From b2b3d95222a650187bf7b04d74145fb75549b21c Mon Sep 17 00:00:00 2001 From: Christian Schwede Date: Thu, 1 Sep 2022 15:30:53 +0200 Subject: [PATCH] Do not change ownership recursive for Swift Changing ownership recursive was required when deployments upgraded from baremetal to containerized deployments. However, by now all deployments should be containerized, and running chown recursive against a large amount of data might timeout during upgrades. Additionally temporary files might disappear while running chown and chown exits with an error, breaking the update. Therefore removing the recursive option, and only set the ownership for the main and director subdirectores (which might include newly added disk mountpoints). In the rare circumstance where this might be still needed it is more safe to run this manually instead of breaking upgrades for everyone else. Closes-Bug: 1988441 Closes-Bug: 1988453 Change-Id: If59a3d4cf77a6995d60fc2db7f21739cac5f72aa (cherry picked from commit 52c95b1d15631aff22d9d9efd943144676b44f8b) --- deployment/swift/swift-storage-container-puppet.yaml | 6 ++++-- .../swift-do-not-chown-recursive-1086879873cd9fa6.yaml | 7 +++++++ 2 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 releasenotes/notes/swift-do-not-chown-recursive-1086879873cd9fa6.yaml diff --git a/deployment/swift/swift-storage-container-puppet.yaml b/deployment/swift/swift-storage-container-puppet.yaml index 474fdabf52..e7e4a5d088 100644 --- a/deployment/swift/swift-storage-container-puppet.yaml +++ b/deployment/swift/swift-storage-container-puppet.yaml @@ -330,12 +330,14 @@ outputs: step_3: # The puppet config sets this up but we don't have a way to mount the named # volume during the configuration stage. We just need to create this - # directory and make sure it's owned by swift. + # directory and make sure it's owned by swift, as well as all + # immediate subdirectories (which might be mountpoints for additional + # disks). swift_setup_srv: image: &swift_account_image {get_param: ContainerSwiftAccountImage} net: none user: root - command: ['chown', '-R', 'swift:', '/srv/node'] + command: ['find', '/srv/node', '-maxdepth', '1', '-type', 'd', '-exec', 'chown', 'swift:', '{}', ';'] volumes: - /srv/node:/srv/node:z environment: diff --git a/releasenotes/notes/swift-do-not-chown-recursive-1086879873cd9fa6.yaml b/releasenotes/notes/swift-do-not-chown-recursive-1086879873cd9fa6.yaml new file mode 100644 index 0000000000..9ace1727e1 --- /dev/null +++ b/releasenotes/notes/swift-do-not-chown-recursive-1086879873cd9fa6.yaml @@ -0,0 +1,7 @@ +--- +fixes: + - | + Do not change ownership recursive for Swift. This was required when + deployments upgraded from baremetal to containerized deployments. + However, by now all deployments should be containerized, and running chown + recursive against a large amount of data might timeout during upgrades.