// SetPassword is part of the ConnFacade interface.
func (facade *connFacade) SetPassword(entity names.Tag, password string) error {
var results params.ErrorResults
args := params.EntityPasswords{
Changes: []params.EntityPassword{{
Tag: entity.String(),
Password: password,
}},
}
err := facade.caller.FacadeCall("SetPasswords", args, &results)
if err != nil {
return errors.Trace(err)
}
if len(results.Results) != 1 {
return errors.Errorf("expected 1 result, got %d", len(results.Results))
}
if err := results.Results[0].Error; err != nil {
if params.IsCodeDead(err) {
return ErrDenied
} else if params.IsCodeNotFoundOrCodeUnauthorized(err) {
return ErrDenied
}
return errors.Trace(err)
}
return nil
}
// startAPIWorkers is called to start workers which rely on the
// machine agent's API connection (via the apiworkers manifold). It
// returns a Runner with a number of workers attached to it.
//
// The workers started here need to be converted to run under the
// dependency engine. Once they have all been converted, this method -
// and the apiworkers manifold - can be removed.
func (a *MachineAgent) startAPIWorkers(apiConn api.Connection) (_ worker.Worker, outErr error) {
agentConfig := a.CurrentConfig()
entity, err := apiagent.NewState(apiConn).Entity(a.Tag())
if err != nil {
return nil, errors.Trace(err)
}
var isModelManager bool
for _, job := range entity.Jobs() {
switch job {
case multiwatcher.JobManageModel:
isModelManager = true
default:
// TODO(dimitern): Once all workers moved over to using
// the API, report "unknown job type" here.
}
}
runner := newConnRunner(apiConn)
defer func() {
// If startAPIWorkers exits early with an error, stop the
// runner so that any already started runners aren't leaked.
if outErr != nil {
worker.Stop(runner)
}
}()
modelConfig, err := apiagent.NewState(apiConn).ModelConfig()
if err != nil {
return nil, fmt.Errorf("cannot read model config: %v", err)
}
// Perform the operations needed to set up hosting for containers.
if err := a.setupContainerSupport(runner, apiConn, agentConfig); err != nil {
cause := errors.Cause(err)
if params.IsCodeDead(cause) || cause == worker.ErrTerminateAgent {
return nil, worker.ErrTerminateAgent
}
return nil, fmt.Errorf("setting up container support: %v", err)
}
if isModelManager {
// Published image metadata for some providers are in simple streams.
// Providers that do not depend on simple streams do not need this worker.
env, err := newEnvirons(modelConfig)
if err != nil {
return nil, errors.Annotate(err, "getting environ")
}
if _, ok := env.(simplestreams.HasRegion); ok {
// Start worker that stores published image metadata in state.
runner.StartWorker("imagemetadata", func() (worker.Worker, error) {
return newMetadataUpdater(apiConn.MetadataUpdater()), nil
})
}
// We don't have instance info set and the network config for the
// bootstrap machine only, so update it now. All the other machines will
// have instance info including network config set at provisioning time.
if err := a.setControllerNetworkConfig(apiConn); err != nil {
return nil, errors.Annotate(err, "setting controller network config")
}
} else {
runner.StartWorker("stateconverter", func() (worker.Worker, error) {
// TODO(fwereade): this worker needs its own facade.
facade := apimachiner.NewState(apiConn)
handler := conv2state.New(facade, a)
w, err := watcher.NewNotifyWorker(watcher.NotifyConfig{
Handler: handler,
})
if err != nil {
return nil, errors.Annotate(err, "cannot start controller promoter worker")
}
return w, nil
})
}
return runner, nil
}
// APIWorker returns a Worker that connects to the API and starts any
// workers that need an API connection.
func (a *MachineAgent) APIWorker() (worker.Worker, error) {
agentConfig := a.CurrentConfig()
st, entity, err := openAPIState(agentConfig, a)
if err != nil {
return nil, err
}
reportOpenedAPI(st)
// Check if the network management is disabled.
envConfig, err := st.Environment().EnvironConfig()
if err != nil {
return nil, fmt.Errorf("cannot read environment config: %v", err)
}
disableNetworkManagement, _ := envConfig.DisableNetworkManagement()
if disableNetworkManagement {
logger.Infof("network management is disabled")
}
// Refresh the configuration, since it may have been updated after opening state.
agentConfig = a.CurrentConfig()
for _, job := range entity.Jobs() {
if job.NeedsState() {
info, err := st.Agent().StateServingInfo()
if err != nil {
return nil, fmt.Errorf("cannot get state serving info: %v", err)
}
err = a.ChangeConfig(func(config agent.ConfigSetter) error {
config.SetStateServingInfo(info)
return nil
})
if err != nil {
return nil, err
}
agentConfig = a.CurrentConfig()
break
}
}
rsyslogMode := rsyslog.RsyslogModeForwarding
runner := newRunner(connectionIsFatal(st), moreImportant)
var singularRunner worker.Runner
for _, job := range entity.Jobs() {
if job == params.JobManageEnviron {
rsyslogMode = rsyslog.RsyslogModeAccumulate
conn := singularAPIConn{st, st.Agent()}
singularRunner, err = newSingularRunner(runner, conn)
if err != nil {
return nil, fmt.Errorf("cannot make singular API Runner: %v", err)
}
break
}
}
// Before starting any workers, ensure we record the Juju version this machine
// agent is running.
currentTools := &coretools.Tools{Version: version.Current}
if err := st.Upgrader().SetVersion(agentConfig.Tag().String(), currentTools.Version); err != nil {
return nil, errors.Annotate(err, "cannot set machine agent version")
}
providerType := agentConfig.Value(agent.ProviderType)
// Run the upgrader and the upgrade-steps worker without waiting for
// the upgrade steps to complete.
runner.StartWorker("upgrader", func() (worker.Worker, error) {
return upgrader.NewUpgrader(
st.Upgrader(),
agentConfig,
a.previousAgentVersion,
a.upgradeWorkerContext.IsUpgradeRunning,
), nil
})
runner.StartWorker("upgrade-steps", func() (worker.Worker, error) {
return a.upgradeWorkerContext.Worker(a, st, entity.Jobs()), nil
})
// All other workers must wait for the upgrade steps to complete
// before starting.
a.startWorkerAfterUpgrade(runner, "machiner", func() (worker.Worker, error) {
return machiner.NewMachiner(st.Machiner(), agentConfig), nil
})
a.startWorkerAfterUpgrade(runner, "apiaddressupdater", func() (worker.Worker, error) {
return apiaddressupdater.NewAPIAddressUpdater(st.Machiner(), a), nil
})
a.startWorkerAfterUpgrade(runner, "logger", func() (worker.Worker, error) {
return workerlogger.NewLogger(st.Logger(), agentConfig), nil
})
a.startWorkerAfterUpgrade(runner, "machineenvironmentworker", func() (worker.Worker, error) {
return machineenvironmentworker.NewMachineEnvironmentWorker(st.Environment(), agentConfig), nil
})
a.startWorkerAfterUpgrade(runner, "rsyslog", func() (worker.Worker, error) {
return newRsyslogConfigWorker(st.Rsyslog(), agentConfig, rsyslogMode)
})
// TODO (mfoord 8/8/2014) improve the way we detect networking capabilities. Bug lp:1354365
writeNetworkConfig := providerType == "maas"
if disableNetworkManagement || !writeNetworkConfig {
a.startWorkerAfterUpgrade(runner, "networker", func() (worker.Worker, error) {
return newSafeNetworker(st.Networker(), agentConfig, networker.DefaultConfigDir)
})
} else if !disableNetworkManagement && writeNetworkConfig {
a.startWorkerAfterUpgrade(runner, "networker", func() (worker.Worker, error) {
return newNetworker(st.Networker(), agentConfig, networker.DefaultConfigDir)
})
}
// If not a local provider bootstrap machine, start the worker to
// manage SSH keys.
if providerType != provider.Local || a.MachineId != bootstrapMachineId {
a.startWorkerAfterUpgrade(runner, "authenticationworker", func() (worker.Worker, error) {
return authenticationworker.NewWorker(st.KeyUpdater(), agentConfig), nil
})
}
// Perform the operations needed to set up hosting for containers.
if err := a.setupContainerSupport(runner, st, entity, agentConfig); err != nil {
cause := errors.Cause(err)
if params.IsCodeDead(cause) || cause == worker.ErrTerminateAgent {
return nil, worker.ErrTerminateAgent
}
return nil, fmt.Errorf("setting up container support: %v", err)
}
for _, job := range entity.Jobs() {
switch job {
case params.JobHostUnits:
a.startWorkerAfterUpgrade(runner, "deployer", func() (worker.Worker, error) {
apiDeployer := st.Deployer()
context := newDeployContext(apiDeployer, agentConfig)
return deployer.NewDeployer(apiDeployer, context), nil
})
case params.JobManageEnviron:
a.startWorkerAfterUpgrade(singularRunner, "environ-provisioner", func() (worker.Worker, error) {
return provisioner.NewEnvironProvisioner(st.Provisioner(), agentConfig), nil
})
// TODO(axw) 2013-09-24 bug #1229506
// Make another job to enable the firewaller. Not all
// environments are capable of managing ports
// centrally.
a.startWorkerAfterUpgrade(singularRunner, "firewaller", func() (worker.Worker, error) {
return firewaller.NewFirewaller(st.Firewaller())
})
a.startWorkerAfterUpgrade(singularRunner, "charm-revision-updater", func() (worker.Worker, error) {
return charmrevisionworker.NewRevisionUpdateWorker(st.CharmRevisionUpdater()), nil
})
case params.JobManageStateDeprecated:
// Legacy environments may set this, but we ignore it.
default:
// TODO(dimitern): Once all workers moved over to using
// the API, report "unknown job type" here.
}
}
return newCloseWorker(runner, st), nil // Note: a worker.Runner is itself a worker.Worker.
}