Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DPE-2562] POC Copy secrets from config server to shard #256

Merged
merged 41 commits into from
Sep 29, 2023

Conversation

MiaAltieri
Copy link
Contributor

@MiaAltieri MiaAltieri commented Sep 21, 2023

Issue

Sharded components should have the same keyfile as the config server, and we want to use the same operator username/password for shards as the config server

Solution

Pass secrets to shards when they join a relation with the config server and have shards listen for this event and act appropriately

Limitations

This does not consider what happens when the user changes the password on the config server, that should be handled in a separate PR

Testing

As a POC there are not tests included in this PR. Testing was performed by hand by hand:

juju deploy ./*charm --config role="config-server" config-server-one -n3
juju deploy ./*charm --config role="shard" shard-one -n3
juju integrate config-server-one:config-server shard-one:sharding

# verify can only relate a shard to a single config server
juju integrate config-server-two:config-server shard-one:sharding
ERROR cannot add relation "config-server-two:config-server shard:sharding": establishing a new relation for shard:sharding would exceed its maximum relation limit of 1 (quota limit exceeded)

# verify same password
juju run config-server-one/0 get-password
juju run shard-one/0 get-password

# verify equal key files 
juju ssh config-server-one/0
sudo cat /var/snap/charmed-mongodb/current/etc/mongod/keyFile
juju ssh shard-one/0
sudo cat /var/snap/charmed-mongodb/current/etc/mongod/keyFile

src/charm.py Show resolved Hide resolved
lib/charms/mongodb/v0/shards_interface.py Show resolved Hide resolved
lib/charms/mongodb/v0/shards_interface.py Outdated Show resolved Hide resolved
lib/charms/mongodb/v0/shards_interface.py Show resolved Hide resolved
lib/charms/mongodb/v0/shards_interface.py Show resolved Hide resolved
src/charm.py Show resolved Hide resolved
lib/charms/mongodb/v0/shards_interface.py Show resolved Hide resolved
lib/charms/mongodb/v0/shards_interface.py Outdated Show resolved Hide resolved
@MiaAltieri MiaAltieri merged commit 0e75a6f into 6/edge Sep 29, 2023
13 of 14 checks passed
@MiaAltieri MiaAltieri deleted the share-secrets branch September 29, 2023 10:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants