RHBA-2012:0891 - Bug Fix Advisory

Topic

An updated piranha package that fixes multiple bugs and adds various
enhancements is now available for Red Hat Enterprise Linux 6.

Description

Piranha provides high-availability and load-balancing services for Red Hat
Enterprise Linux. The piranha package contains various tools to administer and
configure the Linux Virtual Server (LVS), as well as the heartbeat and failover
components. LVS is a dynamically-adjusted kernel routing mechanism that provides
load balancing, primarily for Web and FTP servers.

This update fixes the following bugs:

• Previously, the pulse service did not properly close the configuration file.

This caused file descriptors leaks in the pulse service and could potentially
trigger SELinux AVC errors. With this update, the configuration file is properly
closed after reading, and no SELinux errors are observed under these
circumstances. (BZ#747300)

• Previously, the pulse service did not correctly stop the ipvsadm sync daemon

due to incorrect ipvsadm syntax. As a consequence, multiple sync daemons existed
after restarting the pulse service. With this update, the correct syntax is
used. The pulse service now stops all the sync daemons, and exactly one master
sync daemon and one backup sync daemon exist at any given time. (BZ#749594)

• Previously, the lvsd daemon did not correctly identify the existence of a new

virtual server when re-reading the configuration file. As a consequence, the
lvsd daemon could terminate unexpectedly with a segmentation fault when the
pulse service was reloaded. With this update, the lvsd daemon correctly
determines if a virtual server has been added to the configuration file when the
pulse service is reloaded. (BZ#785720)

• Previously, the pulse init script did not properly format the output when

running the "service pulse reload" command. This update fixes this formatting
error by printing a newline character after the init script completes the reload
command. (BZ#798362)

• Previously, the pulse daemon did not correctly detect when the lvsd daemon had

been terminated. As a result, the pulse daemon did not trigger a failover. With
this update, the pulse daemon correctly detects when lvsd has been terminated
and, if a backup director is configured and active, will result in a failover.
(BZ#813906)

• Previously, nanny processes did not correctly write messages to the system log

when a sorry_server was defined for a virtual service. When a sorry_server is
configured, all nanny processes are run with the "--nodaemon" option. This
option prevented messages from being written to syslog and therefore the
/var/log/messages file did not contain information about nanny processes. With
this update, all nanny processes will write messages to the system log.
(BZ#815887)

This update also adds the following enhancements:

• This update adds the ability to specify the sync ID to be used with the

ipvsadm sync daemon. A new option in the lvs.cf file, "syncd_id", can be used to
set the sync ID. This option can also be configured in the Piranha web interface
under the "Redundancy" tab. The default value is 0. (BZ#717556)

• This update adds the ability to specify IPVS timeouts including TCP session

timeout, TCP FIN session timeout, and UDP packet timeout. Three new options have
been added to the lvs.cf file: "tcp_timeout", "tcpfin_timeout", and
"udp_timeout". These timeout values can also be configured in the Piranha web
interface under "Global Settings". The default value for each timeout is 0,
which causes no changes to be made to the existing timeouts. (BZ#745271)

• This update adds the ability to specify the network interface that the ipvsadm

sync daemon will use to send and receive multicast messages. A new option in the
lvs.cf file, "syncd_iface", can be used to set the sync daemon interface. This
option can also be configured in the Piranha web interface under the
"Redundancy" tab. The default value is "eth0". (BZ#788541)

All users of piranha are advised to upgrade to this updated package, which fixes
these bugs and adds these enhancements.

Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat
Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Affected Products

• Red Hat Enterprise Linux Load Balancer (for RHEL Server) 6 x86_64
• Red Hat Enterprise Linux Load Balancer (for RHEL Server) 6 i386
• Red Hat Enterprise Linux Load Balancer (for RHEL Server) from RHUI 6 x86_64
• Red Hat Enterprise Linux Load Balancer (for RHEL Server) from RHUI 6 i386

Fixes

• BZ - 717556 - Add ability for piranha to specify syncid for sync-daemon
• BZ - 747300 - pulse is leaking a file descriptor
• BZ - 788541 - Add option to specify mcast interface for sync daemon
• BZ - 798362 - pulse init script missing newline after reload
• BZ - 815887 - nanny: no information logged when sorry_server defined

CVEs

(none)

References

(none)