<div dir="ltr"><div><div>Tim, let's make conductor reporting that root enabled until we could be able to teach trove how to manage its own extensions. Because extensions are too complicated, as you said. So, it's really would be better to give conductor an ability to handle root reporting.<br>
<br></div>Best regards,<br></div>Denis Makogon<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">2013/12/20 Tim Simpson <span dir="ltr"><<a href="mailto:tim.simpson@rackspace.com" target="_blank">tim.simpson@rackspace.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">




<div>
<div style="direction:ltr;font-size:10pt;font-family:Tahoma">I think you're addressing a different problem which is that the extensions for MySQL shouldn't always apply to every single datastore. However I think we should proceed on the assumption
 that this will be fixed.
<div><br>
</div>
<div>Btw, last time we tried to address it there was a week of awful, three hour meetings and we couldn't reach consensus. </div>
<div><br>
</div>
<div>Thanks,</div>
<div><br>
</div>
<div>Tim<br>
<div style="font-size:16px;font-family:Times New Roman">
<hr>
<div style="direction:ltr"><font color="#000000" face="Tahoma"><b>From:</b> Denis Makogon [<a href="mailto:dmakogon@mirantis.com" target="_blank">dmakogon@mirantis.com</a>]<br>
<b>Sent:</b> Friday, December 20, 2013 9:44 AM<div><div class="h5"><br>
<b>To:</b> OpenStack Development Mailing List (not for usage questions)<br>
<b>Subject:</b> Re: [openstack-dev] [trove] Dropping connectivity from guesagent to Trove back-end<br>
</div></div></font><br>
</div><div><div class="h5">
<div></div>
<div>
<div dir="ltr">
<div>Unfortunately, Trove cannot manage it's own extensions, so if, suppose, i would try to get provisioned cassandra instance i would be still possible to check if root enabled.
<br>
Prof: <a href="https://github.com/openstack/trove/blob/master/trove/extensions/mysql/service.py" target="_blank">
https://github.com/openstack/trove/blob/master/trove/extensions/mysql/service.py</a><br>
</div>
There are no checks for datastore_type, service just loads root model and that's it, since my patch create root model, next API call (root check) will load this model.<br>
<div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">2013/12/20 Tim Simpson <span dir="ltr"><<a href="mailto:tim.simpson@rackspace.com" target="_blank">tim.simpson@rackspace.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<div style="direction:ltr;font-size:10pt;font-family:Tahoma">Because the ability to check if root is enabled is in an extension which would not be in effect for a datastore with no ACL support, the user would not be able to see that the marker for root enabled
 was set in the Trove infrastructure database either way. 
<div><br>
</div>
<div>By the way- I double checked the code, and I was wrong- the guest agent was *not* telling the database to update the root enabled flag. Instead, the API extension had been updating the database all along after contacting the guest. Sorry for making this
 thread more confusing.</div>
<div><br>
</div>
<div>It seems like if you follow my one (hopefully last) suggestion on this pull request, it will solve the issue you're tackling: <a href="https://review.openstack.org/#/c/59410/5" target="_blank">https://review.openstack.org/#/c/59410/5</a></div>

<div><br>
</div>
<div>Thanks,</div>
<div><br>
</div>
<div>Tim</div>
<div><br>
<div style="font-size:16px;font-family:Times New Roman">
<hr>
<div style="direction:ltr"><font color="#000000" face="Tahoma"><b>From:</b> Denis Makogon [<a href="mailto:dmakogon@mirantis.com" target="_blank">dmakogon@mirantis.com</a>]<br>
<b>Sent:</b> Friday, December 20, 2013 8:58 AM<br>
<b>To:</b> OpenStack Development Mailing List (not for usage questions)<br>
<b>Subject:</b> Re: [openstack-dev] [trove] Dropping connectivity from guesagent to Trove back-end<br>
</font><br>
</div>
<div>
<div>
<div></div>
<div>
<div dir="ltr">
<div>
<div>Thanks for response, Tim.<br>
<br>
</div>
As i said, it would be confusing situation when database which has no ACL would be deployed by Trove with root enabled - this looks very strange since user allowed to check if root enabled. I think in this case Conductor should be _that_ place which should
 contain datastore specific logic, which requires back-end connectivity.<br>
</div>
<div><br>
It would be nice to have consistent instance states for each datastore types and version.<br>
<br>
</div>
<div>Are there any objections about letting conductor deal with it ?<br>
<br>
</div>
<div><br>
<br>
Best regards, <br>
Denis Makogon<br>
</div>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">2013/12/20 Tim Simpson <span dir="ltr"><<a href="mailto:tim.simpson@rackspace.com" target="_blank">tim.simpson@rackspace.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<div style="direction:ltr;font-size:10pt;font-family:Tahoma">Hi Denis,
<div><br>
</div>
<div>The plan from the start with Conductor has been to remove any guest connections to the database. So any lingering ones are <span style="font-size:10pt">omissions which should be dealt with.</span></div>
<div>
<div><br>
</div>
<div>>> <span style="font-family:Arial;font-size:15px;text-align:justify;text-indent:48px">Since not each database have root entity (not even ACL at all) it would be incorrect to report about root enabling on server-side because server-side(trove-taskmanager)
 should stay common as it possible.</span></div>
<div><span style="font-family:Arial;font-size:15px;text-align:justify;text-indent:48px"><br>
</span></div>
</div>
<div>
<div><span style="font-family:Arial;font-size:15px;text-align:justify;text-indent:48px">I agree that in the case of the root call Conductor should have another RPC method that gets called by the guest to inform it that the root entity was set.</span></div>

</div>
<div><span style="font-family:Arial;font-size:15px;text-align:justify;text-indent:48px"><br>
</span></div>
<div><span style="font-family:Arial;font-size:15px;text-align:justify;text-indent:48px">I also agree that any code that can stay as common as possible between datastores should. However I don't agree that trove-taskmanager (by which I assume you mean the
 daemon) has to only be for common functionality. </span></div>
<div style="font-family:'Segoe UI',Helvetica,Arial,sans-serif;margin-top:0px;margin-bottom:0px" align="justify">
<font color="black" face="Arial"><span style="font-size:15px"><br>
</span></font></div>
<div>Thanks,</div>
<div><br>
</div>
<div>Tim</div>
<div><br>
<div style="font-size:16px;font-family:Times New Roman">
<hr>
<div style="direction:ltr"><font color="#000000" face="Tahoma"><b>From:</b> Denis Makogon [<a href="mailto:dmakogon@mirantis.com" target="_blank">dmakogon@mirantis.com</a>]<br>
<b>Sent:</b> Friday, December 20, 2013 7:04 AM<br>
<b>To:</b> OpenStack Development Mailing List<br>
<b>Subject:</b> [openstack-dev] [trove] Dropping connectivity from guesagent to Trove back-end<br>
</font><br>
</div>
<div>
<div>
<div></div>
<div>
<div dir="ltr">
<p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;text-align:justify">
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">    Goodday, OpenStack D÷aaS community.</span></p>

<br>
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal"></span><br>
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal"></span>
<p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;text-align:justify">
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">    I'd like to start conversation about dropping connectivity from In-VM
 guestagent and Trove back-end.</span></p>
<p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;text-align:justify">
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">    Since Trove has conductor service which interacts with agents via MQ
 service, we could let it deal with any back-end required operations initialized by guestagent.</span></p>
<p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;text-align:justify">
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">    Now conductor deals with instance status notifications and backup status
 notifications. But guest still have one more operation which requires back-end connectivity – database root-enabled reporting [1]. After dealing with it we could finally drop connectivity [2].<br>
</span></p>
<p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;text-indent:36pt;text-align:justify">
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">Since not each database have root entity (not even ACL at all) it would
 be incorrect to report about root enabling on server-side because server-side(trove-taskmanager) should stay common as it possible.</span></p>
<p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;text-align:justify">
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">    My first suggestion was to extend conductor API [3] to let conductor
 write report to Trove back-end. Until Trove would reach state when it would support multiple datastore (databases) types current patch would work fine [4], but when Trove would deliver, suppose, Database (without ACL) it would be confusing when after instance
 provisioning user will find out that some how root was enabled, but Database doesn't have any ACL at all.</span></p>
<p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;text-align:justify">
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">    My point is that Trove Conductor must handle every database (datastore
 in terms of Trove) specific operations which are required back-end connection. And Trove server-side (taskmanager) must stay generic and perform preparation tasks, which are independent from datastore type.<br>
</span></p>
<br>
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal"></span>
<p style="margin-bottom:0in" align="JUSTIFY">[1] <a href="https://github.com/openstack/trove/blob/master/bin/trove-guestagent#L52" target="_blank">
https://github.com/openstack/trove/blob/master/bin/trove-guestagent#L52</a></p>
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal"></span>
<p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;text-align:justify">
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">[2]</span><a href="https://bugs.launchpad.net/trove/+bug/1257489" style="text-decoration:none" target="_blank"><span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">
</span><span style="font-size:15px;font-family:Arial;color:rgb(17,85,204);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:underline;vertical-align:baseline">https://bugs.launchpad.net/trove/+bug/1257489</span></a></p>

<p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;text-align:justify">
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">[3]</span><a href="https://review.openstack.org/#/c/59410/5" style="text-decoration:none" target="_blank"><span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">
</span><span style="font-size:15px;font-family:Arial;color:rgb(17,85,204);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:underline;vertical-align:baseline">https://review.openstack.org/#/c/59410/5</span></a></p>

<p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;text-align:justify">
<span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">[4]</span><a href="https://review.openstack.org/#/c/59410/" style="text-decoration:none" target="_blank"><span style="vertical-align:baseline;font-variant:normal;font-style:normal;font-size:15px;background-color:transparent;text-decoration:none;font-family:Arial;font-weight:normal">
</span><span style="font-size:15px;font-family:Arial;color:rgb(17,85,204);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:underline;vertical-align:baseline">https://review.openstack.org/#/c/59410/</span></a></p>

</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org" target="_blank">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org" target="_blank">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</div>
</div></div></div>
</div>
</div>
</div>

<br>_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br></div>