Skip to content

Commit

Permalink
Merge pull request #5644 from Vincent-lau/private/shul2/tls-config
Browse files Browse the repository at this point in the history 
CA-392887: `set_tls_config` immediately after enabling clustering
  • Loading branch information
@Vincent-lau
Vincent-lau authored Jul 8, 2024
2 parents eee3f80 + 5975562 commit 5519cf9
Showing 1 changed file with 7 additions and 10 deletions.
17 changes: 7 additions & 10 deletions ocaml/xapi/xapi_cluster_host.ml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -230,9 +230,12 @@ let resync_host ~__context ~host =
~msg:Api_messages.cluster_host_enable_failed ~cls:`Host ~obj_uuid ~body
~api_func:(fun rpc session_id ->
(* If we have just joined, enable will prevent concurrent clustering ops *)
if not (Db.Cluster_host.get_joined ~__context ~self) then
join_internal ~__context ~self
else if Db.Cluster_host.get_enabled ~__context ~self then (
if not (Db.Cluster_host.get_joined ~__context ~self) then (
join_internal ~__context ~self ;
create_cluster_watcher_on_master ~__context ~host ;
Xapi_observer.initialise_observer ~__context
Xapi_observer_components.Xapi_clusterd
) else if Db.Cluster_host.get_enabled ~__context ~self then (
(* [enable] unconditionally invokes low-level enable operations and is idempotent.
RPU reformats partition, losing service status, never re-enables clusterd *)
debug "Cluster_host %s is enabled, starting up xapi-clusterd"
Expand All @@ -241,13 +244,7 @@ let resync_host ~__context ~host =
maybe_switch_cluster_stack_version ~__context ~self ~cluster_stack ;
(* Note that join_internal and enable both use the clustering lock *)
Client.Client.Cluster_host.enable ~rpc ~session_id ~self
) ;
(* create the watcher here so that the watcher exists after toolstack restart *)
create_cluster_watcher_on_master ~__context ~host ;
Xapi_observer.initialise_observer ~__context
Xapi_observer_components.Xapi_clusterd ;
let verify = Stunnel_client.get_verify_by_default () in
set_tls_config ~__context ~self ~verify
)
)

(* API call split into separate functions to create in db and enable in client layer *)
Expand Down

0 comments on commit 5519cf9

Please sign in to comment.