UID2-4719 change azure cc starting process #1260
Conversation
clarkxuyang
force-pushed
the
xuy-UID2-4719-start-with-python
branch
2 times, most recently
from
aedbc19 to
e1c268a
Compare
clarkxuyang
force-pushed
the
xuy-UID2-4719-start-with-python
branch
from
a4e1422 to
abb88d6
Compare
| @@ -51,7 +51,8 @@ def get_meta_url(cls) -> str: | |||
| class EC2(ConfidentialCompute): | |||
|
|
|||
| def __init__(self): | |||
| super().__init__() | |||
| self.configs: AWSConfidentialComputeConfig = {} | |||
There was a problem hiding this comment.
Do we need this here? self.configs {} is defined in base class
|
|
||
| def _validate_auxiliaries(self) -> None: | ||
| """ Validates auxiliary services are running.""" | ||
| pass |
There was a problem hiding this comment.
shouldn't __wait_for_sidecar be here?
| @@ -5,6 +5,7 @@ | |||
| from abc import ABC, abstractmethod | |||
| from typing import TypedDict, NotRequired, get_type_hints | |||
| import subprocess | |||
| import logging | |||
| from azure.core.exceptions import ResourceNotFoundError, HttpResponseError | ||
|
|
||
| class AzureEntryPoint(ConfidentialCompute): | ||
|
|
There was a problem hiding this comment.
Change this to Azure? This class name is used to create Errors/point to docs in ConfidentialComputeStartupException
| secret = secret_client.get_secret(AzureEntryPoint.secret_name) | ||
| # print(f"Secret Value: {secret.value}") | ||
| self.configs["api_token"] = secret.value | ||
|
|
There was a problem hiding this comment.
Does this only set api_token ? Don't we need ConfidentialComputeConfig to validate all user specific config
There was a problem hiding this comment.
IMO;
_set_secret should be setting ConfidentialComputeConfig (which contains all the possible customer inputs to create Confidential Compute env for running operators) . That's why I used _get_secret() -> ConfidentialComputeConfig
If we use _set_secret -> None, then there is no way to ensure/understand what values it sets.
|
|
||
| except CredentialUnavailableError as auth_error: | ||
| logging.error(f"Read operator key, authentication error: {auth_error}") | ||
| raise |
There was a problem hiding this comment.
raise custom exception here? That points to public doc? This is the same as Missing Instance Profile in AWS
|
|
||
| except ResourceNotFoundError as not_found_error: | ||
| logging.error(f"Read operator key, secret not found: {AzureEntryPoint.secret_name}. Error: {not_found_error}") | ||
| raise |
There was a problem hiding this comment.
raise custom exception here? That points to public doc? ConfigNotFound
|
|
||
| except HttpResponseError as http_error: | ||
| logging.error(f"Read operator key, HTTP error occurred: {http_error}") | ||
| raise |
There was a problem hiding this comment.
When would we have this? Is it tied to vnet creation? If Container Group does not have n/w configured? If so, another custom exception for Azure that points to doc, and explaining what is wrong
There was a problem hiding this comment.
Basically the goal is;
Every issue we know, should be caught as Custom Exception that points to public documentation on how to fix it.
Things we don' know, will be a regular exception that mentions how to/contact us.
No description provided.