Fix alphanumeric comparisons for openstack and ubuntu releases
- sync charmhelpers with fix-alpha helpers - fix up code where the alpha comparisons are done Change-Id: Ic227ce03c1acf6de9b5f83953d6390d66cda190c Related-Bug: #1659575
This commit is contained in:
parent
0ccc67afca
commit
ea45357fe6
|
@ -26,7 +26,10 @@ from cinder import db
|
||||||
from cinder.db.sqlalchemy.api import model_query, get_session
|
from cinder.db.sqlalchemy.api import model_query, get_session
|
||||||
from cinder.db.sqlalchemy import models
|
from cinder.db.sqlalchemy import models
|
||||||
|
|
||||||
from charmhelpers.contrib.openstack.utils import os_release
|
from charmhelpers.contrib.openstack.utils import (
|
||||||
|
os_release,
|
||||||
|
CompareOpenStackReleases,
|
||||||
|
)
|
||||||
|
|
||||||
from sqlalchemy import and_
|
from sqlalchemy import and_
|
||||||
from charmhelpers.core.hookenv import (
|
from charmhelpers.core.hookenv import (
|
||||||
|
@ -85,7 +88,7 @@ def remove_services(args):
|
||||||
for service in services.all():
|
for service in services.all():
|
||||||
log("Removing service:%d, hostname:%s" % (service.id, service.host))
|
log("Removing service:%d, hostname:%s" % (service.id, service.host))
|
||||||
try:
|
try:
|
||||||
if os_release("cinder") >= "liberty":
|
if CompareOpenStackReleases(os_release("cinder")) >= "liberty":
|
||||||
cinder_manage_remove(service.binary, service.host)
|
cinder_manage_remove(service.binary, service.host)
|
||||||
else:
|
else:
|
||||||
db.service_destroy(ctxt, service.id)
|
db.service_destroy(ctxt, service.id)
|
||||||
|
|
|
@ -4,3 +4,4 @@ include:
|
||||||
- contrib.amulet
|
- contrib.amulet
|
||||||
- contrib.openstack.amulet
|
- contrib.openstack.amulet
|
||||||
- core
|
- core
|
||||||
|
- osplatform
|
||||||
|
|
|
@ -26,6 +26,7 @@ from charmhelpers.contrib.hardening.audits.file import (
|
||||||
DirectoryPermissionAudit,
|
DirectoryPermissionAudit,
|
||||||
NoReadWriteForOther,
|
NoReadWriteForOther,
|
||||||
TemplatedFile,
|
TemplatedFile,
|
||||||
|
DeletedFile
|
||||||
)
|
)
|
||||||
from charmhelpers.contrib.hardening.audits.apache import DisabledModuleAudit
|
from charmhelpers.contrib.hardening.audits.apache import DisabledModuleAudit
|
||||||
from charmhelpers.contrib.hardening.apache import TEMPLATES_DIR
|
from charmhelpers.contrib.hardening.apache import TEMPLATES_DIR
|
||||||
|
@ -52,13 +53,13 @@ def get_audits():
|
||||||
'mods-available/alias.conf'),
|
'mods-available/alias.conf'),
|
||||||
context,
|
context,
|
||||||
TEMPLATES_DIR,
|
TEMPLATES_DIR,
|
||||||
mode=0o0755,
|
mode=0o0640,
|
||||||
user='root',
|
user='root',
|
||||||
service_actions=[{'service': 'apache2',
|
service_actions=[{'service': 'apache2',
|
||||||
'actions': ['restart']}]),
|
'actions': ['restart']}]),
|
||||||
|
|
||||||
TemplatedFile(os.path.join(settings['common']['apache_dir'],
|
TemplatedFile(os.path.join(settings['common']['apache_dir'],
|
||||||
'conf-enabled/hardening.conf'),
|
'conf-enabled/99-hardening.conf'),
|
||||||
context,
|
context,
|
||||||
TEMPLATES_DIR,
|
TEMPLATES_DIR,
|
||||||
mode=0o0640,
|
mode=0o0640,
|
||||||
|
@ -69,11 +70,13 @@ def get_audits():
|
||||||
DirectoryPermissionAudit(settings['common']['apache_dir'],
|
DirectoryPermissionAudit(settings['common']['apache_dir'],
|
||||||
user='root',
|
user='root',
|
||||||
group='root',
|
group='root',
|
||||||
mode=0o640),
|
mode=0o0750),
|
||||||
|
|
||||||
DisabledModuleAudit(settings['hardening']['modules_to_disable']),
|
DisabledModuleAudit(settings['hardening']['modules_to_disable']),
|
||||||
|
|
||||||
NoReadWriteForOther(settings['common']['apache_dir']),
|
NoReadWriteForOther(settings['common']['apache_dir']),
|
||||||
|
|
||||||
|
DeletedFile(['/var/www/html/index.html'])
|
||||||
]
|
]
|
||||||
|
|
||||||
return audits
|
return audits
|
||||||
|
@ -94,5 +97,4 @@ class ApacheConfContext(object):
|
||||||
ctxt['apache_version'] = re.search(r'.+version: Apache/(.+?)\s.+',
|
ctxt['apache_version'] = re.search(r'.+version: Apache/(.+?)\s.+',
|
||||||
out).group(1)
|
out).group(1)
|
||||||
ctxt['apache_icondir'] = '/usr/share/apache2/icons/'
|
ctxt['apache_icondir'] = '/usr/share/apache2/icons/'
|
||||||
ctxt['traceenable'] = settings['hardening']['traceenable']
|
|
||||||
return ctxt
|
return ctxt
|
||||||
|
|
|
@ -15,4 +15,18 @@
|
||||||
</LimitExcept>
|
</LimitExcept>
|
||||||
</Location>
|
</Location>
|
||||||
|
|
||||||
|
<Directory />
|
||||||
|
Options -Indexes -FollowSymLinks
|
||||||
|
AllowOverride None
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory /var/www/>
|
||||||
|
Options -Indexes -FollowSymLinks
|
||||||
|
AllowOverride None
|
||||||
|
</Directory>
|
||||||
|
|
||||||
TraceEnable {{ traceenable }}
|
TraceEnable {{ traceenable }}
|
||||||
|
ServerTokens {{ servertokens }}
|
||||||
|
|
||||||
|
SSLHonorCipherOrder {{ honor_cipher_order }}
|
||||||
|
SSLCipherSuite {{ cipher_suite }}
|
|
@ -49,13 +49,6 @@ class BaseAudit(object): # NO-QA
|
||||||
|
|
||||||
# Invoke the callback if there is one.
|
# Invoke the callback if there is one.
|
||||||
if hasattr(self.unless, '__call__'):
|
if hasattr(self.unless, '__call__'):
|
||||||
results = self.unless()
|
return not self.unless()
|
||||||
if results:
|
|
||||||
return False
|
|
||||||
else:
|
|
||||||
return True
|
|
||||||
|
|
||||||
if self.unless:
|
return not self.unless
|
||||||
return False
|
|
||||||
else:
|
|
||||||
return True
|
|
||||||
|
|
|
@ -11,3 +11,6 @@ hardening:
|
||||||
traceenable: 'off'
|
traceenable: 'off'
|
||||||
allowed_http_methods: "GET POST"
|
allowed_http_methods: "GET POST"
|
||||||
modules_to_disable: [ cgi, cgid ]
|
modules_to_disable: [ cgi, cgid ]
|
||||||
|
servertokens: 'Prod'
|
||||||
|
honor_cipher_order: 'on'
|
||||||
|
cipher_suite: 'ALL:+MEDIUM:+HIGH:!LOW:!MD5:!RC4:!eNULL:!aNULL:!3DES'
|
||||||
|
|
|
@ -7,3 +7,6 @@ common:
|
||||||
hardening:
|
hardening:
|
||||||
allowed_http_methods:
|
allowed_http_methods:
|
||||||
modules_to_disable:
|
modules_to_disable:
|
||||||
|
servertokens:
|
||||||
|
honor_cipher_order:
|
||||||
|
cipher_suite:
|
||||||
|
|
|
@ -58,6 +58,7 @@ security:
|
||||||
rsync
|
rsync
|
||||||
kernel_enable_module_loading: True # (type:boolean)
|
kernel_enable_module_loading: True # (type:boolean)
|
||||||
kernel_enable_core_dump: False # (type:boolean)
|
kernel_enable_core_dump: False # (type:boolean)
|
||||||
|
ssh_tmout: 300
|
||||||
|
|
||||||
sysctl:
|
sysctl:
|
||||||
kernel_secure_sysrq: 244 # 4 + 16 + 32 + 64 + 128
|
kernel_secure_sysrq: 244 # 4 + 16 + 32 + 64 + 128
|
||||||
|
|
|
@ -34,6 +34,7 @@ security:
|
||||||
packages_list:
|
packages_list:
|
||||||
kernel_enable_module_loading:
|
kernel_enable_module_loading:
|
||||||
kernel_enable_core_dump:
|
kernel_enable_core_dump:
|
||||||
|
ssh_tmout:
|
||||||
sysctl:
|
sysctl:
|
||||||
kernel_secure_sysrq:
|
kernel_secure_sysrq:
|
||||||
kernel_enable_sysrq:
|
kernel_enable_sysrq:
|
||||||
|
|
|
@ -25,7 +25,6 @@ def get_audits():
|
||||||
audits = []
|
audits = []
|
||||||
|
|
||||||
settings = utils.get_settings('os')
|
settings = utils.get_settings('os')
|
||||||
|
|
||||||
# If core dumps are not enabled, then don't allow core dumps to be
|
# If core dumps are not enabled, then don't allow core dumps to be
|
||||||
# created as they may contain sensitive information.
|
# created as they may contain sensitive information.
|
||||||
if not settings['security']['kernel_enable_core_dump']:
|
if not settings['security']['kernel_enable_core_dump']:
|
||||||
|
@ -33,11 +32,18 @@ def get_audits():
|
||||||
ProfileContext(),
|
ProfileContext(),
|
||||||
template_dir=TEMPLATES_DIR,
|
template_dir=TEMPLATES_DIR,
|
||||||
mode=0o0755, user='root', group='root'))
|
mode=0o0755, user='root', group='root'))
|
||||||
|
if settings['security']['ssh_tmout']:
|
||||||
|
audits.append(TemplatedFile('/etc/profile.d/99-hardening.sh',
|
||||||
|
ProfileContext(),
|
||||||
|
template_dir=TEMPLATES_DIR,
|
||||||
|
mode=0o0644, user='root', group='root'))
|
||||||
return audits
|
return audits
|
||||||
|
|
||||||
|
|
||||||
class ProfileContext(object):
|
class ProfileContext(object):
|
||||||
|
|
||||||
def __call__(self):
|
def __call__(self):
|
||||||
ctxt = {}
|
settings = utils.get_settings('os')
|
||||||
|
ctxt = {'ssh_tmout':
|
||||||
|
settings['security']['ssh_tmout']}
|
||||||
return ctxt
|
return ctxt
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
TMOUT={{ tmout }}
|
||||||
|
readonly TMOUT
|
||||||
|
export TMOUT
|
||||||
|
|
||||||
|
readonly HISTFILE
|
|
@ -27,7 +27,10 @@ from charmhelpers.fetch import (
|
||||||
apt_install,
|
apt_install,
|
||||||
apt_update,
|
apt_update,
|
||||||
)
|
)
|
||||||
from charmhelpers.core.host import lsb_release
|
from charmhelpers.core.host import (
|
||||||
|
lsb_release,
|
||||||
|
CompareHostReleases,
|
||||||
|
)
|
||||||
from charmhelpers.contrib.hardening.audits.file import (
|
from charmhelpers.contrib.hardening.audits.file import (
|
||||||
TemplatedFile,
|
TemplatedFile,
|
||||||
FileContentAudit,
|
FileContentAudit,
|
||||||
|
@ -68,7 +71,8 @@ class SSHConfigContext(object):
|
||||||
'weak': default + ',hmac-sha1'}
|
'weak': default + ',hmac-sha1'}
|
||||||
|
|
||||||
# Use newer ciphers on Ubuntu Trusty and above
|
# Use newer ciphers on Ubuntu Trusty and above
|
||||||
if lsb_release()['DISTRIB_CODENAME'].lower() >= 'trusty':
|
_release = lsb_release()['DISTRIB_CODENAME'].lower()
|
||||||
|
if CompareHostReleases(_release) >= 'trusty':
|
||||||
log("Detected Ubuntu 14.04 or newer, using new macs", level=DEBUG)
|
log("Detected Ubuntu 14.04 or newer, using new macs", level=DEBUG)
|
||||||
macs = macs_66
|
macs = macs_66
|
||||||
|
|
||||||
|
@ -96,7 +100,8 @@ class SSHConfigContext(object):
|
||||||
'weak': weak}
|
'weak': weak}
|
||||||
|
|
||||||
# Use newer kex on Ubuntu Trusty and above
|
# Use newer kex on Ubuntu Trusty and above
|
||||||
if lsb_release()['DISTRIB_CODENAME'].lower() >= 'trusty':
|
_release = lsb_release()['DISTRIB_CODENAME'].lower()
|
||||||
|
if CompareHostReleases(_release) >= 'trusty':
|
||||||
log('Detected Ubuntu 14.04 or newer, using new key exchange '
|
log('Detected Ubuntu 14.04 or newer, using new key exchange '
|
||||||
'algorithms', level=DEBUG)
|
'algorithms', level=DEBUG)
|
||||||
kex = kex_66
|
kex = kex_66
|
||||||
|
@ -119,7 +124,8 @@ class SSHConfigContext(object):
|
||||||
'weak': default + ',aes256-cbc,aes192-cbc,aes128-cbc'}
|
'weak': default + ',aes256-cbc,aes192-cbc,aes128-cbc'}
|
||||||
|
|
||||||
# Use newer ciphers on ubuntu Trusty and above
|
# Use newer ciphers on ubuntu Trusty and above
|
||||||
if lsb_release()['DISTRIB_CODENAME'].lower() >= 'trusty':
|
_release = lsb_release()['DISTRIB_CODENAME'].lower()
|
||||||
|
if CompareHostReleases(_release) >= 'trusty':
|
||||||
log('Detected Ubuntu 14.04 or newer, using new ciphers',
|
log('Detected Ubuntu 14.04 or newer, using new ciphers',
|
||||||
level=DEBUG)
|
level=DEBUG)
|
||||||
cipher = ciphers_66
|
cipher = ciphers_66
|
||||||
|
@ -291,7 +297,8 @@ class SSHConfigFileContentAudit(FileContentAudit):
|
||||||
self.fail_cases = []
|
self.fail_cases = []
|
||||||
settings = utils.get_settings('ssh')
|
settings = utils.get_settings('ssh')
|
||||||
|
|
||||||
if lsb_release()['DISTRIB_CODENAME'].lower() >= 'trusty':
|
_release = lsb_release()['DISTRIB_CODENAME'].lower()
|
||||||
|
if CompareHostReleases(_release) >= 'trusty':
|
||||||
if not settings['server']['weak_hmac']:
|
if not settings['server']['weak_hmac']:
|
||||||
self.pass_cases.append(r'^MACs.+,hmac-ripemd160$')
|
self.pass_cases.append(r'^MACs.+,hmac-ripemd160$')
|
||||||
else:
|
else:
|
||||||
|
@ -364,7 +371,8 @@ class SSHDConfigFileContentAudit(FileContentAudit):
|
||||||
self.fail_cases = []
|
self.fail_cases = []
|
||||||
settings = utils.get_settings('ssh')
|
settings = utils.get_settings('ssh')
|
||||||
|
|
||||||
if lsb_release()['DISTRIB_CODENAME'].lower() >= 'trusty':
|
_release = lsb_release()['DISTRIB_CODENAME'].lower()
|
||||||
|
if CompareHostReleases(_release) >= 'trusty':
|
||||||
if not settings['server']['weak_hmac']:
|
if not settings['server']['weak_hmac']:
|
||||||
self.pass_cases.append(r'^MACs.+,hmac-ripemd160$')
|
self.pass_cases.append(r'^MACs.+,hmac-ripemd160$')
|
||||||
else:
|
else:
|
||||||
|
|
|
@ -31,6 +31,7 @@ from charmhelpers.core.hookenv import (
|
||||||
|
|
||||||
from charmhelpers.core.host import (
|
from charmhelpers.core.host import (
|
||||||
lsb_release,
|
lsb_release,
|
||||||
|
CompareHostReleases,
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
@ -67,6 +68,24 @@ def no_ip_found_error_out(network):
|
||||||
raise ValueError(errmsg)
|
raise ValueError(errmsg)
|
||||||
|
|
||||||
|
|
||||||
|
def _get_ipv6_network_from_address(address):
|
||||||
|
"""Get an netaddr.IPNetwork for the given IPv6 address
|
||||||
|
:param address: a dict as returned by netifaces.ifaddresses
|
||||||
|
:returns netaddr.IPNetwork: None if the address is a link local or loopback
|
||||||
|
address
|
||||||
|
"""
|
||||||
|
if address['addr'].startswith('fe80') or address['addr'] == "::1":
|
||||||
|
return None
|
||||||
|
|
||||||
|
prefix = address['netmask'].split("/")
|
||||||
|
if len(prefix) > 1:
|
||||||
|
netmask = prefix[1]
|
||||||
|
else:
|
||||||
|
netmask = address['netmask']
|
||||||
|
return netaddr.IPNetwork("%s/%s" % (address['addr'],
|
||||||
|
netmask))
|
||||||
|
|
||||||
|
|
||||||
def get_address_in_network(network, fallback=None, fatal=False):
|
def get_address_in_network(network, fallback=None, fatal=False):
|
||||||
"""Get an IPv4 or IPv6 address within the network from the host.
|
"""Get an IPv4 or IPv6 address within the network from the host.
|
||||||
|
|
||||||
|
@ -100,11 +119,9 @@ def get_address_in_network(network, fallback=None, fatal=False):
|
||||||
|
|
||||||
if network.version == 6 and netifaces.AF_INET6 in addresses:
|
if network.version == 6 and netifaces.AF_INET6 in addresses:
|
||||||
for addr in addresses[netifaces.AF_INET6]:
|
for addr in addresses[netifaces.AF_INET6]:
|
||||||
if not addr['addr'].startswith('fe80'):
|
cidr = _get_ipv6_network_from_address(addr)
|
||||||
cidr = netaddr.IPNetwork("%s/%s" % (addr['addr'],
|
if cidr and cidr in network:
|
||||||
addr['netmask']))
|
return str(cidr.ip)
|
||||||
if cidr in network:
|
|
||||||
return str(cidr.ip)
|
|
||||||
|
|
||||||
if fallback is not None:
|
if fallback is not None:
|
||||||
return fallback
|
return fallback
|
||||||
|
@ -180,18 +197,18 @@ def _get_for_address(address, key):
|
||||||
|
|
||||||
if address.version == 6 and netifaces.AF_INET6 in addresses:
|
if address.version == 6 and netifaces.AF_INET6 in addresses:
|
||||||
for addr in addresses[netifaces.AF_INET6]:
|
for addr in addresses[netifaces.AF_INET6]:
|
||||||
if not addr['addr'].startswith('fe80'):
|
network = _get_ipv6_network_from_address(addr)
|
||||||
network = netaddr.IPNetwork("%s/%s" % (addr['addr'],
|
if not network:
|
||||||
addr['netmask']))
|
continue
|
||||||
cidr = network.cidr
|
|
||||||
if address in cidr:
|
|
||||||
if key == 'iface':
|
|
||||||
return iface
|
|
||||||
elif key == 'netmask' and cidr:
|
|
||||||
return str(cidr).split('/')[1]
|
|
||||||
else:
|
|
||||||
return addr[key]
|
|
||||||
|
|
||||||
|
cidr = network.cidr
|
||||||
|
if address in cidr:
|
||||||
|
if key == 'iface':
|
||||||
|
return iface
|
||||||
|
elif key == 'netmask' and cidr:
|
||||||
|
return str(cidr).split('/')[1]
|
||||||
|
else:
|
||||||
|
return addr[key]
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
@ -521,7 +538,8 @@ def port_has_listener(address, port):
|
||||||
|
|
||||||
def assert_charm_supports_ipv6():
|
def assert_charm_supports_ipv6():
|
||||||
"""Check whether we are able to support charms ipv6."""
|
"""Check whether we are able to support charms ipv6."""
|
||||||
if lsb_release()['DISTRIB_CODENAME'].lower() < "trusty":
|
release = lsb_release()['DISTRIB_CODENAME'].lower()
|
||||||
|
if CompareHostReleases(release) < "trusty":
|
||||||
raise Exception("IPv6 is not supported in the charms for Ubuntu "
|
raise Exception("IPv6 is not supported in the charms for Ubuntu "
|
||||||
"versions less than Trusty 14.04")
|
"versions less than Trusty 14.04")
|
||||||
|
|
||||||
|
|
|
@ -40,6 +40,7 @@ from charmhelpers.contrib.amulet.utils import (
|
||||||
AmuletUtils
|
AmuletUtils
|
||||||
)
|
)
|
||||||
from charmhelpers.core.decorators import retry_on_exception
|
from charmhelpers.core.decorators import retry_on_exception
|
||||||
|
from charmhelpers.core.host import CompareHostReleases
|
||||||
|
|
||||||
DEBUG = logging.DEBUG
|
DEBUG = logging.DEBUG
|
||||||
ERROR = logging.ERROR
|
ERROR = logging.ERROR
|
||||||
|
@ -1255,7 +1256,7 @@ class OpenStackAmuletUtils(AmuletUtils):
|
||||||
contents = self.file_contents_safe(sentry_unit, '/etc/memcached.conf',
|
contents = self.file_contents_safe(sentry_unit, '/etc/memcached.conf',
|
||||||
fatal=True)
|
fatal=True)
|
||||||
ubuntu_release, _ = self.run_cmd_unit(sentry_unit, 'lsb_release -cs')
|
ubuntu_release, _ = self.run_cmd_unit(sentry_unit, 'lsb_release -cs')
|
||||||
if ubuntu_release <= 'trusty':
|
if CompareHostReleases(ubuntu_release) <= 'trusty':
|
||||||
memcache_listen_addr = 'ip6-localhost'
|
memcache_listen_addr = 'ip6-localhost'
|
||||||
else:
|
else:
|
||||||
memcache_listen_addr = '::1'
|
memcache_listen_addr = '::1'
|
||||||
|
|
|
@ -59,6 +59,7 @@ from charmhelpers.core.host import (
|
||||||
write_file,
|
write_file,
|
||||||
pwgen,
|
pwgen,
|
||||||
lsb_release,
|
lsb_release,
|
||||||
|
CompareHostReleases,
|
||||||
)
|
)
|
||||||
from charmhelpers.contrib.hahelpers.cluster import (
|
from charmhelpers.contrib.hahelpers.cluster import (
|
||||||
determine_apache_port,
|
determine_apache_port,
|
||||||
|
@ -155,7 +156,8 @@ class OSContextGenerator(object):
|
||||||
|
|
||||||
if self.missing_data:
|
if self.missing_data:
|
||||||
self.complete = False
|
self.complete = False
|
||||||
log('Missing required data: %s' % ' '.join(self.missing_data), level=INFO)
|
log('Missing required data: %s' % ' '.join(self.missing_data),
|
||||||
|
level=INFO)
|
||||||
else:
|
else:
|
||||||
self.complete = True
|
self.complete = True
|
||||||
return self.complete
|
return self.complete
|
||||||
|
@ -213,8 +215,9 @@ class SharedDBContext(OSContextGenerator):
|
||||||
hostname_key = "{}_hostname".format(self.relation_prefix)
|
hostname_key = "{}_hostname".format(self.relation_prefix)
|
||||||
else:
|
else:
|
||||||
hostname_key = "hostname"
|
hostname_key = "hostname"
|
||||||
access_hostname = get_address_in_network(access_network,
|
access_hostname = get_address_in_network(
|
||||||
unit_get('private-address'))
|
access_network,
|
||||||
|
unit_get('private-address'))
|
||||||
set_hostname = relation_get(attribute=hostname_key,
|
set_hostname = relation_get(attribute=hostname_key,
|
||||||
unit=local_unit())
|
unit=local_unit())
|
||||||
if set_hostname != access_hostname:
|
if set_hostname != access_hostname:
|
||||||
|
@ -308,7 +311,10 @@ def db_ssl(rdata, ctxt, ssl_dir):
|
||||||
|
|
||||||
class IdentityServiceContext(OSContextGenerator):
|
class IdentityServiceContext(OSContextGenerator):
|
||||||
|
|
||||||
def __init__(self, service=None, service_user=None, rel_name='identity-service'):
|
def __init__(self,
|
||||||
|
service=None,
|
||||||
|
service_user=None,
|
||||||
|
rel_name='identity-service'):
|
||||||
self.service = service
|
self.service = service
|
||||||
self.service_user = service_user
|
self.service_user = service_user
|
||||||
self.rel_name = rel_name
|
self.rel_name = rel_name
|
||||||
|
@ -457,19 +463,17 @@ class AMQPContext(OSContextGenerator):
|
||||||
host = format_ipv6_addr(host) or host
|
host = format_ipv6_addr(host) or host
|
||||||
rabbitmq_hosts.append(host)
|
rabbitmq_hosts.append(host)
|
||||||
|
|
||||||
ctxt['rabbitmq_hosts'] = ','.join(sorted(rabbitmq_hosts))
|
rabbitmq_hosts = sorted(rabbitmq_hosts)
|
||||||
|
ctxt['rabbitmq_hosts'] = ','.join(rabbitmq_hosts)
|
||||||
transport_hosts = rabbitmq_hosts
|
transport_hosts = rabbitmq_hosts
|
||||||
|
|
||||||
if transport_hosts:
|
if transport_hosts:
|
||||||
transport_url_hosts = ''
|
transport_url_hosts = ','.join([
|
||||||
for host in transport_hosts:
|
"{}:{}@{}:{}".format(ctxt['rabbitmq_user'],
|
||||||
if transport_url_hosts:
|
ctxt['rabbitmq_password'],
|
||||||
format_string = ",{}:{}@{}:{}"
|
host_,
|
||||||
else:
|
rabbitmq_port)
|
||||||
format_string = "{}:{}@{}:{}"
|
for host_ in transport_hosts])
|
||||||
transport_url_hosts += format_string.format(
|
|
||||||
ctxt['rabbitmq_user'], ctxt['rabbitmq_password'],
|
|
||||||
host, rabbitmq_port)
|
|
||||||
ctxt['transport_url'] = "rabbit://{}/{}".format(
|
ctxt['transport_url'] = "rabbit://{}/{}".format(
|
||||||
transport_url_hosts, vhost)
|
transport_url_hosts, vhost)
|
||||||
|
|
||||||
|
@ -1601,7 +1605,8 @@ class MemcacheContext(OSContextGenerator):
|
||||||
if ctxt['use_memcache']:
|
if ctxt['use_memcache']:
|
||||||
# Trusty version of memcached does not support ::1 as a listen
|
# Trusty version of memcached does not support ::1 as a listen
|
||||||
# address so use host file entry instead
|
# address so use host file entry instead
|
||||||
if lsb_release()['DISTRIB_CODENAME'].lower() > 'trusty':
|
release = lsb_release()['DISTRIB_CODENAME'].lower()
|
||||||
|
if CompareHostReleases(release) > 'trusty':
|
||||||
ctxt['memcache_server'] = '::1'
|
ctxt['memcache_server'] = '::1'
|
||||||
else:
|
else:
|
||||||
ctxt['memcache_server'] = 'ip6-localhost'
|
ctxt['memcache_server'] = 'ip6-localhost'
|
||||||
|
|
|
@ -23,7 +23,10 @@ from charmhelpers.core.hookenv import (
|
||||||
ERROR,
|
ERROR,
|
||||||
)
|
)
|
||||||
|
|
||||||
from charmhelpers.contrib.openstack.utils import os_release
|
from charmhelpers.contrib.openstack.utils import (
|
||||||
|
os_release,
|
||||||
|
CompareOpenStackReleases,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def headers_package():
|
def headers_package():
|
||||||
|
@ -198,7 +201,8 @@ def neutron_plugins():
|
||||||
},
|
},
|
||||||
'plumgrid': {
|
'plumgrid': {
|
||||||
'config': '/etc/neutron/plugins/plumgrid/plumgrid.ini',
|
'config': '/etc/neutron/plugins/plumgrid/plumgrid.ini',
|
||||||
'driver': 'neutron.plugins.plumgrid.plumgrid_plugin.plumgrid_plugin.NeutronPluginPLUMgridV2',
|
'driver': ('neutron.plugins.plumgrid.plumgrid_plugin'
|
||||||
|
'.plumgrid_plugin.NeutronPluginPLUMgridV2'),
|
||||||
'contexts': [
|
'contexts': [
|
||||||
context.SharedDBContext(user=config('database-user'),
|
context.SharedDBContext(user=config('database-user'),
|
||||||
database=config('database'),
|
database=config('database'),
|
||||||
|
@ -225,7 +229,7 @@ def neutron_plugins():
|
||||||
'server_services': ['neutron-server']
|
'server_services': ['neutron-server']
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if release >= 'icehouse':
|
if CompareOpenStackReleases(release) >= 'icehouse':
|
||||||
# NOTE: patch in ml2 plugin for icehouse onwards
|
# NOTE: patch in ml2 plugin for icehouse onwards
|
||||||
plugins['ovs']['config'] = '/etc/neutron/plugins/ml2/ml2_conf.ini'
|
plugins['ovs']['config'] = '/etc/neutron/plugins/ml2/ml2_conf.ini'
|
||||||
plugins['ovs']['driver'] = 'neutron.plugins.ml2.plugin.Ml2Plugin'
|
plugins['ovs']['driver'] = 'neutron.plugins.ml2.plugin.Ml2Plugin'
|
||||||
|
@ -233,10 +237,10 @@ def neutron_plugins():
|
||||||
'neutron-plugin-ml2']
|
'neutron-plugin-ml2']
|
||||||
# NOTE: patch in vmware renames nvp->nsx for icehouse onwards
|
# NOTE: patch in vmware renames nvp->nsx for icehouse onwards
|
||||||
plugins['nvp'] = plugins['nsx']
|
plugins['nvp'] = plugins['nsx']
|
||||||
if release >= 'kilo':
|
if CompareOpenStackReleases(release) >= 'kilo':
|
||||||
plugins['midonet']['driver'] = (
|
plugins['midonet']['driver'] = (
|
||||||
'neutron.plugins.midonet.plugin.MidonetPluginV2')
|
'neutron.plugins.midonet.plugin.MidonetPluginV2')
|
||||||
if release >= 'liberty':
|
if CompareOpenStackReleases(release) >= 'liberty':
|
||||||
plugins['midonet']['driver'] = (
|
plugins['midonet']['driver'] = (
|
||||||
'midonet.neutron.plugin_v1.MidonetPluginV2')
|
'midonet.neutron.plugin_v1.MidonetPluginV2')
|
||||||
plugins['midonet']['server_packages'].remove(
|
plugins['midonet']['server_packages'].remove(
|
||||||
|
@ -244,10 +248,11 @@ def neutron_plugins():
|
||||||
plugins['midonet']['server_packages'].append(
|
plugins['midonet']['server_packages'].append(
|
||||||
'python-networking-midonet')
|
'python-networking-midonet')
|
||||||
plugins['plumgrid']['driver'] = (
|
plugins['plumgrid']['driver'] = (
|
||||||
'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2')
|
'networking_plumgrid.neutron.plugins'
|
||||||
|
'.plugin.NeutronPluginPLUMgridV2')
|
||||||
plugins['plumgrid']['server_packages'].remove(
|
plugins['plumgrid']['server_packages'].remove(
|
||||||
'neutron-plugin-plumgrid')
|
'neutron-plugin-plumgrid')
|
||||||
if release >= 'mitaka':
|
if CompareOpenStackReleases(release) >= 'mitaka':
|
||||||
plugins['nsx']['server_packages'].remove('neutron-plugin-vmware')
|
plugins['nsx']['server_packages'].remove('neutron-plugin-vmware')
|
||||||
plugins['nsx']['server_packages'].append('python-vmware-nsx')
|
plugins['nsx']['server_packages'].append('python-vmware-nsx')
|
||||||
plugins['nsx']['config'] = '/etc/neutron/nsx.ini'
|
plugins['nsx']['config'] = '/etc/neutron/nsx.ini'
|
||||||
|
|
|
@ -33,9 +33,7 @@ import yaml
|
||||||
|
|
||||||
from charmhelpers.contrib.network import ip
|
from charmhelpers.contrib.network import ip
|
||||||
|
|
||||||
from charmhelpers.core import (
|
from charmhelpers.core import unitdata
|
||||||
unitdata,
|
|
||||||
)
|
|
||||||
|
|
||||||
from charmhelpers.core.hookenv import (
|
from charmhelpers.core.hookenv import (
|
||||||
action_fail,
|
action_fail,
|
||||||
|
@ -55,6 +53,8 @@ from charmhelpers.core.hookenv import (
|
||||||
application_version_set,
|
application_version_set,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
from charmhelpers.core.strutils import BasicStringComparator
|
||||||
|
|
||||||
from charmhelpers.contrib.storage.linux.lvm import (
|
from charmhelpers.contrib.storage.linux.lvm import (
|
||||||
deactivate_lvm_volume_group,
|
deactivate_lvm_volume_group,
|
||||||
is_lvm_physical_volume,
|
is_lvm_physical_volume,
|
||||||
|
@ -97,6 +97,22 @@ CLOUD_ARCHIVE_KEY_ID = '5EDB1B62EC4926EA'
|
||||||
DISTRO_PROPOSED = ('deb http://archive.ubuntu.com/ubuntu/ %s-proposed '
|
DISTRO_PROPOSED = ('deb http://archive.ubuntu.com/ubuntu/ %s-proposed '
|
||||||
'restricted main multiverse universe')
|
'restricted main multiverse universe')
|
||||||
|
|
||||||
|
OPENSTACK_RELEASES = (
|
||||||
|
'diablo',
|
||||||
|
'essex',
|
||||||
|
'folsom',
|
||||||
|
'grizzly',
|
||||||
|
'havana',
|
||||||
|
'icehouse',
|
||||||
|
'juno',
|
||||||
|
'kilo',
|
||||||
|
'liberty',
|
||||||
|
'mitaka',
|
||||||
|
'newton',
|
||||||
|
'ocata',
|
||||||
|
'pike',
|
||||||
|
)
|
||||||
|
|
||||||
UBUNTU_OPENSTACK_RELEASE = OrderedDict([
|
UBUNTU_OPENSTACK_RELEASE = OrderedDict([
|
||||||
('oneiric', 'diablo'),
|
('oneiric', 'diablo'),
|
||||||
('precise', 'essex'),
|
('precise', 'essex'),
|
||||||
|
@ -238,6 +254,17 @@ GIT_DEFAULT_BRANCHES = {
|
||||||
DEFAULT_LOOPBACK_SIZE = '5G'
|
DEFAULT_LOOPBACK_SIZE = '5G'
|
||||||
|
|
||||||
|
|
||||||
|
class CompareOpenStackReleases(BasicStringComparator):
|
||||||
|
"""Provide comparisons of OpenStack releases.
|
||||||
|
|
||||||
|
Use in the form of
|
||||||
|
|
||||||
|
if CompareOpenStackReleases(release) > 'mitaka':
|
||||||
|
# do something with mitaka
|
||||||
|
"""
|
||||||
|
_list = OPENSTACK_RELEASES
|
||||||
|
|
||||||
|
|
||||||
def error_out(msg):
|
def error_out(msg):
|
||||||
juju_log("FATAL ERROR: %s" % msg, level='ERROR')
|
juju_log("FATAL ERROR: %s" % msg, level='ERROR')
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
@ -1066,7 +1093,8 @@ def git_generate_systemd_init_files(templates_dir):
|
||||||
|
|
||||||
shutil.copyfile(init_in_source, init_source)
|
shutil.copyfile(init_in_source, init_source)
|
||||||
with open(init_source, 'a') as outfile:
|
with open(init_source, 'a') as outfile:
|
||||||
template = '/usr/share/openstack-pkg-tools/init-script-template'
|
template = ('/usr/share/openstack-pkg-tools/'
|
||||||
|
'init-script-template')
|
||||||
with open(template) as infile:
|
with open(template) as infile:
|
||||||
outfile.write('\n\n{}'.format(infile.read()))
|
outfile.write('\n\n{}'.format(infile.read()))
|
||||||
|
|
||||||
|
@ -1971,9 +1999,7 @@ def enable_memcache(source=None, release=None, package=None):
|
||||||
if not _release:
|
if not _release:
|
||||||
_release = get_os_codename_install_source(source)
|
_release = get_os_codename_install_source(source)
|
||||||
|
|
||||||
# TODO: this should be changed to a numeric comparison using a known list
|
return CompareOpenStackReleases(_release) >= 'mitaka'
|
||||||
# of releases and comparing by index.
|
|
||||||
return _release >= 'mitaka'
|
|
||||||
|
|
||||||
|
|
||||||
def token_cache_pkgs(source=None, release=None):
|
def token_cache_pkgs(source=None, release=None):
|
||||||
|
|
|
@ -45,6 +45,7 @@ if __platform__ == "ubuntu":
|
||||||
add_new_group,
|
add_new_group,
|
||||||
lsb_release,
|
lsb_release,
|
||||||
cmp_pkgrevno,
|
cmp_pkgrevno,
|
||||||
|
CompareHostReleases,
|
||||||
) # flake8: noqa -- ignore F401 for this import
|
) # flake8: noqa -- ignore F401 for this import
|
||||||
elif __platform__ == "centos":
|
elif __platform__ == "centos":
|
||||||
from charmhelpers.core.host_factory.centos import (
|
from charmhelpers.core.host_factory.centos import (
|
||||||
|
@ -52,6 +53,7 @@ elif __platform__ == "centos":
|
||||||
add_new_group,
|
add_new_group,
|
||||||
lsb_release,
|
lsb_release,
|
||||||
cmp_pkgrevno,
|
cmp_pkgrevno,
|
||||||
|
CompareHostReleases,
|
||||||
) # flake8: noqa -- ignore F401 for this import
|
) # flake8: noqa -- ignore F401 for this import
|
||||||
|
|
||||||
UPDATEDB_PATH = '/etc/updatedb.conf'
|
UPDATEDB_PATH = '/etc/updatedb.conf'
|
||||||
|
|
|
@ -2,6 +2,22 @@ import subprocess
|
||||||
import yum
|
import yum
|
||||||
import os
|
import os
|
||||||
|
|
||||||
|
from charmhelpers.core.strutils import BasicStringComparator
|
||||||
|
|
||||||
|
|
||||||
|
class CompareHostReleases(BasicStringComparator):
|
||||||
|
"""Provide comparisons of Host releases.
|
||||||
|
|
||||||
|
Use in the form of
|
||||||
|
|
||||||
|
if CompareHostReleases(release) > 'trusty':
|
||||||
|
# do something with mitaka
|
||||||
|
"""
|
||||||
|
|
||||||
|
def __init__(self, item):
|
||||||
|
raise NotImplementedError(
|
||||||
|
"CompareHostReleases() is not implemented for CentOS")
|
||||||
|
|
||||||
|
|
||||||
def service_available(service_name):
|
def service_available(service_name):
|
||||||
# """Determine whether a system service is available."""
|
# """Determine whether a system service is available."""
|
||||||
|
|
|
@ -1,5 +1,37 @@
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
||||||
|
from charmhelpers.core.strutils import BasicStringComparator
|
||||||
|
|
||||||
|
|
||||||
|
UBUNTU_RELEASES = (
|
||||||
|
'lucid',
|
||||||
|
'maverick',
|
||||||
|
'natty',
|
||||||
|
'oneiric',
|
||||||
|
'precise',
|
||||||
|
'quantal',
|
||||||
|
'raring',
|
||||||
|
'saucy',
|
||||||
|
'trusty',
|
||||||
|
'utopic',
|
||||||
|
'vivid',
|
||||||
|
'wily',
|
||||||
|
'xenial',
|
||||||
|
'yakkety',
|
||||||
|
'zesty',
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class CompareHostReleases(BasicStringComparator):
|
||||||
|
"""Provide comparisons of Ubuntu releases.
|
||||||
|
|
||||||
|
Use in the form of
|
||||||
|
|
||||||
|
if CompareHostReleases(release) > 'trusty':
|
||||||
|
# do something with mitaka
|
||||||
|
"""
|
||||||
|
_list = UBUNTU_RELEASES
|
||||||
|
|
||||||
|
|
||||||
def service_available(service_name):
|
def service_available(service_name):
|
||||||
"""Determine whether a system service is available"""
|
"""Determine whether a system service is available"""
|
||||||
|
|
|
@ -68,3 +68,56 @@ def bytes_from_string(value):
|
||||||
msg = "Unable to interpret string value '%s' as bytes" % (value)
|
msg = "Unable to interpret string value '%s' as bytes" % (value)
|
||||||
raise ValueError(msg)
|
raise ValueError(msg)
|
||||||
return int(matches.group(1)) * (1024 ** BYTE_POWER[matches.group(2)])
|
return int(matches.group(1)) * (1024 ** BYTE_POWER[matches.group(2)])
|
||||||
|
|
||||||
|
|
||||||
|
class BasicStringComparator(object):
|
||||||
|
"""Provides a class that will compare strings from an iterator type object.
|
||||||
|
Used to provide > and < comparisons on strings that may not necessarily be
|
||||||
|
alphanumerically ordered. e.g. OpenStack or Ubuntu releases AFTER the
|
||||||
|
z-wrap.
|
||||||
|
"""
|
||||||
|
|
||||||
|
_list = None
|
||||||
|
|
||||||
|
def __init__(self, item):
|
||||||
|
if self._list is None:
|
||||||
|
raise Exception("Must define the _list in the class definition!")
|
||||||
|
try:
|
||||||
|
self.index = self._list.index(item)
|
||||||
|
except Exception:
|
||||||
|
raise KeyError("Item '{}' is not in list '{}'"
|
||||||
|
.format(item, self._list))
|
||||||
|
|
||||||
|
def __eq__(self, other):
|
||||||
|
assert isinstance(other, str) or isinstance(other, self.__class__)
|
||||||
|
return self.index == self._list.index(other)
|
||||||
|
|
||||||
|
def __ne__(self, other):
|
||||||
|
return not self.__eq__(other)
|
||||||
|
|
||||||
|
def __lt__(self, other):
|
||||||
|
assert isinstance(other, str) or isinstance(other, self.__class__)
|
||||||
|
return self.index < self._list.index(other)
|
||||||
|
|
||||||
|
def __ge__(self, other):
|
||||||
|
return not self.__lt__(other)
|
||||||
|
|
||||||
|
def __gt__(self, other):
|
||||||
|
assert isinstance(other, str) or isinstance(other, self.__class__)
|
||||||
|
return self.index > self._list.index(other)
|
||||||
|
|
||||||
|
def __le__(self, other):
|
||||||
|
return not self.__gt__(other)
|
||||||
|
|
||||||
|
def __str__(self):
|
||||||
|
"""Always give back the item at the index so it can be used in
|
||||||
|
comparisons like:
|
||||||
|
|
||||||
|
s_mitaka = CompareOpenStack('mitaka')
|
||||||
|
s_newton = CompareOpenstack('newton')
|
||||||
|
|
||||||
|
assert s_newton > s_mitaka
|
||||||
|
|
||||||
|
@returns: <string>
|
||||||
|
"""
|
||||||
|
return self._list[self.index]
|
||||||
|
|
|
@ -30,6 +30,7 @@ from charmhelpers.contrib.openstack.context import (
|
||||||
|
|
||||||
from charmhelpers.contrib.openstack.utils import (
|
from charmhelpers.contrib.openstack.utils import (
|
||||||
os_release,
|
os_release,
|
||||||
|
CompareOpenStackReleases,
|
||||||
)
|
)
|
||||||
|
|
||||||
from charmhelpers.contrib.hahelpers.cluster import (
|
from charmhelpers.contrib.hahelpers.cluster import (
|
||||||
|
@ -66,11 +67,12 @@ class CephContext(OSContextGenerator):
|
||||||
if not relation_ids('ceph'):
|
if not relation_ids('ceph'):
|
||||||
return {}
|
return {}
|
||||||
service = service_name()
|
service = service_name()
|
||||||
if os_release('cinder-common') >= "icehouse":
|
cmp_os_release = CompareOpenStackReleases(os_release('cinder-common'))
|
||||||
|
if cmp_os_release >= "icehouse":
|
||||||
volume_driver = 'cinder.volume.drivers.rbd.RBDDriver'
|
volume_driver = 'cinder.volume.drivers.rbd.RBDDriver'
|
||||||
else:
|
else:
|
||||||
volume_driver = 'cinder.volume.driver.RBDDriver'
|
volume_driver = 'cinder.volume.driver.RBDDriver'
|
||||||
if os_release('cinder-common') >= "ocata":
|
if cmp_os_release >= "ocata":
|
||||||
driver_key = 'ceph_volume_driver'
|
driver_key = 'ceph_volume_driver'
|
||||||
else:
|
else:
|
||||||
driver_key = 'volume_driver'
|
driver_key = 'volume_driver'
|
||||||
|
@ -130,7 +132,7 @@ class StorageBackendContext(OSContextGenerator):
|
||||||
if backend_name:
|
if backend_name:
|
||||||
backends.append(backend_name)
|
backends.append(backend_name)
|
||||||
# Ocata onwards all backends must be in there own sectional config
|
# Ocata onwards all backends must be in there own sectional config
|
||||||
if os_release('cinder-common') >= "ocata":
|
if CompareOpenStackReleases(os_release('cinder-common')) >= "ocata":
|
||||||
if relation_ids('ceph'):
|
if relation_ids('ceph'):
|
||||||
backends.append('CEPH')
|
backends.append('CEPH')
|
||||||
if enable_lvm():
|
if enable_lvm():
|
||||||
|
@ -213,8 +215,9 @@ class SectionalConfigContext(OSContextGenerator):
|
||||||
"""
|
"""
|
||||||
|
|
||||||
def __call__(self):
|
def __call__(self):
|
||||||
|
cmp_os_release = CompareOpenStackReleases(os_release('cinder-common'))
|
||||||
return {
|
return {
|
||||||
'sectional_default_config': os_release('cinder-common') >= "ocata"
|
'sectional_default_config': cmp_os_release >= "ocata"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -85,6 +85,7 @@ from charmhelpers.contrib.openstack.utils import (
|
||||||
os_release,
|
os_release,
|
||||||
is_unit_paused_set,
|
is_unit_paused_set,
|
||||||
pausable_restart_on_change as restart_on_change,
|
pausable_restart_on_change as restart_on_change,
|
||||||
|
CompareOpenStackReleases,
|
||||||
)
|
)
|
||||||
|
|
||||||
from charmhelpers.contrib.storage.linux.ceph import (
|
from charmhelpers.contrib.storage.linux.ceph import (
|
||||||
|
@ -334,7 +335,7 @@ def identity_joined(rid=None):
|
||||||
'cinder_internal_url': internal_url,
|
'cinder_internal_url': internal_url,
|
||||||
'cinder_admin_url': admin_url,
|
'cinder_admin_url': admin_url,
|
||||||
}
|
}
|
||||||
if os_release('cinder-common') >= 'icehouse':
|
if CompareOpenStackReleases(os_release('cinder-common')) >= 'icehouse':
|
||||||
# NOTE(jamespage) register v2 endpoint as well
|
# NOTE(jamespage) register v2 endpoint as well
|
||||||
public_url = '{}:{}/v2/$(tenant_id)s'.format(
|
public_url = '{}:{}/v2/$(tenant_id)s'.format(
|
||||||
canonical_url(CONFIGS, PUBLIC),
|
canonical_url(CONFIGS, PUBLIC),
|
||||||
|
|
|
@ -49,6 +49,7 @@ from charmhelpers.core.host import (
|
||||||
adduser,
|
adduser,
|
||||||
add_group,
|
add_group,
|
||||||
add_user_to_group,
|
add_user_to_group,
|
||||||
|
CompareHostReleases,
|
||||||
lsb_release,
|
lsb_release,
|
||||||
mkdir,
|
mkdir,
|
||||||
mounts,
|
mounts,
|
||||||
|
@ -107,6 +108,7 @@ from charmhelpers.contrib.openstack.utils import (
|
||||||
os_application_version_set,
|
os_application_version_set,
|
||||||
token_cache_pkgs,
|
token_cache_pkgs,
|
||||||
enable_memcache,
|
enable_memcache,
|
||||||
|
CompareOpenStackReleases,
|
||||||
)
|
)
|
||||||
|
|
||||||
from charmhelpers.core.decorators import (
|
from charmhelpers.core.decorators import (
|
||||||
|
@ -763,13 +765,14 @@ def do_openstack_upgrade(configs):
|
||||||
|
|
||||||
def setup_ipv6():
|
def setup_ipv6():
|
||||||
ubuntu_rel = lsb_release()['DISTRIB_CODENAME'].lower()
|
ubuntu_rel = lsb_release()['DISTRIB_CODENAME'].lower()
|
||||||
if ubuntu_rel < "trusty":
|
if CompareHostReleases(ubuntu_rel) < "trusty":
|
||||||
raise Exception("IPv6 is not supported in the charms for Ubuntu "
|
raise Exception("IPv6 is not supported in the charms for Ubuntu "
|
||||||
"versions less than Trusty 14.04")
|
"versions less than Trusty 14.04")
|
||||||
|
|
||||||
# Need haproxy >= 1.5.3 for ipv6 so for Trusty if we are <= Kilo we need to
|
# Need haproxy >= 1.5.3 for ipv6 so for Trusty if we are <= Kilo we need to
|
||||||
# use trusty-backports otherwise we can use the UCA.
|
# use trusty-backports otherwise we can use the UCA.
|
||||||
if ubuntu_rel == 'trusty' and os_release('cinder') < 'liberty':
|
if (ubuntu_rel == 'trusty' and
|
||||||
|
CompareOpenStackReleases(os_release('cinder')) < 'liberty'):
|
||||||
add_source('deb http://archive.ubuntu.com/ubuntu trusty-backports '
|
add_source('deb http://archive.ubuntu.com/ubuntu trusty-backports '
|
||||||
'main')
|
'main')
|
||||||
apt_update()
|
apt_update()
|
||||||
|
@ -1081,7 +1084,7 @@ def run_in_apache():
|
||||||
"""Return true if cinder API is run under apache2 with mod_wsgi in
|
"""Return true if cinder API is run under apache2 with mod_wsgi in
|
||||||
this release.
|
this release.
|
||||||
"""
|
"""
|
||||||
return os_release('cinder-common') >= 'ocata'
|
return CompareOpenStackReleases(os_release('cinder-common')) >= 'ocata'
|
||||||
|
|
||||||
|
|
||||||
def disable_package_apache_site():
|
def disable_package_apache_site():
|
||||||
|
|
|
@ -40,6 +40,7 @@ from charmhelpers.contrib.amulet.utils import (
|
||||||
AmuletUtils
|
AmuletUtils
|
||||||
)
|
)
|
||||||
from charmhelpers.core.decorators import retry_on_exception
|
from charmhelpers.core.decorators import retry_on_exception
|
||||||
|
from charmhelpers.core.host import CompareHostReleases
|
||||||
|
|
||||||
DEBUG = logging.DEBUG
|
DEBUG = logging.DEBUG
|
||||||
ERROR = logging.ERROR
|
ERROR = logging.ERROR
|
||||||
|
@ -1255,7 +1256,7 @@ class OpenStackAmuletUtils(AmuletUtils):
|
||||||
contents = self.file_contents_safe(sentry_unit, '/etc/memcached.conf',
|
contents = self.file_contents_safe(sentry_unit, '/etc/memcached.conf',
|
||||||
fatal=True)
|
fatal=True)
|
||||||
ubuntu_release, _ = self.run_cmd_unit(sentry_unit, 'lsb_release -cs')
|
ubuntu_release, _ = self.run_cmd_unit(sentry_unit, 'lsb_release -cs')
|
||||||
if ubuntu_release <= 'trusty':
|
if CompareHostReleases(ubuntu_release) <= 'trusty':
|
||||||
memcache_listen_addr = 'ip6-localhost'
|
memcache_listen_addr = 'ip6-localhost'
|
||||||
else:
|
else:
|
||||||
memcache_listen_addr = '::1'
|
memcache_listen_addr = '::1'
|
||||||
|
|
|
@ -45,6 +45,7 @@ if __platform__ == "ubuntu":
|
||||||
add_new_group,
|
add_new_group,
|
||||||
lsb_release,
|
lsb_release,
|
||||||
cmp_pkgrevno,
|
cmp_pkgrevno,
|
||||||
|
CompareHostReleases,
|
||||||
) # flake8: noqa -- ignore F401 for this import
|
) # flake8: noqa -- ignore F401 for this import
|
||||||
elif __platform__ == "centos":
|
elif __platform__ == "centos":
|
||||||
from charmhelpers.core.host_factory.centos import (
|
from charmhelpers.core.host_factory.centos import (
|
||||||
|
@ -52,6 +53,7 @@ elif __platform__ == "centos":
|
||||||
add_new_group,
|
add_new_group,
|
||||||
lsb_release,
|
lsb_release,
|
||||||
cmp_pkgrevno,
|
cmp_pkgrevno,
|
||||||
|
CompareHostReleases,
|
||||||
) # flake8: noqa -- ignore F401 for this import
|
) # flake8: noqa -- ignore F401 for this import
|
||||||
|
|
||||||
UPDATEDB_PATH = '/etc/updatedb.conf'
|
UPDATEDB_PATH = '/etc/updatedb.conf'
|
||||||
|
|
|
@ -2,6 +2,22 @@ import subprocess
|
||||||
import yum
|
import yum
|
||||||
import os
|
import os
|
||||||
|
|
||||||
|
from charmhelpers.core.strutils import BasicStringComparator
|
||||||
|
|
||||||
|
|
||||||
|
class CompareHostReleases(BasicStringComparator):
|
||||||
|
"""Provide comparisons of Host releases.
|
||||||
|
|
||||||
|
Use in the form of
|
||||||
|
|
||||||
|
if CompareHostReleases(release) > 'trusty':
|
||||||
|
# do something with mitaka
|
||||||
|
"""
|
||||||
|
|
||||||
|
def __init__(self, item):
|
||||||
|
raise NotImplementedError(
|
||||||
|
"CompareHostReleases() is not implemented for CentOS")
|
||||||
|
|
||||||
|
|
||||||
def service_available(service_name):
|
def service_available(service_name):
|
||||||
# """Determine whether a system service is available."""
|
# """Determine whether a system service is available."""
|
||||||
|
|
|
@ -1,5 +1,37 @@
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
||||||
|
from charmhelpers.core.strutils import BasicStringComparator
|
||||||
|
|
||||||
|
|
||||||
|
UBUNTU_RELEASES = (
|
||||||
|
'lucid',
|
||||||
|
'maverick',
|
||||||
|
'natty',
|
||||||
|
'oneiric',
|
||||||
|
'precise',
|
||||||
|
'quantal',
|
||||||
|
'raring',
|
||||||
|
'saucy',
|
||||||
|
'trusty',
|
||||||
|
'utopic',
|
||||||
|
'vivid',
|
||||||
|
'wily',
|
||||||
|
'xenial',
|
||||||
|
'yakkety',
|
||||||
|
'zesty',
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class CompareHostReleases(BasicStringComparator):
|
||||||
|
"""Provide comparisons of Ubuntu releases.
|
||||||
|
|
||||||
|
Use in the form of
|
||||||
|
|
||||||
|
if CompareHostReleases(release) > 'trusty':
|
||||||
|
# do something with mitaka
|
||||||
|
"""
|
||||||
|
_list = UBUNTU_RELEASES
|
||||||
|
|
||||||
|
|
||||||
def service_available(service_name):
|
def service_available(service_name):
|
||||||
"""Determine whether a system service is available"""
|
"""Determine whether a system service is available"""
|
||||||
|
|
|
@ -68,3 +68,56 @@ def bytes_from_string(value):
|
||||||
msg = "Unable to interpret string value '%s' as bytes" % (value)
|
msg = "Unable to interpret string value '%s' as bytes" % (value)
|
||||||
raise ValueError(msg)
|
raise ValueError(msg)
|
||||||
return int(matches.group(1)) * (1024 ** BYTE_POWER[matches.group(2)])
|
return int(matches.group(1)) * (1024 ** BYTE_POWER[matches.group(2)])
|
||||||
|
|
||||||
|
|
||||||
|
class BasicStringComparator(object):
|
||||||
|
"""Provides a class that will compare strings from an iterator type object.
|
||||||
|
Used to provide > and < comparisons on strings that may not necessarily be
|
||||||
|
alphanumerically ordered. e.g. OpenStack or Ubuntu releases AFTER the
|
||||||
|
z-wrap.
|
||||||
|
"""
|
||||||
|
|
||||||
|
_list = None
|
||||||
|
|
||||||
|
def __init__(self, item):
|
||||||
|
if self._list is None:
|
||||||
|
raise Exception("Must define the _list in the class definition!")
|
||||||
|
try:
|
||||||
|
self.index = self._list.index(item)
|
||||||
|
except Exception:
|
||||||
|
raise KeyError("Item '{}' is not in list '{}'"
|
||||||
|
.format(item, self._list))
|
||||||
|
|
||||||
|
def __eq__(self, other):
|
||||||
|
assert isinstance(other, str) or isinstance(other, self.__class__)
|
||||||
|
return self.index == self._list.index(other)
|
||||||
|
|
||||||
|
def __ne__(self, other):
|
||||||
|
return not self.__eq__(other)
|
||||||
|
|
||||||
|
def __lt__(self, other):
|
||||||
|
assert isinstance(other, str) or isinstance(other, self.__class__)
|
||||||
|
return self.index < self._list.index(other)
|
||||||
|
|
||||||
|
def __ge__(self, other):
|
||||||
|
return not self.__lt__(other)
|
||||||
|
|
||||||
|
def __gt__(self, other):
|
||||||
|
assert isinstance(other, str) or isinstance(other, self.__class__)
|
||||||
|
return self.index > self._list.index(other)
|
||||||
|
|
||||||
|
def __le__(self, other):
|
||||||
|
return not self.__gt__(other)
|
||||||
|
|
||||||
|
def __str__(self):
|
||||||
|
"""Always give back the item at the index so it can be used in
|
||||||
|
comparisons like:
|
||||||
|
|
||||||
|
s_mitaka = CompareOpenStack('mitaka')
|
||||||
|
s_newton = CompareOpenstack('newton')
|
||||||
|
|
||||||
|
assert s_newton > s_mitaka
|
||||||
|
|
||||||
|
@returns: <string>
|
||||||
|
"""
|
||||||
|
return self._list[self.index]
|
||||||
|
|
|
@ -0,0 +1,25 @@
|
||||||
|
import platform
|
||||||
|
|
||||||
|
|
||||||
|
def get_platform():
|
||||||
|
"""Return the current OS platform.
|
||||||
|
|
||||||
|
For example: if current os platform is Ubuntu then a string "ubuntu"
|
||||||
|
will be returned (which is the name of the module).
|
||||||
|
This string is used to decide which platform module should be imported.
|
||||||
|
"""
|
||||||
|
# linux_distribution is deprecated and will be removed in Python 3.7
|
||||||
|
# Warings *not* disabled, as we certainly need to fix this.
|
||||||
|
tuple_platform = platform.linux_distribution()
|
||||||
|
current_platform = tuple_platform[0]
|
||||||
|
if "Ubuntu" in current_platform:
|
||||||
|
return "ubuntu"
|
||||||
|
elif "CentOS" in current_platform:
|
||||||
|
return "centos"
|
||||||
|
elif "debian" in current_platform:
|
||||||
|
# Stock Python does not detect Ubuntu and instead returns debian.
|
||||||
|
# Or at least it does in some build environments like Travis CI
|
||||||
|
return "ubuntu"
|
||||||
|
else:
|
||||||
|
raise RuntimeError("This module is not supported on {}."
|
||||||
|
.format(current_platform))
|
2
tox.ini
2
tox.ini
|
@ -14,7 +14,7 @@ install_command =
|
||||||
pip install --allow-unverified python-apt {opts} {packages}
|
pip install --allow-unverified python-apt {opts} {packages}
|
||||||
commands = ostestr {posargs}
|
commands = ostestr {posargs}
|
||||||
whitelist_externals = juju
|
whitelist_externals = juju
|
||||||
passenv = HOME TERM AMULET_*
|
passenv = HOME TERM AMULET_* CS_API_*
|
||||||
|
|
||||||
[testenv:py27]
|
[testenv:py27]
|
||||||
basepython = python2.7
|
basepython = python2.7
|
||||||
|
|
|
@ -112,6 +112,7 @@ class TestCinderContext(CharmTestCase):
|
||||||
def test_storage_backend_no_backends(self):
|
def test_storage_backend_no_backends(self):
|
||||||
self.config.return_value = None
|
self.config.return_value = None
|
||||||
self.relation_ids.return_value = []
|
self.relation_ids.return_value = []
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
self.assertEquals(contexts.StorageBackendContext()(), {})
|
self.assertEquals(contexts.StorageBackendContext()(), {})
|
||||||
|
|
||||||
def test_storage_backend_single_backend(self):
|
def test_storage_backend_single_backend(self):
|
||||||
|
@ -122,12 +123,14 @@ class TestCinderContext(CharmTestCase):
|
||||||
self.relation_ids.side_effect = lambda x: rel_dict[x]
|
self.relation_ids.side_effect = lambda x: rel_dict[x]
|
||||||
self.related_units.return_value = ['cinder-ceph/0']
|
self.related_units.return_value = ['cinder-ceph/0']
|
||||||
self.relation_get.return_value = 'cinder-ceph'
|
self.relation_get.return_value = 'cinder-ceph'
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
self.assertEquals(contexts.StorageBackendContext()(),
|
self.assertEquals(contexts.StorageBackendContext()(),
|
||||||
{'backends': 'cinder-ceph',
|
{'backends': 'cinder-ceph',
|
||||||
'active_backends': ['cinder-ceph']})
|
'active_backends': ['cinder-ceph']})
|
||||||
|
|
||||||
def test_storage_backend_multi_backend(self):
|
def test_storage_backend_multi_backend(self):
|
||||||
self.config.return_value = None
|
self.config.return_value = None
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
rel_dict = {
|
rel_dict = {
|
||||||
'storage-backend': ['cinder-ceph:0', 'cinder-vmware:0'],
|
'storage-backend': ['cinder-ceph:0', 'cinder-vmware:0'],
|
||||||
'ceph': []}
|
'ceph': []}
|
||||||
|
|
|
@ -195,6 +195,7 @@ class TestCinderUtils(CharmTestCase):
|
||||||
service_enabled):
|
service_enabled):
|
||||||
service_enabled.return_value = True
|
service_enabled.return_value = True
|
||||||
path_exists.return_value = True
|
path_exists.return_value = True
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
self.ceph_config_file.return_value = self.charm_ceph_conf
|
self.ceph_config_file.return_value = self.charm_ceph_conf
|
||||||
self.relation_ids.return_value = []
|
self.relation_ids.return_value = []
|
||||||
self.enable_memcache.return_value = True
|
self.enable_memcache.return_value = True
|
||||||
|
@ -218,6 +219,7 @@ class TestCinderUtils(CharmTestCase):
|
||||||
service_enabled.side_effect = self.svc_enabled
|
service_enabled.side_effect = self.svc_enabled
|
||||||
self.test_config.set('enabled-services', 'scheduler,volume')
|
self.test_config.set('enabled-services', 'scheduler,volume')
|
||||||
path_exists.return_value = True
|
path_exists.return_value = True
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
self.ceph_config_file.return_value = self.charm_ceph_conf
|
self.ceph_config_file.return_value = self.charm_ceph_conf
|
||||||
self.relation_ids.return_value = []
|
self.relation_ids.return_value = []
|
||||||
ex_map = OrderedDict([
|
ex_map = OrderedDict([
|
||||||
|
@ -238,6 +240,7 @@ class TestCinderUtils(CharmTestCase):
|
||||||
service_enabled):
|
service_enabled):
|
||||||
service_enabled.return_value = True
|
service_enabled.return_value = True
|
||||||
path_exists.return_value = True
|
path_exists.return_value = True
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
self.ceph_config_file.return_value = self.charm_ceph_conf
|
self.ceph_config_file.return_value = self.charm_ceph_conf
|
||||||
self.relation_ids.side_effect = lambda x: {
|
self.relation_ids.side_effect = lambda x: {
|
||||||
'storage-backend': [],
|
'storage-backend': [],
|
||||||
|
@ -253,6 +256,7 @@ class TestCinderUtils(CharmTestCase):
|
||||||
service_enabled):
|
service_enabled):
|
||||||
service_enabled.return_value = True
|
service_enabled.return_value = True
|
||||||
path_exists.return_value = True
|
path_exists.return_value = True
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
self.ceph_config_file.return_value = self.charm_ceph_conf
|
self.ceph_config_file.return_value = self.charm_ceph_conf
|
||||||
self.relation_ids.side_effect = lambda x: {
|
self.relation_ids.side_effect = lambda x: {
|
||||||
'storage-backend': [],
|
'storage-backend': [],
|
||||||
|
@ -268,6 +272,7 @@ class TestCinderUtils(CharmTestCase):
|
||||||
service_enabled):
|
service_enabled):
|
||||||
service_enabled.return_value = True
|
service_enabled.return_value = True
|
||||||
path_exists.return_value = True
|
path_exists.return_value = True
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
self.ceph_config_file.return_value = self.charm_ceph_conf
|
self.ceph_config_file.return_value = self.charm_ceph_conf
|
||||||
self.relation_ids.side_effect = lambda x: {
|
self.relation_ids.side_effect = lambda x: {
|
||||||
'storage-backend': [],
|
'storage-backend': [],
|
||||||
|
@ -282,6 +287,7 @@ class TestCinderUtils(CharmTestCase):
|
||||||
service_enabled):
|
service_enabled):
|
||||||
service_enabled.return_value = True
|
service_enabled.return_value = True
|
||||||
path_exists.return_value = True
|
path_exists.return_value = True
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
self.ceph_config_file.return_value = self.charm_ceph_conf
|
self.ceph_config_file.return_value = self.charm_ceph_conf
|
||||||
self.relation_ids.side_effect = lambda x: {
|
self.relation_ids.side_effect = lambda x: {
|
||||||
'storage-backend': [],
|
'storage-backend': [],
|
||||||
|
@ -304,6 +310,7 @@ class TestCinderUtils(CharmTestCase):
|
||||||
service_enabled):
|
service_enabled):
|
||||||
service_enabled.return_value = True
|
service_enabled.return_value = True
|
||||||
path_exists.side_effect = lambda x: x not in [self.apache24_conf_dir]
|
path_exists.side_effect = lambda x: x not in [self.apache24_conf_dir]
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
self.ceph_config_file.return_value = self.charm_ceph_conf
|
self.ceph_config_file.return_value = self.charm_ceph_conf
|
||||||
self.relation_ids.side_effect = lambda x: {
|
self.relation_ids.side_effect = lambda x: {
|
||||||
'storage-backend': [],
|
'storage-backend': [],
|
||||||
|
@ -318,6 +325,7 @@ class TestCinderUtils(CharmTestCase):
|
||||||
def test_creates_resource_map_apache24(self, path_exists, service_enabled):
|
def test_creates_resource_map_apache24(self, path_exists, service_enabled):
|
||||||
service_enabled.return_value = True
|
service_enabled.return_value = True
|
||||||
path_exists.side_effect = lambda x: x in [self.apache24_conf_dir]
|
path_exists.side_effect = lambda x: x in [self.apache24_conf_dir]
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
self.ceph_config_file.return_value = self.charm_ceph_conf
|
self.ceph_config_file.return_value = self.charm_ceph_conf
|
||||||
self.relation_ids.side_effect = lambda x: {
|
self.relation_ids.side_effect = lambda x: {
|
||||||
'storage-backend': [],
|
'storage-backend': [],
|
||||||
|
@ -729,6 +737,7 @@ class TestCinderUtils(CharmTestCase):
|
||||||
@patch.object(cinder_utils, 'determine_packages')
|
@patch.object(cinder_utils, 'determine_packages')
|
||||||
def test_openstack_upgrade_leader(self, pkgs, migrate, services):
|
def test_openstack_upgrade_leader(self, pkgs, migrate, services):
|
||||||
pkgs.return_value = ['mypackage']
|
pkgs.return_value = ['mypackage']
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
self.config.side_effect = None
|
self.config.side_effect = None
|
||||||
self.config.return_value = 'cloud:precise-havana'
|
self.config.return_value = 'cloud:precise-havana'
|
||||||
services.return_value = ['cinder-api', 'cinder-volume']
|
services.return_value = ['cinder-api', 'cinder-volume']
|
||||||
|
@ -748,6 +757,7 @@ class TestCinderUtils(CharmTestCase):
|
||||||
@patch.object(cinder_utils, 'determine_packages')
|
@patch.object(cinder_utils, 'determine_packages')
|
||||||
def test_openstack_upgrade_not_leader(self, pkgs, migrate, services):
|
def test_openstack_upgrade_not_leader(self, pkgs, migrate, services):
|
||||||
pkgs.return_value = ['mypackage']
|
pkgs.return_value = ['mypackage']
|
||||||
|
self.os_release.return_value = 'havana'
|
||||||
self.config.side_effect = None
|
self.config.side_effect = None
|
||||||
self.config.return_value = 'cloud:precise-havana'
|
self.config.return_value = 'cloud:precise-havana'
|
||||||
services.return_value = ['cinder-api', 'cinder-volume']
|
services.return_value = ['cinder-api', 'cinder-volume']
|
||||||
|
|
Loading…
Reference in New Issue