DB upgrade fix for changes to handle default_datastore. #1179
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -548,8 +548,15 @@ def handle_upgrade_1_1_to_1_2(self): | |
| the vm names for existing records. We try to populate them and keep None for vms | ||
| for which the name couldn't be found. The vmdk_ops admin code which tries to use | ||
| this vm names handles names which are None | ||
| In 1.2, "default_datastore" field must be set in tenants table, so the upgrade process | ||
| will try to set the "default_datastore" field if needed | ||
| In 1.2, for each tenant in tenants table, a privilege to "default_datastore" must be | ||
| present, the upgrade process will try to create this privilege if needed | ||
| In 1.2, for "_DEFAULT" tenant, privilege to "_DEFAULT_DS" need to be removed, and privilege | ||
| to "__VM_DS" and "__ALL_DS" need to be inserted | ||
| """ | ||
| try: | ||
| logging.debug("handle_upgrade_1_1_to_1_2: Start") | ||
| self.conn.create_function('name_from_uuid', 1, vmdk_utils.get_vm_name_by_uuid) | ||
| # Alter vms table to add a new column name vm_name to store vm name | ||
| # update all the existing records with the vm_name. | ||
|
|
@@ -561,11 +568,43 @@ def handle_upgrade_1_1_to_1_2(self): | |
| """ | ||
| sql_script = script.format(DB_MAJOR_VER, DB_MINOR_VER) | ||
| self.conn.executescript(sql_script) | ||
|
|
||
| logging.debug("handle_upgrade_1_1_to_1_2: update vms table Done") | ||
|
|
||
| # update the tenants table to set "default_datastore" to "__VM_DS" if "default_datastore" is "" | ||
| self.conn.execute("UPDATE OR IGNORE tenants SET default_datastore_url = ? where default_datastore_url = \"\"", | ||
| (auth_data_const.VM_DS_URL,)) | ||
| logging.debug("handle_upgrade_1_1_to_1_2: update default_datastore in tenants table") | ||
|
|
||
| cur = self.conn.execute("SELECT * FROM tenants") | ||
| result = cur.fetchall() | ||
|
|
||
| self.conn.execute("INSERT OR IGNORE INTO privileges(tenant_id, datastore_url, allow_create, max_volume_size, usage_quota)" | ||
| "SELECT tenants.id, tenants.default_datastore_url, 1, 0, 0 FROM tenants") | ||
|
There was a problem hiding this comment. Nit: just for readability, a single string is nicer. |
||
| logging.debug("handle_upgrade_1_1_to_1_2: Insert privilege to default_datastore in privileges table") | ||
|
|
||
| cur = self.conn.execute("SELECT * FROM tenants WHERE id = ?", | ||
| (auth_data_const.DEFAULT_TENANT_UUID,) | ||
| ) | ||
|
|
||
| result = cur.fetchall() | ||
| logging.debug("handle_upgrade_1_1_to_1_2: Check DEFAULT tenant exist") | ||
| if result: | ||
|
There was a problem hiding this comment. it's a better practice to say "if not result: return" |
||
| # _DEFAULT tenant exists | ||
| # insert full access privilege to "__ALL_DS" for "_DEFAULT" tenant | ||
|
There was a problem hiding this comment. I am not sure what exactly should be the end result here. I think it is "if there is a default tenant. and it was not edited, then open up ALL_DS for it" Generally I think there should be (1) quick comment about what is the change (e.g. There was a problem hiding this comment. I think the end result is:
There was a problem hiding this comment. Actually, I think case2 is not possible since we don't expose the name "_DEFAULT_DS" to user so I don't think user can remove or modify the access privilege to "_DEFAULT_DS" unless they read the code. There was a problem hiding this comment. Then I think there are only two cases:
There was a problem hiding this comment. What if the tenant exists and default_ds is edited - will it work correctly in the new design ? There was a problem hiding this comment. We don't show the datastore name "_DEFAULT_DS" when display the access privilege for tenant "_DEFAULT". So it is very unlikely that the "default_ds" is edited. But in case it has been edited, user may need to tighten the access privilege to "__ALL_DS" if he/she wants. Another option is: But this break the constraint that "volume-totalsize" must be "unlimit" for "_VM_DS" and "_ALL_DS". We put this constraint before our code cannot handle the "usage_quota" for "_VM_DS" and "_ALL_DS". |
||
| all_ds_privilege = (auth_data_const.DEFAULT_TENANT_UUID, auth_data_const.ALL_DS_URL, 1, 0, 0) | ||
| self.conn.execute("INSERT INTO privileges(tenant_id, datastore_url, allow_create, max_volume_size, usage_quota) VALUES (?, ?, ?, ?, ?)", | ||
| all_ds_privilege) | ||
| logging.debug("handle_upgrade_1_1_to_1_2: Insert privilege to __ALL_DS for _DEFAULT tenant in privileges table") | ||
| # remove access privilege to "DEFAULT_DS" | ||
| self.conn.execute("DELETE FROM privileges WHERE tenant_id = ? AND datastore_url = ?", | ||
| [auth_data_const.DEFAULT_TENANT_UUID, auth_data_const.DEFAULT_DS_URL]) | ||
| logging.debug("handle_upgrade_1_1_to_1_2: Remove privilege to _DEFAULT_DS for _DEFAULT tenant in privileges table") | ||
| self.conn.commit() | ||
| return None | ||
| except sqlite3.Error as e: | ||
| error_msg = "Error when upgrading auth DB table({})".format(str(e)) | ||
| logging.error("handle_upgrade_1_1_to_1_2. %s", error_msg) | ||
| raise DbUpgradeError(self.db_path, error_msg) | ||
|
|
||
| def __handle_upgrade(self): | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think upgrade logging can mainly go to info. Upgrade errors are notorious and we'd better have all data no matter what the logging level was. Plus, upgrade is one time event so we do not pollute the logs...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.