Univention Bugzilla – Full Text Bug Listing |
Summary: | Consider nscd processes in docker containers | ||
---|---|---|---|
Product: | UCS | Reporter: | Stefan Gohmann <gohmann> |
Component: | Monitoring (Prometheus or Nagios) | Assignee: | Jürn Brodersen <brodersen> |
Status: | CLOSED FIXED | QA Contact: | Felix Botner <botner> |
Severity: | normal | ||
Priority: | P5 | CC: | damrose, grandjean, lutz.willek, robert.evert, stephan.hendl, steuwer, stoeckigt, troeder |
Version: | UCS 4.1 | ||
Target Milestone: | UCS 4.2-1-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
See Also: |
https://forge.univention.org/bugzilla/show_bug.cgi?id=34787 https://forge.univention.org/bugzilla/show_bug.cgi?id=45414 https://forge.univention.org/bugzilla/show_bug.cgi?id=49967 |
||
What kind of report is it?: | Bug Report | What type of bug is this?: | 4: Minor Usability: Impairs usability in secondary scenarios |
Who will be affected by this bug?: | 3: Will affect average number of installed domains | How will those affected feel about the bug?: | 2: A Pain – users won’t like this once they notice it |
User Pain: | 0.137 | Enterprise Customer affected?: | Yes |
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | 2017022721000385 | Bug group (optional): | |
Max CVSS v3 score: | |||
Bug Depends on: | |||
Bug Blocks: | 45186, 45187 |
Description
Stefan Gohmann
2016-11-01 16:51:44 CET
This also occurs in a customers environment when changing the Doodle App to the docker one. Happened to me after installing the etherpad docker app. Is this realy "Minor Usability"? It happens with default Nagios settings for each docker app? Is it safe to disable the NSCD daemon in the docker app? Another mention of this behavior in https://help.univention.com/t/failed-upgrade-from-owncloud-9-to-to-9-1/5953 Just to state the obvious: As a workaround, one can manually adjust the WARNING and CRITICAL level for this Nagios check. There's no need to disable nscd inside the docker container just to make the warning go away. I added an example at https://help.univention.com/t/failed-upgrade-from-owncloud-9-to-to-9-1/5953/11 r80894: Check the nscd socket instead of the process. Package: univention-nagios Version: 10.0.1-3A~4.2.0.201707061034 Branch: ucs_4.2-0 Scope: errata4.2-1 r80895: YAML I tried to check if the nscd process is running inside docker by checking the cgroup of the nscd process but that cgroup can be changed or not set at all. The check now does an "lsof" on /var/run/nscd/socket that should also work in cases where /var/run/nscd/ is mounted in the container. Note: lsof is part of univention-base-packages, is that enough or should I add it to this package as well? Ps. I wondered why a non running nscd is considered critical. Bug 34787 is the reason. UCS 4.2-1 master + released univention-nagios-server update univention-nagios-server -> /usr/lib/nagios/plugins/check_nrpe -H 10.200.7.50 -c UNIVENTION_NSCD NRPE: Unable to read output -> grep -r UNIVENTION_NSCD nagios3/conf.univention.d/services/UNIVENTION_NSCD,master.four.two.cfg: service_description UNIVENTION_NSCD nagios3/conf.univention.d/services/UNIVENTION_NSCD,master.four.two.cfg: check_command check_nrpe_1arg!UNIVENTION_NSCD nagios/nrpe.univention.d/UNIVENTION_NSCD.cfg:command[UNIVENTION_NSCD]=PluginNameNotFoundError The udm nagios/service update for the nscd check was in the wrong join script. I moved the code into 30univention-nagios-client.inst. The ldap modification runs a listener script which writes the nagios config. With the update code in 26univention-nagios-common.inst the listener got called before the new nscd check was installed which resulted in a broken nagios config file. r81865: Fix update path Package: univention-nagios Version: 10.0.1-4A~4.2.0.201708071805 Branch: ucs_4.2-0-errata4.2-1 Scope: errata4.2-1 RUNNING 30univention-nagios-client.inst 2017-08-08 05:15:44.940615494+02:00 (in joinscript_init) File: /etc/nagios/nrpe.cfg [..] WARNING: cannot append cn=m90s4,cn=dc,cn=computers,dc=uni,dc=dtr to assignedHosts, value exists No modification: cn=UNIVENTION_JOINSTATUS,cn=nagios,dc=uni,dc=dtr LDAP Error: Invalid DN syntax: invalid DN: cn=UNIVENTION_NSCD, EXITCODE=3 $NAGIOSCONTAINER definition from 26univention-nagios-common.inst is missing: 81865 jbroders univention-directory-manager nagios/service modify "$@" --dn "cn=UNIVENTION_NSCD,$NAGIOSCONTAINER" --set checkCommand="check_univention_nscd" --set checkArgs='' || die (In reply to Daniel Tröder from comment #9) > RUNNING 30univention-nagios-client.inst > 2017-08-08 05:15:44.940615494+02:00 (in joinscript_init) > File: /etc/nagios/nrpe.cfg > > [..] > > WARNING: cannot append cn=m90s4,cn=dc,cn=computers,dc=uni,dc=dtr to > assignedHosts, value exists > No modification: cn=UNIVENTION_JOINSTATUS,cn=nagios,dc=uni,dc=dtr > LDAP Error: Invalid DN syntax: invalid DN: cn=UNIVENTION_NSCD, > EXITCODE=3 > > > $NAGIOSCONTAINER definition from 26univention-nagios-common.inst is missing: > > 81865 jbroders univention-directory-manager nagios/service modify "$@" > --dn "cn=UNIVENTION_NSCD,$NAGIOSCONTAINER" --set > checkCommand="check_univention_nscd" --set checkArgs='' || die Thanks! r81879: Fix undefined variable Package: univention-nagios Version: 10.0.1-5A~4.2.0.201708080949 Branch: ucs_4.2-0-errata4.2-1 Scope: errata4.2-1 OK |