Launchpad itself

Canonical SSO and Launchpad share database tables

Bug #629169 reported by Gary Poster
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Launchpad itself
Triaged
High
Unassigned

Bug Description

Currently, we mirror selected Launchpad information to the lp_* 'mirror' tables. These tables are then replicated using Slony-I to the CanonicalSSO databases.

At a minimum, the CanonicalSSO systems need to stop using the lp_Account table to map OpenId Identifiers to Launchpad Person data (such as TeamParticipation). The CanonicalSSO could use a mirror of the Launchpad EmailAddress information to map CanonicalSSO accounts to Launchpad information, or some entirely different mechanism allowing us to seperate the CanonicalSSO and Launchpad databases into separate replication clusters.

This is step 3 of https://dev.launchpad.net/LEP/OpenIdRoadmap, but also tech debt it its own right.

Related branches

lp:~wgrant/launchpad/sso-xmlrpc
Curtis Hovey (community): Approve (code)
Diff: 268 lines (+148/-17)
6 files modified
lib/lp/registry/configure.zcml (+10/-0)
lib/lp/registry/interfaces/person.py (+15/-2)
lib/lp/registry/tests/test_xmlrpc.py (+55/-14)
lib/lp/registry/xmlrpc/canonicalsso.py (+56/-0)
lib/lp/xmlrpc/application.py (+9/-1)
lib/lp/xmlrpc/interfaces.py (+3/-0)
Gary Poster (gary)
tags: added: tech-debt
tags: added: openid
Revision history for this message
Robert Collins (lifeless) wrote :

Our DB downtime is downtime for SSO while they share a replication cluster; fixing that is important.

Changed in launchpad:
importance: Low → High
Robert Collins (lifeless)
summary: - Improve Launchpad/CanonicalSSO Integration
+ Canonical SSO and Launchpad share database tables
William Grant (wgrant)
Changed in launchpad:
assignee: nobody → William Grant (wgrant)
status: Triaged → In Progress
Revision history for this message
William Grant (wgrant) wrote :

The new plan is that SSO will get Launchpad ID, timezone, and team memberships from LP using XML-RPC. If Launchpad is down during login, SSO will not return that extra information.

Revision history for this message
Francis J. Lacoste (flacoste) wrote :

> If Launchpad is down during login, SSO will not return that extra information.

That looks like a problem to me. Many, many, many things are protected by Launchpad team restriction. That means that all of these resources become unavailable whenever Launchpad is unavailable. I'm not sure that's a limitation we are willing to live with.

I'd clarify with at least James from IS before switching to this new API.

Revision history for this message
Robert Collins (lifeless) wrote : Re: [Bug 629169] Re: Canonical SSO and Launchpad share database tables

On Wed, Feb 15, 2012 at 8:19 AM, Francis J. Lacoste
<email address hidden> wrote:
>> If Launchpad is down during login, SSO will not return that extra
> information.
>
> That looks like a problem to me. Many, many, many things are protected
> by Launchpad team restriction. That means that all of these resources
> become unavailable whenever Launchpad is unavailable. I'm not sure
> that's a limitation we are willing to live with.
>
> I'd clarify with at least James from IS before switching to this new
> API.

So, this was discussed with the SSO team lead; SSO has *more* downtime
than LP at the moment, and LP has -now- got an excellent track record
for being up, reliably, with schema changes being a 90-240 second
downtime.

Things like RT have a fallback mechanism for IS themselves to bootstrap.

SSO *and* LP teams both want SSO to stop doing LP team reporting and
have that be done by consumers checking directly with LP... so this
API is going to be 'short lived' [some years probably] anyhow.

I will double check with James, but I'm quite sure this won't degrade
SSO uptime to unacceptable levels.

-Rob

Revision history for this message
Robert Collins (lifeless) wrote :

I've talked with James and other than a couple of tweaks to the plan
(make requests fail-hard; good error UI (tells folk to retry in 60
seconds)) he is ok with it given the benefits and LP's current
reliability.

Revision history for this message
Launchpad QA Bot (lpqabot) wrote :

Fixed in stable r14801 <http://bazaar.launchpad.net/~launchpad-pqm/launchpad/stable/revision/14801>.

tags: added: qa-needstesting
Changed in launchpad:
status: In Progress → Fix Committed
William Grant (wgrant)
tags: added: qa-untestable
removed: qa-needstesting
Changed in launchpad:
status: Fix Committed → In Progress
artur bryczek (arturbryczek)
Changed in launchpad:
status: In Progress → Fix Committed
assignee: William Grant (wgrant) → nobody
Steve Kowalik (stevenk)
Changed in launchpad:
status: Fix Committed → In Progress
assignee: nobody → William Grant (wgrant)
William Grant (wgrant)
Changed in launchpad:
assignee: William Grant (wgrant) → nobody
status: In Progress → Triaged
major dixon (major-dixon)
Changed in launchpad:
assignee: nobody → major dixon (major-dixon)
Colin Watson (cjwatson)
no longer affects: ubuntu
Changed in launchpad:
assignee: major dixon (major-dixon) → nobody
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.