-
Notifications
You must be signed in to change notification settings - Fork 103
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
switch name- and ip-checking to opt-in #1589
Conversation
Thanks for the PR @saschalucas I have a few thoughts on this: Another aspect: we should include this explicitly in the QA suite. From a quick glance I think it currently validates e.g. the name check but just because it does not disable it explicitly. I would opt (but possibly in a separate PR?) to test both variants in the QA suite. What do you think? |
It will also break scripts that rely on the old default name-/ip-check. For this case, there is no backwards compatibility. However, I've readded the old options with a deprecation warning. PTAL.
Indeed. I'm still unfamiliar with the QA suite, but it looks like that a fix needs to be addressed in this PR: Lines 452 to 456 in 592c0e9
I'll need some time to get in touch with QA. |
I just ran the QA suite against this PR and it breaks because the QA suite actually tests the name/ip-check behavior (somewhat implicitly). The test
With the checks disabled the command does not fail any more and this is unexpected to the QA suite. We could alter the tests to
This way we would have both variants covered. |
f56bc96
to
cdb4f4c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@saschalucas thanks for this, we had been discussing it for quite a while.
If I recall correctly, the default behavior of checking IP and DNS had to do with how Ganeti was deployed initially at Google as part of a pipeline where an earlier step would do IPAM/DNS provisioning. It is true that most setups are simpler than that, and virtually every one I've seen uses --no-name-check
and --no-ip-check
for instance creation.
action="store_true", | ||
help="Check that the instance's IP is alive (ping)") | ||
|
||
def WarnDeprecatedOption(option, opt_str, value, parser): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should probably live in lib/cli.py
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have tried to move WarnDeprecatedOption
to lib/cli.py
, but ended up with an circular import error, because lib/cli.py
also imports cli_opts
:
# make
PYTHONPATH=. ./autotools/run-in-tempdir \
/tmp/022a060c4e2e293f642f2a46006698f849e40834/saschalucas_colon_name_ip_check-tmp/./autotools/build-bash-completion --compact > doc/examples/bash_completion
Traceback (most recent call last):
File "/tmp/022a060c4e2e293f642f2a46006698f849e40834/saschalucas_colon_name_ip_check-tmp/./autotools/build-bash-completion", line 50, in <module>
from ganeti import cli
File "/tmp/gntbuild.eKSZ4Lo2/ganeti/cli.py", line 58, in <module>
import ganeti.cli_opts
File "/tmp/gntbuild.eKSZ4Lo2/ganeti/cli_opts.py", line 831, in <module>
action="callback", callback=cli.WarnDeprecatedOption,
^^^^^^^^^^^^^^^^^^^^^^^^
AttributeError: partially initialized module 'ganeti.cli' has no attribute 'WarnDeprecatedOption' (most likely due to a circular import)
make: *** [Makefile:4502: doc/examples/bash_completion] Error 1
make: *** Deleting file 'doc/examples/bash_completion'
Any hints?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably in this case it's better to leave it here…
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wow, talk about a blast from the past. I've left a couple of minor wording changes, but looks good from my side.
The details were slightly different, but I agree that in normal setups, these being the default are not needed. |
Nice to hear from you @iustin :-) |
cdb4f4c
to
408f58d
Compare
As often discussed (at Ganeticons etc.) many people like to just create instances without the need to resolv their name via DNS or /etc/hosts. So a common boilerplate in the add command is to use `--no-name-check` `--no-ip-check`. This commit inverts the logic to an opt-in model. During changing the code, I disconverd an undocumented value of the instance's NIC: `ip=auto`, which resolves the instance name and sets the IP to the result. Until now, I was not aware of this.
Signed-off-by: Sascha Lucas <sascha_lucas@web.de>
Signed-off-by: Sascha Lucas <sascha_lucas@web.de>
Signed-off-by: Sascha Lucas <sascha_lucas@web.de>
408f58d
to
30e5984
Compare
The idea is, that before the name-check was implicitly enabled. Now it must be explicitly enabled via extra CLI option. Signed-off-by: Sascha Lucas <sascha_lucas@web.de>
Signed-off-by: Sascha Lucas <sascha_lucas@web.de>
I tried running it against I also checked against kvm, but that fails on bookworm due to hotplug issues. I will do one more run against buster, but I think we are safe to merge. I think it would be better to either make a single commit out of this PR or to sqash-merge it into a single commit, what do you think @saschalucas? |
Thanks @rbott. Of cause I'll squash the commits... if I do not forget it again :-). |
As often discussed (at Ganeticons etc.) many people like to just create
instances without the need to resolv their name via DNS or /etc/hosts.
So a common boilerplate in the add command is to use
--no-name-check
--no-ip-check
. This commit inverts the logic to an opt-in model.During changing the code, I disconverd an undocumented value of the
instance's NIC:
ip=auto
, which resolves the instance name and sets theIP to the result. Until now, I was not aware of this.
This fixes #1384