[DPE-7316] Additive changes for stereo mode#1648
Conversation
github-actions
Bot
added
the
Libraries: OK
| old_operator_ca = self.charm.get_secret(UNIT_SCOPE, "old-ca") or "" | ||
| internal_ca = self.charm.get_secret(APP_SCOPE, "internal-ca") or "" | ||
| return "\n".join((operator_ca, old_operator_ca, internal_ca)) | ||
| return "\n".join((operator_ca, old_operator_ca, internal_ca)).strip() |
There was a problem hiding this comment.
Will be passed to the watcher, so it's able to call the Patroni REST API with verify flag.
| if not self._patroni_async_auth: | ||
| raise RetryError( | ||
| last_attempt=Future.construct(1, Exception("Unable to reach any units"), True) | ||
| ) |
There was a problem hiding this comment.
To maintain the current behaviour.
| cafile: str, | ||
| auth: BasicAuth | None = None, | ||
| verify: bool = True, |
There was a problem hiding this comment.
Decoupled from the attributes of the Patroni helper class.
There was a problem hiding this comment.
TODO can also be reused by the observer script.
There was a problem hiding this comment.
Templated unit for the RAFT observer.
There was a problem hiding this comment.
RAFT observer config.
| {% for partner_addr in partner_addrs -%} | ||
| - {{ partner_addr }}:2222 | ||
| {% endfor %} | ||
| self_addr: '{{ self_addr }}:{{ self_port }}' |
There was a problem hiding this comment.
Hard dependency for the observer. We will need to start/stop based on the number of partners.
| members: list[str] | ||
|
|
||
|
|
||
| def install_service() -> bool: |
There was a problem hiding this comment.
Out of the class since it's not dependent on existing relations.
|
|
||
| # Validate addresses to prevent injection into the systemd unit file | ||
| try: | ||
| IPv4Address(self_addr) |
There was a problem hiding this comment.
Should we only check for IPv4 addresses here?
There was a problem hiding this comment.
For now, yes, as we still need to properly implement IPV6 (#922 (comment)).
There was a problem hiding this comment.
Not really called by anything at the moment so it should be safe to merge.
| except SystemdError as e: | ||
| logger.error(f"Failed to reload systemd: {e}") | ||
| return False |
There was a problem hiding this comment.
Maybe we should just raise the exception here?
There was a problem hiding this comment.
I think that's a good approach, so the user can call juju resolve to retry it.
| create_directory(self.data_dir, 0o700) | ||
| create_directory(f"{self.data_dir}/raft", 0o700) |
There was a problem hiding this comment.
Make sure that necessary directories exist. Had no luck with 600 so far, _daemon_ user didn't get access.
| Type=simple | ||
| # charmed-postgresql.patroni-raft-controller app lacks network interfaces | ||
| # in the snap profile, so run the controller under the patroni app profile. | ||
| ExecStart=/snap/bin/charmed-postgresql.patroni-raft-controller {{ config_file }}/%i/patroni-raft.yaml |
There was a problem hiding this comment.
Ran as root, snap's setpriv shim will deescalate to _daemon_.
| logger.error(f"Failed to restart Raft controller: {e}") | ||
| return False | ||
|
|
||
| def get_status(self, self_port: int, password: str | None) -> ClusterStatus: |
There was a problem hiding this comment.
Will be used for health check part of the spec.
dragomirp
requested review from
carlcsaposs-canonical,
juju-charm-bot,
marceloneppel and
taurus-forever
and removed request for
a team
dragomirp
force-pushed
the
stereo-mode-additive-code
branch
from
7fbabe4 to
c1ccf83
Compare
| ) | ||
|
|
||
| # TODO we don't know the other cluster's ca | ||
| verify = not bool(alternative_endpoints) |
There was a problem hiding this comment.
Async rel doesn't share CAs. Existing behaviour.
| except SystemdError as e: | ||
| logger.error(f"Failed to reload systemd: {e}") | ||
| return False |
There was a problem hiding this comment.
I think that's a good approach, so the user can call juju resolve to retry it.
|
|
||
| # Validate addresses to prevent injection into the systemd unit file | ||
| try: | ||
| IPv4Address(self_addr) |
There was a problem hiding this comment.
For now, yes, as we still need to properly implement IPV6 (#922 (comment)).
2 participants
Factor out some of the changes for stereo mode unified charm to reduce PR size: