juju-core

Merge lp:~axwalk/juju-core/lp1300889-disable-mongo-keyfile into lp:~go-bot/juju-core/trunk

  1. lp1300889-disable-mongo-keyfile
  2. Merge into trunk
Proposed by Andrew Wilkins
Status: Merged
Approved by: Andrew Wilkins
Approved revision: no longer in the source branch.
Merged at revision: 2544
Proposed branch: lp:~axwalk/juju-core/lp1300889-disable-mongo-keyfile
Merge into: lp:~go-bot/juju-core/trunk
Diff against target: 50 lines (+7/-6)
2 files modified
agent/mongo/mongo.go (+5/-4)
environs/cloudinit/cloudinit_test.go (+2/-2)
To merge this branch: bzr merge lp:~axwalk/juju-core/lp1300889-disable-mongo-keyfile
Reviewer Review Type Date Requested Status
Juju Engineering Pending
Review via email: mp+213786@code.launchpad.net

Commit message

Disable --keyFile in mongo upstart config

We can't enable this yet, because shared-secret
isn't written until after Mongo is started. This
will change when EnsureMongoServer is landed.

(FWIW I did test this with local, and it worked.
I don't yet understand why - it shouldn't be any
different to cloud providers. I suspect there's
a race here with upstart restarting Mongo, and
the machine agnet writing the shared-secret.)

Fixes lp:1300889

https://codereview.appspot.com/83270045/

Description of the change

Disable --keyFile in mongo upstart config

We can't enable this yet, because shared-secret
isn't written until after Mongo is started. This
will change when EnsureMongoServer is landed.

(FWIW I did test this with local, and it worked.
I don't yet understand why - it shouldn't be any
different to cloud providers. I suspect there's
a race here with upstart restarting Mongo, and
the machine agnet writing the shared-secret.)

Fixes lp:1300889

https://codereview.appspot.com/83270045/

To post a comment you must log in.
Revision history for this message
Andrew Wilkins (axwalk) wrote :
Download full text (4.8 KiB)

Reviewers: mp+213786_code.launchpad.net,

Message:
Please take a look.

Description:
Disable --keyFile in mongo upstart config

We can't enable this yet, because shared-secret
isn't written until after Mongo is started. This
will change when EnsureMongoServer is landed.

(FWIW I did test this with local, and it worked.
I don't yet understand why - it shouldn't be any
different to cloud providers. I suspect there's
a race here with upstart restarting Mongo, and
the machine agnet writing the shared-secret.)

Fixes lp:1300889

https://code.launchpad.net/~axwalk/juju-core/lp1300889-disable-mongo-keyfile/+merge/213786

(do not edit description out of merge proposal)

Please review this at https://codereview.appspot.com/83270045/

Affected files (+8, -6 lines):
   A [revision details]
   M agent/mongo/mongo.go
   M environs/cloudinit/cloudinit_test.go

Index: [revision details]
=== added file '[revision details]'
--- [revision details] 2012-01-01 00:00:00 +0000
+++ [revision details] 2012-01-01 00:00:00 +0000
@@ -0,0 +1,2 @@
+Old revision: tarmac-20140402083906-5vacuo7ovpzyi5gj
+New revision: <email address hidden>

Index: agent/mongo/mongo.go
=== modified file 'agent/mongo/mongo.go'
--- agent/mongo/mongo.go 2014-04-01 09:34:43 +0000
+++ agent/mongo/mongo.go 2014-04-02 09:07:52 +0000
@@ -188,7 +188,7 @@
  func MongoUpstartService(name, mongodExec, dataDir string, port int)
(*upstart.Conf, error) {

   sslKeyFile := path.Join(dataDir, "server.pem")
- keyFile := path.Join(dataDir, SharedSecretFile)
+ //keyFile := path.Join(dataDir, SharedSecretFile)
   svc := upstart.NewService(name)

   dbDir := path.Join(dataDir, "db")
@@ -210,11 +210,11 @@
     " --port " + fmt.Sprint(port) +
     " --noprealloc" +
     " --syslog" +
- " --smallfiles" +
- " --keyFile " + utils.ShQuote(keyFile),
+ " --smallfiles",
    // TODO(Nate): uncomment when we commit HA stuff
    // +
- // " --replSet juju",
+ // " --replSet juju" +
+ // " --keyFile " + utils.ShQuote(keyFile),
   }
   return conf, nil
  }

Index: environs/cloudinit/cloudinit_test.go
=== modified file 'environs/cloudinit/cloudinit_test.go'
--- environs/cloudinit/cloudinit_test.go 2014-04-01 08:19:52 +0000
+++ environs/cloudinit/cloudinit_test.go 2014-04-02 09:07:52 +0000
@@ -142,7 +142,7 @@
  dd bs=1M count=1 if=/dev/zero of=/var/lib/juju/db/journal/prealloc\.1
  dd bs=1M count=1 if=/dev/zero of=/var/lib/juju/db/journal/prealloc\.2
  echo 'Starting MongoDB server \(juju-db\)'.*
-cat >> /etc/init/juju-db\.conf << 'EOF'\\ndescription "juju state
database"\\nauthor "Juju Team <juju@lists\.ubuntu\.com>"\\nstart on
runlevel \[2345\]\\nstop on runlevel \[!2345\]\\nrespawn\\nnormal exit
0\\n\\nlimit nofile 65000 65000\\nlimit nproc 20000 20000\\n\\nexec
/usr/bin/mongod --auth --dbpath=/var/lib/juju/db --sslOnNormalPorts
--sslPEMKeyFile '/var/lib/juju/server\.pem' --sslPEMKeyPassword ignored
--bind_ip 0\.0\.0\.0 --port 37017 --noprealloc --syslog --smallfiles
--keyFile '/var/lib/juju/shared-secret'\\nEOF\\n
+cat >> /etc/init/juju-db\.conf << 'EOF'\\ndescription "juju state
database"\\nauthor "Juju Team <juju@lists\.ubuntu\.com>"\\nstart on
runlevel...

Read more...

Revision history for this message
Roger Peppe (rogpeppe) wrote :

On 2014/04/02 09:24:13, axw wrote:
> Please take a look.

LGTM

https://codereview.appspot.com/83270045/

Revision history for this message
William Reade (fwereade) wrote :

Add a matching comment for the commented `keyFile :=` line and LGTM.

(I don't really love this "uncomment when" lark, fwiw, but it'll do so
long as it really *does* get uncommented in short order ;))

https://codereview.appspot.com/83270045/

Revision history for this message
Andrew Wilkins (axwalk) wrote :

Please take a look.

https://codereview.appspot.com/83270045/

Revision history for this message
Go Bot (go-bot) wrote :
Download full text (18.4 KiB)

The attempt to merge lp:~axwalk/juju-core/lp1300889-disable-mongo-keyfile into lp:juju-core failed. Below is the output from the failed tests.

ok launchpad.net/juju-core 0.015s
ok launchpad.net/juju-core/agent 1.101s
ok launchpad.net/juju-core/agent/mongo 0.543s
ok launchpad.net/juju-core/agent/tools 0.213s
ok launchpad.net/juju-core/bzr 5.104s
ok launchpad.net/juju-core/cert 2.896s
ok launchpad.net/juju-core/charm 0.402s
? launchpad.net/juju-core/charm/hooks [no test files]
? launchpad.net/juju-core/charm/testing [no test files]
ok launchpad.net/juju-core/cloudinit 0.030s
ok launchpad.net/juju-core/cloudinit/sshinit 0.977s
ok launchpad.net/juju-core/cmd 0.172s
ok launchpad.net/juju-core/cmd/charm-admin 0.763s
? launchpad.net/juju-core/cmd/charmd [no test files]
? launchpad.net/juju-core/cmd/charmload [no test files]
ok launchpad.net/juju-core/cmd/envcmd 0.209s
ok launchpad.net/juju-core/cmd/juju 208.978s
ok launchpad.net/juju-core/cmd/jujud 67.162s
ok launchpad.net/juju-core/cmd/plugins/juju-metadata 10.026s
? launchpad.net/juju-core/cmd/plugins/juju-restore [no test files]
ok launchpad.net/juju-core/cmd/plugins/local 0.238s
? launchpad.net/juju-core/cmd/plugins/local/juju-local [no test files]
ok launchpad.net/juju-core/constraints 0.037s
ok launchpad.net/juju-core/container 0.028s
ok launchpad.net/juju-core/container/factory 0.033s
ok launchpad.net/juju-core/container/kvm 0.201s
ok launchpad.net/juju-core/container/kvm/mock 0.037s
? launchpad.net/juju-core/container/kvm/testing [no test files]
ok launchpad.net/juju-core/container/lxc 4.317s
? launchpad.net/juju-core/container/lxc/mock [no test files]
? launchpad.net/juju-core/container/lxc/testing [no test files]
? launchpad.net/juju-core/container/testing [no test files]
ok launchpad.net/juju-core/downloader 5.251s
ok launchpad.net/juju-core/environs 2.575s
ok launchpad.net/juju-core/environs/bootstrap 10.213s
ok launchpad.net/juju-core/environs/cloudinit 0.497s
ok launchpad.net/juju-core/environs/config 2.622s
ok launchpad.net/juju-core/environs/configstore 0.032s
ok launchpad.net/juju-core/environs/filestorage 0.028s
ok launchpad.net/juju-core/environs/httpstorage 0.699s
ok launchpad.net/juju-core/environs/imagemetadata 0.450s
? launchpad.net/juju-core/environs/imagemetadata/testing [no test files]
ok launchpad.net/juju-core/environs/instances 0.037s
ok launchpad.net/juju-core/environs/jujutest 0.175s
ok launchpad.net/juju-core/environs/manual 12.565s
ok launchpad.net/juju-core/environs/simplestreams 0.263s
? launchpad.net/juju-core/environs/simplestreams/testing [no test files]
ok launchpad.net/juju-core/environs/sshstorage 0.834s
ok launchpad.net/juju-core/environs/storage 0.921s
ok launchpad.net/juju-core/environs/sync 43.749s
ok launchpad.net/juju-core/environs/testing 0.137s
ok launchpad.net/juju-core/environs/tools 4.761s
? launchpad.net/juju-core/environs/tools/testing [no test files]
ok launchpad.net/juju-core/errors 0.011s
ok launchpad.net/juju-core/instance 0.019s
? launchpad.net/juju-core/instance/testing [no test files]
ok launchpad.net/juju-core/j...

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'agent/mongo/mongo.go'
--- agent/mongo/mongo.go 2014-04-01 09:34:43 +0000
+++ agent/mongo/mongo.go 2014-04-02 10:11:44 +0000
@@ -188,7 +188,8 @@
188func MongoUpstartService(name, mongodExec, dataDir string, port int) (*upstart.Conf, error) {188func MongoUpstartService(name, mongodExec, dataDir string, port int) (*upstart.Conf, error) {
189189
190 sslKeyFile := path.Join(dataDir, "server.pem")190 sslKeyFile := path.Join(dataDir, "server.pem")
191 keyFile := path.Join(dataDir, SharedSecretFile)191 // TODO(Nate): uncomment when we commit HA stuff
192 //keyFile := path.Join(dataDir, SharedSecretFile)
192 svc := upstart.NewService(name)193 svc := upstart.NewService(name)
193194
194 dbDir := path.Join(dataDir, "db")195 dbDir := path.Join(dataDir, "db")
@@ -210,11 +211,11 @@
210 " --port " + fmt.Sprint(port) +211 " --port " + fmt.Sprint(port) +
211 " --noprealloc" +212 " --noprealloc" +
212 " --syslog" +213 " --syslog" +
213 " --smallfiles" +214 " --smallfiles",
214 " --keyFile " + utils.ShQuote(keyFile),
215 // TODO(Nate): uncomment when we commit HA stuff215 // TODO(Nate): uncomment when we commit HA stuff
216 // +216 // +
217 // " --replSet juju",217 // " --replSet juju" +
218 // " --keyFile " + utils.ShQuote(keyFile),
218 }219 }
219 return conf, nil220 return conf, nil
220}221}
221222
=== modified file 'environs/cloudinit/cloudinit_test.go'
--- environs/cloudinit/cloudinit_test.go 2014-04-01 08:19:52 +0000
+++ environs/cloudinit/cloudinit_test.go 2014-04-02 10:11:44 +0000
@@ -142,7 +142,7 @@
142dd bs=1M count=1 if=/dev/zero of=/var/lib/juju/db/journal/prealloc\.1142dd bs=1M count=1 if=/dev/zero of=/var/lib/juju/db/journal/prealloc\.1
143dd bs=1M count=1 if=/dev/zero of=/var/lib/juju/db/journal/prealloc\.2143dd bs=1M count=1 if=/dev/zero of=/var/lib/juju/db/journal/prealloc\.2
144echo 'Starting MongoDB server \(juju-db\)'.*144echo 'Starting MongoDB server \(juju-db\)'.*
145cat >> /etc/init/juju-db\.conf << 'EOF'\\ndescription "juju state database"\\nauthor "Juju Team <juju@lists\.ubuntu\.com>"\\nstart on runlevel \[2345\]\\nstop on runlevel \[!2345\]\\nrespawn\\nnormal exit 0\\n\\nlimit nofile 65000 65000\\nlimit nproc 20000 20000\\n\\nexec /usr/bin/mongod --auth --dbpath=/var/lib/juju/db --sslOnNormalPorts --sslPEMKeyFile '/var/lib/juju/server\.pem' --sslPEMKeyPassword ignored --bind_ip 0\.0\.0\.0 --port 37017 --noprealloc --syslog --smallfiles --keyFile '/var/lib/juju/shared-secret'\\nEOF\\n145cat >> /etc/init/juju-db\.conf << 'EOF'\\ndescription "juju state database"\\nauthor "Juju Team <juju@lists\.ubuntu\.com>"\\nstart on runlevel \[2345\]\\nstop on runlevel \[!2345\]\\nrespawn\\nnormal exit 0\\n\\nlimit nofile 65000 65000\\nlimit nproc 20000 20000\\n\\nexec /usr/bin/mongod --auth --dbpath=/var/lib/juju/db --sslOnNormalPorts --sslPEMKeyFile '/var/lib/juju/server\.pem' --sslPEMKeyPassword ignored --bind_ip 0\.0\.0\.0 --port 37017 --noprealloc --syslog --smallfiles\\nEOF\\n
146start juju-db146start juju-db
147mkdir -p '/var/lib/juju/agents/bootstrap'147mkdir -p '/var/lib/juju/agents/bootstrap'
148install -m 600 /dev/null '/var/lib/juju/agents/bootstrap/agent\.conf'148install -m 600 /dev/null '/var/lib/juju/agents/bootstrap/agent\.conf'
@@ -236,7 +236,7 @@
236 inexactMatch: true,236 inexactMatch: true,
237 expectScripts: `237 expectScripts: `
238echo 'Starting MongoDB server \(juju-db\)'.*238echo 'Starting MongoDB server \(juju-db\)'.*
239cat >> /etc/init/juju-db\.conf << 'EOF'\\ndescription "juju state database"\\nauthor "Juju Team <juju@lists\.ubuntu\.com>"\\nstart on runlevel \[2345\]\\nstop on runlevel \[!2345\]\\nrespawn\\nnormal exit 0\\n\\nlimit nofile 65000 65000\\nlimit nproc 20000 20000\\n\\nexec /usr/lib/juju/bin/mongod --auth --dbpath=/var/lib/juju/db --sslOnNormalPorts --sslPEMKeyFile '/var/lib/juju/server\.pem' --sslPEMKeyPassword ignored --bind_ip 0\.0\.0\.0 --port 37017 --noprealloc --syslog --smallfiles --keyFile '/var/lib/juju/shared-secret'\\nEOF\\n239cat >> /etc/init/juju-db\.conf << 'EOF'\\ndescription "juju state database"\\nauthor "Juju Team <juju@lists\.ubuntu\.com>"\\nstart on runlevel \[2345\]\\nstop on runlevel \[!2345\]\\nrespawn\\nnormal exit 0\\n\\nlimit nofile 65000 65000\\nlimit nproc 20000 20000\\n\\nexec /usr/lib/juju/bin/mongod --auth --dbpath=/var/lib/juju/db --sslOnNormalPorts --sslPEMKeyFile '/var/lib/juju/server\.pem' --sslPEMKeyPassword ignored --bind_ip 0\.0\.0\.0 --port 37017 --noprealloc --syslog --smallfiles\\nEOF\\n
240`,240`,
241 }, {241 }, {
242 // non state server.242 // non state server.

Subscribers

People subscribed via source and target branches

to status/vote changes: