Juju needs to handle locked machines in MAAS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Triaged
|
Medium
|
Unassigned |
Bug Description
While investigating bug # 1852412, it became obvious that Juju does not handle MAAS locked machines very well - MAAS throws 'permission denied' error, which is interpreted by Juju as a problem with authentication.
We either need to coordinate with MAAS to throw a different error so that we can differentiate between a credential error vs you-are-
Another issue here is that Juu is not very good at cleaning out tags when removing Juju machines, units, etc on the cloud instances that are mean to be left behind. All these instances remain to be tagged with model uuids. This has surfaced before when dealing with harvest-mode on machine removal, see bug # 1671733. Use of force in the scenario from bug # 1852412 is another symptoms of the same root cause.
Changed in juju: | |
assignee: | Anastasia (anastasia-macmood) → nobody |
tags: | added: seg |
tags: | added: sts |
For Juju to detect if a MAAS machine is locked, we need to examine a GET on the machine - a GET of the machine includes locked as a boolean, https:/ /maas.io/ docs/api# machine. Juju needs to verify if a machine is locked before trying to do anything to the machine, for example, prior to removing a machine.
There's no distinction in MAAS API - at the moment, if Juju tries to do anything to the machine, a generic Permission Denied is thrown.