Canonical Juju

Provisioner shouldn't need to know StateAddresses

Bug #1866643 reported by John A Meinel
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Canonical Juju
Fix Released
High
Ian Booth
Canonical Juju 2.9-rc1

Bug Description

Currently the Provisioner task calls api/provisioner/provisioner.go StateAddresses() to fill out a record of what addresses should be used if you want to talk to Mongo.
However, that ignores things like 'juju-mgmt-space', and we only really want to talk to the Controller for anything that the Provisioner starts. (you obviously need to talk to Mongo when bootstrapping, but you can use 'localhost' for the single node case, and once you get past the single node case, you should be using an authenticated connection to the existing Juju controller to get StateServingInfo).

I have a feeling we can ultimately just rip out StateAddress and not have the Provisioner know anything about MongoInfo. (we could provide it for backward compatibility, but we really shouldn't need to, as it is a controller API, not an agent API.)

This came about because of https://bugs.launchpad.net/juju/+bug/1866623 where you can't bring up an LXD model on a K8s controller, because it thinks it needs machine addresses for the controllers. It shouldn't, though. So we should just stop depending on it, rather than trying to fake it for a K8s controller.

Revision history for this message
John A Meinel (jameinel) wrote :

It gets even worse. controller/authentication/authentication.go has
NewAPIAuthenticator() that fills out an AuthenticationProvider interface, which is just a 'simpleAuth' object.

simpleAuth.SetupAuthentication *might* return auth.stateInfo if it is provided. Which holds a pointer to a MongoInfo.
But the only caller of authentication.SetupAuthentication is apiserver/facades/client/client/instanceconfig.go:
 _, apiInfo, err = authentication.SetupAuthentication(machine, nil, apiInfo)

Which throws it away immediately.
The only other caller is:
func (task *provisionerTask) constructInstanceConfig(

which only uses it if:
 if multiwatcher.AnyJobNeedsState(instanceConfig.Jobs...) {
...
  instanceConfig.Controller = &instancecfg.ControllerConfig{
   PublicImageSigningKey: publicKey,
   MongoInfo: stateInfo,
  }

So, indeed, it almost never needs it, but it always asks for it.

Tim Penhey (thumper)
tags: added: hygiene
Ian Booth (wallyworld)
Changed in juju:
milestone: 2.8-beta1 → 2.9-beta1
Canonical Juju QA Bot (juju-qa-bot)
Changed in juju:
milestone: 2.9-beta1 → 2.9-rc1
Revision history for this message
Pen Gale (pengale) wrote :

This may have been addressed by other work. Next steps: dig into code and determine whether the issue is still present.

Changed in juju:
importance: High → Medium
milestone: 2.9-rc1 → none
assignee: nobody → Ian Booth (wallyworld)
importance: Medium → High
milestone: none → 2.9-rc1
Ian Booth (wallyworld)
Changed in juju:
status: Triaged → In Progress
Revision history for this message
Ian Booth (wallyworld) wrote :

https://github.com/juju/juju/pull/12184

Ian Booth (wallyworld)
Changed in juju:
status: In Progress → Fix Committed
Joseph Phillips (manadart)
Changed in juju:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.