mitchell852
commented
4 years ago @rob05c - does the new atstccfg fix this?
Open SaravanakumarSivasankaran opened 5 years ago
mitchell852
commented
4 years ago @rob05c - does the new atstccfg fix this?
mitchell852
commented
2 years ago @rob05c - t3c does not cleanup on ds deletion, right? would you consider this to be a large effort to support and what is the impact of not doing this cleanup in your opinion?
rob05c
commented
2 years ago Correct: t3c never deletes files. Operators can and do have config files that aren't managed by t3c. So in order to delete old files, t3c would have to track which files it creates, to know that it "owns" them. Right now, it doesn't do that.
I'd say it's a medium-to-large effort to add that tracking. But we do want to do it, for this and other reasons. It just hasn't been a priority.
IMO the impact is small. It's just a little wasted space, and operators can easily delete the files manually or via a management system like Ansible or Puppet.
rob05c
commented
2 years ago @rob05c - does the new atstccfg fix this?
Sorry, I missed this. The answer is no, neither atstccfg nor t3c do this. The ATC cache config generation fundamentally doesn't track a list of files it previously created, and therefore isn't capable of knowing which files to delete.
Deleted https deliveryservice SSL key and certificate files still there in edge cache-servers in the following location "/opt/trafficserver/etc/trafficserver/ssl". Checked ORT script, I did not see functionality to clean it. Is deleted deliverservice SSL keys & certs and other such config cleanup is intentionally not handled in ORT or trafficserver code?