 15 07:18:54 master421 systemd[1]: Started LSB: Start the Container for dq8nlvfz7y.
Error: ldapsearch -x failed
App.uninstall()
Going to remove dq8nlvfz7y (0.5.2)
-----------------------------------------------------------------------------

Afterwards, I've installed dudle and I see that the host entry is created and a little bit later removed, from the listener.log of the DC Master:

-----------------------------------------------------------------------------
14.03.17 21:16:32.129  LISTENER    ( PROCESS ) : updating 'cn=dudle-25918800$,cn=uid,cn=temporary,cn=univention,dc=deadlock42,dc=intranet' command a
14.03.17 21:16:32.195  LISTENER    ( PROCESS ) : updating 'cn=dudle-25918800,cn=memberserver,cn=computers,dc=deadlock42,dc=intranet' command a
14.03.17 21:16:32.238  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-4-2084
14.03.17 21:16:32.238  LISTENER    ( PROCESS ) : Generating krb5.keytab for dudle-25918800
Creating certificate: dudle-25918800.deadlock42.intranet
no certificate for dudle-25918800.deadlock42.intranet registered
Generating RSA private key, 2048 bit long modulus
.............................................................+++
......+++
unable to write 'random state'
e is 65537 (0x10001)
Using configuration from /etc/univention/ssl/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName           :PRINTABLE:'DE'
stateOrProvinceName   :PRINTABLE:'DE'
localityName          :PRINTABLE:'DE'
organizationName      :PRINTABLE:'deadlock42'
organizationalUnitName:PRINTABLE:'Univention Corporate Server'
commonName            :PRINTABLE:'dudle-25918800.deadlock42.intranet'
emailAddress          :IA5STRING:'ssl@deadlock42.intranet'
Certificate is to be certified until Mar 13 20:16:34 2022 GMT (1825 days)

Write out database with 1 new entries
Data Base Updated
unable to write 'random state'
14.03.17 21:16:35.070  LISTENER    ( PROCESS ) : updating 'cn=dudle-25918800$,cn=uid,cn=temporary,cn=univention,dc=deadlock42,dc=intranet' command d
14.03.17 21:16:35.088  LISTENER    ( PROCESS ) : updating 'cn=dudle-25918800,cn=memberserver,cn=computers,dc=deadlock42,dc=intranet' command m
14.03.17 21:16:35.090  LISTENER    ( PROCESS ) : Purging krb5.keytab of dudle-25918800
14.03.17 21:16:35.090  LISTENER    ( PROCESS ) : Generating krb5.keytab for dudle-25918800
14.03.17 21:16:35.144  LISTENER    ( PROCESS ) : updating 'cn=dudle-25918800,cn=memberserver,cn=computers,dc=deadlock42,dc=intranet' command m
14.03.17 21:16:35.164  LISTENER    ( PROCESS ) : updating 'cn=Computers,cn=groups,dc=deadlock42,dc=intranet' command m
14.03.17 21:16:40.085  LISTENER    ( PROCESS ) : updating 'cn=S-1-5-21-2160655556-514580091-1068932707-1187,cn=sid,cn=temporary,cn=univention,dc=deadlock42,dc=intranet' command a
14.03.17 21:16:40.105  LISTENER    ( PROCESS ) : updating 'cn=dudle-25918800,cn=memberserver,cn=computers,dc=deadlock42,dc=intranet' command m
14.03.17 21:16:40.113  LISTENER    ( PROCESS ) : samba4-idmap: renaming entry for S-1-4-2084 to S-1-5-21-2160655556-514580091-1068932707-1187
14.03.17 21:16:40.133  LISTENER    ( PROCESS ) : Purging krb5.keytab of dudle-25918800
14.03.17 21:16:40.133  LISTENER    ( PROCESS ) : Generating krb5.keytab for dudle-25918800
14.03.17 21:17:23.699  LISTENER    ( PROCESS ) : updating 'cn=dudle-25918800,cn=memberserver,cn=computers,dc=deadlock42,dc=intranet' command m
14.03.17 21:17:23.701  LISTENER    ( PROCESS ) : Purging krb5.keytab of dudle-25918800
14.03.17 21:17:23.701  LISTENER    ( PROCESS ) : Generating krb5.keytab for dudle-25918800
14.03.17 21:18:22.147  LISTENER    ( PROCESS ) : updating 'cn=dudle-25918800,cn=memberserver,cn=computers,dc=deadlock42,dc=intranet' command m
14.03.17 21:18:22.148  LISTENER    ( PROCESS ) : Purging krb5.keytab of dudle-25918800
14.03.17 21:18:22.148  LISTENER    ( PROCESS ) : Generating krb5.keytab for dudle-25918800
14.03.17 21:18:28.683  LISTENER    ( PROCESS ) : updating 'cn=dudle-25918800,cn=memberserver,cn=computers,dc=deadlock42,dc=intranet' command d
14.03.17 21:18:28.687  LISTENER    ( PROCESS ) : samba4-idmap: removing entry for S-1-5-21-2160655556-514580091-1068932707-1187
Revoke certificate: dudle-25918800.deadlock42.intranet
Using configuration from /etc/univention/ssl/openssl.cnf
Revoking Certificate 08.
Data Base Updated
unable to write 'random state'
Using configuration from /etc/univention/ssl/openssl.cnf
unable to write 'random state'
-----------------------------------------------------------------------------

Comment 1 Stefan Gohmann

2017-03-15 07:34:49 CET

I tag it to interim-3 because it is critical for the RC. I would rather reopen an existing bug, but I don't know yet which change is responsible for it.

Comment 2 Dirk Wiesenthal

2017-03-15 15:48:49 CET

Fixed in r77734
  univention-appcenter (6.0.3-11)

Docker Containers had access to
  appcenter/apps/$myapp/container

and unregistered the App during join (App is not yet installed!). This caused the host to be removed.

appcenter/apps/$myapp is not copied from the host into the container anymore.

Comment 3 Stefan Gohmann

2017-03-17 07:15:21 CET

Yes, it works again.

Comment 4 Stefan Gohmann

2017-04-04 18:28:15 CEST

UCS 4.2 has been released:
 https://docs.software-univention.de/release-notes-4.2-0-en.html
 https://docs.software-univention.de/release-notes-4.2-0-de.html

If this error occurs again, please use "Clone This Bug".