tenant modify #781
tenant modify #781
Conversation
| 'help': 'The new name of the tenant', | ||
| 'required': False | ||
| }, | ||
| '--description': { |
There was a problem hiding this comment.
The existing "tenant create" command does not support "description" argument. If it's not trivial to fix it in the current change, can you please file a tracking issue?
| if error_info: | ||
| return error_info | ||
| if new_name: | ||
| error_info = tenant.set_name(auth_mgr.conn, name, new_name) |
There was a problem hiding this comment.
It looks to me unnatural to pass auth_mrg.conn parameter here. Why can't we get the DB connection in the backend (inside the tenant class or its dependents) to free up the API user?
There was a problem hiding this comment.
API user does not need to worry about the connection. API user only need to call _tenant_modify API. The DB connection is generated inside AuthorizationDataManager class. We can make the change to get the DB connection in the backend, but that will need a lot of code refactoring. I will not do it for now.
There was a problem hiding this comment.
It is true the _tenant_update API user doesn't need to worry about the connection. However, in my opinion the user of DockerVolumeTenant.set_name() API should not worry about the connection either. Basically we should isolate the DB operation to any upper-level business logic.
Anyway, I agree this will need a lot of code refactoring. We can address this later.
| @@ -196,6 +211,29 @@ def _tenant_create(name, description, default_datastore, default_privileges, vm_ | |||
|
|
|||
| return None, tenant | |||
|
|
|||
| def _tenant_modify(name, new_name=None, description=None): | |||
There was a problem hiding this comment.
It looks like all API methods are following a different naming convention:
- Start with understore "_"
- A noun followed by a verb
Other non-API methods in this module are not following this convention. Since Python doesn't provide access modifiers to differentiate public and private methods, maybe we should consider refactoring the module (split it into two?) so that all methods in one module follow the same naming convention?
There was a problem hiding this comment.
I will file a issue to track this code refactoring.
| if error_info: | ||
| return error_info | ||
| if description: | ||
| error_info = tenant.set_description(auth_mgr.conn, description) |
| # unlink the old symbol link /vmfs/volumes/datastore_name/tenant_name | ||
| # create the new symbol link /vmfs/volumes/datastore_name/new_tenant_name | ||
| # which point to path /vmfs/volumes/datastore_name/tenant_uuid | ||
| lock = threadutils.get_lock() |
There was a problem hiding this comment.
There are some duplicate logic in this paragraph (line 135-156) and the other one (line 695-709). Can we refactor the code to extract them into separate methods and eliminate the duplication?
There was a problem hiding this comment.
Can you please address this comment?
|
@msterin Please review this change. |
| @@ -204,6 +205,24 @@ def commands(): | |||
| } | |||
| } | |||
| }, | |||
| 'modify': { | |||
There was a problem hiding this comment.
Change modify => update?
| logging.debug("set_name: try to update the symlink to path %s", tenant_path) | ||
|
|
||
| if os.path.isdir(tenant_path): | ||
| lock.acquire() |
There was a problem hiding this comment.
What exactly this lock is protecting?
Is there anything that synchronizes docker volume create and admin_cli tenant update happening at the same time?
There was a problem hiding this comment.
The lock is to make sure if two users (from CLI and UI) try to modify the tenant, for example, CLI start first, it wants to rename "tenant" to "tenant1" and UI wants to rename "tenant" to "tenant2", then the final result should be "tenant" is renamed to "tenant2". Without this lock, it is quite possible that the result is "tenant" is renamed to "tenant1".
I think we can use os.rename here.
There was a problem hiding this comment.
Made the change to use os.rename.
| os.remove(exist_symlink_path) | ||
| logging.debug("Remove the symbol link %s", exist_symlink_path) | ||
|
|
||
| new_symlink_path = os.path.join(dock_vol_path, new_name) |
There was a problem hiding this comment.
Is "renaming" (mv oldSymLink newSymLink) not an option?
There was a problem hiding this comment.
I think "renaming" should work here.
lipingxue
force-pushed
the
issue_715.liping
branch
from
372ce97
to
a5a9d0a
Compare
|
I have addressed comments from Sam and Prashant. Please review it @shaominchen @pdhamdhere |
There was a problem hiding this comment.
LGTM. As I mentioned in one comment, the DB connections are exposed in many classes. We should refactor this code to have a persistence layer (or DAO layer) to handle DB operations. Other core business logic should not handle DB connections. This way different layers can evolve separately.
|
+1 on @shaominchen comment wrt DAO / DB connection consolidation. Please file an issue. The rest is LGTM too. |
| exist_symlink_path = os.path.join(dock_vol_path, name) | ||
| new_symlink_path = os.path.join(dock_vol_path, new_name) | ||
| if os.path.isdir(exist_symlink_path): | ||
| logging.info("Rename the symlink %s to %s", exist_symlink_path, new_symlink_path) |
| for (datastore, url_name, path) in vmdk_utils.get_datastores(): | ||
| dock_vol_path = os.path.join("/vmfs/volumes", datastore, vmdk_ops.DOCK_VOLS_DIR) | ||
| tenant_path = os.path.join(dock_vol_path, tenant_id) | ||
| logging.debug("remove volumes for tenant: try to remove the symlink to path %s", tenant_path) |
There was a problem hiding this comment.
message is a bit unclear. Maybe "Tenant removal: removing symlink " ?
And the rest of the messages should be similar. Also please avoid copy-n-paste for logging format,
instead use something like
VOL_RM_LOG_PREFIX = ""Tenant <name> removal: "
logging.debug(VOL_RM_LOG_PREFIX + "Removing symlink to %s", tenant_id, tenant_path)(or any other reusabe code)
| exist_symlink_path = os.path.join(dock_vol_path, tenant_name) | ||
| if os.path.isdir(exist_symlink_path): | ||
| os.remove(exist_symlink_path) | ||
| logging.debug("remove volumes for tenant: Remove the symbol link %s", exist_symlink_path) |
|
Thanks @shaominchen @msterin Issue #803 is filed to address your DAO layer related comments. |
Turn on log configure in vmdkops_admin.py, auth.py, auth_data.py.
Fix one small bug in function "_tenant_access_ls".
lipingxue
force-pushed
the
issue_715.liping
branch
from
a5a9d0a
to
6a6262d
Compare
|
Fixes #715 |
This PR includes:
Then during tenant rename, we don't delete the directory itself, we just unlink the old symlink and recreate the new symlink.