* Add support for range of shared IPs using
new class SharedIpRange
* Add support for shared IPs on non-external
networks, floating IP not available in
this case
Change-Id: I7faa946e99d0070c375408b7f18546a281c668d4
Closes-Bug: #1727349
Added an ability to retrieve information about the current user,
current project, environment owner (both user and project)
from keystone. Appropriate information (including
extra fields but excluding internal system data) is fetched from
Keystone using the same service credentials that are used to validate
tokens, create trusts etc.
- io.murano.User and io.murano.Project classes were added.
- Both classes have 2 static methods to get current and environment
owner object of appropriate class
- Object model now contains project_id/user_id of the user who
created the environment
- Deployment task contains project_id (renamed from tenant_id)
and user_id of the user who initiated the deployment
Change-Id: Ic7e24c1d2b669ed315851047bcdb27e075cfc56b
Added a mixin class 'MetadataAware' which contains logic to retrieve
metadata attributes from the object of class which inherits it and
from all objects owning this one. Metadata attrbiutes applied to
objects which are deeper in the stack ovewrite ones from objects which
are higher.
The mixin can also validate if the attribute may be applied to the
objects of the given resource type; the type is defined by its
overridable abstract method 'getResourceType'. This check uses
MetadefBrowser class to retrieve the meta definition namespaces of the
needed resource type.
Instance and CinderVolume classes now inherit this mixin.
Change-Id: I43a081fe2a88e666f61de04b8a2789e1b8e96e38
Targets-blueprint: metadata-assignment-and-propagation
Added a python-backed class io.murano.system.MetadefBrowser providing
a read-only access to Glance Metadefinition Catalog. The class can
fetch namespaces mapped to a particular resource type and the contents
(objects) of a given namespace. Since the catalog is not updated
frequently the class provides caching capabilities for the fetched
data.
The MuranoPL part of the class provides a single method called
canBeAppliedTo which may be used to check whether some tag can be
applied to a particular type of resource.
Since Glance connectivity is required, a new configuration section is
added to provide capabilities to tune conection properties (url,
endpoint type, encryption etc).
Change-Id: I8ea70e314dbe701b462fb1620376965af717c10d
Targets-blueprint: meta-attribute-assignment-and-propagation
Now all OpenStack resource classes inherit CloudResource
that provides getRegion method and regionName property.
This allows to assign resources to different regions.
getRegion() returns CloudRegion instance that resource or it
parent belong to. CloudRegion has the similar interface to
Environment class and is the correct way to get HeatStack
instance associated with the regoin, default network
configuration, security group manager and agent listener
instances. Environment acts as the default region so backward
compatibility is not broken. However new applications
should not use environment to set security group rules but
rather a region(s) of their instance(s) in order to work correctly
when their instances were configured to use region other then
the default.
Change-Id: I4dbf40c65042e9a354f3bfadfcd63a63e6e3e418
Generation of json-schema from MuranoPL class or method
and engine RPC call for it were added
Implements: blueprint muranopl-forms
Change-Id: I43ccd2d9d94f9f89db1855932280539f69f2f8d8
Added a meta-attrbute class `io.murano.metadata.Synchronize` which may
be attached to any Murano methods to control which objects should
Murano Executor use as synchronization primitives for concurrent
exeutions of the marked methods.
No two methods cannot be called concurrently if their use the same
synhronization objects.
By default (if no attribute is present) the old behavior is preserved:
method calls are synchronized on the objects they are called for.
The attribute has two properties:
* `onThis` (defaults to true) indicates that the method calls should
be synchronized on target object.
* `onArgs` (defaults to an empty list) indicated that the method calls
should be synchronized on the values of arguments with the specified
names.
Truly 'thread-safe' methods may be declared by providing this
attribute with `onThis` set to 'false' and `onArgs` set to default
empty list value.
Executor is modified to properly use this attribute.
Targets-blueprint: application-development-framework
Change-Id: Iea028df1105c57a31a22887916c2428929b83e59
Created a base fixture which instantiates a murano environment in its
setUp.
It may be subclassed by other fixtures which need a valid environment
for their tests to run.
Change-Id: Ib477e8f9beb9fc915c8f440be1ae31befa9b6d5e
Targets-blueprint: application-development-framework
Added a dsl-level yaql function 'dump' capable to serialize any given
MuranoPL object into one of three different formats identified by its
`serialization_type` argument:
* `Serializable` - a json-compliant notation with '?'-sections
describing type metadata including type name,
package and package name.
* 'Inline' - a MuranoPL-compliant notation with dict keys being
instances of `MuranoType` class.
* `Mixed` - similar to `Serializable` but type information is
not stringified and is present in '?'-sections as
objects of MuranoType class.
Function arguments also control whether object upcasting should be
honored or ignored.
Change-Id: Id36bb5daf9ebbdc42b09ad7bb956f51cfbf3c465
Existing implementation of Neutron-based networking assumed that the
neutron's security groups are used to manage VM accessibility.
However there may exist environments with disabled security-group
extension in Neutron and thus relying on something else to restrict
the traffic. Murano could not operate in such environments since it
always was attempting to create resources of type
OS::Neutron::SecurityGroup and attach VMs' ports to this resource.
This is addressed by introducing a new subclass of
SecurityGroupManager - DummySecurityGroupManager, which actually does
nothing but silently ignores the calls to create security rules. This
new security manager is instantiated instead of
NeutronSecurityGroupManager for Neutron-based networks in cases if the
'security-group' extension is not present in Neutron's configuration.
If it is instantiated a warning message is reported to the end-user to
notify them that security requirements of the application were
ignored.
Change-Id: Ia3bc6c17f9ca0a4b8bf8c272481760a8c81b27b7
Closes-bug: #1593253
The following meta-classes are implemented and placed to the core
library: Title, Description, HelpText, Hidden, Section, Position.
They can be attached to the different MuranoPL entities and used
during the automatic UI definition generation.
Also meta-class ModelBuilder is added for marking special static
methods.
Change-Id: I474d69b2cadb9b200e70d4d9daaef3e87d9cb3a5
Partially-implements: blueprint muranopl-forms
Currently we are using a lot of features from yaql 1.0.0
in core-library, but we still have old version of format.
Increasing of it to 1.1 demonstrates that library package
can be used only with Liberty+ versions of Murano
Change-Id: Ic0d0175e857d29d862a80663f6518e108343142d
The yaml file allows for installing murano-agent and chef
and puppet by cloud-init
Change-Id: Ia16270d67eeff50d41d8f879e7b4ad0a1037d4b1
Targets-blueprint: conf-lang-instance
This change adds core library classes necessary to work with
cinder volumes:
Volume is the base class for cinder volume implementations.
It defines the interface for volumes. The most important methods of it
are "deploy" to deploy the volume and "attachTo" that returns a HOT
snippet to attach the volume to Instance
CinderVolume represents a new volume.
The class wraps OS::Cinder::Volume Heat resource.
ExistingCinderVolume is a Volume implementation for volumes
created outside of Murano.
CinderVolumeBackup and CinderVolumeSnapshot are
adapter classes to wrap around Cinder backups and snapshots
using their ID.
In addition new property "volumes" was added to the Instance class.
It is a mapping of a mounting path to Volume implementations
that the Instance must be attached to. Because the mapping
can be empty (or omitted) new property doesn't break backward
compatibility.
This commit doesn't has boot from volume functionality that need to be
designed separately.
Implements blueprint: cinder-volumes-support
Change-Id: I8ff7f8e4b48e7fb8112271a642cac703db0963aa
This is a first commit os new murano testing framework.
This commit adds base io.murano.test.testFixture class.
All test classes are suppossed to be inherited from that class.
Test runner accepts only such kind of classes.
Also test cases should start with the 'test' prefix.
setUp method executes before each test case and tearDown - after.
To run tests, authorization params should be provided or murano config file.
Test runner params have a higher priority than the corresponding
params in config.
Package to test is a required parameter.
It's also allowed to specify class to execute tests in or
to specify test case name.
New murano-test-runner was added.
To run all tests from package, execute the following command:
murano-test-runner -p io.murano.test.MyTest1 -l /package/location/directory
Targets blueprint simulated-execution-mode-murano-engine
Change-Id: I6b9a94ab1a3942fec3ebb84a69dd548c134139df
Add new API calls that will provide logging and can be
consumed by MuranoPL workflows. It will improve debuggability.
Application author can use logs to improve application quality.
Implements: blueprint logging-api-for-muranopl
Change-Id: I747cf7f5fca20960f2304605e1c7241f465f5dc1
This patch adds to Murano core-library new
functionality allowing to simplify the process of software
configuration.
Implements bp: simple-software-configuration
Change-Id: I80f2c15f2d45398df2a519b54a50c2ba8c3a8be2
MistralClient class stub was not present in io.murano
manifest and thus not used. This caused extra API call
on each deployment
Closes-Bug: #1480184
Change-Id: Ie9628104982995ab70df24cf5d7a57be6429e256
Adds a support for Nova Network if Neutron is not present in the
current OpenStack deployment.
Supporting the Nova Network requires modifications in three different
parts of generated Heat Stack:
1) Generated Security Groups and their rules should be of type
'AWS::EC2::SecurityGroup', not 'OS::Neutron::SecurityGroup'
2) Security Group assignments should go to security_groups property
of Instance resource, not the network port (as port concept is
not present when using NovaNetwork)
3) FloatingIP should be of type OS::Nova::FloatingIP and should be
associated with an Instance by OS::Nova::FloatingIPAssociation
resource.
To achieve p1 a SecurityGroupManager class of Core Library is made
abstract and is inherited by two concrete implementations:
NeutronSecurityGroupManager (containing the old MuranoPL code which
generated templates based on OS::Neutron::SecurityGroup) and a new
AwsSecurityGroupManager, which generates AWS-compliant firewall rules
which are consumed by NovaNetwork.
The particular concreate instance of this class is generated by the
default network of environment: Network class has got a new method called
generateSecurityGroupManager which returns an appropriate implementation.
For pp 2-3 a new inheritor of Network class has been added to the Core
Library: an io.murano.resources.NovaNetwork. It generates FloatingIP
association resources if needed and returns a securityGroupName object
as one of the outputs of its joinInstance methods.
The Instance class has been modified to properly handle these types of
outputs.
The instance of the NovaNetwork class is generated at the API side
when a new Environment is created and a is assigned to the
defaultNetworks.environment property of the environment if the neutron
is not defined in keystone.
Also this change moves the auth_utils module from engine to common, as
Keystone Client it contains is now used by the API process as well.
This changed is based on some of the code from the outdated changeset
I6f4b7908bd4bbcd375f64705c7dd06e3954f1ec7
Co-Authored-By: Alexander Tivelkov <ativelkov@mirantis.com>
Co-Authored-By: Stan Lagun <slagun@mirantis.com>
DocImpact
Change-Id: I4c48f33de100a5730ba1d086540d0d99e8fbf9b1
Implements-Blueprint: nova-network-support
Also adds File type to core library for common convention type for files
Partially implements: blueprint actions-return-result
Change-Id: I5cbfb9ed6f4ae56e931815841f9c042f25a1d0ca
Also refactores networking code to move networking code from
Instance so that different types of network can be represented by
single simple interface
Implements: blueprint join-existing-neutron-networks
Change-Id: I90afcea6b1c12d7f6f564d8524f5c0d30e1b4686
Addition to reviews/113676 (reducing number of api requests during
deploy). InstanceNotifier yaml stub was mistakenly called
InstanceReportNotifier; patch corrects manifest.yaml and the class
name, and renames the yaml file.
Change-Id: I47c143ed92456374936e13bb27ae5988e5676e8e
Closes-Bug: 1358061
For every class name, a request is made to the API server to retrieve
the package to which it belongs. This is unnecessary, since a package
contains a list of the classes it owns. This patch adds a second cache
to PackageClassLoader that maps class names to the package, and reduces
the number of calls for the io.murano classes to 1.
The second improvement is to add blank YAML definitions for system
classes (the function definitions are in python code) which allows
the engine to cache those, too.
Change-Id: Iee3c39b7c4965d5b8015d458afb78c324dfd2826
In order to pass raw userdata or heat software config resources to an
instance it's necessary to tell Heat what to expect. This patch adds
user_data_format defaulting to HEAT_CFNTOOLS (Heat's default) and a
function allowing it to be overriden (to RAW or SOFTWARE_CONFIG).
Derived classes should override user_data_format as part of
prepareUserData which is now expected to return a dictionary whose
keys are [data, format]. A class HeatSWConfigInstance extends
Instance to add this; a HeatSWConfigLinuxInstance is provided
as a convenience (heat SW + SSH access).
Change-Id: I59f66d42742bf179e7fa1de3cd5de07dbf9fb42b
An io.murano.SharedIp class is added to the Core library.
This class may be used to allocate an IP address which will be later
assigned to multiple VMs (with usage of "allowed_address_pairs") feature.
A FloatingIP address may be attached to this shared virtual address for further usage from outer world.
Also fixes an issue in NeutronNetwork which caused the net to be redeployed multiple times.
Change-Id: If821348d27c7cd8d90fe11a7f9c9fe9e0e558c03
To support future advanced scenarios (such as SharedIP/Cluster groups) it is required to give the Instance
ownership of its port. This requires to move appropriate generation of Heat snippet from Network class
to Instance class.
This makes murano.lib.networks.Neutron package useless, as Neutron-specific leaks to CoreLibrary anyway.
So, it's better to merge these two libs
Also, introduces a concept of "primary network" for instance: this is the net, in which the
floating ip (and other advanced stuff) is allocated.
Change-Id: Ie7eca72901e679707fd63176ced99167eb428646
Targets-blueprint: neutron-net-to-murano-core
Instance class is too generic and contains some dirty workarounds to differently handle
Windows and Linux images, different ways to bootstrap the instance etc.
It is suggested to add more classes to build a better hierarchy:
Base Instance class becomes abstract and agnostic of the desired OS and agent type
It is inherited by two classes: LinuxInstance and WindowsInstance
LinuxInstance adds a default security rule for Linux, opening a standard SSH port
WindowsInstance adds a default security rule for Windows, opening an RDP port
At the same time WindowsInstance prepares a user-data allowing to use Murano v1 agent
LinuxInstance is inherited by two other classes, having different software config method
LinuxMuranoInstance adds a user-data preparation to configure Murano v2 agent
LinuxUDInstance adds a custom user-data field, allowing the services to supply their own
user data
Change-Id: I7394a10d1940c0cb746df6db9d326375dc5e7ccb
Base class 'Network' (io.murano.resources.Network) was added to core package.
This class is an abstract class for network interaction, to be inherited by
engine-specific implementations.
'Environment' class got a 'defaultNetworks' input parameter, containing two
different instances of Network class for two initially supported networking use-cases:
'environment' for a topology when each environment has an isolated network
'flat' for a single network per multiple environments
'Instance' class got a 'networks' input parameter with a default value.
This is a composite parameter indicating which networks the instance should join
If 'useEnvironmentNetwork' is set to 'true' the instance should join an
isolated network of current environment
if 'useFlatNetwork' is set to 'true' the instance should join a single
shared network
Both values may be enabled, so the instance will join both networks.
'customNetworks' field of the same data structure may be used to specify custom
network resources to join
Same commit includes a temporary workaround for bug #1313694
The workaround is needed to properly use default of 'networks' field
The actual implementation of io.murano.resources.Network class should
be done in a separate package, which should be added to app-incubator repo
Change-Id: If2ae332a61900b0dd94cec94c1c140c54079441f
Partial-Bug: #1308921
Added ability to modify/remove data from structures (like Heat
templates) via jsonpatch and thus added ability to clean up Heat
resources that was obtained by deleted instances
Closes bug: #1296624
Change-Id: I4db226a5ab00ff363f8b5d44a5d690df942622e8