Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

When running under systemd, send ready when server completed reloading config #7028 #15041

Merged
merged 2 commits into from
May 3, 2022

Conversation

archaron
Copy link
Contributor

Server must call SdNotifyReady when it completed reloading. Otherwise systemd gets timeout after vault service reload as mentioned in #7028.

@hashicorp-cla
Copy link

hashicorp-cla commented Apr 14, 2022

CLA assistant check
All committers have signed the CLA.

@jdoss
Copy link

jdoss commented May 3, 2022

This does work with reload but for some reason reload-or-restart does not work:

# systemctl status step-renew-cert@vault.service
× step-renew-cert@vault.service - Renew smallstep TLS cert and reload the service for vault
     Loaded: loaded (/etc/systemd/system/step-renew-cert@.service; disabled; vendor preset: disabled)
     Active: failed (Result: exit-code) since Tue 2022-05-03 00:15:51 CDT; 1min 40s ago
    Process: 966501 ExecStartPre=step ca root /etc/vault/tls/vault-ca.crt --force (code=exited, status=0/SUCCESS)
    Process: 966545 ExecStartPre=chown vault:vault /etc/vault/tls/vault-ca.crt (code=exited, status=0/SUCCESS)
    Process: 966547 ExecStart=step ca renew /etc/vault/tls/vault.crt /etc/vault/tls/vault.key --force (code=exited, status=0/SUCCESS)
    Process: 966602 ExecStartPost=chown vault:vault /etc/vault/tls/vault.crt /etc/vault/tls/vault.key (code=exited, status=0/SUCCESS)
    Process: 966604 ExecStartPost=systemctl reload-or-restart vault.service (code=exited, status=1/FAILURE)
   Main PID: 966547 (code=exited, status=0/SUCCESS)
        CPU: 105ms

@jdoss
Copy link

jdoss commented May 3, 2022

Nevermind! I guess sd_notify doesn't support reload-or-restart. https://www.freedesktop.org/software/systemd/man/sd_notify.html

@ncabatoff
Copy link
Collaborator

Fixes #15221.

@ncabatoff ncabatoff merged commit 6c8da2b into hashicorp:main May 3, 2022
@ncabatoff
Copy link
Collaborator

Thanks @archaron !

ncabatoff added a commit that referenced this pull request May 3, 2022
…g config #7028 (#15041) (#15269)

Co-authored-by: Alexander Tischenko <tsm@archaron.ru>
ncabatoff added a commit that referenced this pull request May 5, 2022
…g config #7028 (#15041) (#15267)

Co-authored-by: Alexander Tischenko <tsm@archaron.ru>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants