Comments (8)
Can work on this as a later update. We have a very custom packer json file so not a huge deal at this point. We can either close the issue or leave it for documentation/future enhancement.
COULD be the specific version of CentOS or something else. We do a CIS Hardened image with quite a few customizations to really lock down our OS's... could be something in there (wouldn't figure but who knows).
from terraform-aws-consul.
I'm a bit confused. install-consul
should only be run as part of the base install: e.g., in a Packer template that creates the AMI.
Are you using the script at runtime?
from terraform-aws-consul.
It's run as part of the base install - NOT at runtime. BUT because yum update sometimes restarts services (e.g. systemd/etc), it disconnects packer terminating the script BEFORE it gets to installing Consul and similar. As such, such updates should NOT be part of an application install but part of standard builds for AMI's - doing a yum update -y is out of scope of what consul should be doing as part of it's install.
from terraform-aws-consul.
Not sure I agree. It seems important to call update
to ensure we get the latest version of, for example, the AWS CLI. If yum install
works, I don't see any reason yum update
would fail...
from terraform-aws-consul.
yum update itself doesn't fail. However, yum update can restart SSHD. Which disconnects packer. Which causes the REST of the install to fail. Even with expects_disconnect set to true, packer sees this, then immediately says "Oh I'm done" and stops the instance and creates an AMI. This results in an AMI without consul installed. We finally traced it back to the yum update causing this as a patch updated some configuration (e.g. selinux)
from terraform-aws-consul.
Oh, interesting. I've never seen yum update
force sshd to restart, but I suppose it's possible. Perhaps we could add a flag to make the update
step optional? Or is there some flag to skip service restart?
from terraform-aws-consul.
Our fix was to move it to the consul.json packer script. IF you do this as a one step, then next step is the install. That way you can add "expect_disconnect" flag, as well as put a delay for any other updates to finish processing. Note, not an array item but a separate installer block. If you want, we can do a PR For that :)
from terraform-aws-consul.
Hm, that's quite a nasty workaround just to run yum update
! We use yum update
often and have never seen this. This must be unique to CentOS / SELinux, which we haven't officially supported/tested with these modules yet.
If there's no other way from preventing yum update
from restarting services, then your workaround sounds like the best bet. That said, I'm a bit concerned that this breaks backwards compatibility, so a flag to disable update
in the script itself may be a safer route.
from terraform-aws-consul.
Related Issues (20)
- Default Region Configuration Breaks Tests HOT 2
- [setup-systemd-resolved] Installing dependencies apt-get: command not found HOT 1
- Intermittent test failure
- Could not find consul command. Aborting. HOT 6
- Consul cluster on spot instances HOT 1
- NOTICE lists Copyright statement with no reference to a LICENSE (Legal Issue : Copyright vs. FOSS) HOT 2
- allow_https_api_inbound errors when no cidr ranges specified HOT 1
- run-consul --version 1.7.1 fails to run due to default config HOT 1
- Feature request: install-dnsmasq - remove requirement for reboot HOT 3
- Can't trigger an instance-refresh on update HOT 2
- How to override instance_role when using consul-cluster module? HOT 1
- support prefix_list_ids in aws_security_group_rule
- Cannot run install-consul on AWS codebuild HOT 1
- `run-consul` refers to a non-existent flag
- Cannot complete install-dnsmasq with docker
- Vault backend for Consul ACL bootstrapping in AWS
- Tags depreciation warning message in resource aws_autoscaling_group HOT 1
- systemd reload not working
- config flag telemetry { disable_compat_1.9 = (true|false) } has been removed.
- Is this the current repo? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-aws-consul.