Made A Decision, and start of 'admin add-grid-manager-cert' command

2025-02-21 02:01:31 +00:00 · 2018-12-17 19:37:43 -07:00 · 2018-12-17 19:37:43 -07:00 · 633f36a33c
commit 633f36a33c
parent d0791eb2b5
2 changed files with 35 additions and 7 deletions
--- a/docs/proposed/grid-manager/managed-grid.rst
+++ b/docs/proposed/grid-manager/managed-grid.rst
@ -129,12 +129,6 @@ certificate will (also) be in a file named like ``alice.cert.0``.
 Enrolling a Storage Server: CLI
 -------------------------------

-DECIDE: is a command like this best, or should you have to edit the
-        config "by hand"? (below fits into warner's philosophy that "at some
-        point" it might be best to have all config in a database or similar
-        and the only way to view/edit it is via tahoe commands...)
-        if command: write it
-        if not: delete this section

 tahoe admin add-grid-manager-cert
 `````````````````````````````````
@ -148,6 +142,32 @@ installed; for now just one is sufficient). You will have to re-start
 your node after this. Subsequent announcements to the Introducer will
 include this certificate.

+.. note::
+
+   This command will simply edit the `tahoe.cfg` file and direct you
+   to re-start. In the Future(tm), we should consider (in exarkun's
+   words):
+
+       "A python program you run as a new process" might not be the
+       best abstraction to layer on top of the configuration
+       persistence system, though.  It's a nice abstraction for users
+       (although most users would probably rather have a GUI) but it's
+       not a great abstraction for automation.  So at some point it
+       may be better if there is CLI -> public API -> configuration
+       persistence system.  And maybe "public API" is even a network
+       API for the storage server so it's equally easy to access from
+       an agent implemented in essentially any language and maybe if
+       the API is exposed by the storage node itself then this also
+       gives you live-configuration-updates, avoiding the need for
+       node restarts (not that this is the only way to accomplish
+       this, but I think it's a good way because it avoids the need
+       for messes like inotify and it supports the notion that the
+       storage node process is in charge of its own configuration
+       persistence system, not just one consumer among many ... which
+       has some nice things going for it ... though how this interacts
+       exactly with further node management automation might bear
+       closer scrutiny).
+

 Enrolling a Storage Server: Config
 ----------------------------------
--- a/src/allmydata/scripts/admin.py
+++ b/src/allmydata/scripts/admin.py
@ -45,6 +45,13 @@ def derive_pubkey(options):
    print("public:", pubkey_vs, file=out)
    return 0

+
+def add_grid_manager_cert(options):
+    """
+    Add a new Grid Manager certificate to our config
+    """
+    return 0
+
 class AdminCommand(BaseOptions):
    subCommands = [
        ("generate-keypair", None, GenerateKeypairOptions,
@ -68,7 +75,8 @@ each subcommand.
 subDispatch = {
    "generate-keypair": print_keypair,
    "derive-pubkey": derive_pubkey,
-    }
+    "add-grid-manager-cert": add_grid_manager_cert,
+}

 def do_admin(options):
    so = options.subOptions