Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LDAP refactoring: remove admin_conn #223

Closed
wants to merge 2 commits into from
Closed

LDAP refactoring: remove admin_conn #223

wants to merge 2 commits into from

Conversation

tkrizek
Copy link
Contributor

@tkrizek tkrizek commented Nov 9, 2016
edited by MartinBasti

This first commit removes the admin_conn alias for api.Backend.ldap2 that was previously used in services.

When trying to get rid of it, I found some legacy code in ipa-server-upgrade. The second commit improves ldap connection management in upgrade and removes useless start and stops of directory server at random places.

@tkrizek
Copy link
Contributor Author

tkrizek commented Nov 15, 2016

Bump for review.

I forgot about this PR, it's a final change from the refactoring effort.

@MartinBasti MartinBasti self-assigned this Nov 15, 2016
@MartinBasti
Copy link
Contributor

Works for me, I'll check code tomorrow

@MartinBasti
Copy link
Contributor

ACK: removing admin_conn connections

  • just for future, python doesn't like to have too many dereference from performance point fo view. So you should in future use ldap = api.Backend.ldap2 and then just use ldap.find_entries()
  • it is not issue with this patch as it was done in this way before, but can be improved in future

NACK: upgrade commit

  • you turned DS on earlier than it actually needs to be. In one of first steps of LDAP upgrade is DS turned off, so I don't see a reason for a such change

services: replace admin_conn with api.Backend.ldap2
bedcc0d 
Since service.admin_conn is only an alias to api.Backend.ldap2,
replace it everywhere with the explicit api.Backend.ldap2 instead.

https://fedorahosted.org/freeipa/ticket/6461
@tkrizek
Copy link
Contributor Author

tkrizek commented Nov 16, 2016

Fixed the issue + rebased. Only the second commit has changed.

tkrizek
tkrizek commented Nov 16, 2016
View reviewed changes
ipaserver/install/server/upgrade.py
ds.fqdn = fqdn
ds.realm = api.env.realm
ds.suffix = ipautil.realm_to_suffix(api.env.realm)
ds.principal = "ldap/%s@%s" % (ds.fqdn, ds.realm)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Discovered this after rebase, this was probably a regression from installer refactoring. principal is now a property.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please write this to installer refactoring ticket

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OR remove it in separate patch

@tkrizek tkrizek force-pushed the refactoring-ldap4 branch 2 times, most recently from 4bff799 to 89bd31a Compare November 21, 2016 14:41
@tkrizek
Copy link
Contributor Author

tkrizek commented Nov 21, 2016

Depends on #262

MartinBasti
MartinBasti reviewed Nov 21, 2016
View reviewed changes
ipaserver/install/server/upgrade.py
if ds_running and not ds.is_running():
ds.start(ds_serverid)
elif not ds_running and ds.is_running():
if not ds_running:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see you stopped removed many ds.start() lines. I'm afraid that some of them may be missing in case there is a function that stops DS. Did you make sure that this cannot happen?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think these were relics, since I've not been able to find a use case in which they'd be necessary.

@MartinBasti
Copy link
Contributor

MartinBasti commented Nov 21, 2016
edited

LGTM and Works for me, but I have to make sure that things I wrote inline won''t happen

upgrade: ldap conn management
355cc51 
Clean up unnecessary starts/stops of DS and unnescessary attributes.
If the DS is running, establish an LDAP connection and properly close
it.

https://fedorahosted.org/freeipa/ticket/6461
@MartinBasti MartinBasti added the ack Pull Request approved, can be merged label Nov 22, 2016
@MartinBasti
Copy link
Contributor

Fixed upstream
master:
https://fedorahosted.org/freeipa/changeset/68295bf8cfd57333deb50f58df1b336a4b48ffe7
https://fedorahosted.org/freeipa/changeset/0914fc6a6043846159f6d1c4bb433dcfe9ee3f46

@MartinBasti MartinBasti added the pushed Pull Request has already been pushed label Nov 22, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MartinBasti MartinBasti MartinBasti left review comments

Assignees

@MartinBasti MartinBasti

Labels
ack Pull Request approved, can be merged pushed Pull Request has already been pushed
Projects
None yet
Milestone
No milestone
2 participants
@tkrizek @MartinBasti