~fwereade/juju-core/api-force-destroy-machines : changes

~fwereade/juju-core/api-force-destroy-machines » Changes from revision 2049

From Revision 2049 to 2030

Rev	Summary	Authors	Date
2049	address review address review	William Reade	10 years ago
2048	merge parent merge parent	William Reade	10 years ago
2047	hook up --force flag hook up --force flag	William Reade	10 years ago
2046	merge parent merge parent	William Reade	10 years ago
2045	address review address review	William Reade	10 years ago
2044	merge reparent merge reparent	William Reade	10 years ago
2043	merge reparent that actually departs relation scopes on unit... merge reparent that actually departs relation scopes on unit removal	William Reade	10 years ago
2042	add State.ForceDestroyMachines add State.ForceDestroyMachines	William Reade	10 years ago
2041	[r=wallyworld] Migrate manual provisioning to API [r=wallyworld] Migrate manual provisioning to API Manual provisioning now works using the API. Two new client endpoints are provided: InjectMachines MachineConfig The MachineConfig API is similar to the ContainerConfig used by the local provider, however more information is required in order to handle provisioning bootstrap as well as normal host nodes. Some refactoring of the ProvisionManchine method was also done to split it into smaller chunks. https://codereview.appspot.com/23440043/	Ian Booth	10 years ago
2040	[r=axwalk] Migrate ssh-based CLI commands to API [r=axwalk] Migrate ssh-based CLI commands to API Two new client API methods are introduced: - ServiceCharmRelations - PublicAddress ServiceCharmRelations returns the names of all charm relations for the given service. This method is used to validate hook names for debug-hooks. PublicAddress takes a string, which must be either a machine ID or unit ID. The call will return the machine or unit's public address, or an error if the entity does not have one. The ssh-based commands (ssh, scp, debug-log and debug-hooks) now use these methods instead of going directly to state. The one major change is that, previously, they used the instance.Instance.WaitDNSName method to get a host address. We now use PublicAddress, which is populated by the machine-agent's address updater. Note that debug-log does not use any new log-specific API; that is a much larger task, and out of scope here. https://codereview.appspot.com/23380045/	Andrew Wilkins	10 years ago
2039	[r=wallyworld] Migrate add-machine to api [r=wallyworld] Migrate add-machine to api add-machine command is migrated to api. This command is really dual personality - it can add a machine to be provisioned by a cloud provider or it can add an exisitng machine using ssh. The first case is fully migrated. The second case has been refactored to move all the direct state/mgo connection stuff into the manual provisioning code. A more substantial refactoring is needed to fully migrate the manual provisioning case. https://codereview.appspot.com/22580043/	Ian Booth	10 years ago
2038	[r=axwalk] Push environment secrets after connecting API [r=axwalk] Push environment secrets after connecting API This is a much simpler alternative to https://codereview.appspot.com/22080044/, implementing the same logic as is present for the straight-to-state juju.NewConn. As secrets-pushing will be obsoleted by synchronous bootstrapping, which is slated for introduction soon, I have a strong preference for this option. There's a drive-by-fix to the EnvironmentSet API which simplifies testing: allow agent-version in the parameters as long as it matches the existing value. https://codereview.appspot.com/22720043/	Andrew Wilkins	10 years ago
2037	[r=jameinel] state/unit/machine/user: change password hashes [r=jameinel] state/unit/machine/user: change password hashes This is a follow up to my previous PasswordHash changes, making it a more complete step. 1) PasswordHash is split into 3 functions: UserPasswordHash(password, salt) passwordhash CompatPasswordHash(password) passwordhash { return UserPasswordHash(password, oldDefaultSalt) } AgentPasswordHash(password) passwordHash, error 2) UserPasswordHash does the same 8192 rounds of pbkdf2 hashing to ensure that it is hard to brute force a user's password. On top of that, it requires a "salt" value. state/User grows an added field PasswordSalt. Whenever we call User.SetPassword we generate a salt and use that to compute the password hash. For compatibility, if User.PasswordSalt is the empty string, we use the CompatPasswordHash which sets the salt to the old hard-coded salt. I chose to use a different function to make it clear that we don't really want to support empty salts. 3) User.PasswordValid(password) knows how to check both ways for compatibility, and if it sees that the saved hash was not salted, it calls SetPassword() immediately to set a salt and regenerate the password hash. 4) For Machine and Unit agents, we change their hash function to just be a simple SHA-512 of the password. We don't bother with a salt or with iterated pbkdf2. This is because we know that agents have very high entropy passwords (utils.RandomPassword uses 18 bytes of entropy or 2^144). This is not really feasible to brute force, so there isn't really a point to salt or iterate. As part of this change, AgentPasswordHash(string) string, error can return an error if it appears the password might not have enough entropy (for now we just check the length of the password). That way someone can't accidentally get rooted because they set the machine-0 agent password to "foo". This probably had the widest effect as we had a lot of tests that set a simple password just so we could login as that agent, but we just change it so we use utils.RandomPassword in all of those places. As mentioned before, this is a big performance win when scaling up to thousands of agents. Timing shows UserPasswordHash takes about 80ms, while AgentPasswordHash takes about 8us. PasswordHash was dominating the time it took for the system to recover after restarting the API machine. 5) Similar to User.PasswordValid, Machine.PasswordValid and Unit.PasswordValid will do a fast check using AgentPasswordValid, and if that fails, they will fall back to the slow CompatPasswordValid. If they find the passwordhash is a compat value, they reset the value to the fast-path value. https://codereview.appspot.com/21000044/	John Arbash Meinel	10 years ago
2036	[r=dimitern],[bug=1246983] cmd/juju: get- and set-environmen... [r=dimitern],[bug=1246983] cmd/juju: get- and set-environment using the API Implemented EnvironmentGet and EnvironmentSet in the client API and changed the get-environment and set-environment commands to use that instead of connecting to state directly. https://codereview.appspot.com/22210044/ R=fwereade	Dimiter Naydenov	10 years ago
2035	[r=jameinel],[bug=1205371] state/apiserver/uniter: use cache... [r=jameinel],[bug=1205371] state/apiserver/uniter: use cached APIAddresses When Roger changed the common.Addresser code to use the cached addresses, he missed the fact that Uniter had its own implementation. This was because we weren't exposing StateAddress or CACert to the Uniter. So this change moves the code around to share the common APIAddresses method and uses it in the Uniter facade. This also changes common.Addresser to be named common.StateAddresser to make it clearer what is going on. https://codereview.appspot.com/20940043/	John Arbash Meinel	10 years ago
2034	[r=natefinch] API endpoint for set. There actually already w... [r=natefinch] API endpoint for set. There actually already was an endpoint that was used by the GUI, but it has logic to treat empty strings as unsetting the configuration value, which is not the behavior we want. To maintain compatibility with the GUI, I created a new endpoint to be used by the client, called NewServiceSetForClientAPI, an intentionally ugly name to remind us that we want to merge the two functions as soon as possible. This new endpoint does not treat empty strings specially, so if you set a configuration value to an empty string it'll be set to an empty string, and you should use unset to unset it.	Nate Finch	10 years ago
2033	[r=themue] local: ensure that state and api ports are free [r=themue] local: ensure that state and api ports are free Evaluation of a way to ensure unused ports for state and API of the local provider. https://codereview.appspot.com/14527044/	Frank Mueller	10 years ago
2032	[r=jameinel] rpc/apiserver: logging improvements [r=jameinel] rpc/apiserver: logging improvements This is a bunch of tweaks to the RPC logging statements to make them nicer to use. 1) Add wall-clock time to responses. This lets you see quickly how long a given RPC took to process. 2) Add a unique identifier per-connection. The code was sort of written around remoteAddr (it collected it, at least), but it turns out that isn't actually enough. Roger mentioned using the address of an object, but those can be reused. Using a unique counter allows us to both guarantee it is unique for the lifetime of the process, and makes the numbers significantly smaller. I also went with Hex form to save a couple bytes, but I'm not wedded to it. I could be convinced that %d would be better than %x. I did go with [%x] to ensure that you can search for a stream without hitting prefix/suffix/etc matches. 3) Once the remote side has logged in, the log messages include the Tag of that entity. I find that to be quite useful (especially to clarify unit agents from machine agents, etc). The Facade they are using is already in the requests (as Type). This is based on my earlier patch that fixes the API endpoint bugs. I could pull it out if that patch gets rejected, as it isn't an actual dependency, just code committed after the other one. I don't expect it will be an actual problem, though. https://codereview.appspot.com/18990045/	John Arbash Meinel	10 years ago
2031	[r=jameinel] juju/api: don't warn on aborted connection [r=jameinel] juju/api: don't warn on aborted connection I've been playing with Roger's tweak to using cached API addresses rather than determining them by reading the provider-state file. It works, but it has a bug that when it successfully connects to the API with the cached information, it causes the other goroutine to stop with an "aborted" exception. That was being displayed to the user as a WARNING which is pretty clearly incorrect. I can understand that we don't want to silently consume errors, but errAborted should be treated as control flow logic. So I made that happen. I wanted to add testing that we output sane information to the user, but it was clumsy to find the right hook points. If people feel strongly I can try to track that down, but I didn't want to lose the patch in flight. https://codereview.appspot.com/17700043/	John Arbash Meinel	10 years ago
2030	[r=axwalk],[bug=1246983] cmd/juju: use API for expose/unexpo... [r=axwalk],[bug=1246983] cmd/juju: use API for expose/unexpose Partially fixes #1246983 https://codereview.appspot.com/18600045/	Andrew Wilkins	10 years ago

Older »