tripleo

Bug #1803544
Comment #20

Comment 20 for bug 1803544

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-04-18: Related fix merged to tripleo-heat-templates (stable/stein)

#20

Reviewed: https://review.opendev.org/720588
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=cea234d40ef70a740421759771b97c5b20aac8d5
Submitter: Zuul
Branch: stable/stein

commit cea234d40ef70a740421759771b97c5b20aac8d5
Author: Michele Baldessari <email address hidden>
Date: Tue Nov 26 17:18:03 2019 +0100

Use '0' instead of root in container-puppet.py

    Even though the number of user lookups have been reduced from two to one
    via https://github.com/containers/libpod/pull/1978, we still see the
    following error from time to time:
    time="2019-11-22T19:19:33Z" level=debug msg="ExitCode msg: \"unable to find user root: no matching entries in passwd file\""
    time="2019-11-22T19:19:33Z" level=error msg="unable to find user root: no matching entries in passwd file"

    The TLDR; is that podman/docker, when passed a --user=<name> parameter,
    will parse the /etc/passwd file inside the container and detect the
    uid/gid to switch to. The problem seems to be that sometimes this
    /etc/passwd is either read as empty or non-existant when we try and
    parse it (the root-cause of which is the real underlying bug).

    Since it seems that root-causing this will take a rather large amount of
    time, we can just pass the UID directly which will not fail when
    the parsing code cannot find the specified user in /etc/passwd, as it
    simply uses the provided UID:
    https://github.com/containers/libpod/blob/master/vendor/github.com/opencontainers/runc/libcontainer/user/user.go#L333

    Tested this by running a reproducer on three machines for a total
    of ~800 runs and had 0 occurrences of this error. Previously I could
    reproduce this issue in about 30 to 60 runs at most.

Related rhbz: 1776766
Related-Bug: #1803544

NB: Cherry-pick not 100% clean

    Change-Id: Ia9860107c35e543a05775596076873ea950b7400
    (cherry picked from commit 393e96b5b9e8affd35b48fb45f0a75b253629074)
    (cherry picked from commit 871c1a30326c3c5b0e3703a0ab64deedc1ded5a6)

Reviewed:  https://review.opendev.org/720588
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=cea234d40ef70a740421759771b97c5b20aac8d5
Submitter: Zuul
Branch:    stable/stein

commit cea234d40ef70a740421759771b97c5b20aac8d5
Author: Michele Baldessari <michele@acksyn.org>
Date:   Tue Nov 26 17:18:03 2019 +0100

Use '0' instead of root in container-puppet.py
    
    Even though the number of user lookups have been reduced from two to one
    via https://github.com/containers/libpod/pull/1978, we still see the
    following error from time to time:
    time="2019-11-22T19:19:33Z" level=debug msg="ExitCode msg: \"unable to find user root: no matching entries in passwd file\""
    time="2019-11-22T19:19:33Z" level=error msg="unable to find user root: no matching entries in passwd file"
    
    The TLDR; is that podman/docker, when passed a --user=<name> parameter,
    will parse the /etc/passwd file inside the container and detect the
    uid/gid to switch to. The problem seems to be that sometimes this
    /etc/passwd is either read as empty or non-existant when we try and
    parse it (the root-cause of which is the real underlying bug).
    
    Since it seems that root-causing this will take a rather large amount of
    time, we can just pass the UID directly which will not fail when
    the parsing code cannot find the specified user in /etc/passwd, as it
    simply uses the provided UID:
    https://github.com/containers/libpod/blob/master/vendor/github.com/opencontainers/runc/libcontainer/user/user.go#L333
    
    Tested this by running a reproducer on three machines for a total
    of ~800 runs and had 0 occurrences of this error. Previously I could
    reproduce this issue in about 30 to 60 runs at most.
    
    Related rhbz: 1776766
    Related-Bug: #1803544
    
    NB: Cherry-pick not 100% clean
    
    Change-Id: Ia9860107c35e543a05775596076873ea950b7400
    (cherry picked from commit 393e96b5b9e8affd35b48fb45f0a75b253629074)
    (cherry picked from commit 871c1a30326c3c5b0e3703a0ab64deedc1ded5a6)