This change fixes an issue that when the charm-designate is
related to two different designate-bind applications, the same
rndc key file is used for the two different applications.
We fix this by writing an rndc_key_file per application rather than in
a single rndc.key file for all the units.
Closes-Bug: #1995975
Change-Id: I5dafeb2b4dcf9549260081d3674038f836d29f0f
Signed-off-by: David Negreira <david.negreira@canonical.com>
Before, the update-status hook would run many handlers
that would have been normally done only during
configuration changes.
Consequently it creates an impact on the service and
apply changes every time the hook is triggered, which is
in most deployments every 5 minutes.
This prevents the DNS zones managed by Designate to be
updated constantly and potentially avoid race conditions
within designate components.
Closes-bug: #2003528
Change-Id: I0d4fea182da1316c0c30c143e64fcd2ca682afff
Currently, the charm ignores the use-internal-endpoints config
option that is being inherited from the Openstack Layer. This
patch adds a check to ensure that the internal endpoint is exposed
if this is set to True.
Closes-bug: #1995188
Change-Id: I48a04ac619204ba109d87ca05de7cbe308592486
As per the bug report, designate-mdns service appear to restart multiple time.
This patch disable the service until the configuration has been rendered.
Closes-Bug: #1925233
Change-Id: Ib9843bda9c6967ce50cec8d721079bd70f7f3040
Added NRPE checks to detect when upstream DNS servers
are unreachable. We had a case where a customer changed
settings on their DNS servers which caused an outage.
The added check will allow our alerting to capture
cases where the upstream DNS servers become unreachable.
One service check is generated for each value found
in the 'nameservers' charm config params. The checks
use the 'check_dns' command with a host value of
'canonical.com', and each command checks a corresponding
nameserver value from the 'nameservers' config params. All
other optional flags for 'check_dns' are using the default
values.
Closes-bug: #1850216
Change-Id: Iea601977851d5c4ea2b9b79071d94b2385637d57
The mock third party library was needed for mock support in py2
runtimes. Since we now only support py36 and later, we can use the
standard lib unittest.mock module instead.
Note that https://github.com/openstack/charms.openstack is used during tests
and he need `mock`, unfortunatelly it doesn't declare `mock` in its
requirements so it retrieve mock from other charm project (cross dependency).
So we depend on charms.openstack first and when
Ib1ed5b598a52375e29e247db9ab4786df5b6d142 will be merged then CI
will pass without errors.
Depends-On: Ib1ed5b598a52375e29e247db9ab4786df5b6d142
Change-Id: I7b12f467e329e2693e4c7349f328133a1ec3cb00
The configuration option nameserver expects each value to have a dot (.)
at the end, currently when this dot is missing the servers creation
fail, the error doesn't bubble up. On the neutron-api charm adds the dot
automatically when it's missing in the dns-domain config option, this
change makes the Designate charm behave in the same way.
Change-Id: If335c9b5b1b2adca3e39fa4f1d182dfbe362f874
Closes-Bug: #1952656
When shared-db is rejoined the charm will reconfigure the DB IFF DB
related flags are cleared.
Change-Id: Ieb575d6aa220f10c519425f1e1a6f59e29c512f1
Closes-Bug: #1887265
Use default_update_peers which will publish admin, internal and public
addresses to peers. Remove duplicate update_peers from handlers.
Includes fixes for pep8 failures.
Change-Id: I89f2448b4deb71271f7ef0560d9a2607f21ae6c7
Closes-Bug: #1858132
Previously the default ``certificates.available`` handler was
enabled without the charm authors intervention, this was changed
in I12f45236632b608e07fdd35d31b90b84ca92eb1f.
Change-Id: I1e3e0d417b11aeb75281345d575ae77270a1b5fc
The designate pool manager needs to be restarted on all designate
units when the update pools command is run with a new version of
the pools yaml.
Previously it was assumed that it was sufficient to trigger a new
hook execution but in the following scenario the update is missed:
1) Non-leader reacts to a change in pools and renders a new
pools.yaml but does not run the db update as it is not the leader
2) leader reacts to a change in pools, renders a new pools.yaml,
updates the db and finally sets pool-yaml-hash with the new
value to trigger hooks executions on peers.
3) Non-leader reacts to leader db change, re-renders pools.yaml with
the same values as step 1 and does not perform the pool manager
restart even though it is needed.
The above scenario is fixed by adding a handler looking for a
change in the pool-yaml-hash and restarting the pool manager if it
changes. The leadership layer is needed to get the flags raised on
leader db changes.
The leader can also fail to restart pool manager as services are
restarted as soon as the config is rendered and before the
update_pools call is made. This scenario is fixed by adding a
handler to look for a change in the pools.yaml and restart pool
manager if it changes. This works because update pools is run in
the same handler as config render which means the new handler runs
after this render & update handler.
Closes-Bug: 1752895
Change-Id: I54b316788ea5176ca63ca761ceceb106ce903f3b
In an amqp relation is removed and re-added, the charm won't
make a new request for access. As the handler simply sets two
data items on the relation, avoid the use of the requested-access
flag.
Change-Id: Ibbffabe277adacf966443bae04a6a64a07964261
Closes-Bug: 1784076
This patchset adds "also-notifies" option which is an optional part
of the "pools.yaml" configuration and should only be used to define
DNS servers other than the backend servers which should receive
notifications on zone changes.
Change-Id: I10faa6ec4ea4fd1f1f17c7234662cd5c23624c1d
Closes-Bug: 1758008
This patchset changes the default pool manager cache driver used by
the designate charm from "memcached" to "sqlalchemy".
Change-Id: If61a28f572137b0e3041d17bd9296929074faf7d
Closes-Bug: #1739012
This patchset implements Designate - Neutron integration feature
based on Neutron extension drivers. As a result DNS records can be
automatically created in Designate when Neutron ports or floating
IPs are created.
Closes-Bug: #1704769
Depends-On: I13b2ab39bd1daac13112398762f2be06022594b0
Change-Id: I001507eff6a3342cc77188e0f4087fa4fcc67b95
This patchset implements support for "dns-backend" binding. Use the
"dns-backend" relation network space binding to populate the list
of dns master servers in the designate pool configuration,
ensuring that communication between master and slave servers
happens over the correct network space.
Depends-On: I927e3958cf929ace9d43f8b3d9509b90b9eab60f
Depends-On: Icbe0cc790c565f125f0fe8c903e9b755fe764d7c
Change-Id: I2c7b95e630611ac16c19e7f9efb81f54802849e9
Closes-Bug: #1722794
Both the zone and pool manager daemons require a coordination
backend to be configured when there is more than one worker. There
is almost always more than one worker as the charm user a multiplier
based on the number of cpus to configure the number of workes.
This change adds the coordinator-memcached relation and makes is
compulsory for designate deployments.
Change-Id: Ic1b35e33ba9b6f015b199c35ccff64d626c29582
This patchset, along with the corresponding ones in charms.openstack
and interface-hacluster reduce the amount of work that the charm does
during an update-status hook. This also fixes the issue where an
update-status hook triggered activity in the hacluster subordinate due
to data being set on the interface. There is still work to be done in
this area, as the configs for the charm are still being written on every
update-status hook, although this doesn't result in a restart of any of
the services. This probably requires a re-think of how the
charm-helpers function runs; patch to charm-helpers coming up soon.
This also fixes bug 1712973 where the update-pools command with empty
pools errors causing the charm to error out and fail. This is
undesirable, so this condition is caught and logged instead.
Change-Id: I6db68a479dc903ce620ba62c1898247f71d14701
Depends-On: I3717387d1d8d2ab875d51f262efd1df7f2529689
Depends-On: I750f3c41a2f0447a47cfd19bab1d4958de4577f2
Closes-Bug: #1708396
Closes-Bug: #1712973
The charm didn't work unless a mandatory bind-rndc interface was
present. However, the dns-slaves option was supposed to provide an
alternative to needing to relate the unit to the (say) designate-bind
charm. This change allows dns-slaves and/or a bind-rndc relation
and configures the underlying service accordingly.
Also some fixups to the tests to simplify handler verification using
more recent charms.openstack features.
Also note that the bind-rndc interface needed a fix (the depends-on)
for if/when a bind-rndc relation is removed; the interface incorrectly
maintained that the relation was present when it was not.
Change-Id: Ib2c883e623292520224f882aef09d3710e1e1348
Closes-Bug: #1693162
Depends-On: I523fecff4e80734772872a8a6d2507f1e2162ae3
Every reactive charm that uses charms.openstack and implements unit
testing needs to mock charmhelpers, as otherwise the tests blow up.
This patch uses the mocking of charmhelpers in charms.openstack so that
a charm layer can just import test_mocks and charmhelpers will be mocked
out along with setting up a default
charmhelpers.c.o.u.OPENSTACK_RELEASES so that when an OpenStackCharm()
derived charm class won't fail on definition.
Change-Id: Ibe30604dd53a47ac382438fc23c6b61016f62079
Related-Bug: #1693017
Depends-On: I5ac40617ee30e5f421ec16fc7592177a5e6aa166
Drop provision of hostname parameter for mysql-shared/shared-db
relations; newer interface versions automatically set the
hostname parameter based on Juju 2.0 network space bindings or
the units private-address in older Juju versions.
Change-Id: I55ff32c26478399fd8486ce0a618ad1a80b6476b
Due to a change in a lower layer additional calls needed to be
mocked out to fix a broken unit test
Change-Id: If05a0c2e0d58d7002d0a2436a8f955acd0775923
The method assertEquals has been deprecated since python 2.7.
http://docs.python.org/2/library/unittest.html#deprecated-aliases
Also in Python 3, a deprecated warning is raised when using assertEquals
therefore we should use assertEqual instead.
Change-Id: Iac491ecdefa638664f515b15724ddbfffba3d25a
If there is a new release of the designate packages available due
to the user changing the 'openstack-origin' option then upgrade
the packages.
Closes-Bug: 1632760
Change-Id: If2aedac6de0a76bd8e081ba1313cf72887f6978f
Some of tests use different method of
assertTrue(isinstance(A, B)) or assertEqual(type(A), B).
The correct way is to use assertIsInstance(A, B) provided
by testtools
Change-Id: If16d3c28a7c0d40b291f5f59d7413d401acd0502
Pickup changes to charms.openstack including application-version
support for Juju 2.0.
Fixup unit test failure due to charms.openstack changes in adapters.
Change-Id: Ia681fab88900494b1942e6b41114055db9f7b4f6
There were a bunch of .pyc files in the repository, so this patchset
removes them and adds a *.pyc to the .gitignore
Change-Id: Ib53bc1516d159c975b03a78b5762519519668828
Previously domain config has been immutable. Meaning that it could
be amended or set for the first time post deployment. This change
fixes that. In the process some other enhancements were made.
* Create and use check_zone_ids contextmanager to detect if domain
ids have changed. If they have then update peers via leadership db.
* Rendering all configs is now a two stage process.
render_base_config is called first to ensure that the Designate API
servce is up and configured as the sink configs query the designate
API to retrieve the domain ids for the neutron and nova domains.
* designate_handlers.py has been simplified to reduce the number
of handlers and stop gating on domains.created which previously
made domain config options immutable.
* templates/novarc was hard coded to use http. this has been updated
to set the protocol based on whats passed back from keystone.
Change-Id: I477ad22bf9131672f6521d6afbf6f16a01d8b112
Render configs always needs the cluster relation if it is available.
There is logic in OpenStackAPIRelationAdapters that checks to see if
this unit is alone. If it is it creates a 'cluster' namespace and
populates it with data specific to this node. If this unit has peers
then OpenStackAPIRelationAdapters populates the cluster namespace with
PeerHARelationAdapter *if* a cluster relation has been passed in. If
the unit has peers but the Peer relation has *not* been passed in
there is no cluster namespace and rendering of config that relies on
it (namely haproxy) fails.
To fix this, check if the relation exists and if it does add it to
the list of relations used to render configs
Change-Id: I6f34c28411db957d0b55155b8671bf981084bb6b
* Remove strings used for testing from config.yaml defaults
* neutron-* and nova-* config options are no longer compulsary. These
are only needed for automatic generation of records when guests are
booted or floating-ips associated. Manual management of records is
a valid option.
* Add assess status to catch the situation where neutron-* or nova-*
variables have been set but nameservers has not. In thios scenraio
the domains cannot be created as there is no server defined.
* Extend amulet tests to create a server as well as domains
* 'domains' no longer resolves in sink file regex and has been
replaces with zones
* Add missing relation for auto-generated nova records
* Rename dns-server-record config option to nameservers which is more
consistant with upstream docs. Unused old 'nameservers' property
needed to be removed to allow this
Change-Id: Ibd58aa8ffb3931a2fb359fad6292a9d33775a0f8
Add src/README.md placeholder to prevent inheritence of the
base layer's readme file in the built charm.
Use the official charms.openstack repo in test-requirements.txt.
Use official designate-bind charm location in the Amulet tests.
Remove upload-and-publish so as not to encourage out-of-band
pushing and publishing. That is handled by CI.
Fix a test filename typo.
Add tests readme.
Update tox.ini for Amulet environment variables.
Update metadata.yaml, removing EOL release and adding tags.
Fix unit tests
Change-Id: If842a5409c2d284bc118d70d6e8caba7cb6205c3
David Negreira