-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[DPE-3050] Template config #159
Conversation
f96c1d9
to
18847a1
Compare
18847a1
to
7389b67
Compare
f0994d3
to
17631ef
Compare
8760712
to
32df1cc
Compare
f0b3fcf
to
d1661ad
Compare
24be453
to
177b070
Compare
3737eb6
to
636defc
Compare
44c0584
to
a3f3f07
Compare
a3f3f07
to
2796098
Compare
* Check that secret is up to date * Check for stale secret in backend ready * Check for stale secret in on start * Always regenerate dbs and reuse backend if available * Str keys for db mapping * Try to test all units connection * Fix expose flag checking * Update userlist on peer change
if ( | ||
(auth_file := self.get_secret(APP_SCOPE, AUTH_FILE_DATABAG_KEY)) | ||
and self.backend.auth_user | ||
and self.backend.auth_user in auth_file | ||
): | ||
self.render_auth_file(auth_file) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Breaking the subordinate relation will not break the backend database relation. If the user changes the backend relation while no pgb units are around, the secret will be stale referring to an old or non-existent relation.
try: | ||
self.render_pgb_config(reload_pgbouncer=True) | ||
except ModelError: | ||
logger.warning("Deferring on_config_changed: cannot set secret label") | ||
event.defer() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CI was failing consistently with the ops/juju bug about setting a label while getting an application secret. Juju fix was committed, but it seems that 3.1.7 is still affected.
if self.unit.status.message == EXTENSIONS_BLOCKING_MESSAGE: | ||
return BlockedStatus(EXTENSIONS_BLOCKING_MESSAGE) | ||
|
||
def check_pgb_running(self): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Copied the k8s charm interface for consistency.
initial_status = self.unit.status | ||
self.unit.status = MaintenanceStatus("Reloading Pgbouncer") | ||
try: | ||
for service in self.pgb_services: | ||
systemd.service_restart(service) | ||
self.unit.status = initial_status | ||
except systemd.SystemdError as e: | ||
logger.error(e) | ||
self.unit.status = BlockedStatus("Failed to restart pgbouncer") | ||
|
||
self.unit.status = self.check_status() | ||
self.check_pgb_running() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Trying to maintain the preexisting status in most cases. Overwriting the status caused problem for blocking on extensions (Blocked status would go away during unit bootup)
if not self.charm.unit.is_leader() or ( | ||
auth_file and self.auth_user and self.auth_user in auth_file | ||
): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we are redeploying pgb with a preexisting backend rel, the leader would still be joining even if the relation was already set up.
self.update_leader() | ||
if auth_file := self.charm.get_secret(APP_SCOPE, AUTH_FILE_DATABAG_KEY): | ||
self.charm.render_auth_file(auth_file) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since we can't trust the secret from start to be up to date, we need to keep on updating the userlist here.
@pytest.mark.group(1) | ||
@pytest.mark.unstable | ||
async def test_relation_broken(ops_test: OpsTest): | ||
"""Test that the user is removed when the relation is broken.""" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We'll need to add the goal state workaround for subordinates to reenable this test.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Great work restoring the initial status every time it changes temporarily.
unit_name=unit.name, | ||
relation_id=client_relation.id, | ||
relation_name=FIRST_DATABASE_RELATION_NAME, | ||
dbname=TEST_DBNAME, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice improvement (regarding checking all the units).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Excellent!
Port of canonical/pgbouncer-k8s-operator#186
Use template to render PGB config. Tired to bring the k8s and vm implementatiion closer.