Public/ubicloud
2
0
Fork 0
mirror of https://github.com/ubicloud/ubicloud.git synced 2025-10-08 07:41:58 +08:00
Code Issues Projects Releases Packages Wiki Activity
ubicloud/prog/vnet/cert_server.rb
Furkan Sahin a886f37ba8 Synchronise VM removal from load balancer in case of destroy 
When we try to destroy the VM completely before the load balancer
completes the metadata endpoint clean-up, the vm gets stuck on removal.
With this commit, we make sure the related networking cleanup is done
only after load balancer completes its cleanup.
2025-08-19 10:36:30 +02:00

47 lines
1.2 KiB
Ruby
Raw Permalink Blame History

# frozen_string_literal: true
class Prog::Vnet::CertServer < Prog::Base
subject_is :load_balancer
def vm
@vm ||= Vm[frame.fetch("vm_id")]
end
label def before_run
pop "vm is destroyed" unless vm
end
label def reshare_certificate
put_cert_to_vm
pop "certificate is reshared"
end
label def put_certificate
nap 5 unless load_balancer.active_cert&.cert
put_cert_to_vm
hop_start_certificate_server
end
label def start_certificate_server
vm.vm_host.sshable.cmd("sudo host/bin/setup-cert-server setup #{vm.inhost_name}")
pop "certificate server is started"
end
label def remove_cert_server
vm.vm_host.sshable.cmd("sudo host/bin/setup-cert-server stop_and_remove #{vm.inhost_name}")
vm.incr_removed_from_lb
pop "certificate resources and server are removed"
end
def put_cert_to_vm
cert = load_balancer.active_cert
fail "BUG: certificate is nil" unless cert&.cert
cert_payload = cert.cert
cert_key_payload = OpenSSL::PKey::EC.new(cert.csr_key).to_pem
vm.vm_host.sshable.cmd("sudo host/bin/setup-cert-server put-certificate #{vm.inhost_name}", stdin: JSON.generate({cert_payload: cert_payload.to_s, cert_key_payload: cert_key_payload.to_s}))
end
end
Reference in a new issue View git blame Copy permalink