[Maas-devel] You can't use the REST API from PServ
Julian Edwards
julian.edwards at canonical.com
Wed Aug 27 23:26:26 UTC 2014
On Wednesday 27 August 2014 15:09:38 Graham Binns wrote:
> On 27 August 2014 13:34, Julian Edwards <julian.edwards at canonical.com>
>
> wrote:
> > > For now the primary goal with RPC is to remove Celery and RabbitMQ
> > > from the stack, and I think we'd be better served by adding a single
> > > new RPC call to the region, GetSecrets (say), so we can continue to
> > > use the API from clusters.
> >
> > Urgh.....
>
> That said, ISTM kind of odd to be reimplementing a lot of stuff to not use
> the API when we have a perfectly functioning API _which we're not going to
> remove_.
I think we should remove it, see below.
> Consider, in provisioningserver.dhcp.detect we have
> `determine_cluster_interfaces()`, which just calls
> api/1.0/nodegroups/<nodegroup_uuid>/interfaces/list to get the interfaces
> on the cluster. Do we really want to add YARPC just for the sake of that?
> We're going to potentially find more and more of these as we go, so we
> should either declare API off-limits altogether for cluster->region comms
> or we shouldn't spend time reimplementing APIs that don't need to be
> reimplemented. Word from God now would be beneficial to avoid flapping
> later.
I believe we should be moving towards the RPC mechanism and eschewing API
access from clusters.
Having to maintain and think about two separate authentication mechanisms
increases cognitive load, complexity, and needlessly exposes more of the
internal API to external users (who understandably get confused about it).
When I replaced the lease upload API with RPC, there were a couple of niggles
but the underlying code worked fine with RPC, and it didn't take that long to
fix.
Once we get all internal ops done in RPC we can deprecate huge swathes of the
API that only ever existed for internal use.
This does serve as a reminder that we (ie Gavin!) do need to get the
authentication working properly on pserv instances. Right now, all of the
cluster acceptance dance is done via the wrapper script around the celeryd.
J
More information about the Maas-devel
mailing list