cannot re-validate invalidated credentials
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Fix Released
|
Medium
|
Anastasia |
Bug Description
In our Juju OpenStack Deployment backed up by MaaS the following things happen:
1) our Deployed by Juju Machines are locked in MaaS
2) when we are removing all units from a locked in MaaS machine then a weird things happen:
- First of all the machine cannot be released in MaaS as it happens with unlocked machines in
MaaS
- If we want to remove the machine from Juju then the only option is with --force --no-wait. If
we try to unlock it after removing the last Juju unit from it then nothing happens.
3) After actions described in 2) our Juju Cloud Credentials for MaaS are becoming invalid and
cannot be updated because Juju complains that machine with id XXXX is not present in MaaS
In my opinion the whole process is buggy. If we consider the actions as individuals then more or less they are the expected. For example, I am expecting not to be able to release a locked machine. On the other hand, I am not expecting Juju to become messed and not be able to understand that the machine is locked. Even more, the invalidation of the credentials is very bad.
Our dirty solution is to:
1) force removing machine from Juju
2) unlocking the machine on MaaS
3) releasing the machine on MaaS
4) having two MaaS credentials. When the above situation happens we switch the model credentials to the second one, we are updating the first one which becomes again valid and then we are switching credentials again.
I am looking forward to your response.
King regards,
Stamatis
Changed in juju: | |
status: | Triaged → Incomplete |
Changed in juju: | |
status: | In Progress → Fix Committed |
Changed in juju: | |
status: | Fix Committed → Fix Released |
Thanks, as you've noted Juju doesn't understand locked machines in MAAS. It attempts to work against MAAS to remove the machine, gets strange feedback, and gets itself into a poor state.
Since it's in this fuzzy unexpected state you can tell Juju to remove the machine from it's own database/thought space by the remove --force, but it's not ideal.
We should be able to better detect and provider improved user feedback when MAAS notes a machine is locked.