On Mon, Feb 24, 2014 at 3:50 PM, Andrew Wilkins < andrew.wilk...@canonical.com> wrote:
> On Mon, Feb 24, 2014 at 3:46 PM, Ian Booth <ian.bo...@canonical.com>wrote: > >> > >> > It doesn't necessarily have to be a worker, just something that runs >> once >> > at machine agent startup: wait for environ config, write rsyslog config, >> > restart rsyslog. >> > >> >> That's actually how the upgrade happens now - the machine agent is the >> process >> which invokes the upgrade operations with a context containing a state API >> connection ie the upgrades are only run once a state server worker is >> running >> and the API (and hence environment) is available. So we could do whatever >> rsyslog config changes are needed to support TLS as part of the standard >> upgrade >> process. Unless I'm misunderstanding something. > > > Yep, I'm suggesting we do that, but not as an upgrade step. Just do it at > agent startup time, all the time. Then the bits in environs/cloudinit can > be deleted. > > As said before, though, upgrading to TLS is out of the question due to > inability to either use old certs or generate new ones within the > environment. > Here's another reason to centralise it: https://bugs.launchpad.net/juju-core/+bug/1284020 I'm updating the code to set TLS things and stumbled across this problem. Dimiter has a CL up for review which adds LogDir to the agent config which will help here: https://codereview.appspot.com/66540044/ >> -- >> Juju-dev mailing list >> Juju-dev@lists.ubuntu.com >> Modify settings or unsubscribe at: >> https://lists.ubuntu.com/mailman/listinfo/juju-dev >> > >
-- Juju-dev mailing list Juju-dev@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju-dev
