is-primary-controller-flag is getting "permission denied" instead of "lease claim denied"
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Triaged
|
Low
|
Unassigned |
Bug Description
Maybe this is expected behavior, but I saw this during an upgrade process:
2018-02-14 07:19:45 DEBUG juju.worker.
2018-02-14 07:19:45 ERROR juju.worker.
2018-02-14 07:19:45 DEBUG juju.worker.
permission denied
github.
github.
github.
github.
github.
That seems that the 'is-primary-
The code in question seems to want to get ErrClaimDenied (from worker/
func claim(config FlagConfig) (bool, error) {
err := config.
cause := errors.Cause(err)
switch cause {
case nil:
return true, nil
case lease.ErrClaimD
return false, nil
}
return false, errors.Trace(err)
}
However, looking at the server-side code it appears to be just returning ErrPerm: (apiserver/
func (facade *Facade) Claim(args params.
result.Results = make([]
for i, claim := range args.Claims {
err := facade.claim(claim)
result.
}
return result
}
func (facade *Facade) claim(claim params.
if !allowedDuratio
return common.ErrPerm
}
leaseId, err := facade.
if err != nil {
return errors.Trace(err)
}
holder := facade.
if claim.ClaimantTag != holder {
return common.ErrPerm
}
return facade.
}
claim() is likely returning ErrPerm, which is being translated into the generic ServerError:
ErrPerm: params.
Now the client API does try to do a translation here (api/singular/
func (api *API) Claim(duration time.Duration) error {
args := params.
Claims: []params.
EntityTag: api.entity.
ClaimantTag: api.claimant.
Duration: duration,
}},
}
var results params.ErrorResults
err := api.facadeCalle
if err != nil {
return errors.Trace(err)
}
err = results.OneError()
if err != nil {
if params.
return lease.ErrClaimD
}
return errors.Trace(err)
}
return nil
}
But that will *only* translate a CodeLeaseClaimD
return ErrCode(err) == CodeLeaseClaimD
And that seems like it could be translated server side (apiserver/
lease.
Maybe I'm misreading it. Its possible that the apiserver/
So it may be that there is something else wrong that we are doing that we are getting a 'permission denied' instead of a "lease claim denied".
Either way, we should fix this. It seems very much to be working by-accident instead of by-purpose.
summary: |
- leadership claimer treats claim denied as fatal error + is-primary-controller-flag is getting "permission denied" instead of + "lease claim denied" |
This bug has not been updated in 2 years, so we're marking it Low importance. If you believe this is incorrect, please update the importance.