Fix create_system_user so it returns creds
Fix the create_system_user method so it returns the access_key and secret when a user is created. This patch also includes the following changes: * Improve logging of multisite methods to help with debugging issues. * Fix multisite relations in bundles. Func-Test-Pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/667 Closes-Bug: #1950329 Change-Id: I0528fe7f4a89c69f2790a0e472f6f43e23c2de19
This commit is contained in:
parent
d15ac894a9
commit
083a0e6722
|
@ -707,6 +707,10 @@ def master_relation_joined(relation_id=None):
|
|||
secret = leader_get('secret')
|
||||
|
||||
if not all((realm, zonegroup, zone)):
|
||||
log('Cannot setup multisite configuration, required config is '
|
||||
'missing. realm, zonegroup and zone charm config options must all '
|
||||
'be set',
|
||||
'WARN')
|
||||
return
|
||||
|
||||
relation_set(relation_id=relation_id,
|
||||
|
@ -717,9 +721,12 @@ def master_relation_joined(relation_id=None):
|
|||
secret=secret)
|
||||
|
||||
if not is_leader():
|
||||
log('Cannot setup multisite configuration, this unit is not the '
|
||||
'leader')
|
||||
return
|
||||
|
||||
if not leader_get('restart_nonce'):
|
||||
log('No restart_nonce found')
|
||||
# NOTE(jamespage):
|
||||
# This is an ugly kludge to force creation of the required data
|
||||
# items in the .rgw.root pool prior to the radosgw process being
|
||||
|
@ -730,10 +737,12 @@ def master_relation_joined(relation_id=None):
|
|||
mutation = False
|
||||
|
||||
if realm not in multisite.list_realms():
|
||||
log('Realm {} not found, creating now'.format(realm))
|
||||
multisite.create_realm(realm, default=True)
|
||||
mutation = True
|
||||
|
||||
if zonegroup not in multisite.list_zonegroups():
|
||||
log('Zonegroup {} not found, creating now'.format(zonegroup))
|
||||
multisite.create_zonegroup(zonegroup,
|
||||
endpoints=endpoints,
|
||||
default=True, master=True,
|
||||
|
@ -741,6 +750,7 @@ def master_relation_joined(relation_id=None):
|
|||
mutation = True
|
||||
|
||||
if zone not in multisite.list_zones():
|
||||
log('Zone {} not found, creating now'.format(zone))
|
||||
multisite.create_zone(zone,
|
||||
endpoints=endpoints,
|
||||
default=True, master=True,
|
||||
|
@ -748,6 +758,7 @@ def master_relation_joined(relation_id=None):
|
|||
mutation = True
|
||||
|
||||
if MULTISITE_SYSTEM_USER not in multisite.list_users():
|
||||
log('User {} not found, creating now'.format(MULTISITE_SYSTEM_USER))
|
||||
access_key, secret = multisite.create_system_user(
|
||||
MULTISITE_SYSTEM_USER
|
||||
)
|
||||
|
@ -759,9 +770,14 @@ def master_relation_joined(relation_id=None):
|
|||
mutation = True
|
||||
|
||||
if mutation:
|
||||
log(
|
||||
'Mutation detected. Restarting {}.'.format(service_name()),
|
||||
'INFO')
|
||||
multisite.update_period()
|
||||
service_restart(service_name())
|
||||
leader_set(restart_nonce=str(uuid.uuid4()))
|
||||
else:
|
||||
log('No mutation detected.', 'INFO')
|
||||
|
||||
relation_set(relation_id=relation_id,
|
||||
access_key=access_key,
|
||||
|
@ -771,6 +787,8 @@ def master_relation_joined(relation_id=None):
|
|||
@hooks.hook('slave-relation-changed')
|
||||
def slave_relation_changed(relation_id=None, unit=None):
|
||||
if not is_leader():
|
||||
log('Cannot setup multisite configuration, this unit is not the '
|
||||
'leader')
|
||||
return
|
||||
if not ready_for_service(legacy=False):
|
||||
log('unit not ready, deferring multisite configuration')
|
||||
|
@ -801,6 +819,7 @@ def slave_relation_changed(relation_id=None, unit=None):
|
|||
return
|
||||
|
||||
if not leader_get('restart_nonce'):
|
||||
log('No restart_nonce found')
|
||||
# NOTE(jamespage):
|
||||
# This is an ugly kludge to force creation of the required data
|
||||
# items in the .rgw.root pool prior to the radosgw process being
|
||||
|
@ -811,6 +830,7 @@ def slave_relation_changed(relation_id=None, unit=None):
|
|||
mutation = False
|
||||
|
||||
if realm not in multisite.list_realms():
|
||||
log('Realm {} not found, pulling now'.format(realm))
|
||||
multisite.pull_realm(url=master_data['url'],
|
||||
access_key=master_data['access_key'],
|
||||
secret=master_data['secret'])
|
||||
|
@ -821,6 +841,7 @@ def slave_relation_changed(relation_id=None, unit=None):
|
|||
mutation = True
|
||||
|
||||
if zone not in multisite.list_zones():
|
||||
log('Zone {} not found, creating now'.format(zone))
|
||||
multisite.create_zone(zone,
|
||||
endpoints=endpoints,
|
||||
default=False, master=False,
|
||||
|
@ -830,9 +851,14 @@ def slave_relation_changed(relation_id=None, unit=None):
|
|||
mutation = True
|
||||
|
||||
if mutation:
|
||||
log(
|
||||
'Mutation detected. Restarting {}.'.format(service_name()),
|
||||
'INFO')
|
||||
multisite.update_period()
|
||||
service_restart(service_name())
|
||||
leader_set(restart_nonce=str(uuid.uuid4()))
|
||||
else:
|
||||
log('No mutation detected.', 'INFO')
|
||||
|
||||
|
||||
@hooks.hook('leader-settings-changed')
|
||||
|
|
|
@ -386,7 +386,7 @@ def create_system_user(username):
|
|||
:return: access key and secret
|
||||
:rtype: (str, str)
|
||||
"""
|
||||
create_user(username, system_user=True)
|
||||
return create_user(username, system_user=True)
|
||||
|
||||
|
||||
def pull_realm(url, access_key, secret):
|
||||
|
|
|
@ -7,6 +7,8 @@
|
|||
# requirements. They are intertwined. Also, Zaza itself should specify
|
||||
# all of its own requirements and if it doesn't, fix it there.
|
||||
#
|
||||
pyparsing<3.0.0 # aodhclient is pinned in zaza and needs pyparsing < 3.0.0, but cffi also needs it, so pin here.
|
||||
cffi==1.14.6; python_version < '3.6' # cffi 1.15.0 drops support for py35.
|
||||
setuptools<50.0.0 # https://github.com/pypa/setuptools/commit/04e3df22df840c6bb244e9b27bc56750c44b7c85
|
||||
|
||||
requests>=2.18.4
|
||||
|
|
|
@ -73,5 +73,5 @@ relations:
|
|||
- west-ceph-mon:radosgw
|
||||
- - slave-ceph-radosgw:identity-service
|
||||
- keystone:identity-service
|
||||
- - slave-ceph-radosgw:master
|
||||
- ceph-radosgw:slave
|
||||
- - slave-ceph-radosgw:slave
|
||||
- ceph-radosgw:master
|
||||
|
|
|
@ -73,5 +73,5 @@ relations:
|
|||
- west-ceph-mon:radosgw
|
||||
- - slave-ceph-radosgw:identity-service
|
||||
- keystone:identity-service
|
||||
- - slave-ceph-radosgw:master
|
||||
- ceph-radosgw:slave
|
||||
- - slave-ceph-radosgw:slave
|
||||
- ceph-radosgw:master
|
||||
|
|
|
@ -78,6 +78,45 @@ class TestMultisiteHelpers(CharmTestCase):
|
|||
'--rgw-realm=newrealm'
|
||||
])
|
||||
|
||||
def test_create_user(self):
|
||||
with open(self._testdata(whoami()), 'rb') as f:
|
||||
self.subprocess.check_output.return_value = f.read()
|
||||
access_key, secret = multisite.create_user(
|
||||
'mrbees',
|
||||
)
|
||||
self.assertEqual(
|
||||
access_key,
|
||||
'41JJQK1HN2NAE5DEZUF9')
|
||||
self.assertEqual(
|
||||
secret,
|
||||
'1qhCgxmUDAJI9saFAVdvUTG5MzMjlpMxr5agaaa4')
|
||||
self.subprocess.check_output.assert_called_with([
|
||||
'radosgw-admin', '--id=rgw.testhost',
|
||||
'user', 'create',
|
||||
'--uid=mrbees',
|
||||
'--display-name=Synchronization User',
|
||||
], stderr=mock.ANY)
|
||||
|
||||
def test_create_system_user(self):
|
||||
with open(self._testdata(whoami()), 'rb') as f:
|
||||
self.subprocess.check_output.return_value = f.read()
|
||||
access_key, secret = multisite.create_system_user(
|
||||
'mrbees',
|
||||
)
|
||||
self.assertEqual(
|
||||
access_key,
|
||||
'41JJQK1HN2NAE5DEZUF9')
|
||||
self.assertEqual(
|
||||
secret,
|
||||
'1qhCgxmUDAJI9saFAVdvUTG5MzMjlpMxr5agaaa4')
|
||||
self.subprocess.check_output.assert_called_with([
|
||||
'radosgw-admin', '--id=rgw.testhost',
|
||||
'user', 'create',
|
||||
'--uid=mrbees',
|
||||
'--display-name=Synchronization User',
|
||||
'--system'
|
||||
], stderr=mock.ANY)
|
||||
|
||||
def test_create_zonegroup(self):
|
||||
with open(self._testdata(whoami()), 'rb') as f:
|
||||
self.subprocess.check_output.return_value = f.read()
|
||||
|
|
|
@ -0,0 +1,38 @@
|
|||
{
|
||||
"auid": 0,
|
||||
"bucket_quota": {
|
||||
"check_on_raw": false,
|
||||
"enabled": false,
|
||||
"max_objects": -1,
|
||||
"max_size": -1,
|
||||
"max_size_kb": 0
|
||||
},
|
||||
"caps": [],
|
||||
"default_placement": "",
|
||||
"display_name": "Synchronization User",
|
||||
"email": "",
|
||||
"keys": [
|
||||
{
|
||||
"access_key": "41JJQK1HN2NAE5DEZUF9",
|
||||
"secret_key": "1qhCgxmUDAJI9saFAVdvUTG5MzMjlpMxr5agaaa4",
|
||||
"user": "mrbees"
|
||||
}
|
||||
],
|
||||
"max_buckets": 1000,
|
||||
"op_mask": "read, write, delete",
|
||||
"placement_tags": [],
|
||||
"subusers": [],
|
||||
"suspended": 0,
|
||||
"swift_keys": [],
|
||||
"system": "true",
|
||||
"temp_url_keys": [],
|
||||
"type": "rgw",
|
||||
"user_id": "mrbees",
|
||||
"user_quota": {
|
||||
"check_on_raw": false,
|
||||
"enabled": false,
|
||||
"max_objects": -1,
|
||||
"max_size": -1,
|
||||
"max_size_kb": 0
|
||||
}
|
||||
}
|
|
@ -0,0 +1,38 @@
|
|||
{
|
||||
"auid": 0,
|
||||
"bucket_quota": {
|
||||
"check_on_raw": false,
|
||||
"enabled": false,
|
||||
"max_objects": -1,
|
||||
"max_size": -1,
|
||||
"max_size_kb": 0
|
||||
},
|
||||
"caps": [],
|
||||
"default_placement": "",
|
||||
"display_name": "Synchronization User",
|
||||
"email": "",
|
||||
"keys": [
|
||||
{
|
||||
"access_key": "41JJQK1HN2NAE5DEZUF9",
|
||||
"secret_key": "1qhCgxmUDAJI9saFAVdvUTG5MzMjlpMxr5agaaa4",
|
||||
"user": "mrbees"
|
||||
}
|
||||
],
|
||||
"max_buckets": 1000,
|
||||
"op_mask": "read, write, delete",
|
||||
"placement_tags": [],
|
||||
"subusers": [],
|
||||
"suspended": 0,
|
||||
"swift_keys": [],
|
||||
"system": "true",
|
||||
"temp_url_keys": [],
|
||||
"type": "rgw",
|
||||
"user_id": "mrbees",
|
||||
"user_quota": {
|
||||
"check_on_raw": false,
|
||||
"enabled": false,
|
||||
"max_objects": -1,
|
||||
"max_size": -1,
|
||||
"max_size_kb": 0
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue