Restarts were configured only when the ceilometer agent endpoint
had changed and only alarm services were triggered to be restarted.
This change adds a check for the gnocchi service having changed
too and restarts all services to be on the safe side.
Closes-Bug: #1867924
Change-Id: I48e2f079e2db640d485bc74bfc2cedfd7e82ac84
Sending a byte string to relation-set can result in the data
being sent being prefixed with a "b'". In this case it corrupts
the b64encoding and the receiving charm (ceilometer-agent) cannot
b64decode the data.
Change-Id: I004bff0706362f893f2f69b07568be1034dbf574
At Newton when the certificates relation is joined the ceilometer-api
systemd override file is written with an updated port but systemd is
not reloaded. This causes ceilometer-api to bind to the wrong port
which fails since it is already in use.
Change-Id: I56579368173c6a269fcbad897649f92001cf539e
Closes-Bug: #1852050
Fix service_name when calling process_certificates so it matches
what ApacheSSLContext expects.
Ceilometers Apache config is rendered using
ceilometer_contexts.ApacheSSLContext. This class is a subclass of
charmhelpers.contrib.openstack.context.ApacheSSLContext. The
ceilometer specialised class sets 'service_namespace = "ceilometer"'.
This is then used by parent class to set the destination for certs
and keys to:
ssl_dir = os.path.join('/etc/apache2/ssl/', self.service_namespace)
The code to process incoming certificates from the certificates
relation does something very similar.
charmhelpers.contrib.openstack.cert_utils.process_certificates
takes a service_name parameter. It uses this to set the destination
directory that incoming certificates will be stored in:
ssl_dir = os.path.join('/etc/apache2/ssl/', service_name)
Obviously these two ssl directories need to match. But they do not
because process_certificates is currently called like this:
cert_utils.process_certificates('ceilometer-api', relation_id, unit)
Change-Id: I41a26d00b4d2b22a5cfd2ef38ec76f2efd13f75b
Closes-Bug: #1849292
When upgrading from trusty to xenial, the charm switches to systemd.
However, the directory /etc/systemd/system/ceilometer-api.service.d
doesn't exist as the charm installed on trusty. This change ensures
that the directory does exist during series upgrade.
Change-Id: Icc3617f97b0a28c5a3779b60bde90144d661697a
Closes-Bug: #1838634
The file is subsequently encoded as base64, which requires a
bytes-like object, not a str
Change-Id: I3d53fe98caaf1728f1d0c67de2c4a5e53deafa0e
Closes-Bug: #1834215
Add support for the charm to request and receive certificates from
the tls-certificates relation.
Add missing direct ``amqp`` relation between ``ceilometer-agent``
and ``rabbitmq-server``
Change-Id: I931f5d3fcbf28e85b1a8e3e7cf24d13cf741e4bd
Closes-Bug: #1818546
The pre-install operations may fail, yet that failure is not
elevated to the user. This masks the failure and makes early
package install issues difficult to troubleshoot.
If the basic pre-install script fails, the charm should not
proceed to later hooks as the requirements may not be met.
Hashbangs for bash should specify -e (errexit) on all of the
pre-install bash scripts.
Change-Id: Ibea69c2280c58f995152330f8a60f7d1babcf549
Closes-bug: #1815243
Partial-bug: #1815231
The previous attempt at addressing Bug#1811108 was a bit naive.
It was not HA aware and it failed to handle upgrade-charm.
This change moves from kv to leader-set as only the leader needs to run
the action and then inform the other nodes.
Note: on upgrade-charm we must assume the deployment has run
ceilometer-upgrade as there is no mechanism to determine this
independently. If we do not do this, the charm is in blocked state after
charm-upgrade. A warning is logged that this assumption has occurred.
Partial-Bug: #1811108
Change-Id: Idcc26df53542e78f0671942c99edfcbf61eccf6c
Commit 3838010a added code that was subsequently made redundant
by commit 668a2898 but never removed. This patch cleans things
up.
Change-Id: I59fcea6f5bb19e0bc57856600a85a18419cf8730
Use the generate_ha_relation_data helper from charmhelpers to
generate the data to send down the relation to the hacluster
charm.
This results in a few changes in behaviour:
1) The charm will no longer specify a nic name to bind the vip. This
is because Pacemaker VIP resources are able to automatically
detect and configure correct iface and netmask parameters based
on local configuration of the unit.
2) The original iface named VIP resource will be stopped and deleted
prior to the creation of the new short hash named VIP resource.
Change-Id: I6c10762e4f3367684f19852d03d5e5b84cf37600
On charm upgrade the charm may switch to py3 packages. If so, ensure
the old py2 packages are purged. If the purge occurs then restart
services.
Change-Id: I23812e518d5d0ba64dff33ac8d704b8b0f829b7e
Closes-Bug: 1803451
This change adds the ability to listen for events across multiple
rabbit queues. Nova cells v2 has a message broker per cell and
the charms already support having a separate message broker for
neutron, in both these topologies ceilometer needs the ability to
listen to multiple brokers.
To achieve this a new relation 'amqp-listener' has been introduced.
The existing 'amqp' relation should be used for the broker that
ceilometer listens to and publishes to. 'amqp-listener' should be
used for additional brokers that ceilometer just listens on.
Update functional tests to satisfy relation with
nova-cloud-controller.
Change-Id: Ifdade3f7814620f4cd4a1d35a584cbc099bb6d88
Switch package install to Python 3 for OpenStack Rocky or later.
When upgrading, remove any python-* packages that where explicitly
installated and then autoremove --purge any dependencies that are
no longer required.
Change-Id: I120ed44988f9e86a27f464dc879acdc1b8926dd8
There is a use-case to forward events received by ceilometer from
OpenStack services to an external system via http/udp. It comes
from the fact that aodh does not include all information about an
event alarm into POSTed data. Raw event data can be published by
ceilometer via http/udp to an external system without giving a
user direct access to rabbitmq.
This patch adds a context generator, associated templates, and
configuration entry for configuring multiple event-sinks in
/etc/ceilometer/event_pipeline.yaml. This also modifies the
ceilometer.conf templates to reflect the correct naming of the
same file to align with upstream Ceilometer.
Also adds support for a future Panko charm event consumer using
the event-service interface in the above context with associated
metadata and hook symlinks.
This change will only effect Mitaka and later clouds.
Closes Bug: 1763321
Change-Id: I931438c720272bd9a3d2b958ebabcd3584790bd0
The ceilometer-upgrade command needs to be run to update back end
ceilometer data stores. When attempting to run this command during
deploy time due to the number of required relations many inherent
race conditions exist leading to Bug#1749280.
This change allows the ceilometer-upgrade command to be run as an action
post-deploy.
Change-Id: I64a56d9a38532476b8a01df6227231a1276c708f
Closes-Bug: #1749280
When >= queens ceilometer uses the identity-credentials relation
rather than the identity-service relation. When using HTTPS
ceilometer still needs the CA certificate from keystone.
This change sets up the CA when using the identity-credentials
relation.
Please merge https://github.com/juju/charm-helpers/pull/124 first.
Change-Id: I7c6ca1d913ad8b8123685a064933031f322869df
For OpenStack versions >= Queens the Ceilometer Charm
requires a 'identity-credentials' relation to Keystone
and not a 'identity-service' relation.
Log a warning-level verbose message when 'identity-service'
relation is detected on a >= Queens deployment.
Change-Id: I8e3ff1b899b877cd2870f4bbaaea155e4433c4f4
Closes-Bug: #1751772
For queens, only the identity-credentials relation is required
as ceilometer no longer registers endpoints; ensure the correct
relation name is used when checking to see if the ceilometer
upgrade process can be executed.
Change-Id: I8482e97f4f60e019b0225f67c568965adbb034cb
Update charm to support Ceilometer@Queens; specifically:
- Removal of Ceilometer API service
- Removal of ceilometer-collector service
Most of this change is related to dropping of these
services; In addition its now possible to complete a
ceilometer-upgrade without mongodb being configured.
As this charm no longer provides any endpoints to
keystone, for Queens the identity-credentials relation
is required instead of the identity-service relation.
Change-Id: I3cefc24ffc9a0e60f446fbbdff603dfad37f7baa
When an existing cluster of the service is scaled out the new unit
will join with keystone before it is fully clustered. In identity
joined hook the charmhelpers function canonical_url is called which
in turn uses another charmhelpers function, resolve_address.
resolve_address will only return the vip if the vip is set in config
AND the unit is clustered. This means that the units local address
is returned and that is then registered with keystone.
This change gates registering an endpoint if the cluster is
partially formed.
Change-Id: Icf2753b6b21347af8106ebad03d81309177d09f2
Partial-Bug: #1544959
The OpenStack OCF resource definitions for Ceilometer have proven
to be quite brittle, and we can achieve much the same end by just
using the lsb module to track ceilometer-agent-central directly.
Drop all use of ocf:openstack and delete res_ceilometer_polling
which is a) broken for Pike and b) complete misnamed. Configure
'lsb:ceilometer-agent-central' for all deployments irrespective
of release.
Change-Id: I7b02065cf245ae480c04d5db235866e879c14002
Closes-Bug: 1718830
Enable dual stack IPv4 and IPv6 VIPs on the same interface.
HAProxy always listens on both IPv4 and IPv6 allowing connectivity
on either protocol.
charm-helpers sync for HAProxy template changes.
Change-Id: Iaf85680f2c8b08856ff2476a97798ca94994aaa6
Add new metric-service interface to support use of
Gnocchi as a storage backend for resource and metric
data.
Configure ceilometer to use the gnocchi dispatcher
in the event that ceilometer is related to gnocchi.
This has the side effect of disabling the ceilometer
API - Aodh and Gnocchi API's should be used directly
in this deployment topology.
Note that Gnocchi is only supported in OpenStack
Mitaka or later; 'metrics-service' is added to the
required interfaces configuration as an alternative
to 'mongodb' for >= Mitaka.
Change-Id: Ia31dfefd5efa3fb5ec2ba5d132ee865c567bd8df
Use the get_relation_ip function for selecting addresses for the
cluster relationship. Including overrides for the admin, internal,
and public config settings or extra bindings.
Partial-Bug: #1687439
Change-Id: I3e651e32a970a427597cc485b8549d51442919cd
- sync charmhelpers with fix-alpha helpers
- fix up code where the alpha comparisons are done
- fix tests which assumed mocks would just work on os_release()
Change-Id: I3d142f04bedc7dde12f3c079534cd43841fa8401
Related-Bug: #1659575
By providing openstack network relation data during cluster join we
allow haproxy backends to be configured in the corresponding os networks
should a 'public-address' not be available.
Change-Id: Ie370552410fffb859d236a011844427d8b3aff45
Closes-Bug: #1669044
Since Liberty ceilometer-agent-central has been replaced with
ceilometer-polling. There is some confusion there as the package
is still named ceilometer-agent-central.
For OpenStack releases >= Liberty stop checking for the
ceilometer-agent-central service to be running.
TODO for post release: remove the OCF management of the service(s).
Change-Id: I5064ce130da1ec302245aaff5dbe93d9dab63b38
Partial-bug: #1664898
When LXC container start systemd runs apt.systemd.daily,
which locks dpkg database.
This change implements a 'wait for lock release', so that
install hook doesn't fail when deploying inside LXC.
Change-Id: I71a38ec8ea208f6c9ef1ae3dabda63bd26fa20fa
Closes-Bug: 1656651
This change aligns with the Ocata ceilometer package, which has
moved the ceilometer-api to run under mod_wsgi with apache2.
Change-Id: I0f13f3bcb346182541376843a65d07f570f89442
'alarm-listener' in Aodh would be deployed if you use charm-aodh.
It expects that ceilometer publish events with 'alarm.all' topic,
then it can evaluate alarm criteria pre-configured by users.
This patch makes ceilometer publish events for event-driven alarm
evaluation in Aodh.
Change-Id: Id536c9d847ac9c08b9d7d309b4639606e6860a17
The ceilometer-agent-central and ceilometer-agent-compute
services are now completely removed from the liberty release
of ceilometer. The new implementation is to use
ceilometer-polling and call the respective pollsters by
namespace.
Change-Id: I3af6fe9cc9c5b0fcf0406f89f402cbd1a31f66c4
Closes-Bug: 1606787
Ceilometer switched to using wsgi_script to generate the
ceilometer-api binary; this resulted in a few packaging changes,
including one which means the listen port for Ceilometer API is
set via the systemd unit, rather than the ceilometer.conf
configuration file.
Add systemd override file handling for ceilometer-api, including a
small workaround which ensures that the systemd daemon loads the
override configuration file when it changes (only possible during
config-changed with enabling SSL support).
This charm should switch to using Apache + mod_wsgi next cycle, at
which point all of that can just be dropped.
Change-Id: Ic8b359d0b91fda144925f5c75044f919e73aadd9
Closes-Bug: 1629796
All contributions to this charm where made under Canonical
copyright; switch to Apache-2.0 license as agreed so we
can move forward with official project status.
Change-Id: I15bca9b973b61e408e25c113035702a596c45268
Implement DNS high availability. Pass the correct information to
hacluster to register a DNS entry with MAAS 2.0 or greater rather
than using a virtual IP.
Charm-helpers sync to bring in DNS HA helpers
Change-Id: I543095a210e668f30c3617990b3ee668a3143dd9
Pause failed as configure_https() had a service restart that was missed
in the initial pause/resume feature addition. configure_https() was
triggered via a 'config-changed' hook that could occur whilst the unit
is pause.
Also enhanced the pause/resume test to include a forced 'config-changed'
hook to run to test that the fix works.
Change-Id: I0d2820fe5d447dd7877afacb0a63a8590f027b31
Closes-Bug: #1570375
Add charmhelpers.contrib.hardening and calls to install,
config-changed, upgrade-charm and update-status hooks. Also
add new config option to allow one or more hardening
modules to be applied at runtime.
Change-Id: I7752d72cc5a3f47fe66bca23aac730d76af8556a
Adds improved pause and resume unit to the charm such tha the
charm stays paused during maintenance operations. Updates the
basic_deployment.py to use the the new version of
python-ceilometerclient (that's available in xenial, but works
back to icehouse/precise.
Change-Id: I869e467d0e4d9fecd661a6f946d45e31535ea11e
The charm should always update ceilometer relation data when identity-relation
data is changed.
Change-Id: I8e8acacd30b9be0d63464427015358e7fcc683e7
Closes-Bug: 1517225
shared secrets from other nodes (leader node).
The secret sharing previously worked because it used the peer storage
prior to leadership election due to the direct usage of relation_get
rather than using the retrieval methods provided by the peer storage
framework.
Closes Bug: LP #1541618