Issue 9710044: environs/cloudinit: write machine config earlier

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Issue 9710044: environs/cloudinit: write machine config earlier

Can't Edit
Can't Publish+Mail
Start Review

Created:
10 years, 11 months ago by rog

Modified:
10 years, 11 months ago

Reviewers:
mue, dimitern, mp+165559

Visibility:
Public.

Description

environs/cloudinit: write machine config earlier TLDR: this makes it easier to implement the API connection logic. For security reasons we get the agent to change its password from the one that's passed in cloudinit. Currently that's done when connecting to the mongo state. The plan is to make that be done when connecting to the API, which should work fine *apart* from when we're starting the bootstrap node, which does not have an API to connect to. Rather than duplicating the password changing logic for state and API connections (and suffering races between the two things both trying to change the password, or from the API connection changing the password while a state connection is already active), we can alter bootstrap-state so it changes the machine config on the bootstrap node so that its machine agent won't *need* to change the password. To do that, bootstrap-state needs access to the machine agent configuration file, which is what this merge proposal implements. https://code.launchpad.net/~rogpeppe/juju-core/308-jujud-bootstrap-state-change-password/+merge/165559 (do not edit description out of merge proposal)

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+59 lines, -41 lines)			Patch
A	[revision details]	View	1	1 chunk	+2 lines, -0 lines	0 comments	Download
M	environs/cloudinit/cloudinit.go	View		7 chunks	+47 lines, -31 lines	0 comments	Download
M	environs/cloudinit/cloudinit_test.go	View		4 chunks	+10 lines, -10 lines	0 comments	Download

Messages

Total messages: 4

Expand All Messages | Collapse All Messages

rog

10 years, 11 months ago (2013-05-24 11:17:57 UTC) #4

*** Submitted:

environs/cloudinit: write machine config earlier

TLDR: this makes it easier to implement the API connection
logic.

For security reasons we get the agent to change its password from the
one that's passed in cloudinit. Currently that's done when connecting
to the mongo state.

The plan is to make that be done when connecting to the API, which
should work fine *apart* from when we're starting the bootstrap node,
which does not have an API to connect to.

Rather than duplicating the password changing logic for state and API
connections (and suffering races between the two things both trying to
change the password, or from the API connection changing the password
while a state connection is already active), we can alter bootstrap-state
so it changes the machine config on the bootstrap node so that its
machine agent won't *need* to change the password.

To do that, bootstrap-state needs access to the machine agent
configuration file, which is what this merge proposal implements.

R=dimitern, TheWorkingMue
CC=
https://codereview.appspot.com/9710044

Expand All Messages | Collapse All Messages