Skip to content

[Release-3.14.1][Bug] Fix cfn-hup endless loop after rollback to cluster state older than 24 hours #7146

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
hehe7318 wants to merge 2 commits into
base: release-3.14
Choose a base branch
from
Open

[Release-3.14.1][Bug] Fix cfn-hup endless loop after rollback to cluster state older than 24 hours #7146

hehe7318 wants to merge 2 commits into from

Conversation

@hehe7318
Copy link
Contributor

@hehe7318 hehe7318 commented Dec 9, 2025
edited
Loading

Description of changes

When a cluster update fails and triggers a rollback to a state older than 24 hours, cfn-hup enters an endless loop on the head node. This happens because:

  1. The rollback restores the launch template metadata to reference an expired wait condition handle (wait conditions expire after 24h)
  2. cfn-signal fails to signal the expired handle and returns non-zero
  3. cfn-hup sees the non-zero exit code and does not update its local metadata cache (metadata_db.json)
  4. On the next polling interval, cfn-hup detects the same "change" and re-triggers the update recipe, creating an infinite loop

This fix appends || exit 0 to the update command, ensuring cfn-hup always updates its metadata cache regardless of whether cfn-signal succeeds or fails. This prevents the endless loop while still allowing CloudFormation to handle timeouts appropriately.

Tests

  • TODO: manually test.
  • TODO: integ test.

Checklist

  • Make sure you are pointing to the right branch.
  • If you're creating a patch for a branch other than develop add the branch name as prefix in the PR title (e.g. [release-3.6]).
  • Check all commits' messages are clear, describing what and why vs how.
  • Make sure to have added unit tests or integration tests to cover the new/modified code.
  • Check if documentation is impacted by this change.

Please review the guidelines for contributing and Pull Request Instructions.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@hehe7318
Fix cfn-hup endless loop after rollback to cluster state older than 24h
ba1cb01 
When a cluster update fails and triggers a rollback to a state older than
24 hours, cfn-hup enters an endless loop on the head node. This happens
because:

1. The rollback restores the launch template metadata to reference an
   expired wait condition handle (wait conditions expire after 24h)
2. cfn-signal fails to signal the expired handle and returns non-zero
3. cfn-hup sees the non-zero exit code and does not update its local
   metadata cache (metadata_db.json)
4. On the next polling interval, cfn-hup detects the same "change" and
   re-triggers the update recipe, creating an infinite loop

This fix appends "; exit 0" to the update command, ensuring cfn-hup
always updates its metadata cache regardless of whether cfn-signal
succeeds or fails. This prevents the endless loop while still allowing
CloudFormation to handle timeouts appropriately.
@hehe7318 hehe7318 requested a review from a team as a code owner December 9, 2025 18:19
@hehe7318 hehe7318 added the 3.x label Dec 9, 2025
@hehe7318 hehe7318 requested a review from a team as a code owner December 9, 2025 18:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

3.x

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hehe7318