Support pool.sync_updates from remote_pool repo #6108
Conversation
gangj
force-pushed
the
private/gangj/CP-50787_CP-51347
branch
2 times, most recently
from
ebb463a to
841c232
Compare
gangj
force-pushed
the
private/gangj/CP-50787_CP-51347
branch
5 times, most recently
from
3ff9d75 to
a2f74fd
Compare
ocaml/xapi/repository.ml
Outdated
| let sync ~__context ~self ~token ~token_id = | ||
| let ext_host_verified_rpc ~__context ~cert host_address xml = | ||
| try Helpers.make_external_host_verified_rpc ~__context host_address cert xml | ||
| with Xmlrpc_client.Connection_reset -> |
There was a problem hiding this comment.
Now when the certificate is invalid, the expected ssl_verify_error is not raised, instead this Xmlrpc_client.Connection_reset is caught here. I think this problem can be resolved with another ticket later.
| @@ -1919,6 +1919,16 @@ let _ = | |||
| "If the bundle repository or remote_pool repository is enabled, it \ | |||
| should be the only one enabled repository of the pool." | |||
| () ; | |||
| error Api_errors.update_syncing_remote_pool_coordinator_connection_failed [] | |||
There was a problem hiding this comment.
I think the context of the error is clear as it would happen when a pool.sync_updates. It could be as simple as "CANNOT_CONTACT_HOST".
But the authentication (incorrect password) may fail with this error also. So the possible causes should be mentioned in the message.
There was a problem hiding this comment.
The authentication (incorrect password) failure will fail with another error: update_syncing_remote_pool_coordinator_service_failed.
And we have a corresponding error pool_joining_host_connection_failed.
If we change it to a general one, I think we will need to provide more info like the address and port of the host which failed to be contacted, like the other existing one: error Api_errors.tls_connection_failed ["address"; "port"]
| "There was an error connecting to the remote pool coordinator while \ | ||
| syncing updates from it." | ||
| () ; | ||
| error Api_errors.update_syncing_remote_pool_coordinator_service_failed [] |
There was a problem hiding this comment.
To be useful to the user, how about to use "HOST_OFFLINE"?
There was a problem hiding this comment.
This error corresponds to the error during pool join: pool_joining_host_service_failed, I think it is not host offline, it is the HTTP service failed to respond.
gangj
force-pushed
the
private/gangj/CP-50787_CP-51347
branch
from
04f1cec to
9a9fa40
Compare
Signed-off-by: Gang Ji <[email protected]>
Signed-off-by: Gang Ji <[email protected]>
gangj
force-pushed
the
private/gangj/CP-50787_CP-51347
branch
2 times, most recently
from
642e1ac to
61c948b
Compare
When a remote_pool type repository, which points to the enabled repository in the remote pool coordinator, is set as the enabled repository of the pool, updates can be synced from it with API pool.sync_updates. The username password of the remote pool coordinator is required as parameters for pool.sync_updates to login the remote pool. And the remote pool coordinator's host server certificate needs to be configured in the remote_pool repository, it will be used to verify the remote end when sending out username passwords and syncing updates from it. A new yum/dnf plugin "xapitoken" is introduced to set xapi token as HTTP cookie: "session_id" for each HTTP request which downloads files from the remote_pool repository. Signed-off-by: Gang Ji <[email protected]>
Will re-enable repo_gpgcheck by reverting this commit after CP-51429 is done. Signed-off-by: Gang Ji <[email protected]>
gangj
force-pushed
the
private/gangj/CP-50787_CP-51347
branch
from
61c948b to
cf7af87
Compare
CP-50787 CP-51347: Support pool.sync_updates from remote_pool repo
When a remote_pool type repository, which points to the enabled
repository in the remote pool coordinator, is set as the enabled
repository of the pool, updates can be synced from it with API
pool.sync_updates.
The username password of the remote pool coordinator is required as
parameters for pool.sync_updates to login the remote pool.
And the remote pool coordinator's host server certificate needs to be
configured in the remote_pool repository, it will be used to verify the
remote end when sending out username passwords.
A new yum/dnf plugin "xapitoken" is introduced to set xapi token as HTTP
cookie: "session_id" for each HTTP request which downloads files from the
remote_pool repository.
CP-52245: Temp disable repo_gpgcheck when syncing from remote_pool repo
Will re-enable repo_gpgcheck after CP-51429 is done by reverting this
commit.