Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
remotefirewaller API: Watch machine addresses #7234
Conversation
babbageclunk
added some commits
Apr 11, 2017
|
I was thinking about tracking the addresses by machine rather than by unit (so combining it into the machines map) but I figured it's probably enough refactoring for now. |
| ) | ||
| - // addresses holds the current set of known addresses. | ||
| - addresses, err := w.initial() | ||
| + err = w.initial() |
wallyworld
Apr 13, 2017
Owner
In watchers, initial() by convention has been used to return the initial set of values.
If we are changing the semantics here, the method should be renamed to initialise() or something
| - out = nil | ||
| + case machineId, ok := <-w.addressChanges: | ||
| + if !ok { | ||
| + return errors.Errorf("address changes channel unexpectedly closed") |
wallyworld
Apr 13, 2017
Owner
This could just be part of normal shutdown. I think this should just continue.
| // If the unit is departing and we have seen its address, | ||
| // remove the address. | ||
| - address := w.known[name] | ||
| + address, ok := w.known[name] | ||
| + if !ok { |
babbageclunk
Apr 13, 2017
Member
I'm using ok to prevent reporting we've changed the map when the value wasn't in there to begin with - it's really there to stop the loop further down from happening.
| + if err != nil { | ||
| + return errors.Trace(err) | ||
| + } | ||
| + w.machines[machine.Id()] = &machineData{ |
wallyworld
Apr 13, 2017
Owner
This doesn't look right - what happens if we have already seen that machine before. This could be the second unit assigned to a particular machine.
babbageclunk
Apr 13, 2017
Member
That's handled above - if the machine data is found we just add this unit to the unit set and return.
| + mData, ok := w.machines[machineId] | ||
| + if !ok { | ||
| + // This shouldn't happen. | ||
| + return errors.Errorf("missing machine data for machine %q (hosting unit %q)", machineId, unitName) |
babbageclunk
Apr 13, 2017
Member
I guess so - it could happen if we saw the unit leave scope more than once somehow.
| + return errors.Trace(err) | ||
| + } | ||
| + delete(w.machines, machineId) | ||
| + delete(w.unitToMachine, unitName) |
babbageclunk
Apr 13, 2017
Member
Duh, thought you were talking about the machines line. Yes, you're right - we should do that deletion even if the machine as a whole isn't going away.
| + return machine, nil | ||
| +} | ||
| + | ||
| +func (w *IngressAddressWatcher) machineAddressChanged(machineId string) (bool, error) { |
wallyworld
Apr 13, 2017
Owner
The method name implies this is a read only operation.
But "known" is updated.
Can we call it processMachineAddresses() or something.
The return values could be named to make it clear what is happening eg (changed bool, _ error)
| +func newMachineAddressWatcher(machine Machine, dest chan<- string) (*machineAddressWatcher, error) { | ||
| + w := &machineAddressWatcher{ | ||
| + machine: machine, | ||
| + dest: dest, |
| +// machineAddressWatcher watches for machine address changes and | ||
| +// notifies the dest channel when it sees them. It isn't a watcher in | ||
| +// the strict sense since it doesn't have a Changes method. | ||
| +type machineAddressWatcher struct { |
| @@ -302,3 +311,62 @@ func (s *addressWatcherSuite) TestTwoUnitsSameAddressOneLeaves(c *gc.C) { | ||
| wc.AssertChange() | ||
| wc.AssertNoChange() | ||
| } | ||
| + | ||
| +func (s *addressWatcherSuite) TestSeesMachineAddressChanges(c *gc.C) { |
wallyworld
Apr 13, 2017
Owner
We need a test where a second unit is assigned to an existing machine with a unit already on it
|
!!build!! |
|
$$merge$$ |
|
Status: merge request accepted. Url: http://juju-ci.vapour.ws:8080/job/github-merge-juju |
|
Build failed: Tests failed |
|
$$merge$$ |
|
Status: merge request accepted. Url: http://juju-ci.vapour.ws:8080/job/github-merge-juju |
|
I did a GCE test on Thursday - it seemed like this change worked correctly, but from the logs it appeared that the firewaller got stuck in the call to |
jujubot
merged commit 26f56a9
into
juju:develop
Apr 17, 2017
1 check failed
babbageclunk
deleted the
babbageclunk:watch-machine-addresses
branch
Apr 17, 2017
babbageclunk
referenced this pull request
Apr 18, 2017
Merged
provider/gce: Don't base the name of firewall rules on hash of CIDRs #7246
added a commit
that referenced
this pull request
Apr 24, 2017
babbageclunk commentedApr 13, 2017
Description of change
The
IngressAddressWatcherwill now signal when a unit's address changes, as well as when units enter or leave the scope of the relation. This means that cross-model relations will still work when addresses change.QA steps
Smoke test CMR deployment. Then have a machine's public address change in the consuming model (I'm not sure how to do this). The offering model's firewall ingress rules should be updated to match the new public addresses of the consuming units.