search

habitat-sh / habitat

Modern applications with built-in automation
https://www.habitat.sh
Apache License 2.0
2.61k stars 315 forks source link

within a studio, adding a user.toml does not change configuration of a service #4933

Closed bdangit closed 6 years ago

bdangit commented 6 years ago

While following the "Using a user.toml file" under Configuration updates, I was not successful to change the core/openssh port.

# mkdir -p /hab/user/openssh/config
# echo "port=4321" > /hab/user/openssh/config/user.toml
# hab svc start core/openssh
# hab pkg exec core/busybox-static netstat -tna | grep 4321
--- no results ----
# sup-logs
hab-sup(MR): Starting core/openssh
openssh.default(UCW): Watching user.toml
openssh.default(HK): Hooks compiled
openssh.default(SR): Initializing
openssh.default(SV): Starting service as user=root, group=root
openssh.default(HK): Hooks compiled
hab-sup(MR): Reloading service core/openssh
openssh.default(HK): Hooks compiled
openssh.default(HK): Hooks compiled

The logs show the hooks are compiled after "Reloading service core/openssh". The sshd_config does not appear to be changed.

# cat /hab/svc/openssh/config/sshd_config | grep Port
Port 2222
#GatewayPorts no
hab --version
hab 0.55.0/20180321220925
krnowak commented 6 years ago

It worked fine for me inside the studio… Does it happen to you every time?

Preparations:

[4][default:/src:2]# mkdir -p /hab/user/openssh/config
[7][default:/src:1]# echo port=4321 >/hab/user/openssh/config/user.toml
[9][default:/src:0]# hab svc start core/openssh
hab-sup(MN): Supervisor starting core/openssh. See the Supervisor output for more details.

My (truncated) output from supervisor:

hab-sup(MR): Starting core/openssh
openssh.default(UCW): Watching user.toml
openssh.default(HK): init, compiled to /hab/svc/openssh/hooks/init
openssh.default(HK): run, compiled to /hab/svc/openssh/hooks/run
openssh.default(HK): Hooks compiled
openssh.default(SR): Hooks recompiled
default(CF): Updated sshd_config c621844e3d5f921997a25ac46ae84551ec5b65bd1518c8b59b776a92e94c53e4
openssh.default(SR): Configuration recompiled
openssh.default(SR): Initializing
openssh.default hook[init]:(HK): Generating public/private dsa key pair.
openssh.default hook[init]:(HK): Your identification has been saved in /hab/svc/openssh/config/ssh_host_dsa_key.
openssh.default hook[init]:(HK): Your public key has been saved in /hab/svc/openssh/config/ssh_host_dsa_key.pub.
openssh.default hook[init]:(HK): The key fingerprint is:
openssh.default hook[init]:(HK): BLAH BLAH BLAH, DRAW SOME ASCII ART 4 TIMES
openssh.default(SV): Starting service as user=root, group=root

Output from netstat:

[15][default:/src:0]# hab pkg exec core/busybox-static netstat -tna | grep 4321
tcp        0      0 0.0.0.0:4321            0.0.0.0:*               LISTEN      
tcp        0      0 :::4321                 :::*                    LISTEN

And config:

[16][default:/src:0]# grep Port /hab/svc/openssh/config/sshd_config       
Port 4321
#GatewayPorts no
bdangit commented 6 years ago

On a fresh start, where /hab/svc/openssh does not exist, I am able to change the port using user.toml. So what you are seeing @krnowak, I am able to reproduce. However, when I change the port in user.toml to 4531 for example and start the service, the port does not change. It appears sshd_config file is not being updated.

hab-sup(MR): Starting core/openssh
openssh.default(UCW): Watching user.toml
openssh.default(HK): init, compiled to /hab/svc/openssh/hooks/init
openssh.default(HK): run, compiled to /hab/svc/openssh/hooks/run
openssh.default(HK): Hooks compiled
openssh.default(SR): Hooks recompiled
default(CF): Updated sshd_config c621844e3d5f921997a25ac46ae84551ec5b65bd1518c8b59b776a92e94c53e4
openssh.default(SR): Configuration recompiled
openssh.default(SR): Initializing
openssh.default hook[init]:(HK): Generating public/private dsa key pair.
openssh.default hook[init]:(HK): Your identification has been saved in /hab/svc/openssh/config/ssh_host_dsa_key.
openssh.default hook[init]:(HK): Your public key has been saved in /hab/svc/openssh/config/ssh_host_dsa_key.pub.
openssh.default hook[init]:(HK): The key fingerprint is:
openssh.default hook[init]:(HK): SHA256:XeoM6RxOG1AjhN0RVuLqvUbO0AiB0NNSaOz1Kka3crY root@localhost.localdomain
...
openssh.default(SV): Starting service as user=root, group=root
openssh.default(HK): Hooks compiled

// entered "hab svc stop core/openssh"
hab-launch(SV): Child for service 'openssh.default' with PID 20421 exited with code exit code: 0

// modified user.toml for port=4521 and then "hab svc start core/openssh"
hab-sup(MR): Starting core/openssh
openssh.default(UCW): Watching user.toml
openssh.default(HK): Hooks compiled
openssh.default(SR): Initializing
openssh.default(SV): Starting service as user=root, group=root
openssh.default(HK): Hooks compiled

Something that is not showing up, is a line like this default(CF): Updated sshd_config c621844e3d5f92... in the second time.

Atalanta commented 6 years ago

Could you please try this with a different plan? I agree that is unexpected behaviour, but I'd like to be confident that this is not a problem with the core/openssh plan.

bdangit commented 6 years ago

@Atalanta, thanks. I tried with another package core/fluentd. I brought up the fluentd service up as default. Added /hab/user/fluentd/config/user.toml with a different port number and hab-sup was able to force a new configuration change to fluentd's config file and thus resulted in changing the port number successfully. I then proceeded to modify the /hab/user/fluentd/config/user.toml for different ports and each time I was able to do this.

I then went back to core/openssh. There was no /hab/user/openssh/config folder at this time. I brought up the service with defaults. I then added /hab/user/openssh/config/user.toml with a different port number and the service changed ports. I then did this for a more rounds and each time I was successful.

Sounds like there may have been user error on my part.

bdangit commented 6 years ago

Lets close this as user error.

# hab term
# rm -rf /hab/svc
# rm -rf /hab/user
# rm -rf /hab/sup
# sup-run
# hab svc start core/openssh
# hab pkg exec core/busybox-static netstat -tna| grep 2222
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN
tcp        0      0 :::2222                 :::*                    LISTEN
# mkdir -p /hab/user/openssh/config
# vim /hab/user/openssh/config/user.toml
# hab pkg exec core/busybox-static netstat -tna | grep 5555
tcp        0      0 0.0.0.0:5555            0.0.0.0:*               LISTEN
tcp        0      0 :::5555                 :::*                    LISTEN
# vim /hab/user/openssh/config/user.toml
# hab pkg exec core/busybox-static netstat -tna | grep 6665
tcp        0      0 0.0.0.0:6665            0.0.0.0:*               LISTEN
tcp        0      0 :::6665                 :::*                    LISTEN

Success all around to modify configuration with user.toml method.