juju-core

Merge lp:~dave-cheney/juju-core/052-environs-ec2-always-request-public-tools-from-us-east-1 into lp:~juju/juju-core/trunk

  1. 052-environs-ec2-always-request-public-tools-from-us-east-1
  2. Merge into trunk
Proposed by Dave Cheney
Status: Rejected
Rejected by: Dave Cheney
Proposed branch: lp:~dave-cheney/juju-core/052-environs-ec2-always-request-public-tools-from-us-east-1
Merge into: lp:~juju/juju-core/trunk
Diff against target: 123 lines (+34/-23)
4 files modified
environs/ec2/config.go (+18/-9)
environs/ec2/ec2.go (+2/-1)
environs/ec2/local_test.go (+12/-11)
juju/bootstrap.go (+2/-2)
To merge this branch: bzr merge lp:~dave-cheney/juju-core/052-environs-ec2-always-request-public-tools-from-us-east-1
Reviewer Review Type Date Requested Status
The Go Language Gophers Pending
Review via email: mp+136077@code.launchpad.net

Description of the change

environs/ec2: specify public-bucket-region

Fixes LP #1083017

Our public bucket, juju-dist, lives in the us-east-1 region and can only be accessed via that endpoint. If you attempt to do so via another endpoint you get an unhelpful 301 error with an xml blob telling you how to request the bucket. The solution is to add a configuration option, with sensible default, to ec2/config.go to specify the region of the public bucket independantly of the private bucket.

https://codereview.appspot.com/6843112/

To post a comment you must log in.
Revision history for this message
John A Meinel (jameinel) wrote :

Seems ok. I'm not sure if having a configurable "grab the tools from
this region" is better than providing the tools in all regions. If this
is the best way forward, than LGTM.

https://codereview.appspot.com/6843112/diff/2001/environs/ec2/ec2.go
File environs/ec2/ec2.go (left):

https://codereview.appspot.com/6843112/diff/2001/environs/ec2/ec2.go#oldcode162
environs/ec2/ec2.go:162: }
It seems like if you've connected you might want to reuse s3Unlocked if
region == publicBucketRegion.

Beyond that, having to access us-east-1 from outside of it means paying
bandwidth charges, etc. Is it worthwhile to try and put the tools on all
regions?

https://codereview.appspot.com/6843112/

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'environs/ec2/config.go'
2--- environs/ec2/config.go 2012-11-16 08:04:53 +0000
3+++ environs/ec2/config.go 2012-11-26 09:48:38 +0000
4@@ -9,17 +9,19 @@
5
6 var configChecker = schema.StrictFieldMap(
7 schema.Fields{
8- "access-key": schema.String(),
9- "secret-key": schema.String(),
10- "region": schema.String(),
11- "control-bucket": schema.String(),
12- "public-bucket": schema.String(),
13+ "access-key": schema.String(),
14+ "secret-key": schema.String(),
15+ "region": schema.String(),
16+ "control-bucket": schema.String(),
17+ "public-bucket": schema.String(),
18+ "public-bucket-region": schema.String(),
19 },
20 schema.Defaults{
21- "access-key": "",
22- "secret-key": "",
23- "region": "us-east-1",
24- "public-bucket": "juju-dist",
25+ "access-key": "",
26+ "secret-key": "",
27+ "region": "us-east-1",
28+ "public-bucket": "juju-dist",
29+ "public-bucket-region": "us-east-1",
30 },
31 )
32
33@@ -40,6 +42,10 @@
34 return c.attrs["public-bucket"].(string)
35 }
36
37+func (c *environConfig) publicBucketRegion() string {
38+ return c.attrs["public-bucket-region"].(string)
39+}
40+
41 func (c *environConfig) accessKey() string {
42 return c.attrs["access-key"].(string)
43 }
44@@ -73,6 +79,9 @@
45 if _, ok := aws.Regions[ecfg.region()]; !ok {
46 return nil, fmt.Errorf("invalid region name %q", ecfg.region())
47 }
48+ if _, ok := aws.Regions[ecfg.publicBucketRegion()]; !ok {
49+ return nil, fmt.Errorf("invalid public-bucket-region name %q", ecfg.publicBucketRegion())
50+ }
51
52 if old != nil {
53 attrs := old.UnknownAttrs()
54
55=== modified file 'environs/ec2/ec2.go'
56--- environs/ec2/ec2.go 2012-11-14 14:39:40 +0000
57+++ environs/ec2/ec2.go 2012-11-26 09:48:38 +0000
58@@ -148,6 +148,7 @@
59
60 auth := aws.Auth{ecfg.accessKey(), ecfg.secretKey()}
61 region := aws.Regions[ecfg.region()]
62+ publicBucketRegion := aws.Regions[ecfg.publicBucketRegion()]
63 e.ec2Unlocked = ec2.New(auth, region)
64 e.s3Unlocked = s3.New(auth, region)
65
66@@ -158,7 +159,7 @@
67 }
68 if ecfg.publicBucket() != "" {
69 e.publicStorageUnlocked = &storage{
70- bucket: e.s3Unlocked.Bucket(ecfg.publicBucket()),
71+ bucket: s3.New(auth, publicBucketRegion).Bucket(ecfg.publicBucket()),
72 }
73 } else {
74 e.publicStorageUnlocked = nil
75
76=== modified file 'environs/ec2/local_test.go'
77--- environs/ec2/local_test.go 2012-11-23 18:08:08 +0000
78+++ environs/ec2/local_test.go 2012-11-26 09:48:38 +0000
79@@ -26,17 +26,18 @@
80 Name: "test",
81 }
82 attrs := map[string]interface{}{
83- "name": "sample",
84- "type": "ec2",
85- "region": "test",
86- "control-bucket": "test-bucket",
87- "public-bucket": "public-tools",
88- "admin-secret": "local-secret",
89- "access-key": "x",
90- "secret-key": "x",
91- "authorized-keys": "foo",
92- "ca-cert": testing.CACertPEM,
93- "ca-private-key": testing.CAKeyPEM,
94+ "name": "sample",
95+ "type": "ec2",
96+ "region": "test",
97+ "control-bucket": "test-bucket",
98+ "public-bucket": "public-tools",
99+ "public-bucket-region": "test",
100+ "admin-secret": "local-secret",
101+ "access-key": "x",
102+ "secret-key": "x",
103+ "authorized-keys": "foo",
104+ "ca-cert": testing.CACertPEM,
105+ "ca-private-key": testing.CAKeyPEM,
106 }
107
108 Suite(&localServerSuite{
109
110=== modified file 'juju/bootstrap.go'
111--- juju/bootstrap.go 2012-11-23 18:18:38 +0000
112+++ juju/bootstrap.go 2012-11-26 09:48:38 +0000
113@@ -74,8 +74,8 @@
114 SubjectKeyId: bigIntHash(priv.N),
115 KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
116 BasicConstraintsValid: true,
117- IsCA: true,
118- MaxPathLen: 0, // Disallow delegation for now.
119+ IsCA: true,
120+ MaxPathLen: 0, // Disallow delegation for now.
121 }
122 certDER, err := x509.CreateCertificate(rand.Reader, template, template, &priv.PublicKey, priv)
123 if err != nil {

Subscribers

People subscribed via source and target branches