// newState returns a new State that uses the given environment.
// The environment must have already been bootstrapped.
func newState(environ environs.Environ, mongoInfo *mongo.MongoInfo) (*state.State, error) {
config := environ.Config()
password := config.AdminSecret()
if password == "" {
return nil, fmt.Errorf("cannot connect without admin-secret")
}
modelTag := names.NewModelTag(config.UUID())
mongoInfo.Password = password
opts := mongo.DefaultDialOpts()
st, err := state.Open(modelTag, mongoInfo, opts, environs.NewStatePolicy())
if errors.IsUnauthorized(errors.Cause(err)) {
// We try for a while because we might succeed in
// connecting to mongo before the state has been
// initialized and the initial password set.
for a := redialStrategy.Start(); a.Next(); {
st, err = state.Open(modelTag, mongoInfo, opts, environs.NewStatePolicy())
if !errors.IsUnauthorized(errors.Cause(err)) {
break
}
}
if err != nil {
return nil, err
}
} else if err != nil {
return nil, err
}
if err := updateSecrets(environ, st); err != nil {
st.Close()
return nil, fmt.Errorf("unable to push secrets: %v", err)
}
return st, nil
}
func (s *BootstrapSuite) TestInitialPassword(c *gc.C) {
machineConf, cmd, err := s.initBootstrapCommand(c, nil,
"--model-config", s.b64yamlControllerModelConfig,
"--hosted-model-config", s.b64yamlHostedModelConfig,
"--instance-id", string(s.instanceId),
)
c.Assert(err, jc.ErrorIsNil)
err = cmd.Run(nil)
c.Assert(err, jc.ErrorIsNil)
info := &mongo.MongoInfo{
Info: mongo.Info{
Addrs: []string{gitjujutesting.MgoServer.Addr()},
CACert: testing.CACert,
},
}
// Check we can log in to mongo as admin.
// TODO(dfc) does passing nil for the admin user name make your skin crawl ? mine too.
info.Tag, info.Password = nil, testPassword
st, err := state.Open(testing.ModelTag, info, mongotest.DialOpts(), environs.NewStatePolicy())
c.Assert(err, jc.ErrorIsNil)
defer st.Close()
// We're running Mongo with --noauth; let's explicitly verify
// that we can login as that user. Even with --noauth, an
// explicit Login will still be verified.
adminDB := st.MongoSession().DB("admin")
err = adminDB.Login("admin", "invalid-password")
c.Assert(err, gc.ErrorMatches, "(auth|(.*Authentication)) fail(s|ed)\\.?")
err = adminDB.Login("admin", info.Password)
c.Assert(err, jc.ErrorIsNil)
// Check that the admin user has been given an appropriate
// password
u, err := st.User(names.NewLocalUserTag("admin"))
c.Assert(err, jc.ErrorIsNil)
c.Assert(u.PasswordValid(testPassword), jc.IsTrue)
// Check that the machine configuration has been given a new
// password and that we can connect to mongo as that machine
// and that the in-mongo password also verifies correctly.
machineConf1, err := agent.ReadConfig(agent.ConfigPath(machineConf.DataDir(), names.NewMachineTag("0")))
c.Assert(err, jc.ErrorIsNil)
stateinfo, ok := machineConf1.MongoInfo()
c.Assert(ok, jc.IsTrue)
st, err = state.Open(testing.ModelTag, stateinfo, mongotest.DialOpts(), environs.NewStatePolicy())
c.Assert(err, jc.ErrorIsNil)
defer st.Close()
m, err := st.Machine("0")
c.Assert(err, jc.ErrorIsNil)
c.Assert(m.HasVote(), jc.IsTrue)
}
// NewConn returns a new Conn that uses the
// given environment. The environment must have already
// been bootstrapped.
func NewConn(environ environs.Environ) (*Conn, error) {
info, _, err := environ.StateInfo()
if err != nil {
return nil, err
}
password := environ.Config().AdminSecret()
if password == "" {
return nil, fmt.Errorf("cannot connect without admin-secret")
}
err = environs.CheckEnvironment(environ)
if err != nil {
return nil, err
}
info.Password = password
opts := mongo.DefaultDialOpts()
st, err := state.Open(info, opts, environs.NewStatePolicy())
if errors.IsUnauthorized(err) {
logger.Infof("authorization error while connecting to state server; retrying")
// We can't connect with the administrator password,;
// perhaps this was the first connection and the
// password has not been changed yet.
info.Password = utils.UserPasswordHash(password, utils.CompatSalt)
// We try for a while because we might succeed in
// connecting to mongo before the state has been
// initialized and the initial password set.
for a := redialStrategy.Start(); a.Next(); {
st, err = state.Open(info, opts, environs.NewStatePolicy())
if !errors.IsUnauthorized(err) {
break
}
}
if err != nil {
return nil, err
}
if err := st.SetAdminMongoPassword(password); err != nil {
return nil, err
}
} else if err != nil {
return nil, err
}
conn := &Conn{
Environ: environ,
State: st,
}
if err := conn.updateSecrets(); err != nil {
conn.Close()
return nil, fmt.Errorf("unable to push secrets: %v", err)
}
return conn, nil
}
func (s *BootstrapSuite) TestInitialPassword(c *gc.C) {
machineConf, cmd, err := s.initBootstrapCommand(c, nil, "--env-config", s.envcfg, "--instance-id", string(s.instanceId))
c.Assert(err, gc.IsNil)
err = cmd.Run(nil)
c.Assert(err, gc.IsNil)
// Check that we cannot now connect to the state without a
// password.
info := &authentication.MongoInfo{
Info: mongo.Info{
Addrs: []string{gitjujutesting.MgoServer.Addr()},
CACert: testing.CACert,
},
}
testOpenState(c, info, errors.Unauthorizedf(""))
// Check we can log in to mongo as admin.
// TODO(dfc) does passing nil for the admin user name make your skin crawl ? mine too.
info.Tag, info.Password = nil, testPasswordHash()
st, err := state.Open(info, mongo.DefaultDialOpts(), environs.NewStatePolicy())
c.Assert(err, gc.IsNil)
// Reset password so the tests can continue to use the same server.
defer st.Close()
defer st.SetAdminMongoPassword("")
// Check that the admin user has been given an appropriate
// password
u, err := st.User("admin")
c.Assert(err, gc.IsNil)
c.Assert(u.PasswordValid(testPassword), gc.Equals, true)
// Check that the machine configuration has been given a new
// password and that we can connect to mongo as that machine
// and that the in-mongo password also verifies correctly.
machineConf1, err := agent.ReadConfig(agent.ConfigPath(machineConf.DataDir(), names.NewMachineTag("0")))
c.Assert(err, gc.IsNil)
stateinfo, ok := machineConf1.MongoInfo()
c.Assert(ok, jc.IsTrue)
st, err = state.Open(stateinfo, mongo.DialOpts{}, environs.NewStatePolicy())
c.Assert(err, gc.IsNil)
defer st.Close()
m, err := st.Machine("0")
c.Assert(err, gc.IsNil)
c.Assert(m.HasVote(), jc.IsTrue)
}
func tryOpenState(modelTag names.ModelTag, info *mongo.MongoInfo) error {
st, err := state.Open(modelTag, info, mongo.DefaultDialOpts(), environs.NewStatePolicy())
if err == nil {
st.Close()
}
return err
}
// fixEnvironment undoes the work of invalidateEnvironment.
func (s *CommonProvisionerSuite) fixEnvironment(c *gc.C) error {
st, err := state.Open(s.MongoInfo(c), mongo.DefaultDialOpts(), state.Policy(nil))
c.Assert(err, gc.IsNil)
defer st.Close()
attrs := map[string]interface{}{"type": s.cfg.AllAttrs()["type"]}
return st.UpdateEnvironConfig(attrs, nil, nil)
}
func (s *BootstrapSuite) TestDefaultStoragePools(c *gc.C) {
_, cmd, err := s.initBootstrapCommand(
c, nil, "--model-config", s.b64yamlControllerModelConfig,
"--hosted-model-config", s.b64yamlHostedModelConfig,
"--instance-id", string(s.instanceId),
)
c.Assert(err, jc.ErrorIsNil)
err = cmd.Run(nil)
c.Assert(err, jc.ErrorIsNil)
st, err := state.Open(testing.ModelTag, &mongo.MongoInfo{
Info: mongo.Info{
Addrs: []string{gitjujutesting.MgoServer.Addr()},
CACert: testing.CACert,
},
Password: testPassword,
}, mongotest.DialOpts(), environs.NewStatePolicy())
c.Assert(err, jc.ErrorIsNil)
defer st.Close()
settings := state.NewStateSettings(st)
pm := poolmanager.New(settings)
for _, p := range []string{"ebs-ssd"} {
_, err = pm.Get(p)
c.Assert(err, jc.ErrorIsNil)
}
}
func (s *BootstrapSuite) TestDefaultMachineJobs(c *gc.C) {
expectedJobs := []state.MachineJob{
state.JobManageModel,
state.JobHostUnits,
state.JobManageNetworking,
}
_, cmd, err := s.initBootstrapCommand(c, nil,
"--model-config", s.b64yamlControllerModelConfig,
"--hosted-model-config", s.b64yamlHostedModelConfig,
"--instance-id", string(s.instanceId),
)
c.Assert(err, jc.ErrorIsNil)
err = cmd.Run(nil)
c.Assert(err, jc.ErrorIsNil)
st, err := state.Open(testing.ModelTag, &mongo.MongoInfo{
Info: mongo.Info{
Addrs: []string{gitjujutesting.MgoServer.Addr()},
CACert: testing.CACert,
},
Password: testPassword,
}, mongotest.DialOpts(), environs.NewStatePolicy())
c.Assert(err, jc.ErrorIsNil)
defer st.Close()
m, err := st.Machine("0")
c.Assert(err, jc.ErrorIsNil)
c.Assert(m.Jobs(), gc.DeepEquals, expectedJobs)
}
func (s *BootstrapSuite) TestSetConstraints(c *gc.C) {
bootstrapCons := constraints.Value{Mem: uint64p(4096), CpuCores: uint64p(4)}
modelCons := constraints.Value{Mem: uint64p(2048), CpuCores: uint64p(2)}
_, cmd, err := s.initBootstrapCommand(c, nil,
"--model-config", s.b64yamlControllerModelConfig,
"--hosted-model-config", s.b64yamlHostedModelConfig,
"--instance-id", string(s.instanceId),
"--bootstrap-constraints", bootstrapCons.String(),
"--constraints", modelCons.String(),
)
c.Assert(err, jc.ErrorIsNil)
err = cmd.Run(nil)
c.Assert(err, jc.ErrorIsNil)
st, err := state.Open(testing.ModelTag, &mongo.MongoInfo{
Info: mongo.Info{
Addrs: []string{gitjujutesting.MgoServer.Addr()},
CACert: testing.CACert,
},
Password: testPassword,
}, mongotest.DialOpts(), environs.NewStatePolicy())
c.Assert(err, jc.ErrorIsNil)
defer st.Close()
cons, err := st.ModelConstraints()
c.Assert(err, jc.ErrorIsNil)
c.Assert(cons, gc.DeepEquals, modelCons)
machines, err := st.AllMachines()
c.Assert(err, jc.ErrorIsNil)
c.Assert(machines, gc.HasLen, 1)
cons, err = machines[0].Constraints()
c.Assert(err, jc.ErrorIsNil)
c.Assert(cons, gc.DeepEquals, bootstrapCons)
}
func (s *BootstrapSuite) TestSetConstraints(c *gc.C) {
tcons := constraints.Value{Mem: uint64p(2048), CpuCores: uint64p(2)}
_, cmd, err := s.initBootstrapCommand(c, nil,
"--env-config", s.b64yamlEnvcfg,
"--instance-id", string(s.instanceId),
"--constraints", tcons.String(),
)
c.Assert(err, jc.ErrorIsNil)
err = cmd.Run(nil)
c.Assert(err, jc.ErrorIsNil)
st, err := state.Open(testing.EnvironmentTag, &mongo.MongoInfo{
Info: mongo.Info{
Addrs: []string{gitjujutesting.MgoServer.Addr()},
CACert: testing.CACert,
},
Password: testPasswordHash(),
}, mongo.DefaultDialOpts(), environs.NewStatePolicy())
c.Assert(err, jc.ErrorIsNil)
defer st.Close()
cons, err := st.EnvironConstraints()
c.Assert(err, jc.ErrorIsNil)
c.Assert(cons, gc.DeepEquals, tcons)
machines, err := st.AllMachines()
c.Assert(err, jc.ErrorIsNil)
c.Assert(machines, gc.HasLen, 1)
cons, err = machines[0].Constraints()
c.Assert(err, jc.ErrorIsNil)
c.Assert(cons, gc.DeepEquals, tcons)
}
func openState(agentConfig agent.Config, dialOpts mongo.DialOpts) (_ *state.State, _ *state.Machine, err error) {
info, ok := agentConfig.MongoInfo()
if !ok {
return nil, nil, fmt.Errorf("no state info available")
}
st, err := state.Open(agentConfig.Model(), info, dialOpts, environs.NewStatePolicy())
if err != nil {
return nil, nil, err
}
defer func() {
if err != nil {
st.Close()
}
}()
m0, err := st.FindEntity(agentConfig.Tag())
if err != nil {
if errors.IsNotFound(err) {
err = worker.ErrTerminateAgent
}
return nil, nil, err
}
m := m0.(*state.Machine)
if m.Life() == state.Dead {
return nil, nil, worker.ErrTerminateAgent
}
// Check the machine nonce as provisioned matches the agent.Conf value.
if !m.CheckProvisioned(agentConfig.Nonce()) {
// The agent is running on a different machine to the one it
// should be according to state. It must stop immediately.
logger.Errorf("running machine %v agent on inappropriate instance", m)
return nil, nil, worker.ErrTerminateAgent
}
return st, m, nil
}
func (s *environSuite) TestInvalidConfig(c *gc.C) {
var oldType string
oldType = s.Environ.Config().AllAttrs()["type"].(string)
// Create an invalid config by taking the current config and
// tweaking the provider type.
info := s.MongoInfo(c)
opts := mongo.DefaultDialOpts()
st2, err := state.Open(info, opts, state.Policy(nil))
c.Assert(err, gc.IsNil)
defer st2.Close()
err = st2.UpdateEnvironConfig(map[string]interface{}{"type": "unknown"}, nil, nil)
c.Assert(err, gc.IsNil)
w := st2.WatchForEnvironConfigChanges()
defer stopWatcher(c, w)
done := make(chan environs.Environ)
go func() {
env, err := worker.WaitForEnviron(w, st2, nil)
c.Check(err, gc.IsNil)
done <- env
}()
// Wait for the loop to process the invalid configuratrion
<-worker.LoadedInvalid
st2.UpdateEnvironConfig(map[string]interface{}{
"type": oldType,
"secret": "environ_test",
}, nil, nil)
env := <-done
c.Assert(env, gc.NotNil)
c.Assert(env.Config().AllAttrs()["secret"], gc.Equals, "environ_test")
}
func (c *MigrateCommand) Run(ctx *cmd.Context) (err error) {
defer func() {
if err != nil {
fmt.Fprintf(ctx.Stdout, "error stack:\n"+errors.ErrorStack(err))
}
}()
loggo.GetLogger("juju").SetLogLevel(loggo.DEBUG)
conf, err := agent.ReadConfig(agent.ConfigPath(c.dataDir, c.machineTag))
if err != nil {
return err
}
info, ok := conf.MongoInfo()
if !ok {
return errors.Errorf("no state info available")
}
st, err := state.Open(conf.Model(), info, mongo.DefaultDialOpts(), environs.NewStatePolicy())
if err != nil {
return err
}
defer st.Close()
if c.operation == "export" {
return c.exportModel(ctx, st)
}
return c.importModel(ctx, st)
}
// Run implements cmd.Command.
func (c *dumpLogsCommand) Run(ctx *cmd.Context) error {
config := c.agentConfig.CurrentConfig()
info, ok := config.MongoInfo()
if !ok {
return errors.New("no database connection info available (is this a controller host?)")
}
st0, err := state.Open(config.Environment(), info, mongo.DefaultDialOpts(), environs.NewStatePolicy())
if err != nil {
return errors.Annotate(err, "failed to connect to database")
}
defer st0.Close()
envs, err := st0.AllEnvironments()
if err != nil {
return errors.Annotate(err, "failed to look up environments")
}
for _, env := range envs {
err := c.dumpLogsForEnv(ctx, st0, env.EnvironTag())
if err != nil {
return errors.Annotatef(err, "failed to dump logs for environment %s", env.UUID())
}
}
return nil
}
func (s *BootstrapSuite) TestInitializeEnvironmentToolsNotFound(c *gc.C) {
// bootstrap with 1.99.1 but there will be no tools so version will be reset.
envcfg, err := s.envcfg.Apply(map[string]interface{}{
"agent-version": "1.99.1",
})
c.Assert(err, jc.ErrorIsNil)
b64yamlControllerModelConfig := b64yaml(envcfg.AllAttrs()).encode()
hw := instance.MustParseHardware("arch=amd64 mem=8G")
_, cmd, err := s.initBootstrapCommand(
c, nil, "--model-config", b64yamlControllerModelConfig,
"--hosted-model-config", s.b64yamlHostedModelConfig,
"--instance-id", string(s.instanceId), "--hardware", hw.String(),
)
c.Assert(err, jc.ErrorIsNil)
err = cmd.Run(nil)
c.Assert(err, jc.ErrorIsNil)
st, err := state.Open(testing.ModelTag, &mongo.MongoInfo{
Info: mongo.Info{
Addrs: []string{gitjujutesting.MgoServer.Addr()},
CACert: testing.CACert,
},
Password: testPassword,
}, mongotest.DialOpts(), environs.NewStatePolicy())
c.Assert(err, jc.ErrorIsNil)
defer st.Close()
cfg, err := st.ModelConfig()
c.Assert(err, jc.ErrorIsNil)
vers, ok := cfg.AgentVersion()
c.Assert(ok, jc.IsTrue)
c.Assert(vers.String(), gc.Equals, "1.99.0")
}
func tryOpenState(info *mongo.MongoInfo) error {
st, err := state.Open(info, mongo.DialOpts{}, environs.NewStatePolicy())
if err == nil {
st.Close()
}
return err
}
// invalidateEnvironment alters the environment configuration
// so the Settings returned from the watcher will not pass
// validation.
func (s *CommonProvisionerSuite) invalidateEnvironment(c *gc.C) {
st, err := state.Open(s.MongoInfo(c), mongo.DefaultDialOpts(), state.Policy(nil))
c.Assert(err, gc.IsNil)
defer st.Close()
attrs := map[string]interface{}{"type": "unknown"}
err = st.UpdateEnvironConfig(attrs, nil, nil)
c.Assert(err, gc.IsNil)
}
func (s *UpgradeSuite) openStateForUpgrade() (*state.State, func(), error) {
mongoInfo := s.State.MongoConnectionInfo()
st, err := state.Open(s.State.ModelTag(), mongoInfo, mongo.DefaultDialOpts(), environs.NewStatePolicy())
if err != nil {
return nil, nil, err
}
return st, func() { st.Close() }, nil
}
func (s *environSuite) TestEnvironmentChanges(c *gc.C) {
originalConfig, err := s.State.EnvironConfig()
c.Assert(err, gc.IsNil)
logc := make(logChan, 1009)
c.Assert(loggo.RegisterWriter("testing", logc, loggo.WARNING), gc.IsNil)
defer loggo.RemoveWriter("testing")
obs, err := worker.NewEnvironObserver(s.State)
c.Assert(err, gc.IsNil)
env := obs.Environ()
c.Assert(env.Config().AllAttrs(), gc.DeepEquals, originalConfig.AllAttrs())
var oldType string
oldType = env.Config().AllAttrs()["type"].(string)
info := s.MongoInfo(c)
opts := mongo.DefaultDialOpts()
st2, err := state.Open(info, opts, state.Policy(nil))
defer st2.Close()
// Change to an invalid configuration and check
// that the observer's environment remains the same.
st2.UpdateEnvironConfig(map[string]interface{}{"type": "invalid"}, nil, nil)
st2.StartSync()
// Wait for the observer to register the invalid environment
timeout := time.After(coretesting.LongWait)
loop:
for {
select {
case msg := <-logc:
if strings.Contains(msg, "error creating Environ") {
break loop
}
case <-timeout:
c.Fatalf("timed out waiting to see broken environment")
}
}
// Check that the returned environ is still the same.
env = obs.Environ()
c.Assert(env.Config().AllAttrs(), gc.DeepEquals, originalConfig.AllAttrs())
// Change the environment back to a valid configuration
// with a different name and check that we see it.
st2.UpdateEnvironConfig(map[string]interface{}{"type": oldType, "name": "a-new-name"}, nil, nil)
st2.StartSync()
for a := coretesting.LongAttempt.Start(); a.Next(); {
env := obs.Environ()
if !a.HasNext() {
c.Fatalf("timed out waiting for new environ")
}
if env.Config().Name() == "a-new-name" {
break
}
}
}
func (s *AgentSuite) AssertCanOpenState(c *gc.C, tag names.Tag, dataDir string) {
config, err := agent.ReadConfig(agent.ConfigPath(dataDir, tag))
c.Assert(err, jc.ErrorIsNil)
info, ok := config.MongoInfo()
c.Assert(ok, jc.IsTrue)
st, err := state.Open(config.Model(), info, mongo.DefaultDialOpts(), environs.NewStatePolicy())
c.Assert(err, jc.ErrorIsNil)
st.Close()
}
func (s *agentSuite) assertCanOpenState(c *gc.C, tag, dataDir string) {
config, err := agent.ReadConfig(agent.ConfigPath(dataDir, tag))
c.Assert(err, gc.IsNil)
info, ok := config.StateInfo()
c.Assert(ok, jc.IsTrue)
st, err := state.Open(info, mongo.DialOpts{}, environs.NewStatePolicy())
c.Assert(err, gc.IsNil)
st.Close()
}
func (*NewConnSuite) TestConnWithPassword(c *gc.C) {
attrs := dummy.SampleConfig().Merge(coretesting.Attrs{
"admin-secret": "nutkin",
})
cfg, err := config.New(config.NoDefaults, attrs)
c.Assert(err, gc.IsNil)
ctx := coretesting.Context(c)
env, err := environs.Prepare(cfg, ctx, configstore.NewMem())
c.Assert(err, gc.IsNil)
envtesting.UploadFakeTools(c, env.Storage())
err = bootstrap.Bootstrap(ctx, env, environs.BootstrapParams{})
c.Assert(err, gc.IsNil)
// Check that Bootstrap has correctly used a hash
// of the admin password.
info, _, err := env.StateInfo()
c.Assert(err, gc.IsNil)
info.Password = utils.UserPasswordHash("nutkin", utils.CompatSalt)
st, err := state.Open(info, mongo.DefaultDialOpts(), environs.NewStatePolicy())
c.Assert(err, gc.IsNil)
assertClose(c, st)
// Check that we can connect with the original environment.
conn, err := juju.NewConn(env)
c.Assert(err, gc.IsNil)
assertClose(c, conn)
// Check that the password has now been changed to the original
// admin password.
info.Password = "******"
st1, err := state.Open(info, mongo.DefaultDialOpts(), environs.NewStatePolicy())
c.Assert(err, gc.IsNil)
assertClose(c, st1)
// Check that we can still connect with the original
// environment.
conn, err = juju.NewConn(env)
c.Assert(err, gc.IsNil)
defer assertClose(c, conn)
// Reset the admin password so the state db can be reused.
err = conn.State.SetAdminMongoPassword("")
c.Assert(err, gc.IsNil)
}
func (c *upgradeWorkerContext) run(stop <-chan struct{}) error {
select {
case <-c.UpgradeComplete:
// Our work is already done (we're probably being restarted
// because the API connection has gone down), so do nothing.
return nil
default:
}
agentConfig := c.agent.CurrentConfig()
// If the machine agent is a state server, flag that state
// needs to be opened before running upgrade steps
needsState := false
for _, job := range c.jobs {
if job == params.JobManageEnviron {
needsState = true
}
}
// We need a *state.State for upgrades. We open it independently
// of StateWorker, because we have no guarantees about when
// and how often StateWorker might run.
var st *state.State
if needsState {
if err := c.agent.ensureMongoServer(agentConfig); err != nil {
return err
}
var err error
info, ok := agentConfig.MongoInfo()
if !ok {
return fmt.Errorf("no state info available")
}
st, err = state.Open(info, mongo.DialOpts{}, environs.NewStatePolicy())
if err != nil {
return err
}
defer st.Close()
}
if err := c.runUpgrades(st, agentConfig); err != nil {
// Only return an error from the worker if the connection to
// state went away (possible mongo master change). Returning
// an error when the connection is lost will cause the agent
// to restart.
//
// For other errors, the error is not returned because we want
// the machine agent to stay running in an error state waiting
// for user intervention.
if isAPILostDuringUpgrade(err) {
return err
}
} else {
// Upgrade succeeded - signal that the upgrade is complete.
close(c.UpgradeComplete)
}
return nil
}
func (s *BootstrapSuite) TestInitializeEnvironment(c *gc.C) {
hw := instance.MustParseHardware("arch=amd64 mem=8G")
machConf, cmd, err := s.initBootstrapCommand(c, nil, "--env-config", s.envcfg, "--instance-id", string(s.instanceId), "--hardware", hw.String())
c.Assert(err, gc.IsNil)
err = cmd.Run(nil)
c.Assert(err, gc.IsNil)
c.Assert(s.fakeEnsureMongo.dataDir, gc.Equals, s.dataDir)
c.Assert(s.fakeEnsureMongo.initiateCount, gc.Equals, 1)
c.Assert(s.fakeEnsureMongo.ensureCount, gc.Equals, 1)
c.Assert(s.fakeEnsureMongo.dataDir, gc.Equals, s.dataDir)
c.Assert(s.fakeEnsureMongo.oplogSize, gc.Equals, 1234)
expectInfo, exists := machConf.StateServingInfo()
c.Assert(exists, jc.IsTrue)
c.Assert(expectInfo.SharedSecret, gc.Equals, "")
servingInfo := s.fakeEnsureMongo.info
c.Assert(len(servingInfo.SharedSecret), gc.Not(gc.Equals), 0)
servingInfo.SharedSecret = ""
c.Assert(servingInfo, jc.DeepEquals, expectInfo)
expectDialAddrs := []string{fmt.Sprintf("127.0.0.1:%d", expectInfo.StatePort)}
gotDialAddrs := s.fakeEnsureMongo.initiateParams.DialInfo.Addrs
c.Assert(gotDialAddrs, gc.DeepEquals, expectDialAddrs)
memberHost := fmt.Sprintf("%s:%d", s.bootstrapName, expectInfo.StatePort)
c.Assert(s.fakeEnsureMongo.initiateParams.MemberHostPort, gc.Equals, memberHost)
c.Assert(s.fakeEnsureMongo.initiateParams.User, gc.Equals, "")
c.Assert(s.fakeEnsureMongo.initiateParams.Password, gc.Equals, "")
st, err := state.Open(&authentication.MongoInfo{
Info: mongo.Info{
Addrs: []string{gitjujutesting.MgoServer.Addr()},
CACert: testing.CACert,
},
Password: testPasswordHash(),
}, mongo.DefaultDialOpts(), environs.NewStatePolicy())
c.Assert(err, gc.IsNil)
defer st.Close()
machines, err := st.AllMachines()
c.Assert(err, gc.IsNil)
c.Assert(machines, gc.HasLen, 1)
instid, err := machines[0].InstanceId()
c.Assert(err, gc.IsNil)
c.Assert(instid, gc.Equals, instance.Id(string(s.instanceId)))
stateHw, err := machines[0].HardwareCharacteristics()
c.Assert(err, gc.IsNil)
c.Assert(stateHw, gc.NotNil)
c.Assert(*stateHw, gc.DeepEquals, hw)
cons, err := st.EnvironConstraints()
c.Assert(err, gc.IsNil)
c.Assert(&cons, jc.Satisfies, constraints.IsEmpty)
}
func (s *InitializeSuite) openState(c *gc.C, environTag names.EnvironTag) {
st, err := state.Open(
environTag,
statetesting.NewMongoInfo(),
statetesting.NewDialOpts(),
state.Policy(nil),
)
c.Assert(err, jc.ErrorIsNil)
s.State = st
}
func (s *BootstrapSuite) testToolsMetadata(c *gc.C, exploded bool) {
envtesting.RemoveFakeToolsMetadata(c, s.toolsStorage)
_, cmd, err := s.initBootstrapCommand(c, nil,
"--model-config", s.b64yamlControllerModelConfig,
"--hosted-model-config", s.b64yamlHostedModelConfig,
"--instance-id", string(s.instanceId),
)
c.Assert(err, jc.ErrorIsNil)
err = cmd.Run(nil)
c.Assert(err, jc.ErrorIsNil)
// We don't write metadata at bootstrap anymore.
simplestreamsMetadata, err := envtools.ReadMetadata(s.toolsStorage, "released")
c.Assert(err, jc.ErrorIsNil)
c.Assert(simplestreamsMetadata, gc.HasLen, 0)
// The tools should have been added to tools storage, and
// exploded into each of the supported series of
// the same operating system if the tools were uploaded.
st, err := state.Open(testing.ModelTag, &mongo.MongoInfo{
Info: mongo.Info{
Addrs: []string{gitjujutesting.MgoServer.Addr()},
CACert: testing.CACert,
},
Password: testPassword,
}, mongotest.DialOpts(), environs.NewStatePolicy())
c.Assert(err, jc.ErrorIsNil)
defer st.Close()
expectedSeries := make(set.Strings)
if exploded {
for _, ser := range series.SupportedSeries() {
os, err := series.GetOSFromSeries(ser)
c.Assert(err, jc.ErrorIsNil)
hostos, err := series.GetOSFromSeries(series.HostSeries())
c.Assert(err, jc.ErrorIsNil)
if os == hostos {
expectedSeries.Add(ser)
}
}
} else {
expectedSeries.Add(series.HostSeries())
}
storage, err := st.ToolsStorage()
c.Assert(err, jc.ErrorIsNil)
defer storage.Close()
metadata, err := storage.AllMetadata()
c.Assert(err, jc.ErrorIsNil)
c.Assert(metadata, gc.HasLen, expectedSeries.Size())
for _, m := range metadata {
v := version.MustParseBinary(m.Version)
c.Assert(expectedSeries.Contains(v.Series), jc.IsTrue)
}
}
// newState returns a new State that uses the given environment.
// The environment must have already been bootstrapped.
func newState(environ environs.Environ, mongoInfo *authentication.MongoInfo) (*state.State, error) {
password := environ.Config().AdminSecret()
if password == "" {
return nil, fmt.Errorf("cannot connect without admin-secret")
}
if err := environs.CheckEnvironment(environ); err != nil {
return nil, err
}
mongoInfo.Password = password
opts := mongo.DefaultDialOpts()
st, err := state.Open(mongoInfo, opts, environs.NewStatePolicy())
if errors.IsUnauthorized(err) {
// We can't connect with the administrator password,;
// perhaps this was the first connection and the
// password has not been changed yet.
mongoInfo.Password = utils.UserPasswordHash(password, utils.CompatSalt)
// We try for a while because we might succeed in
// connecting to mongo before the state has been
// initialized and the initial password set.
for a := redialStrategy.Start(); a.Next(); {
st, err = state.Open(mongoInfo, opts, environs.NewStatePolicy())
if !errors.IsUnauthorized(err) {
break
}
}
if err != nil {
return nil, err
}
if err := st.SetAdminMongoPassword(password); err != nil {
return nil, err
}
} else if err != nil {
return nil, err
}
if err := updateSecrets(environ, st); err != nil {
st.Close()
return nil, fmt.Errorf("unable to push secrets: %v", err)
}
return st, nil
}
func (s *environSuite) TestErrorWhenEnvironIsInvalid(c *gc.C) {
// reopen the state so that we can wangle a dodgy environ config in there.
st, err := state.Open(s.MongoInfo(c), mongo.DefaultDialOpts(), state.Policy(nil))
c.Assert(err, gc.IsNil)
defer st.Close()
err = st.UpdateEnvironConfig(map[string]interface{}{"secret": 999}, nil, nil)
c.Assert(err, gc.IsNil)
obs, err := worker.NewEnvironObserver(s.State)
c.Assert(err, gc.ErrorMatches, `cannot make Environ: secret: expected string, got int\(999\)`)
c.Assert(obs, gc.IsNil)
}
func (s *InitializeSuite) openState(c *gc.C, modelTag names.ModelTag) {
st, err := state.Open(
modelTag,
testing.ControllerTag,
statetesting.NewMongoInfo(),
mongotest.DialOpts(),
state.NewPolicyFunc(nil),
)
c.Assert(err, jc.ErrorIsNil)
s.State = st
}
func testOpenState(c *gc.C, info *mongo.MongoInfo, expectErrType error) {
st, err := state.Open(testing.EnvironmentTag, info, mongo.DefaultDialOpts(), environs.NewStatePolicy())
if st != nil {
st.Close()
}
if expectErrType != nil {
c.Assert(err, gc.FitsTypeOf, expectErrType)
} else {
c.Assert(err, jc.ErrorIsNil)
}
}
