StarlingX Distributed Cloud
eb572c47f8
In distributed cloud, subcloud's user ids, project ids and role ids are synced with System Controller. But project role assignment functions still use names to check if master resources and subcloud resources has the same id, and if user, project and role exist before POST call to grant project role to user. This will cause an assignment PUT job created and identity sync status flip from "in-sync" to "out-of-sync" and back to "in-sync" again for every audit cycle. A more detailed explanation, at the very first audit, roles are queued for sync but the job doesn't run and their ids don't changed at the subcloud yet. At the same audit dcorch finds the project role assignment actually exist (since it check names in has_same_ids()), so it maps the the assginment of center cloud to the assignment of the subcloud with the current ids. Once the roles sync job queued get executed, roles ids are changed. At this point the assignment mappings becomes invalid. The next audit can no longer find the mapped assignment from subcloud so the logic falls into audit_discrepancy() where the has_same_ids() return TRUE again and a PUT job is queued for the assignment. The sync endpoint type becomes "out-of-sync" since there is a job for it. Once the PUT function return, its status returns to "in-sync" again. This change updated project role assignment functions to use ids instead of names. Change-Id: I024f2c2f97aaf9670d7b2c5c70a2dae7d6d08d38 Closes-Bug: 1847661 Signed-off-by: Andy Ning <andy.ning@windriver.com> |
||
---|---|---|
api-ref/source | ||
dcdbsync | ||
dcmanager | ||
dcorch | ||
doc | ||
etc | ||
ocf | ||
releasenotes | ||
.coveragerc | ||
.coveragerc_xml | ||
.gitignore | ||
.gitreview | ||
.mailmap | ||
.testr.conf | ||
.zuul.yaml | ||
babel.cfg | ||
CONTRIBUTING.rst | ||
CONTRIBUTORS.wrs | ||
HACKING.rst | ||
LICENSE | ||
MANIFEST.in | ||
pylint.rc | ||
README_DC | ||
README.rst | ||
requirements.txt | ||
setup_ddt_tests.py | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini |
DistributedCloud
Wind River's Distributed Cloud system supports an edge computing solution by providing central management and orchestration for a geographically distributed network of Titanium Cloud systems.