Outage - Authentication to JIRA and Confluence

It’s broken. The ldap service was restarted by automation, and for some reason it’s stubbornly refusing to start. No idea what’s happening.

Ah, thanks for the update!

@pascal @burke @jeremy @whiscard

It’s midnight, I have no idea how to fix it.

I did run ansible, and it did restart the container. But it’s refusing to start.

*** CONTAINER_LOG_LEVEL = 3 (info) *** Copy /container/service to /container/run/service ignored *** /container/run/service already exists *** Search service in CONTAINER_SERVICE_DIR = /container/run/service : *** link /container/run/service/:ssl-tools/startup.sh to /container/run/startup/:ssl-tools *** failed to link /container/run/service/:ssl-tools/startup.sh to /container/run/startup/:ssl-tools: [Errno 17] File exists *** link /container/run/service/slapd/startup.sh to /container/run/startup/slapd *** failed to link /container/run/service/slapd/startup.sh to /container/run/startup/slapd: [Errno 17] File exists *** link /container/run/service/slapd/process.sh to /container/run/process/slapd/run *** directory /container/run/process/slapd already exists *** failed to link /container/run/service/slapd/process.sh to /container/run/process/slapd/run : [Errno 17] File exists *** Set environment for startup files *** Environment files will be proccessed in this order : Caution: previously defined variables will not be overriden. /container/environment/99-default/default.yaml /container/environment/99-default/default.startup.yaml

To see how this files are processed and environment variables values, run this container with ‘–loglevel debug’ *** Running /container/run/startup/:ssl-tools… *** Running /container/run/startup/slapd… Start OpenLDAP… Waiting for OpenLDAP to start… Add TLS config… *** /container/run/startup/slapd failed with status 50

*** Killing all processes… *** CONTAINER_LOG_LEVEL = 3 (info) *** Copy /container/service to /container/run/service ignored *** /container/run/service already exists *** Search service in CONTAINER_SERVICE_DIR = /container/run/service : *** link /container/run/service/:ssl-tools/startup.sh to /container/run/startup/:ssl-tools *** failed to link /container/run/service/:ssl-tools/startup.sh to /container/run/startup/:ssl-tools: [Errno 17] File exists *** link /container/run/service/slapd/startup.sh to /container/run/startup/slapd *** failed to link /container/run/service/slapd/startup.sh to /container/run/startup/slapd: [Errno 17] File exists *** link /container/run/service/slapd/process.sh to /container/run/process/slapd/run *** directory /container/run/process/slapd already exists *** failed to link /container/run/service/slapd/process.sh to /container/run/process/slapd/run : [Errno 17] File exists *** Set environment for startup files *** Environment files will be proccessed in this order : Caution: previously defined variables will not be overriden. /container/environment/99-default/default.yaml /container/environment/99-default/default.startup.yaml

To see how this files are processed and environment variables values, run this container with ‘–loglevel debug’ *** Running /container/run/startup/:ssl-tools… *** Running /container/run/startup/slapd… Start OpenLDAP… Waiting for OpenLDAP to start… Add TLS config… *** /container/run/startup/slapd failed with status 50

*** Killing all processes…

I tried https://github.com/osixia/docker-openldap/issues/83 I tried https://github.com/osixia/docker-openldap/blob/e4df8b2ef77af9c15b84c2e2b93d9ef2f371774a/image/service/slapd/assets/config/bootstrap/ldif/custom/README.md

I tried everything I could quite possibly think of.

Original config is in: https://github.com/openmrs/openmrs-contrib-ansible-docker-compose/tree/master/files/ldap

Inside ako.openmrs.org, you have /root/docker/ldap (check .env)

We need TLS working. Backups are on S3. Not sure whatelse I know.

Volumes are in /data/ Keys are generated by letsencrypt.

@cintiadr ok, checking.

I have something in place which appears to be working.

Next week I will test and document my findings.

But for now, it should work as expected.

Awesome, thanks @cintiadr!

@whiscard https://github.com/openmrs/openmrs-contrib-itsmresources/wiki/Service-ID-OpenLDAP

I will do a few more tests (next weekend) to understand or prevent the problem in the first place. I’m still clueless of what happened, as I applied the hammer solution (you delete everything and create it again).

I expect an stable product like openldap and a stable docker image like the one we are using to ever need terrible solutions like that. But it appears I managed to import all the correct data to the correct places.

1 Like

Thanks @cintiadr!

True @cintiadr the hammer solution was going to be the last resort :slight_smile:

You saved me, for i was made less efficient without login access to JIRA. Thanks @cintiadr :smile:

@dkayiwa I assume you took the opportunity to take a day off :sunglasses:

I mean, I would. :smiley:

Looool. :smile: