feature: remove uvtool dependency

[reedobrien]

follow up to #6580

@perrito666 @babbageclunk

This removes uvtool as a dependency, which should allow kvm containers to work on arm64, amd64, and ppc64el. QA has only been done by me on amd64 with vmaas.

NB: Since merging develop back into this branch there are some network updates that break kvm containers. When the rest of the network updates are complete and land it should be fine again. In order to test, once you have checked out the branch you will need to undo the changes so you can QA. Do that with git revert -m 1 37a1a3b87fc54dc7391b4027e385ac48722ddf42 --no-commit

QA:

1. juju bootstrap vmaas21 kvm/purego --build-agent
2. juju add-machine
3. juju add-machine --series trusty
4. juju deploy ubuntu --to kvm:0
5. juju deploy mysql --to kvm:0
6. juju deploy wordpress --to kvm:1
7. juju deploy postgresql --to kvm:1 --series xenial
8. juju add-relation wordpress mysql

verify that machines 0 and 1 came up with xenial and trusty respectively
verify that machines 0/kvm/0 cam up with xenial and 0/kvm/1 with trusty
verify that machine 1/kvm/0 came up with trusty and 1/kvm/1 with xenial
verify the relation was added...
why not create a wordpress blog to be sure.

9. juju remove-application ubuntu
10. juju remove-application postgresql

verify that the disk images for those are gone ,by juju ssh 0 (or 1) and look in /var/lib/juju/kvm/guests to be sure they were removed.

[reedobrien]

!!BaronBomburst!!

[reedobrien]

!!BaronessBomburst!!

[reedobrien]

!!CaractacusPott!!

[reedobrien]

Note to self. see #6733

Failures to start kvm containers occurring after seeing
juju.provisioner failed to prepare container "2/kvm/0" network config: unable to find host bridge for spaces [] for container "2/kvm/0"

This started occurring after merging in develop to the feature branch. #6733 looks suspiciously related.

failing logs http://paste.ubuntu.com/23674094/
working logs http://paste.ubuntu.com/23674173/

cc/ @jameinel @frobware @voidspace

[perrito666]

some docs seem missing here :)

[perrito666]

my question is most likely way out of scope but ill make it anyway, how good is this when deploying to something other than ubuntu (say for instance CentOS)

[reedobrien]

AFAIU this is only supported on trusty and xenial on arm64 amd64 and ppc64el. No Centos or other.

[perrito666]

XXX?

[reedobrien]

removed. there's a method to validate them.

[perrito666]

perhaps doc string in theinterface?

[reedobrien]

done

[perrito666]

same as with InterfaceInfo

[reedobrien]

done.

[perrito666]

We have (I think) constants for these values, if we dont, lets have them.

[reedobrien]

used.

[perrito666]

I believe this is only the case for ubuntu? if so I would add a comment stating that.

[reedobrien]

commented.

[perrito666]

// blah
const blah

[reedobrien]

FType is commented. Perhaps I'm misunderstanding.

[babbageclunk]

Maybe he's asking why the parens?

[perrito666]

yes, I believe I was, just making a very unclear comment but I believe I meant: convert this to comment newline const declaration

[perrito666]

this is just a nit, this name is terrible for non english natives.

[reedobrien]

Lo siento.

[perrito666]

s/Sync/sinc/

[reedobrien]

lowered.

[perrito666]

update the comment to reflect the struct

[reedobrien]

updated. good catch.

[perrito666]

I believe something went wrong here as you want the docs below and the Copyright above?

[reedobrien]

fixed.

[reedobrien]

!!merryXmas!!

[jameinel]

Small note, I'm @jameinel on Github, not jam, I'm not sure who that is. :)

For the failure case, my guess is there is something odd about what spaces your host machine is seen as being part of. The logic is supposed to be:

1. If the container has a constraint "juju add-machine --constraints spaces=X,Y,Z", use it, or if the application has a binding "juju deploy app --bind X", use it.
2. With no constraints/binding, if the host machine is in a single space, use it.
3. The above looks like you had no constraints, and the host itself had no spaces. I'm not entirely sure how that would happen if you're using MAAS, and not using a manually provisioned machine.

I'd happily do a hangout with you to debug this, because I'm currently working on tweaking our logic and our fallback paths.

[reedobrien]

fixed nick. I'm happy to debug live, but that will most certainly be next Tues at the earliest :(

[reedobrien]

@jameinel @frobware FWIW if I back out #6733 it works again.

[babbageclunk]

Whew, this is a big chunk of work!
It mostly looks great, I have a few queries and suggestions. I started off commenting on typos but stopped after a while because it seemed too nitpicky.

[babbageclunk]

findPath would be more consistent with runCmd, wouldn't it?

[reedobrien]

renamed. This started out as an internal package interface, but became just a function.

[babbageclunk]

Typo: commnads

[reedobrien]

I don't think typos are too nitpicky. They are distracting when reading... fixed

[babbageclunk]

Is this dependency the reason this code lives inside juju/juju?

[reedobrien]

I think I am having pronoun problems. Sync or fetching used to happen in uvtool and we shelled out to it. It depended on a python simplestreams impl. Juju already had some simplestreams parsing code for cloud images and tools (agents) streams. I added the bits for also handling content-download stream which is dependent on the existing simplestreams code. That is why the simplestreams code lives in juju/juju. The kvm code implements kvm as a juju container, so it is not useful outside juju/juju.

[babbageclunk]

Ok, makes sense.

[babbageclunk]

Typo: conviert

[reedobrien]

fixed

[babbageclunk]

Typo: "it's" should be "its" here.

[reedobrien]

I should learn to type.

[babbageclunk]

Typo: rmeoves

[reedobrien]

can you tell I was riding in a car? That's my excuse;)

[babbageclunk]

:)

[babbageclunk]

Is this a potential resource leak? Should there be some kind of refcount for the backing store?

[reedobrien]

no. The backing store is a read only copy of the ubuntu image, which domains are based on.
So multiple domain drives use the same backing store which cannot change without breaking anything that uses it. qcow doesn't support updating the backing store like squashfs (lxd) AFAIU.

There is the possibility that you remove all the containers (kvm domains) that are using a backing store while it sticks around. However, in prior discussions we decided it was best to leave it so re-deploying an app to a kvm container on the same machine would consistently have the same backing store. So we left it. This also means that 2 different machines started at different times could have different backing store versions, e.g. 16.04.1 vs 16.04.2. There is discussion about getting this through the controller to alleviate that variation, but that is beyond the scope of this PR. Which is to simply replace the functionality of uvtool which worked this way. There is definitely room for improvement in the future.

[babbageclunk]

Right - if that's how uvtool was already working then this seems fine.

[babbageclunk]

From the name I'd expect this to return a new CreateMachineParams. Maybe call it MakeCreateMachineParamsTestable?

[reedobrien]

renamed.

[babbageclunk]

Why return this info twice? Is this how the real Run function behaves?

[reedobrien]

Exactly that. The run func was pre-existing, and seems based on the utils.RunCommand which returns combined output.

[babbageclunk]

Is this racy?

[reedobrien]

I don't think so. The worker/provisioner.ContainerSetup.runInitialiser method calls Initialise() in a mutex. This allows it to be called more than once (idempotently) if there is an error after createPool. Let me know if you read otherwise.

[babbageclunk]

Makes sense.

[babbageclunk]

I feel like this would make more sense as a method of a type that had runCmd and chownFunc members. Then you wouldn't need to pass the functions down into definePool, buildPool, startPool &c. You could construct one for testing with the right test functions.

(Also why pass in the pathfinder func here? Could you just pass the string instead? Maybe there's some reason later.)

Something like:

type PoolCreator struct {
   runCmd runFunc
   chownFunc func(string) error
}

func (pc *PoolCreator) create(poolDir string) error {
    // ...
}

func (pc *PoolCreator) definePool(poolDir string) error {
}

// and so on

[reedobrien]

I can see that and I think if this were ever going to be used outside of this file -- more or less package -- it would be worthwhile to refactor. As it is, it should never be used outside of here, so an unexported type with unexported methods just means a bunch more more constructors and test code. As it is I don't see a cost-benefit worth changing it, is that OK with you?

findPath nee pathfinder fakes paths.DataDir which takes a string arg and returns an error:(

Hopefully, one day soon digital ocean's libvirt and qemu libraries grow the functionality we need and this could all just go away:)

[babbageclunk]

Yeah, I'm ok with this since it's internal.

[babbageclunk]

Why are these needed? I can't understand it from reading the virsh help. Worth a comment at least.

[reedobrien]

They are positional parameters for defining other non-directory pools: e.g. file, lvm, scsi, disk, NFS.

pool-define-as <name> <type> [source-host] [source-path] [source-dev] [source-name] <target>

I think you can now use --type --target to just name params, but trusty still has the above signature.

Comment added.

[babbageclunk]

Ah, I looked at the virsh help on xenial, that's probably why I couldn't see the other positional args.

[babbageclunk]

This is the real chownFunc, right? Does it get unit tested? If you actually passed around a func(string, int, int) error you could test this as well.

[reedobrien]

The function itself isn't, but we really can't. You cannot chown unless you're root. It is a couple of syscalls which work on linux. Abstracting them out to make them moar test-able would just make them more complex thereby much more bug prone, while the tests themselves would be rather contrived testing the abstraction not the function.

I also considered shelling out ("chown", libvirtUser, libvirtGroup, path`) but shelling out is also bad. So I though keeping it as simple as possible was the least of all evils.

[babbageclunk]

I mean, I'm ok with this not being tested, but in general it would be better to mock out the thing we can't call and pass the fake one in - it reduces the amount of code that only runs in CI.

[babbageclunk]

Typo: errror

[reedobrien]

fixed.

[babbageclunk]

This comment feels a bit redundant. Is there more useful info that could go here? I guess you define it so that you can swap it out for testing?

[reedobrien]

This is pre-existing code. Horatio asked for comments here. So I just added comments. I didn't actually get up into the container factory and container interface code that is used by the worker/provisioner/kvm-broker code. I mostly made changes that removed the need for uvtool but left the API untouched.

Modified the comment a smidge.

[babbageclunk]

This doc comment is a bit too focused on how we use the thing rather than what the thing is. How about "DiskInfo represents a KVM disk image."?

[reedobrien]

changed DiskInfo represents the type and location of a libvirt pool image.

[babbageclunk]

Same here - "InterfaceInfo represents a network interface for a KVM instance being created."? (These might be wrong in the details, but I think something like this would be more useful than what's here.)

[reedobrien]

updated.

[babbageclunk]

"NetworkInfo contains the network interfaces to create in the domain."?

[reedobrien]

changed

[babbageclunk]

I like this.

[reedobrien]

🥇

[babbageclunk]

Typo: architecures

[reedobrien]

fixed

[perrito666]

// blah
const blah

[reedobrien]

FType is commented. Perhaps I'm misunderstanding.

[babbageclunk]

Maybe he's asking why the parens?

[perrito666]

yes, I believe I was, just making a very unclear comment but I believe I meant: convert this to comment newline const declaration

[babbageclunk]

What does it actually do? The description shouldn't really be in terms of the implementation - I don't know what imagedownloads.One does. Maybe say that it finds the first matching item to download?

[reedobrien]

updated, "Oner gets the one matching item from simplestreams."

[babbageclunk]

As mentioned below I think just passing in a DataSource rather than a func() DataSource for testing would make more sense.

[reedobrien]

It is a func because we allow passing in a custom simplestreams url (if you make your own golden images/tools/whatever) and building a datasource from that. If the arg is empty then the default source is used. This was an early bit of work from the simplestreams implementation, so it isn't fresh in my head. I'll look at it after I get through the rest of the review.

[babbageclunk]

Ooh, I haven't seen io.MultiWriter before (or this way of calculating a hash). Neat!

[reedobrien]

The inverse of a teereader.

[babbageclunk]

Is this intentional?

[reedobrien]

😊 I usually format those with "XXX: %s\n"... so I can find all my crap to remove before I commit. I guess I missed it there. runCmd prints it anyhow:/

[babbageclunk]

Typo: nessecary

[reedobrien]

fixed

[babbageclunk]

Having test-specific code in the middle of this function is a bit surprising - can you make it so the normal construction of the CreateMachineParams has the right values and the test constructs one with the test stubs so that this is cleaner?

[reedobrien]

split default selection as discussed.

[babbageclunk]

This is a little redundant.

[reedobrien]

gone

[babbageclunk]

This is too.

[reedobrien]

gone.

[babbageclunk]

The comments in here read as if they were a todo list while writing the function. I do that too, but in general those kind of comments should be deleted as you replace them with the code. At best they're just noise.

[reedobrien]

Code is self documenting!
removed.

[babbageclunk]

What's hostname here?

[reedobrien]

stale comment, updated.

[babbageclunk]

Typo: use din

[reedobrien]

fixed.

[babbageclunk]

Should the name of this file be simplestreams.go?

[reedobrien]

yes.

[babbageclunk]

If nothing else deterministic output is probably nice for testing, although I guess you can get the same benefit by sorting in the test.

[reedobrien]

Good thoughts. I'll just leave it as it isn't expensive.

[babbageclunk]

Why pass in a func() DataSource instead of just a DataSource here?

[babbageclunk]

Would FetchOne be a better name? One's pretty abstract.

[reedobrien]

It doesn't really fetch anything it gets the metadata needed to fetch an item. However, Fetch is the name used in imagemetadata (tool/agent stream). So I copied it. In a preimplementation discussion we called the convenience method to get one metadata item One. So I named it one. It also fulfilled the Oner interface in kvm/sync.go. In my head I read it as imagedownloads.One, so it gets me one image download item from simplestreams. Familiarity permits brevity and all that.

Also, in sync there is a fetcher that fetches the one item, so I'd prefer not to confuse names there with FetchOne.

[babbageclunk]

Ok.

[babbageclunk]

Hmm, it's weird that you had to come up with slightly different names so that the accessors needed for the interface didn't collide with the public attributes. That suggests that this isn't the right thing.

Did you really need an interface for InterfaceInfo for testing? The structs in network are passive data structures and can be directly constructed, so I think it would make more sense to use them for testing. Is there some reason you can't?

[reedobrien]

fixing per conversation

[reedobrien]

!!Iwouldliketobuyavowel!!

[perrito666]

!!doitonemoretime!!

[reedobrien]

!!Iwouldliketospinthewheelalex!!

[reedobrien]

!!roullette!!

[reedobrien]

!!buildme!!

[babbageclunk]

Thanks - I think I was just confused because of the way the defaulting was intertwined before.

[babbageclunk]

$$merge$$

[jujubot]

Status: merge request accepted. Url: http://juju-ci.vapour.ws:8080/job/github-merge-juju

[jujubot]

Build failed: Tests failed
build url: http://juju-ci.vapour.ws:8080/job/github-merge-juju/9952

[reedobrien]

$$merge$$

[jujubot]

Status: merge request accepted. Url: http://juju-ci.vapour.ws:8080/job/github-merge-juju

[jujubot]

Build failed: Tests failed
build url: http://juju-ci.vapour.ws:8080/job/github-merge-juju/9954

[reedobrien]

$$merge$$

[reedobrien]

!!build!!

[jujubot]

Status: merge request accepted. Url: http://juju-ci.vapour.ws:8080/job/github-merge-juju

[jujubot]

Build failed: Tests failed
build url: http://juju-ci.vapour.ws:8080/job/github-merge-juju/9956

[reedobrien]

!!reallybuild!!

[reedobrien]

$$ormerge$$

[jujubot]

Status: merge request accepted. Url: http://juju-ci.vapour.ws:8080/job/github-merge-juju

[reedobrien]

$$isthereanybodyoutther$$

[babbageclunk]

Woot!

…

On Fri, Jan 6, 2017 at 7:49 AM Juju bot ***@***.***> wrote: Merged #6748 <#6748>. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#6748 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAiYx1JaWFVckJyp6mu-N2vjtIMUBOpjks5rPTsugaJpZM4LUcDK> .