Automatic Service Restart when Service is Enabled (Debian)

[wieso-itzi]

Description

This change makes it so that the opensearch services are started after upgrades on Debian if they were enabled.
In addition I changed the syntax in the postinst scripts for the chown command from "chown user.group" to "chown user:group" (this changes nothing about the functionality but the former will produce warning messages -> "chown: warning: '.' should be ':'")

Issues Resolved

#3891

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[peterzhuamazon]

Taking a look.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 92.17%. Comparing base (b639507) to head (ed2d7e3).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #4530   +/-   ##
=======================================
  Coverage   92.17%   92.17%           
=======================================
  Files         192      192           
  Lines        6297     6297           
=======================================
  Hits         5804     5804           
  Misses        493      493           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[peterzhuamazon]

Test: Use 2.10.0 as base, generate 2.11.0 using this PR commits

1. Install 2.10.0, start no, enable no, upgrade 2.11.0 (expect restart no):

$ sudo dpkg -i opensearch-2.10.0-linux-x64.deb
Selecting previously unselected package opensearch.
(Reading database ... 265730 files and directories currently installed.)
Preparing to unpack opensearch-2.10.0-linux-x64.deb ...
Running OpenSearch Pre-Installation Script
Unpacking opensearch (2.10.0) ...
Setting up opensearch (2.10.0) ...
Running OpenSearch Post-Installation Script
### NOT starting on installation, please execute the following statements to configure opensearch service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable opensearch.service
### You can start opensearch service by executing
 sudo systemctl start opensearch.service
### Create opensearch demo certificates in /etc/opensearch/
 See demo certs creation log in /var/log/opensearch/install_demo_configuration.log
### Upcoming breaking change in packaging
 In a future release of OpenSearch, we plan to change the permissions associated with access to installed files
 If you are configuring tools that require read access to the OpenSearch configuration files, we recommend you add the user that runs these tools to the 'opensearch' group
 For more information, see https://github.com/opensearch-project/opensearch-build/pull/4043
Processing triggers for libc-bin (2.31-0ubuntu9.14) ...
Processing triggers for systemd (245.4-4ubuntu3.23) ...

......

 sudo dpkg -i opensearch-2.11.0-linux-x64.deb
(Reading database ... 267121 files and directories currently installed.)
Preparing to unpack opensearch-2.11.0-linux-x64.deb ...
Running OpenSearch Pre-Removal Script
Running OpenSearch Pre-Installation Script
Unpacking opensearch (2.11.0) over (2.10.0) ...
Setting up opensearch (2.11.0) ...
Installing new version of config file /etc/opensearch/opensearch-security/roles.yml ...
Running OpenSearch Post-Installation Script
1 and 2: configure and 2.10.0
### Upcoming breaking change in packaging
 In a future release of OpenSearch, we plan to change the permissions associated with access to installed files
 If you are configuring tools that require read access to the OpenSearch configuration files, we recommend you add the user that runs these tools to the 'opensearch' group
 For more information, see https://github.com/opensearch-project/opensearch-build/pull/4043
Processing triggers for libc-bin (2.31-0ubuntu9.14) ...
Processing triggers for systemd (245.4-4ubuntu3.23) ...

......

$ sudo systemctl status opensearch
● opensearch.service - OpenSearch
     Loaded: loaded (/lib/systemd/system/opensearch.service; disabled; vendor preset: enabled)
     Active: inactive (dead)
       Docs: https://opensearch.org/
``

[peterzhuamazon]

Test: Use 2.10.0 as base, generate 2.11.0 using this PR commits

2. Install 2.10.0, start no, enable yes, upgrade 2.11.0 (expect restart yes):

$ sudo dpkg -i opensearch-2.10.0-linux-x64.deb
Selecting previously unselected package opensearch.
(Reading database ... 265730 files and directories currently installed.)
Preparing to unpack opensearch-2.10.0-linux-x64.deb ...
Running OpenSearch Pre-Installation Script
Unpacking opensearch (2.10.0) ...
Setting up opensearch (2.10.0) ...
Running OpenSearch Post-Installation Script
### NOT starting on installation, please execute the following statements to configure opensearch service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable opensearch.service
### You can start opensearch service by executing
 sudo systemctl start opensearch.service
### Create opensearch demo certificates in /etc/opensearch/
 See demo certs creation log in /var/log/opensearch/install_demo_configuration.log
### Upcoming breaking change in packaging
 In a future release of OpenSearch, we plan to change the permissions associated with access to installed files
 If you are configuring tools that require read access to the OpenSearch configuration files, we recommend you add the user that runs these tools to the 'opensearch' group
 For more information, see https://github.com/opensearch-project/opensearch-build/pull/4043
Processing triggers for libc-bin (2.31-0ubuntu9.14) ...
Processing triggers for systemd (245.4-4ubuntu3.23) ...

......

$ sudo systemctl enable opensearch
Synchronizing state of opensearch.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable opensearch
Created symlink /etc/systemd/system/multi-user.target.wants/opensearch.service → /lib/systemd/system/opensearch.service.

......

$ sudo dpkg -i opensearch-2.11.0-linux-x64.deb
(Reading database ... 267121 files and directories currently installed.)
Preparing to unpack opensearch-2.11.0-linux-x64.deb ...
Running OpenSearch Pre-Removal Script
Running OpenSearch Pre-Installation Script
Unpacking opensearch (2.11.0) over (2.10.0) ...
Setting up opensearch (2.11.0) ...
Installing new version of config file /etc/opensearch/opensearch-security/roles.yml ...
Running OpenSearch Post-Installation Script
1 and 2: configure and 2.10.0
Restarting opensearch.service after upgrade
### Upcoming breaking change in packaging
 In a future release of OpenSearch, we plan to change the permissions associated with access to installed files
 If you are configuring tools that require read access to the OpenSearch configuration files, we recommend you add the user that runs these tools to the 'opensearch' group
 For more information, see https://github.com/opensearch-project/opensearch-build/pull/4043
Processing triggers for libc-bin (2.31-0ubuntu9.14) ...
Processing triggers for systemd (245.4-4ubuntu3.23) ...

......

$ sudo systemctl status opensearch
● opensearch.service - OpenSearch
     Loaded: loaded (/lib/systemd/system/opensearch.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-03-13 19:44:55 UTC; 46s ago
       Docs: https://opensearch.org/
   Main PID: 14271 (java)
      Tasks: 91 (limit: 18611)
     Memory: 1.3G
     CGroup: /system.slice/opensearch.service
             └─14271 /usr/share/opensearch/jdk/bin/java -Xshare:auto -Dopensearch.networkaddress.cache.ttl=60 -Dopensearch.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -XX:-OmitStackTraceInFastThrow -XX:+ShowCodeDetailsInException>

Mar 13 19:44:39 ip-172-31-11-175 systemd[1]: Starting OpenSearch...
Mar 13 19:44:41 ip-172-31-11-175 systemd-entrypoint[14271]: WARNING: A terminally deprecated method in java.lang.System has been called
Mar 13 19:44:41 ip-172-31-11-175 systemd-entrypoint[14271]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/opensearch/lib/opensearch-2.11.0.jar)
Mar 13 19:44:41 ip-172-31-11-175 systemd-entrypoint[14271]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
Mar 13 19:44:41 ip-172-31-11-175 systemd-entrypoint[14271]: WARNING: System::setSecurityManager will be removed in a future release
Mar 13 19:44:42 ip-172-31-11-175 systemd-entrypoint[14271]: WARNING: A terminally deprecated method in java.lang.System has been called
Mar 13 19:44:42 ip-172-31-11-175 systemd-entrypoint[14271]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/share/opensearch/lib/opensearch-2.11.0.jar)
Mar 13 19:44:42 ip-172-31-11-175 systemd-entrypoint[14271]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
Mar 13 19:44:42 ip-172-31-11-175 systemd-entrypoint[14271]: WARNING: System::setSecurityManager will be removed in a future release
Mar 13 19:44:55 ip-172-31-11-175 systemd[1]: Started OpenSearch.

[peterzhuamazon]

Test: Use 2.10.0 as base, generate 2.11.0 using this PR commits

3. Install 2.10.0, start yes, enable yes, upgrade 2.11.0 (expect restart yes):

$ sudo dpkg -i opensearch-2.10.0-linux-x64.deb
Selecting previously unselected package opensearch.
(Reading database ... 265730 files and directories currently installed.)
Preparing to unpack opensearch-2.10.0-linux-x64.deb ...
Running OpenSearch Pre-Installation Script
Unpacking opensearch (2.10.0) ...
Setting up opensearch (2.10.0) ...
Running OpenSearch Post-Installation Script
### NOT starting on installation, please execute the following statements to configure opensearch service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable opensearch.service
### You can start opensearch service by executing
 sudo systemctl start opensearch.service
### Create opensearch demo certificates in /etc/opensearch/
 See demo certs creation log in /var/log/opensearch/install_demo_configuration.log
### Upcoming breaking change in packaging
 In a future release of OpenSearch, we plan to change the permissions associated with access to installed files
 If you are configuring tools that require read access to the OpenSearch configuration files, we recommend you add the user that runs these tools to the 'opensearch' group
 For more information, see https://github.com/opensearch-project/opensearch-build/pull/4043
Processing triggers for libc-bin (2.31-0ubuntu9.14) ...
Processing triggers for systemd (245.4-4ubuntu3.23) ...

......

$ sudo systemctl start opensearch

......

$ sudo dpkg -i opensearch-2.11.0-linux-x64.deb
(Reading database ... 267121 files and directories currently installed.)
Preparing to unpack opensearch-2.11.0-linux-x64.deb ...
Running OpenSearch Pre-Removal Script
Stop existing opensearch.service
Running OpenSearch Pre-Installation Script
Unpacking opensearch (2.11.0) over (2.10.0) ...
Setting up opensearch (2.11.0) ...
Installing new version of config file /etc/opensearch/opensearch-security/roles.yml ...
Running OpenSearch Post-Installation Script
1 and 2: configure and 2.10.0
Restarting opensearch.service after upgrade
### Upcoming breaking change in packaging
 In a future release of OpenSearch, we plan to change the permissions associated with access to installed files
 If you are configuring tools that require read access to the OpenSearch configuration files, we recommend you add the user that runs these tools to the 'opensearch' group
 For more information, see https://github.com/opensearch-project/opensearch-build/pull/4043
Processing triggers for libc-bin (2.31-0ubuntu9.14) ...
Processing triggers for systemd (245.4-4ubuntu3.23) ...

......

$ sudo systemctl status opensearch
● opensearch.service - OpenSearch
     Loaded: loaded (/lib/systemd/system/opensearch.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-03-13 20:20:31 UTC; 19s ago
       Docs: https://opensearch.org/
   Main PID: 2978 (java)
      Tasks: 87 (limit: 18611)
     Memory: 1.3G
     CGroup: /system.slice/opensearch.service
             └─2978 /usr/share/opensearch/jdk/bin/java -Xshare:auto -Dopensearch.networkaddress.cache.ttl=60 -Dopensearch.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -XX:-OmitStackTraceInFastThrow -XX:+ShowCodeDetailsInExceptionM>

Mar 13 20:20:19 ip-172-31-11-175 systemd[1]: Starting OpenSearch...
Mar 13 20:20:21 ip-172-31-11-175 systemd-entrypoint[2978]: WARNING: A terminally deprecated method in java.lang.System has been called
Mar 13 20:20:21 ip-172-31-11-175 systemd-entrypoint[2978]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/opensearch/lib/opensearch-2.11.0.jar)
Mar 13 20:20:21 ip-172-31-11-175 systemd-entrypoint[2978]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
Mar 13 20:20:21 ip-172-31-11-175 systemd-entrypoint[2978]: WARNING: System::setSecurityManager will be removed in a future release
Mar 13 20:20:22 ip-172-31-11-175 systemd-entrypoint[2978]: WARNING: A terminally deprecated method in java.lang.System has been called
Mar 13 20:20:22 ip-172-31-11-175 systemd-entrypoint[2978]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/share/opensearch/lib/opensearch-2.11.0.jar)
Mar 13 20:20:22 ip-172-31-11-175 systemd-entrypoint[2978]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
Mar 13 20:20:22 ip-172-31-11-175 systemd-entrypoint[2978]: WARNING: System::setSecurityManager will be removed in a future release
Mar 13 20:20:31 ip-172-31-11-175 systemd[1]: Started OpenSearch.

[peterzhuamazon]

Additional test: install 2.11.0 with this PR commit from scratch, no prior installation, expect no changes.

$ sudo dpkg -i opensearch-2.11.0-linux-x64-rev1.deb
Selecting previously unselected package opensearch.
(Reading database ... 265730 files and directories currently installed.)
Preparing to unpack opensearch-2.11.0-linux-x64-rev1.deb ...
Running OpenSearch Pre-Installation Script
Unpacking opensearch (2.11.0) ...
Setting up opensearch (2.11.0) ...
Running OpenSearch Post-Installation Script
1 and 2: configure and
### NOT starting on installation, please execute the following statements to configure opensearch service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable opensearch.service
### You can start opensearch service by executing
 sudo systemctl start opensearch.service
### Create opensearch demo certificates in /etc/opensearch/
 See demo certs creation log in /var/log/opensearch/install_demo_configuration.log
### Upcoming breaking change in packaging
 In a future release of OpenSearch, we plan to change the permissions associated with access to installed files
 If you are configuring tools that require read access to the OpenSearch configuration files, we recommend you add the user that runs these tools to the 'opensearch' group
 For more information, see https://github.com/opensearch-project/opensearch-build/pull/4043
Processing triggers for libc-bin (2.31-0ubuntu9.14) ...
Processing triggers for systemd (245.4-4ubuntu3.23) ...

[peterzhuamazon]

Hi @wieso-itzi ,

Thanks very much for the contribution.
I have tested the change with some local builds and works well.

Please check the comments I send here.
Let me know your opinions on those.

Thanks.

[peterzhuamazon]

Can we change this line to:
if [ "$1" = "configure" ] && [ -n "$2" ]; then

1. [ foo = bar ] is POSIX correct. [ foo == bar ] is a bashism and should be avoided.
2. -n True if the length of string is nonzero, so it should be better than just check [ "$2" != "" ].

[wieso-itzi]

The change to posix compliance and the usage of "-n" looks good to me, thanks

[peterzhuamazon]

Great. @wieso-itzi if you commit above changes for both opensearch and opensearch-dashboards, I will approve this PR right after.

Thanks.

[smortex]

If the unit is enabled but not running, we don't want the upgrade to start it.
If the unit is disabled but the service is running, we want the upgrade to restart it.

Suggested change

	if command -v systemctl >/dev/null && systemctl is-enabled opensearch-dashboards.service >/dev/null; then
	if command -v systemctl >/dev/null && systemctl is-active opensearch-dashboards.service >/dev/null; then

Same for the other services.

[smortex]

Ah, the prerm script stop the service, so this would never work. What a mess 😒 … My vote would be to NOT stop the services at the prerm stage, and systemctl try-restart opensearch-dashboards.service in the postinst stage.

[wieso-itzi]

Hi,

@peterzhuamazon what are your thoughts on this? Technically I could implement it 2 ways:

1. Don't stop the service in prerm and preinst, when the command line arguments to those scripts show the package is being upgraded, then check if the service is active (or maybe both active and enabled) in postinst and restart it.
2. Stop the service in prerm/preinst but create a file (e. g. /tmp/opensearch-upgrade-flag), when the command line arguments show the package is being upgraded, then in postinst check if the file exists and only start the service if the file exists (and maybe additionally if the service is enabled).

Keep in mind, that if this is implemented, testing will either require to create 2 new package versions with the updated maintainer scripts or to replace /var/lib/dpkg/info/opensearch.prerm with the updated version before an upgrade is attempted.

Thanks

[peterzhuamazon]

If we dont stop the service in prerm, then it will result in a case where service is already started but necessary files get deleted, which might even cause corrupt indices in data.

If option 2, what is the way to decide if that is a upgrade? Or just removal? The problem with this approach is, if someone issue a removal of version 1, then later they just want to install version 2 from scratch, this /tmp file will treat install from scratch as upgrade.

[peterzhuamazon]

Adding @bbarani @prudhvigodithi into discussion on this.

[wieso-itzi]

If we dont stop the service in prerm, then it will result in a case where service is already started but necessary files get deleted, which might even cause corrupt indices in data.

If option 2, what is the way to decide if that is a upgrade? Or just removal? The problem with this approach is, if someone issue a removal of version 1, then later they just want to install version 2 from scratch, this /tmp file will treat install from scratch as upgrade.

The way to differentiate between an upgrade or removal in prerm is to check the passed command line arguments. If a package is removed the first command line argument is "remove", if a package is upgraded it is "upgrade". The tmp-file itself would be removed in postinst immediately after starting the service (if the file existed).

[smortex]

If we dont stop the service in prerm, then it will result in a case where service is already started but necessary files get deleted, which might even cause corrupt indices in data.

Ah! Not a good idea then.

The concept of a "flag file" (option 2) seems really fragile indeed.

Nothing is fine, everything is terrible 😨

[wieso-itzi]

Ok, then under these circumstances I'm afraid I don't know about a way to implement the functionality for a restart if the service was active before upgrading.

[bbarani]

@smortex what would be your ideal solution to this problem? Can you elaborate so we can look for optimal solution?

[smortex]

I don't think there is a solution to this problem: Debian manage service a certain way, has all the tooling to make this straightforward, but we want a different behavior and it is a pain.

The current code that check if the service is enabled and stop / start it if so does not really make sense but is probably the least-worse that can be done.

[wieso-itzi]

Hi @peterzhuamazon ,

I've now made the 2 changes in the if-statements that check whether postinst is run on an upgrade for both opensearch and opensearch-dashboards. Before merging this please consider the changes @smortex proposed and whether this may be the more preferred behaviour.

Thanks

[peterzhuamazon]

Hi,

I have some discussion about this with my team members, and from my point of view I still think the current implementation with enabled is a good approach, without breaking the existing stop on prerm implementation.

However, I do see arguments to support is-active instead of is-enabled. I will post the pros and cons in the next comment and send to public slack for more discussion.

Thanks.

[peterzhuamazon]

Two approaches on restart service during an upgrade:

• Restart based on is-enabled status on systemd
  • Pros:
    • User has the ability to disable/enable service to decide whether they want a service restart automatically on upgrade
    • If service enabled, the service will be restarted anyway during a reboot
    • If user does not want this behavior means they also want manual control of the service
    • Easy to implement and maintain on the pre/post scripts
  • Cons:
    • Case not covered:
      • User want service to be restarted on reboot, not on upgrade
• Restart based on is-active status on systemd
  • Pros:
    • The restart on upgrade only happens when service is-active, has nothing to do with is-enabled status
    • If previously the service is stopped, then restart wont happen during an upgrade, vise versa.
  • Cons:
    • Have to remove systemctl stop from prerm, which might lead to data corruption / non-graceful shutdown of a active cluster
    • Not easy to check if a package is being removed for uninstallation, or for upgrade
    • Complicated pre/post scripts changes
    • User does not have an easy toggle to decide whether they want this behavior or not

Thanks.

[peterzhuamazon]

There will be conflicts as I am merging some other deb/rpm changes.
Will rebase and help resolve this conflict soon.

[peterzhuamazon]

I restore the : in chown to . just to keep consistent with all other changes.
Will probably change all of them in a later PR if needed 😄

If there is no other suggestions, I think we can stay on this solution and get it merged next week. cc: @bbarani

[smortex]

LGTM

[peterzhuamazon]

Thanks @wieso-itzi for the contribution here!
And thanks @smortex for the suggestion and reviews.

I will follow up with the same changes to RPM, and also the updated msgs and release notes later. Thanks!

[bbarani]

Thanks all for your collaboration and feedback!