Merge feature branch feature/easier-pool-join #6305
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…xapi-project#6049) - add a new type of origin: "remote_pool" - add a new API: "introduce_remote_pool" to init a remote_pool repository - add a new field: "certificate" for a remote_pool repository - for a remote_pool repository, binary_url will be reused to hold the base URL of binary packages in the local repository of the remote pool in https://<coordinator-ip>/repository format Signed-off-by: Gang Ji <[email protected]>
The HTTP /repository handler is guarded by a mutex `exposing_pool_repo_mutex` currently. Since now HTTP /repository is protected by `session_id` cookie, we can remove the mutex from this handler and keep the handler enabled all the time. Also, rename the mutex `exposing_pool_repo_mutex` to `pool_update_ops_mutex`. Signed-off-by: Bengang Yuan <[email protected]>
The HTTP /repository handler is guarded by a mutex `exposing_pool_repo_mutex` currently. Since now HTTP /repository is protected by `session_id` cookie, we can remove the mutex and keep the handler enabled all the time. Also, rename the mutex `exposing_pool_repo_mutex` to `pool_update_ops_mutex`.
…ol-join Merge master to easier-pool-join
merge master to feature/easier-pool-join
Now xapi supports setting up rpc to hosts in the pool and appliances, while for syncing updates from remote_pool type repository, we need to set up rpc to remote coordinator with its certificate verfieid. Add util Helpers.make_external_host_verified_rpc, which will set up a secure connection to the external host(host outside the pool) with its host certificate verified. Signed-off-by: Gang Ji <[email protected]>
Now xapi supports setting up rpc to hosts in the pool and appliances, while for syncing updates from remote_pool type repository, we need to set up rpc to remote coordinator with its certificate verfieid. Add util Helpers.make_external_host_verified_rpc, which will set up a secure connection to the external host(host outside the pool) with its host certificate verified.
Add an assertion to restrict `binary_url` of remote_pool repository to be in the format of `https://<coordinator-ip>/repository/enabled`. Signed-off-by: Bengang Yuan <[email protected]>
Signed-off-by: Bengang Yuan <[email protected]>
…roject#6089) 1. Add an assertion to restrict `binary_url` of remote_pool repository to be in the format of `https://<coordinator-ip>/repository/enabled`. 2. Add UT for restrict/check `binary_url` of remote_pool repository.
Add handler for `/repository/enabled`. Replase `/enabled` with the current enabled repository. Signed-off-by: Bengang Yuan <[email protected]>
Adding process logic for `/repository/enabled`. If there is `/enabled` after `/repository` in URI, then to find the current enabled repository. Otherwise, keep the existing process logic.
1. `remote_pool` repo doesn't support periodic sync updates. 2. Periodic sync updates should be auto-disabled when calling `set_repositories` and `add_repository` for `remote_pool` repo. 3. If `remote_pool` repository is enabled, it should be the single one enabled. Signed-off-by: Bengang Yuan <[email protected]>
Signed-off-by: Bengang Yuan <[email protected]>
Signed-off-by: Gang Ji <[email protected]>
Signed-off-by: Gang Ji <[email protected]>
When a remote_pool type repository, which points to the enabled repository in the remote pool coordinator, is set as the enabled repository of the pool, updates can be synced from it with API pool.sync_updates. The username password of the remote pool coordinator is required as parameters for pool.sync_updates to login the remote pool. And the remote pool coordinator's host server certificate needs to be configured in the remote_pool repository, it will be used to verify the remote end when sending out username passwords and syncing updates from it. A new yum/dnf plugin "xapitoken" is introduced to set xapi token as HTTP cookie: "session_id" for each HTTP request which downloads files from the remote_pool repository. Signed-off-by: Gang Ji <[email protected]>
Will re-enable repo_gpgcheck by reverting this commit after CP-51429 is done. Signed-off-by: Gang Ji <[email protected]>
CP-50787 CP-51347: Support pool.sync_updates from remote_pool repo When a remote_pool type repository, which points to the enabled repository in the remote pool coordinator, is set as the enabled repository of the pool, updates can be synced from it with API pool.sync_updates. The username password of the remote pool coordinator is required as parameters for pool.sync_updates to login the remote pool. And the remote pool coordinator's host server certificate needs to be configured in the remote_pool repository, it will be used to verify the remote end when sending out username passwords and syncing updates from it. A new yum/dnf plugin "xapitoken" is introduced to set xapi token as HTTP cookie: "session_id" for each HTTP request which downloads files from the remote_pool repository. CP-52245: Temp disable repo_gpgcheck when syncing from remote_pool repo Will re-enable repo_gpgcheck by reverting this commit after CP-51429 is done.
…_pool repo" This reverts commit c710e8f. Signed-off-by: Gang Ji <[email protected]>
Solve conflict: Stunnel.with_client_proxy -> Stunnel.with_client_proxy_systemd_service
Solve conflict: Stunnel.with_client_proxy -> Stunnel.with_client_proxy_systemd_service
When enabling pool's repositories, if enabling bundle repo and remoe_pool repositories at the same time, it returns error message: `If the bundle repository or remote_pool repository is enabled, it should be the only one enabled repository of the pool. repo_types: bundle` The `repo_types` is confusing and tedious as only these 2 types of repository can meet this error. So remove the parameter `repo_types`. Signed-off-by: Bengang Yuan <[email protected]>
When enabling pool's repositories, if enabling bundle repo and remoe_pool repositories at the same time, it returns error message: `If the bundle repository or remote_pool repository is enabled, it should be the only one enabled repository of the pool. repo_types: bundle` The `repo_types` is confusing and tedious as only these 2 types of repository can meet this error. So remove the parameter `repo_types`.
Signed-off-by: Gang Ji <[email protected]>
gangj
force-pushed
the
private/gangj/easier-pool-join_master-merge
branch
from
803839f to
1d5cc18
Compare
|
lindig
approved these changes
Feb 14, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.