Description:
Disable --keyFile in mongo upstart config
We can't enable this yet, because shared-secret
isn't written until after Mongo is started. This
will change when EnsureMongoServer is landed.
(FWIW I did test this with local, and it worked.
I don't yet understand why - it shouldn't be any
different to cloud providers. I suspect there's
a race here with upstart restarting Mongo, and
the machine agnet writing the shared-secret.)
Reviewers: mp+213786_ code.launchpad. net,
Message:
Please take a look.
Description:
Disable --keyFile in mongo upstart config
We can't enable this yet, because shared-secret
isn't written until after Mongo is started. This
will change when EnsureMongoServer is landed.
(FWIW I did test this with local, and it worked.
I don't yet understand why - it shouldn't be any
different to cloud providers. I suspect there's
a race here with upstart restarting Mongo, and
the machine agnet writing the shared-secret.)
Fixes lp:1300889
https:/ /code.launchpad .net/~axwalk/ juju-core/ lp1300889- disable- mongo-keyfile/ +merge/ 213786
(do not edit description out of merge proposal)
Please review this at https:/ /codereview. appspot. com/83270045/
Affected files (+8, -6 lines): mongo.go cloudinit/ cloudinit_ test.go
A [revision details]
M agent/mongo/
M environs/
Index: [revision details] 20140402083906- 5vacuo7ovpzyi5g j
=== added file '[revision details]'
--- [revision details] 2012-01-01 00:00:00 +0000
+++ [revision details] 2012-01-01 00:00:00 +0000
@@ -0,0 +1,2 @@
+Old revision: tarmac-
+New revision: <email address hidden>
Index: agent/mongo/ mongo.go mongo/mongo. go' mongo.go 2014-04-01 09:34:43 +0000 mongo.go 2014-04-02 09:07:52 +0000 vice(name, mongodExec, dataDir string, port int)
=== modified file 'agent/
--- agent/mongo/
+++ agent/mongo/
@@ -188,7 +188,7 @@
func MongoUpstartSer
(*upstart.Conf, error) {
sslKeyFile := path.Join(dataDir, "server.pem") NewService( name)
- keyFile := path.Join(dataDir, SharedSecretFile)
+ //keyFile := path.Join(dataDir, SharedSecretFile)
svc := upstart.
dbDir := path.Join(dataDir, "db") keyFile) , keyFile) ,
@@ -210,11 +210,11 @@
" --port " + fmt.Sprint(port) +
" --noprealloc" +
" --syslog" +
- " --smallfiles" +
- " --keyFile " + utils.ShQuote(
+ " --smallfiles",
// TODO(Nate): uncomment when we commit HA stuff
// +
- // " --replSet juju",
+ // " --replSet juju" +
+ // " --keyFile " + utils.ShQuote(
}
return conf, nil
}
Index: environs/ cloudinit/ cloudinit_ test.go cloudinit/ cloudinit_ test.go' cloudinit/ cloudinit_ test.go 2014-04-01 08:19:52 +0000 cloudinit/ cloudinit_ test.go 2014-04-02 09:07:52 +0000 lib/juju/ db/journal/ prealloc\ .1 lib/juju/ db/journal/ prealloc\ .2 juju-db\ .conf << 'EOF'\\ndescription "juju state .ubuntu\ .com>"\ \nstart on ]\\nrespawn\ \nnormal exit /var/lib/ juju/db --sslOnNormalPorts juju/server\ .pem' --sslPEMKeyPassword ignored juju/shared- secret' \\nEOF\ \n juju-db\ .conf << 'EOF'\\ndescription "juju state .ubuntu\ .com>"\ \nstart on ]\\nrespawn\ \nnormal exit /var/lib/ juju/db --sslOnNormalPorts juju/server\ .pem' --sslPEMKeyPassword ignored \nEOF\\ n juju/agents/ bootstrap' juju/agents/ bootstrap/ agent\. conf' juju-db\ .conf << 'EOF'\\ndescription "juju state .ubuntu\ .com>"\ \nstart on ]\\nrespawn\ \nnormal exit juju/bin/ mongod --auth --dbpath= /var/lib/ juju/db juju/server\ .pem' juju/shared- secret' \\nEOF\ \n juju-db\ .conf << 'EOF'\\ndescription "juju state .ubuntu\ .com>"\ \nstart on ]\\nrespawn\ \nnormal exit juju/bin/ mongod --auth --dbpath= /var/lib/ juju/db juju/server\ .pem' \nEOF\\ n
=== modified file 'environs/
--- environs/
+++ environs/
@@ -142,7 +142,7 @@
dd bs=1M count=1 if=/dev/zero of=/var/
dd bs=1M count=1 if=/dev/zero of=/var/
echo 'Starting MongoDB server \(juju-db\)'.*
-cat >> /etc/init/
database"\\nauthor "Juju Team <juju@lists\
runlevel \[2345\]\\nstop on runlevel \[!2345\
0\\n\\nlimit nofile 65000 65000\\nlimit nproc 20000 20000\\n\\nexec
/usr/bin/mongod --auth --dbpath=
--sslPEMKeyFile '/var/lib/
--bind_ip 0\.0\.0\.0 --port 37017 --noprealloc --syslog --smallfiles
--keyFile '/var/lib/
+cat >> /etc/init/
database"\\nauthor "Juju Team <juju@lists\
runlevel \[2345\]\\nstop on runlevel \[!2345\
0\\n\\nlimit nofile 65000 65000\\nlimit nproc 20000 20000\\n\\nexec
/usr/bin/mongod --auth --dbpath=
--sslPEMKeyFile '/var/lib/
--bind_ip 0\.0\.0\.0 --port 37017 --noprealloc --syslog
--smallfiles\
start juju-db
mkdir -p '/var/lib/
install -m 600 /dev/null '/var/lib/
@@ -236,7 +236,7 @@
inexactMatch: true,
expectScripts: `
echo 'Starting MongoDB server \(juju-db\)'.*
-cat >> /etc/init/
database"\\nauthor "Juju Team <juju@lists\
runlevel \[2345\]\\nstop on runlevel \[!2345\
0\\n\\nlimit nofile 65000 65000\\nlimit nproc 20000 20000\\n\\nexec
/usr/lib/
--sslOnNormalPorts --sslPEMKeyFile '/var/lib/
--sslPEMKeyPassword ignored --bind_ip 0\.0\.0\.0 --port 37017 --noprealloc
--syslog --smallfiles --keyFile '/var/lib/
+cat >> /etc/init/
database"\\nauthor "Juju Team <juju@lists\
runlevel \[2345\]\\nstop on runlevel \[!2345\
0\\n\\nlimit nofile 65000 65000\\nlimit nproc 20000 20000\\n\\nexec
/usr/lib/
--sslOnNormalPorts --sslPEMKeyFile '/var/lib/
--sslPEMKeyPassword ignored --bind_ip 0\.0\.0\.0 --port 37017 --noprealloc
--syslog --smallfiles\
`,
}, {
// non state server.