[SRU] Loadbalacer stuck in status PENDING_DELETE if TLS storage unavailable in cascade deletion

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/octavia/+/926564

Reviewed: https://review.opendev.org/c/openstack/octavia/+/926564
Committed: https://opendev.org/openstack/octavia/commit/ec9a50599012b99deaf8bb26683fedcd381db1a6
Submitter: "Zuul (22348)"
Branch: master

commit ec9a50599012b99deaf8bb26683fedcd381db1a6
Author: Evgeniy Bykov <email address hidden>
Date: Mon Aug 19 20:20:38 2024 +0300

    Fix loadbalancer stuck in cascade delete

    - Fix loadbalancer stuck in PENDING_DELETE in cascade delete
    with TERMINATED_HTTPS listener if TLS storage not available

    Closes-Bug: #2077348
    Change-Id: Iae2b075de5412bb183db6a21f7f8376801853e00
    Signed-off-by: Evgeniy Bykov <email address hidden>

Fix proposed to branch: stable/2023.1
Review: https://review.opendev.org/c/openstack/octavia/+/928322

Fix proposed to branch: stable/2023.2
Review: https://review.opendev.org/c/openstack/octavia/+/928323

Fix proposed to branch: stable/2024.1
Review: https://review.opendev.org/c/openstack/octavia/+/928324

This issue was fixed in the openstack/octavia 15.0.0.0rc1 release candidate.

Reviewed: https://review.opendev.org/c/openstack/octavia/+/928322
Committed: https://opendev.org/openstack/octavia/commit/97603dde566364c63e381c9bb557e8a430656dbc
Submitter: "Zuul (22348)"
Branch: stable/2023.1

commit 97603dde566364c63e381c9bb557e8a430656dbc
Author: Evgeniy Bykov <email address hidden>
Date: Mon Aug 19 20:20:38 2024 +0300

    Fix loadbalancer stuck in cascade delete

    - Fix loadbalancer stuck in PENDING_DELETE in cascade delete
    with TERMINATED_HTTPS listener if TLS storage not available

    Closes-Bug: #2077348
    Change-Id: Iae2b075de5412bb183db6a21f7f8376801853e00
    Signed-off-by: Evgeniy Bykov <email address hidden>
    (cherry picked from commit ec9a50599012b99deaf8bb26683fedcd381db1a6)

Reviewed: https://review.opendev.org/c/openstack/octavia/+/928324
Committed: https://opendev.org/openstack/octavia/commit/3af5401b81d7132af7939b64e7ef865629a47aad
Submitter: "Zuul (22348)"
Branch: stable/2024.1

commit 3af5401b81d7132af7939b64e7ef865629a47aad
Author: Evgeniy Bykov <email address hidden>
Date: Mon Aug 19 20:20:38 2024 +0300

    Fix loadbalancer stuck in cascade delete

    - Fix loadbalancer stuck in PENDING_DELETE in cascade delete
    with TERMINATED_HTTPS listener if TLS storage not available

    Closes-Bug: #2077348
    Change-Id: Iae2b075de5412bb183db6a21f7f8376801853e00
    Signed-off-by: Evgeniy Bykov <email address hidden>
    (cherry picked from commit ec9a50599012b99deaf8bb26683fedcd381db1a6)

Reviewed: https://review.opendev.org/c/openstack/octavia/+/928323
Committed: https://opendev.org/openstack/octavia/commit/09ea1e991a9acddece7cca0c9d1ef6c6a69be37b
Submitter: "Zuul (22348)"
Branch: stable/2023.2

commit 09ea1e991a9acddece7cca0c9d1ef6c6a69be37b
Author: Evgeniy Bykov <email address hidden>
Date: Mon Aug 19 20:20:38 2024 +0300

    Fix loadbalancer stuck in cascade delete

    - Fix loadbalancer stuck in PENDING_DELETE in cascade delete
    with TERMINATED_HTTPS listener if TLS storage not available

    Closes-Bug: #2077348
    Change-Id: Iae2b075de5412bb183db6a21f7f8376801853e00
    Signed-off-by: Evgeniy Bykov <email address hidden>
    (cherry picked from commit ec9a50599012b99deaf8bb26683fedcd381db1a6)

This issue was fixed in the openstack/octavia 2023.1-eom release.

The fix is alread in plucky and oraclular and dalmatian and epoxy (15.0.0)
$ git tag --contains ec9a50599012b99deaf8bb26683fedcd381db1a6
15.0.0
15.0.0.0rc1

There are some code conflicts when backporting to focal-ussuri - https://paste.ubuntu.com/p/yY9bk3QHjR/

bobcat has eol in Jul 2024

@zhuabj Bobcat UCA support has been extended until April 2025 [1] can you please provide a debdiff for that one too?

[1] https://ubuntu.com/openstack/docs/supported-versions

This has been uploaded to Jammy, Noble, ca:antelope, ca:bobcat.

The sources are available in the following git repo:

https://code.launchpad.net/~mruffell/ubuntu/+source/octavia/+git/octavia

Under the following branches:
stable/2023.1
stable/2023.2
stable/2024.1
stable/yoga

With the following tags:

debian/1%12.0.0-0ubuntu1.1_cloud1
debian/1%13.0.0-0ubuntu1_cloud2
debian/1%14.0.0-0ubuntu1.3
debian/1%10.1.1-0ubuntu1.2

Joshua,

Some notes about your debdiffs:

- each patch has a trailing whitespace at the start of empty lines, and I had
to remove them all. Your text editor is configured wrong, and you need to adjust
it. The git diff should have no red spaces anywhere.
- I usually like naming the patch lp<number>-<git subject>, e.g. lp2077348-fix-loadbalancer-stuck-in-cascade-delete.patch. For multiple patches I usually like
lp2077348-1-fix-blah.patch, lp2077348-2-fix-blah.patch etc.
- The debian changelog needs to have an actual description in it. Simply having
the patch name is not enough. I usually like the format of:

* Description, a few sentences. (LP: #BUG)
  - d/p/patch1
  - d/p/patch2.

For example, the final one I used was:

  * Fix loadbalancer stuck in PENDING_DELETE in cascade delete
    with TERMINATED_HTTPS listener if TLS storage not available.
    (LP: #2077348)
    - d/p/lp2077348-fix-loadbalancer-stuck-in-cascade-delete.patch

- You can use raw git diffs in the patch, but I usually like making them seem
like they are properly dep3 tagged. An example of what I did is here:

https://git.launchpad.net/~mruffell/ubuntu/+source/octavia/tree/debian/patches/lp2077348-fix-loadbalancer-stuck-in-cascade-delete.patch?h=stable/2024.1

See how I moved the dep3 tags to the bottom, used the git description as the
Subject Line, spaced 1 whitespace in, and made it a little neater.

Your SRU template is okay, but you really need to consider adding to the
"Where problems could occur" section. You need to consider the impact to users
when / if a regression were to occur, and what workarounds a user might use.

Matthew, thanks for your feedback.

Hello Evgeniy, or anyone else affected,

Accepted octavia into noble-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/octavia/1:14.0.0-0ubuntu1.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-noble to verification-done-noble. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-noble. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Evgeniy, or anyone else affected,

Accepted octavia into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/octavia/1:10.1.1-0ubuntu1.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

verified jammy https://paste.ubuntu.com/p/cWjF7vGY5g/ sucessfully - https://paste.ubuntu.com/p/cWjF7vGY5g/

Hello Evgeniy, or anyone else affected,

Accepted octavia into caracal-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:caracal-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-caracal-needed to verification-caracal-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-caracal-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Evgeniy, or anyone else affected,

Accepted octavia into bobcat-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:bobcat-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-bobcat-needed to verification-bobcat-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-bobcat-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Evgeniy, or anyone else affected,

Accepted octavia into antelope-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:antelope-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-antelope-needed to verification-antelope-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-antelope-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Evgeniy, or anyone else affected,

Accepted octavia into yoga-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:yoga-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-yoga-needed to verification-yoga-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-yoga-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

I don't think Zed will impact the upgrade because 1) this issue only occurs when deleting a LB with cascade and ssl mode during upgrade period 2) even if this issue does occur, it can be resolved automatically upon upgrading from Zed to antelope. Considering that Zed has been EOL, I will mark Zed as "won't fix".

verified caracal successfully - https://paste.ubuntu.com/p/c5z2xT3Mwr/

verified bobcat sucessfully - https://paste.ubuntu.com/p/hMVvxbkffS/

verified antelope sucessfully - https://paste.ubuntu.com/p/RSxKmJ2VqW/

verified noble sucessfullly - https://paste.ubuntu.com/p/wMFNzFxTQw/

verified yoga successfully - https://paste.ubuntu.com/p/BvNNfYjSMy/

The verification of the Stable Release Update for octavia has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package octavia - 1:14.0.0-0ubuntu1.3

---------------
octavia (1:14.0.0-0ubuntu1.3) noble; urgency=medium

  * Fix loadbalancer stuck in PENDING_DELETE in cascade delete
    with TERMINATED_HTTPS listener if TLS storage not available.
    (LP: #2077348)
    - d/p/lp2077348-fix-loadbalancer-stuck-in-cascade-delete.patch

 -- Zhang Hua <email address hidden> Tue, 18 Mar 2025 14:47:15 +1300

This bug was fixed in the package octavia - 1:10.1.1-0ubuntu1.2

---------------
octavia (1:10.1.1-0ubuntu1.2) jammy; urgency=medium

  * Fix loadbalancer stuck in PENDING_DELETE in cascade delete
    with TERMINATED_HTTPS listener if TLS storage not available.
    (LP: #2077348)
    - d/p/lp2077348-fix-loadbalancer-stuck-in-cascade-delete.patch

 -- Zhang Hua <email address hidden> Tue, 18 Mar 2025 14:52:52 +1300

The verification of the Stable Release Update for octavia has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package octavia - 1:14.0.0-0ubuntu1.3~cloud0
---------------

 octavia (1:14.0.0-0ubuntu1.3~cloud0) jammy-caracal; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 octavia (1:14.0.0-0ubuntu1.3) noble; urgency=medium
 .
   * Fix loadbalancer stuck in PENDING_DELETE in cascade delete
     with TERMINATED_HTTPS listener if TLS storage not available.
     (LP: #2077348)
     - d/p/lp2077348-fix-loadbalancer-stuck-in-cascade-delete.patch

The verification of the Stable Release Update for octavia has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package octavia - 1:13.0.0-0ubuntu1~cloud2
---------------

 octavia (1:13.0.0-0ubuntu1~cloud2) jammy-bobcat; urgency=medium
 .
   * Fix loadbalancer stuck in PENDING_DELETE in cascade delete
     with TERMINATED_HTTPS listener if TLS storage not available.
     (LP: #2077348)
     - d/p/lp2077348-fix-loadbalancer-stuck-in-cascade-delete.patch

The verification of the Stable Release Update for octavia has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package octavia - 1:12.0.0-0ubuntu1.1~cloud1
---------------

 octavia (1:12.0.0-0ubuntu1.1~cloud1) jammy-antelope; urgency=medium
 .
   * Fix loadbalancer stuck in PENDING_DELETE in cascade delete
     with TERMINATED_HTTPS listener if TLS storage not available.
     (LP: #2077348)
     - d/p/lp2077348-fix-loadbalancer-stuck-in-cascade-delete.patch

The verification of the Stable Release Update for octavia has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package octavia - 1:10.1.1-0ubuntu1.2~cloud0
---------------

 octavia (1:10.1.1-0ubuntu1.2~cloud0) focal-yoga; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 octavia (1:10.1.1-0ubuntu1.2) jammy; urgency=medium
 .
   * Fix loadbalancer stuck in PENDING_DELETE in cascade delete
     with TERMINATED_HTTPS listener if TLS storage not available.
     (LP: #2077348)
     - d/p/lp2077348-fix-loadbalancer-stuck-in-cascade-delete.patch

This issue was fixed in the openstack/octavia 14.0.1 Caracal release.

This issue was fixed in the openstack/octavia 13.0.1 Bobcat release.