// writeStateAgentConfig creates and writes a state agent config.
func writeStateAgentConfig(c *gc.C, stateInfo *state.Info, dataDir, tag, password string, vers version.Binary) agent.ConfigSetterWriter {
port := coretesting.FindTCPPort()
apiAddr := []string{fmt.Sprintf("localhost:%d", port)}
conf, err := agent.NewStateMachineConfig(
agent.AgentConfigParams{
DataDir: dataDir,
Tag: tag,
UpgradedToVersion: vers.Number,
Password: password,
Nonce: state.BootstrapNonce,
StateAddresses: stateInfo.Addrs,
APIAddresses: apiAddr,
CACert: stateInfo.CACert,
},
params.StateServingInfo{
Cert: coretesting.ServerCert,
PrivateKey: coretesting.ServerKey,
StatePort: coretesting.MgoServer.Port(),
APIPort: port,
})
c.Assert(err, gc.IsNil)
conf.SetPassword(password)
c.Assert(conf.Write(), gc.IsNil)
return conf
}
func (cfg *MachineConfig) agentConfig(tag string) (agent.ConfigSetter, error) {
// TODO for HAState: the stateHostAddrs and apiHostAddrs here assume that
// if the machine is a stateServer then to use localhost. This may be
// sufficient, but needs thought in the new world order.
var password string
if cfg.StateInfo == nil {
password = cfg.APIInfo.Password
} else {
password = cfg.StateInfo.Password
}
configParams := agent.AgentConfigParams{
DataDir: cfg.DataDir,
LogDir: cfg.LogDir,
Jobs: cfg.Jobs,
Tag: tag,
UpgradedToVersion: version.Current.Number,
Password: password,
Nonce: cfg.MachineNonce,
StateAddresses: cfg.stateHostAddrs(),
APIAddresses: cfg.apiHostAddrs(),
CACert: cfg.StateInfo.CACert,
Values: cfg.AgentEnvironment,
}
if !cfg.Bootstrap {
return agent.NewAgentConfig(configParams)
}
return agent.NewStateMachineConfig(configParams, *cfg.StateServingInfo)
}
func (*suite) TestStateServingInfo(c *gc.C) {
servingInfo := params.StateServingInfo{
Cert: "old cert",
PrivateKey: "old key",
StatePort: 69,
APIPort: 47,
SharedSecret: "shared",
SystemIdentity: "identity",
}
conf, err := agent.NewStateMachineConfig(attributeParams, servingInfo)
c.Assert(err, gc.IsNil)
gotInfo, ok := conf.StateServingInfo()
c.Assert(ok, jc.IsTrue)
c.Assert(gotInfo, jc.DeepEquals, servingInfo)
newInfo := params.StateServingInfo{
APIPort: 147,
StatePort: 169,
Cert: "new cert",
PrivateKey: "new key",
SharedSecret: "new shared",
SystemIdentity: "new identity",
}
conf.SetStateServingInfo(newInfo)
gotInfo, ok = conf.StateServingInfo()
c.Assert(ok, jc.IsTrue)
c.Assert(gotInfo, jc.DeepEquals, newInfo)
}
func (*suite) TestNewStateMachineConfig(c *gc.C) {
type testStruct struct {
about string
params agent.AgentConfigParams
servingInfo params.StateServingInfo
checkErr string
inspectConfig func(*gc.C, agent.Config)
}
var tests = []testStruct{{
about: "missing state server cert",
checkErr: "state server cert not found in configuration",
}, {
about: "missing state server key",
servingInfo: params.StateServingInfo{
Cert: "server cert",
},
checkErr: "state server key not found in configuration",
}, {
about: "missing state port",
servingInfo: params.StateServingInfo{
Cert: "server cert",
PrivateKey: "server key",
},
checkErr: "state port not found in configuration",
}, {
about: "params api port",
servingInfo: params.StateServingInfo{
Cert: "server cert",
PrivateKey: "server key",
StatePort: 69,
},
checkErr: "api port not found in configuration",
}}
for _, test := range agentConfigTests {
tests = append(tests, testStruct{
about: test.about,
params: test.params,
servingInfo: params.StateServingInfo{
Cert: "server cert",
PrivateKey: "server key",
StatePort: 3171,
APIPort: 300,
},
checkErr: test.checkErr,
})
}
for i, test := range tests {
c.Logf("%v: %s", i, test.about)
cfg, err := agent.NewStateMachineConfig(test.params, test.servingInfo)
if test.checkErr == "" {
c.Assert(err, gc.IsNil)
if test.inspectConfig != nil {
test.inspectConfig(c, cfg)
}
} else {
c.Assert(err, gc.ErrorMatches, test.checkErr)
}
}
}
func (*suite) TestSetPassword(c *gc.C) {
attrParams := attributeParams
servingInfo := params.StateServingInfo{
Cert: "old cert",
PrivateKey: "old key",
StatePort: 69,
APIPort: 47,
SharedSecret: "shared",
SystemIdentity: "identity",
}
conf, err := agent.NewStateMachineConfig(attrParams, servingInfo)
c.Assert(err, gc.IsNil)
expectAPIInfo := &api.Info{
Addrs: attrParams.APIAddresses,
CACert: attrParams.CACert,
Tag: attrParams.Tag,
Password: "",
Nonce: attrParams.Nonce,
}
c.Assert(conf.APIInfo(), jc.DeepEquals, expectAPIInfo)
addr := fmt.Sprintf("127.0.0.1:%d", servingInfo.StatePort)
expectStateInfo := &state.Info{
Addrs: []string{addr},
CACert: attrParams.CACert,
Tag: attrParams.Tag,
Password: "",
}
info, ok := conf.StateInfo()
c.Assert(ok, jc.IsTrue)
c.Assert(info, jc.DeepEquals, expectStateInfo)
conf.SetPassword("newpassword")
expectAPIInfo.Password = "******"
expectStateInfo.Password = "******"
c.Assert(conf.APIInfo(), jc.DeepEquals, expectAPIInfo)
info, ok = conf.StateInfo()
c.Assert(ok, jc.IsTrue)
c.Assert(info, jc.DeepEquals, expectStateInfo)
}
func (s *BootstrapSuite) initBootstrapCommand(c *gc.C, jobs []params.MachineJob, args ...string) (machineConf agent.ConfigSetterWriter, cmd *BootstrapCommand, err error) {
if len(jobs) == 0 {
// Add default jobs.
jobs = []params.MachineJob{
params.JobManageEnviron, params.JobHostUnits,
}
}
// NOTE: the old test used an equivalent of the NewAgentConfig, but it
// really should be using NewStateMachineConfig.
agentParams := agent.AgentConfigParams{
LogDir: s.logDir,
DataDir: s.dataDir,
Jobs: jobs,
Tag: "machine-0",
UpgradedToVersion: version.Current.Number,
Password: testPasswordHash(),
Nonce: state.BootstrapNonce,
StateAddresses: []string{testing.MgoServer.Addr()},
APIAddresses: []string{"0.1.2.3:1234"},
CACert: testing.CACert,
Values: map[string]string{agent.Namespace: "foobar"},
}
servingInfo := params.StateServingInfo{
Cert: "some cert",
PrivateKey: "some key",
APIPort: 3737,
StatePort: testing.MgoServer.Port(),
}
machineConf, err = agent.NewStateMachineConfig(agentParams, servingInfo)
c.Assert(err, gc.IsNil)
err = machineConf.Write()
c.Assert(err, gc.IsNil)
cmd = &BootstrapCommand{}
err = testing.InitCommand(cmd, append([]string{"--data-dir", s.dataDir}, args...))
return machineConf, cmd, err
}
func (s *bootstrapSuite) TestInitializeState(c *gc.C) {
dataDir := c.MkDir()
pwHash := utils.UserPasswordHash(testing.DefaultMongoPassword, utils.CompatSalt)
configParams := agent.AgentConfigParams{
DataDir: dataDir,
Tag: "machine-0",
UpgradedToVersion: version.Current.Number,
StateAddresses: []string{testing.MgoServer.Addr()},
CACert: testing.CACert,
Password: pwHash,
}
servingInfo := params.StateServingInfo{
Cert: testing.ServerCert,
PrivateKey: testing.ServerKey,
APIPort: 1234,
StatePort: testing.MgoServer.Port(),
SystemIdentity: "def456",
}
cfg, err := agent.NewStateMachineConfig(configParams, servingInfo)
c.Assert(err, gc.IsNil)
_, available := cfg.StateServingInfo()
c.Assert(available, gc.Equals, true)
expectConstraints := constraints.MustParse("mem=1024M")
expectHW := instance.MustParseHardware("mem=2048M")
mcfg := agent.BootstrapMachineConfig{
Addresses: instance.NewAddresses("0.1.2.3", "zeroonetwothree"),
Constraints: expectConstraints,
Jobs: []params.MachineJob{params.JobHostUnits},
InstanceId: "i-bootstrap",
Characteristics: expectHW,
SharedSecret: "abc123",
}
envAttrs := dummy.SampleConfig().Delete("admin-secret").Merge(testing.Attrs{
"agent-version": version.Current.Number.String(),
"state-id": "1", // needed so policy can Open config
})
envCfg, err := config.New(config.NoDefaults, envAttrs)
c.Assert(err, gc.IsNil)
st, m, err := agent.InitializeState(cfg, envCfg, mcfg, state.DialOpts{}, environs.NewStatePolicy())
c.Assert(err, gc.IsNil)
defer st.Close()
err = cfg.Write()
c.Assert(err, gc.IsNil)
// Check that initial admin user has been set up correctly.
s.assertCanLogInAsAdmin(c, pwHash)
user, err := st.User("admin")
c.Assert(err, gc.IsNil)
c.Assert(user.PasswordValid(testing.DefaultMongoPassword), jc.IsTrue)
// Check that environment configuration has been added.
newEnvCfg, err := st.EnvironConfig()
c.Assert(err, gc.IsNil)
c.Assert(newEnvCfg.AllAttrs(), gc.DeepEquals, envCfg.AllAttrs())
// Check that the bootstrap machine looks correct.
c.Assert(m.Id(), gc.Equals, "0")
c.Assert(m.Jobs(), gc.DeepEquals, []state.MachineJob{state.JobHostUnits})
c.Assert(m.Series(), gc.Equals, version.Current.Series)
c.Assert(m.CheckProvisioned(state.BootstrapNonce), jc.IsTrue)
c.Assert(m.Addresses(), gc.DeepEquals, mcfg.Addresses)
gotConstraints, err := m.Constraints()
c.Assert(err, gc.IsNil)
c.Assert(gotConstraints, gc.DeepEquals, expectConstraints)
c.Assert(err, gc.IsNil)
gotHW, err := m.HardwareCharacteristics()
c.Assert(err, gc.IsNil)
c.Assert(*gotHW, gc.DeepEquals, expectHW)
gotAddrs := m.Addresses()
c.Assert(gotAddrs, gc.DeepEquals, mcfg.Addresses)
// Check that the API host ports are initialised correctly.
apiHostPorts, err := st.APIHostPorts()
c.Assert(err, gc.IsNil)
c.Assert(apiHostPorts, gc.DeepEquals, [][]instance.HostPort{
instance.AddressesWithPort(mcfg.Addresses, 1234),
})
// Check that the state serving info is initialised correctly.
stateServingInfo, err := st.StateServingInfo()
c.Assert(err, gc.IsNil)
c.Assert(stateServingInfo, jc.DeepEquals, params.StateServingInfo{
APIPort: 1234,
StatePort: testing.MgoServer.Port(),
Cert: testing.ServerCert,
PrivateKey: testing.ServerKey,
SharedSecret: "abc123",
SystemIdentity: "def456",
})
// Check that the machine agent's config has been written
// and that we can use it to connect to the state.
newCfg, err := agent.ReadConfig(agent.ConfigPath(dataDir, "machine-0"))
c.Assert(err, gc.IsNil)
c.Assert(newCfg.Tag(), gc.Equals, "machine-0")
c.Assert(agent.Password(newCfg), gc.Not(gc.Equals), pwHash)
c.Assert(agent.Password(newCfg), gc.Not(gc.Equals), testing.DefaultMongoPassword)
info, ok := cfg.StateInfo()
c.Assert(ok, jc.IsTrue)
st1, err := state.Open(info, state.DialOpts{}, environs.NewStatePolicy())
c.Assert(err, gc.IsNil)
defer st1.Close()
}
