From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 665FBB1CE for ; Thu, 29 Jun 2023 16:00:10 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 4F40D19432 for ; Thu, 29 Jun 2023 15:59:40 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Thu, 29 Jun 2023 15:59:39 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 4443741EA1 for ; Thu, 29 Jun 2023 15:59:39 +0200 (CEST) From: Fiona Ebner To: pve-devel@lists.proxmox.com Date: Thu, 29 Jun 2023 15:59:35 +0200 Message-Id: <20230629135935.62588-3-f.ebner@proxmox.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230629135935.62588-1-f.ebner@proxmox.com> References: <20230629135935.62588-1-f.ebner@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.046 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pve-devel] [RFC manager] pveproxy service: specify wait time for pvecm updatecerts command X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Jun 2023 14:00:10 -0000 When starting a node that's part of a cluster, there is a time window between the start of pve-cluster.service and when quorum is reached (from the node's perspective). pveproxy.service is ordered after pve-cluster.service, but that does not prevent the ExecStartPre hook from being executed before the node is part of the quorate partition. The pvecm updatecerts command won't do anything without quorum. In particular, it might happen that the base directories for observed files will not get created during/after the upgrade from Proxmox VE 7 to 8 (reported in the community forum [0] and reproduced right away in a virtual test cluster). To increase the chances for successful execution of the hook during startup, wait for up to 5 seconds for quorum. [0]: https://forum.proxmox.com/threads/129644/ Signed-off-by: Fiona Ebner --- Dependency bump for libpve-cluster-api-perl needed. services/pveproxy.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/pveproxy.service b/services/pveproxy.service index 51038785..7575faee 100644 --- a/services/pveproxy.service +++ b/services/pveproxy.service @@ -11,7 +11,7 @@ After=pvedaemon.service After=ssh.service [Service] -ExecStartPre=-/usr/bin/pvecm updatecerts --silent +ExecStartPre=-/usr/bin/pvecm updatecerts --silent --quorum-wait-seconds 5 ExecStart=/usr/bin/pveproxy start ExecStop=/usr/bin/pveproxy stop ExecReload=/usr/bin/pveproxy restart -- 2.39.2