Hey all, We are planning on removing the "best-effort" reboot strategy from Locksmith since it's been deprecated for a while. The reason we deprecated it was because of its nondeterministic behavior. If etcd happened to be running when Locksmith attempted a reboot, it would use etcd to get a lock before continuing. If etcd hadn't started yet or, more commonly, had failed, it would reboot immediately. Not surprisingly, this has caused a number of headaches for users over the years.
We are proposing that the default be changed to "reboot". This would affect different users in different ways. Machines that don't have the strategy set will start to reboot as soon as updates have been applied. For machines that aren't running etcd, there is no change in behavior. For those that are running etcd, the machines will no longer use the locks (not great). Machines which have the strategy set to "best-effort", will complain that the strategy is invalid and reboot immediately. Before widely announcing this, I wanted to gather feedback from the community. Do these new defaults make sense? Is this going to seriously break people? -Alex
signature.asc
Description: PGP signature
