Check in start of py redux.
This commit is contained in:
parent
025922d5dd
commit
f7b057ca60
|
@ -0,0 +1,6 @@
|
||||||
|
[report]
|
||||||
|
# Regexes for lines to exclude from consideration
|
||||||
|
exclude_lines =
|
||||||
|
if __name__ == .__main__.:
|
||||||
|
include=
|
||||||
|
hooks/nova_*
|
|
@ -0,0 +1,14 @@
|
||||||
|
#!/usr/bin/make
|
||||||
|
PYTHON := /usr/bin/env python
|
||||||
|
|
||||||
|
lint:
|
||||||
|
@flake8 --exclude hooks/charmhelpers hooks
|
||||||
|
@flake8 --exclude hooks/charmhelpers unit_tests
|
||||||
|
@charm proof
|
||||||
|
|
||||||
|
test:
|
||||||
|
@echo Starting tests...
|
||||||
|
@$(PYTHON) /usr/bin/nosetests --nologcapture --with-coverage unit_tests
|
||||||
|
|
||||||
|
sync:
|
||||||
|
@charm-helper-sync -c charm-helpers-sync.yaml
|
|
@ -0,0 +1,10 @@
|
||||||
|
branch: lp:charm-helpers
|
||||||
|
destination: hooks/charmhelpers
|
||||||
|
include:
|
||||||
|
- core
|
||||||
|
- contrib.openstack|inc=*
|
||||||
|
- contrib.storage
|
||||||
|
- contrib.hahelpers:
|
||||||
|
- apache
|
||||||
|
- ceph
|
||||||
|
- cluster
|
|
@ -0,0 +1,58 @@
|
||||||
|
#
|
||||||
|
# Copyright 2012 Canonical Ltd.
|
||||||
|
#
|
||||||
|
# This file is sourced from lp:openstack-charm-helpers
|
||||||
|
#
|
||||||
|
# Authors:
|
||||||
|
# James Page <james.page@ubuntu.com>
|
||||||
|
# Adam Gandelman <adamg@ubuntu.com>
|
||||||
|
#
|
||||||
|
|
||||||
|
import subprocess
|
||||||
|
|
||||||
|
from charmhelpers.core.hookenv import (
|
||||||
|
config as config_get,
|
||||||
|
relation_get,
|
||||||
|
relation_ids,
|
||||||
|
related_units as relation_list,
|
||||||
|
log,
|
||||||
|
INFO,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def get_cert():
|
||||||
|
cert = config_get('ssl_cert')
|
||||||
|
key = config_get('ssl_key')
|
||||||
|
if not (cert and key):
|
||||||
|
log("Inspecting identity-service relations for SSL certificate.",
|
||||||
|
level=INFO)
|
||||||
|
cert = key = None
|
||||||
|
for r_id in relation_ids('identity-service'):
|
||||||
|
for unit in relation_list(r_id):
|
||||||
|
if not cert:
|
||||||
|
cert = relation_get('ssl_cert',
|
||||||
|
rid=r_id, unit=unit)
|
||||||
|
if not key:
|
||||||
|
key = relation_get('ssl_key',
|
||||||
|
rid=r_id, unit=unit)
|
||||||
|
return (cert, key)
|
||||||
|
|
||||||
|
|
||||||
|
def get_ca_cert():
|
||||||
|
ca_cert = None
|
||||||
|
log("Inspecting identity-service relations for CA SSL certificate.",
|
||||||
|
level=INFO)
|
||||||
|
for r_id in relation_ids('identity-service'):
|
||||||
|
for unit in relation_list(r_id):
|
||||||
|
if not ca_cert:
|
||||||
|
ca_cert = relation_get('ca_cert',
|
||||||
|
rid=r_id, unit=unit)
|
||||||
|
return ca_cert
|
||||||
|
|
||||||
|
|
||||||
|
def install_ca_cert(ca_cert):
|
||||||
|
if ca_cert:
|
||||||
|
with open('/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt',
|
||||||
|
'w') as crt:
|
||||||
|
crt.write(ca_cert)
|
||||||
|
subprocess.check_call(['update-ca-certificates', '--fresh'])
|
|
@ -0,0 +1,278 @@
|
||||||
|
#
|
||||||
|
# Copyright 2012 Canonical Ltd.
|
||||||
|
#
|
||||||
|
# This file is sourced from lp:openstack-charm-helpers
|
||||||
|
#
|
||||||
|
# Authors:
|
||||||
|
# James Page <james.page@ubuntu.com>
|
||||||
|
# Adam Gandelman <adamg@ubuntu.com>
|
||||||
|
#
|
||||||
|
|
||||||
|
import commands
|
||||||
|
import os
|
||||||
|
import shutil
|
||||||
|
|
||||||
|
from subprocess import (
|
||||||
|
check_call,
|
||||||
|
check_output,
|
||||||
|
CalledProcessError
|
||||||
|
)
|
||||||
|
|
||||||
|
from charmhelpers.core.hookenv import (
|
||||||
|
relation_get,
|
||||||
|
relation_ids,
|
||||||
|
related_units,
|
||||||
|
log,
|
||||||
|
INFO,
|
||||||
|
)
|
||||||
|
|
||||||
|
from charmhelpers.core.host import (
|
||||||
|
apt_install,
|
||||||
|
mount,
|
||||||
|
mounts,
|
||||||
|
service_start,
|
||||||
|
service_stop,
|
||||||
|
umount,
|
||||||
|
)
|
||||||
|
|
||||||
|
KEYRING = '/etc/ceph/ceph.client.%s.keyring'
|
||||||
|
KEYFILE = '/etc/ceph/ceph.client.%s.key'
|
||||||
|
|
||||||
|
CEPH_CONF = """[global]
|
||||||
|
auth supported = %(auth)s
|
||||||
|
keyring = %(keyring)s
|
||||||
|
mon host = %(mon_hosts)s
|
||||||
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
def running(service):
|
||||||
|
# this local util can be dropped as soon the following branch lands
|
||||||
|
# in lp:charm-helpers
|
||||||
|
# https://code.launchpad.net/~gandelman-a/charm-helpers/service_running/
|
||||||
|
try:
|
||||||
|
output = check_output(['service', service, 'status'])
|
||||||
|
except CalledProcessError:
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
if ("start/running" in output or "is running" in output):
|
||||||
|
return True
|
||||||
|
else:
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def install():
|
||||||
|
ceph_dir = "/etc/ceph"
|
||||||
|
if not os.path.isdir(ceph_dir):
|
||||||
|
os.mkdir(ceph_dir)
|
||||||
|
apt_install('ceph-common', fatal=True)
|
||||||
|
|
||||||
|
|
||||||
|
def rbd_exists(service, pool, rbd_img):
|
||||||
|
(rc, out) = commands.getstatusoutput('rbd list --id %s --pool %s' %
|
||||||
|
(service, pool))
|
||||||
|
return rbd_img in out
|
||||||
|
|
||||||
|
|
||||||
|
def create_rbd_image(service, pool, image, sizemb):
|
||||||
|
cmd = [
|
||||||
|
'rbd',
|
||||||
|
'create',
|
||||||
|
image,
|
||||||
|
'--size',
|
||||||
|
str(sizemb),
|
||||||
|
'--id',
|
||||||
|
service,
|
||||||
|
'--pool',
|
||||||
|
pool
|
||||||
|
]
|
||||||
|
check_call(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
def pool_exists(service, name):
|
||||||
|
(rc, out) = commands.getstatusoutput("rados --id %s lspools" % service)
|
||||||
|
return name in out
|
||||||
|
|
||||||
|
|
||||||
|
def create_pool(service, name):
|
||||||
|
cmd = [
|
||||||
|
'rados',
|
||||||
|
'--id',
|
||||||
|
service,
|
||||||
|
'mkpool',
|
||||||
|
name
|
||||||
|
]
|
||||||
|
check_call(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
def keyfile_path(service):
|
||||||
|
return KEYFILE % service
|
||||||
|
|
||||||
|
|
||||||
|
def keyring_path(service):
|
||||||
|
return KEYRING % service
|
||||||
|
|
||||||
|
|
||||||
|
def create_keyring(service, key):
|
||||||
|
keyring = keyring_path(service)
|
||||||
|
if os.path.exists(keyring):
|
||||||
|
log('ceph: Keyring exists at %s.' % keyring, level=INFO)
|
||||||
|
cmd = [
|
||||||
|
'ceph-authtool',
|
||||||
|
keyring,
|
||||||
|
'--create-keyring',
|
||||||
|
'--name=client.%s' % service,
|
||||||
|
'--add-key=%s' % key
|
||||||
|
]
|
||||||
|
check_call(cmd)
|
||||||
|
log('ceph: Created new ring at %s.' % keyring, level=INFO)
|
||||||
|
|
||||||
|
|
||||||
|
def create_key_file(service, key):
|
||||||
|
# create a file containing the key
|
||||||
|
keyfile = keyfile_path(service)
|
||||||
|
if os.path.exists(keyfile):
|
||||||
|
log('ceph: Keyfile exists at %s.' % keyfile, level=INFO)
|
||||||
|
fd = open(keyfile, 'w')
|
||||||
|
fd.write(key)
|
||||||
|
fd.close()
|
||||||
|
log('ceph: Created new keyfile at %s.' % keyfile, level=INFO)
|
||||||
|
|
||||||
|
|
||||||
|
def get_ceph_nodes():
|
||||||
|
hosts = []
|
||||||
|
for r_id in relation_ids('ceph'):
|
||||||
|
for unit in related_units(r_id):
|
||||||
|
hosts.append(relation_get('private-address', unit=unit, rid=r_id))
|
||||||
|
return hosts
|
||||||
|
|
||||||
|
|
||||||
|
def configure(service, key, auth):
|
||||||
|
create_keyring(service, key)
|
||||||
|
create_key_file(service, key)
|
||||||
|
hosts = get_ceph_nodes()
|
||||||
|
mon_hosts = ",".join(map(str, hosts))
|
||||||
|
keyring = keyring_path(service)
|
||||||
|
with open('/etc/ceph/ceph.conf', 'w') as ceph_conf:
|
||||||
|
ceph_conf.write(CEPH_CONF % locals())
|
||||||
|
modprobe_kernel_module('rbd')
|
||||||
|
|
||||||
|
|
||||||
|
def image_mapped(image_name):
|
||||||
|
(rc, out) = commands.getstatusoutput('rbd showmapped')
|
||||||
|
return image_name in out
|
||||||
|
|
||||||
|
|
||||||
|
def map_block_storage(service, pool, image):
|
||||||
|
cmd = [
|
||||||
|
'rbd',
|
||||||
|
'map',
|
||||||
|
'%s/%s' % (pool, image),
|
||||||
|
'--user',
|
||||||
|
service,
|
||||||
|
'--secret',
|
||||||
|
keyfile_path(service),
|
||||||
|
]
|
||||||
|
check_call(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
def filesystem_mounted(fs):
|
||||||
|
return fs in [f for m, f in mounts()]
|
||||||
|
|
||||||
|
|
||||||
|
def make_filesystem(blk_device, fstype='ext4'):
|
||||||
|
log('ceph: Formatting block device %s as filesystem %s.' %
|
||||||
|
(blk_device, fstype), level=INFO)
|
||||||
|
cmd = ['mkfs', '-t', fstype, blk_device]
|
||||||
|
check_call(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
def place_data_on_ceph(service, blk_device, data_src_dst, fstype='ext4'):
|
||||||
|
# mount block device into /mnt
|
||||||
|
mount(blk_device, '/mnt')
|
||||||
|
|
||||||
|
# copy data to /mnt
|
||||||
|
try:
|
||||||
|
copy_files(data_src_dst, '/mnt')
|
||||||
|
except:
|
||||||
|
pass
|
||||||
|
|
||||||
|
# umount block device
|
||||||
|
umount('/mnt')
|
||||||
|
|
||||||
|
_dir = os.stat(data_src_dst)
|
||||||
|
uid = _dir.st_uid
|
||||||
|
gid = _dir.st_gid
|
||||||
|
|
||||||
|
# re-mount where the data should originally be
|
||||||
|
mount(blk_device, data_src_dst, persist=True)
|
||||||
|
|
||||||
|
# ensure original ownership of new mount.
|
||||||
|
cmd = ['chown', '-R', '%s:%s' % (uid, gid), data_src_dst]
|
||||||
|
check_call(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
# TODO: re-use
|
||||||
|
def modprobe_kernel_module(module):
|
||||||
|
log('ceph: Loading kernel module', level=INFO)
|
||||||
|
cmd = ['modprobe', module]
|
||||||
|
check_call(cmd)
|
||||||
|
cmd = 'echo %s >> /etc/modules' % module
|
||||||
|
check_call(cmd, shell=True)
|
||||||
|
|
||||||
|
|
||||||
|
def copy_files(src, dst, symlinks=False, ignore=None):
|
||||||
|
for item in os.listdir(src):
|
||||||
|
s = os.path.join(src, item)
|
||||||
|
d = os.path.join(dst, item)
|
||||||
|
if os.path.isdir(s):
|
||||||
|
shutil.copytree(s, d, symlinks, ignore)
|
||||||
|
else:
|
||||||
|
shutil.copy2(s, d)
|
||||||
|
|
||||||
|
|
||||||
|
def ensure_ceph_storage(service, pool, rbd_img, sizemb, mount_point,
|
||||||
|
blk_device, fstype, system_services=[]):
|
||||||
|
"""
|
||||||
|
To be called from the current cluster leader.
|
||||||
|
Ensures given pool and RBD image exists, is mapped to a block device,
|
||||||
|
and the device is formatted and mounted at the given mount_point.
|
||||||
|
|
||||||
|
If formatting a device for the first time, data existing at mount_point
|
||||||
|
will be migrated to the RBD device before being remounted.
|
||||||
|
|
||||||
|
All services listed in system_services will be stopped prior to data
|
||||||
|
migration and restarted when complete.
|
||||||
|
"""
|
||||||
|
# Ensure pool, RBD image, RBD mappings are in place.
|
||||||
|
if not pool_exists(service, pool):
|
||||||
|
log('ceph: Creating new pool %s.' % pool, level=INFO)
|
||||||
|
create_pool(service, pool)
|
||||||
|
|
||||||
|
if not rbd_exists(service, pool, rbd_img):
|
||||||
|
log('ceph: Creating RBD image (%s).' % rbd_img, level=INFO)
|
||||||
|
create_rbd_image(service, pool, rbd_img, sizemb)
|
||||||
|
|
||||||
|
if not image_mapped(rbd_img):
|
||||||
|
log('ceph: Mapping RBD Image as a Block Device.', level=INFO)
|
||||||
|
map_block_storage(service, pool, rbd_img)
|
||||||
|
|
||||||
|
# make file system
|
||||||
|
# TODO: What happens if for whatever reason this is run again and
|
||||||
|
# the data is already in the rbd device and/or is mounted??
|
||||||
|
# When it is mounted already, it will fail to make the fs
|
||||||
|
# XXX: This is really sketchy! Need to at least add an fstab entry
|
||||||
|
# otherwise this hook will blow away existing data if its executed
|
||||||
|
# after a reboot.
|
||||||
|
if not filesystem_mounted(mount_point):
|
||||||
|
make_filesystem(blk_device, fstype)
|
||||||
|
|
||||||
|
for svc in system_services:
|
||||||
|
if running(svc):
|
||||||
|
log('Stopping services %s prior to migrating data.' % svc,
|
||||||
|
level=INFO)
|
||||||
|
service_stop(svc)
|
||||||
|
|
||||||
|
place_data_on_ceph(service, blk_device, mount_point, fstype)
|
||||||
|
|
||||||
|
for svc in system_services:
|
||||||
|
service_start(svc)
|
|
@ -0,0 +1,181 @@
|
||||||
|
#
|
||||||
|
# Copyright 2012 Canonical Ltd.
|
||||||
|
#
|
||||||
|
# Authors:
|
||||||
|
# James Page <james.page@ubuntu.com>
|
||||||
|
# Adam Gandelman <adamg@ubuntu.com>
|
||||||
|
#
|
||||||
|
|
||||||
|
import subprocess
|
||||||
|
import os
|
||||||
|
|
||||||
|
from socket import gethostname as get_unit_hostname
|
||||||
|
|
||||||
|
from charmhelpers.core.hookenv import (
|
||||||
|
log,
|
||||||
|
relation_ids,
|
||||||
|
related_units as relation_list,
|
||||||
|
relation_get,
|
||||||
|
config as config_get,
|
||||||
|
INFO,
|
||||||
|
ERROR,
|
||||||
|
unit_get,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class HAIncompleteConfig(Exception):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
def is_clustered():
|
||||||
|
for r_id in (relation_ids('ha') or []):
|
||||||
|
for unit in (relation_list(r_id) or []):
|
||||||
|
clustered = relation_get('clustered',
|
||||||
|
rid=r_id,
|
||||||
|
unit=unit)
|
||||||
|
if clustered:
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def is_leader(resource):
|
||||||
|
cmd = [
|
||||||
|
"crm", "resource",
|
||||||
|
"show", resource
|
||||||
|
]
|
||||||
|
try:
|
||||||
|
status = subprocess.check_output(cmd)
|
||||||
|
except subprocess.CalledProcessError:
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
if get_unit_hostname() in status:
|
||||||
|
return True
|
||||||
|
else:
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def peer_units():
|
||||||
|
peers = []
|
||||||
|
for r_id in (relation_ids('cluster') or []):
|
||||||
|
for unit in (relation_list(r_id) or []):
|
||||||
|
peers.append(unit)
|
||||||
|
return peers
|
||||||
|
|
||||||
|
|
||||||
|
def oldest_peer(peers):
|
||||||
|
local_unit_no = int(os.getenv('JUJU_UNIT_NAME').split('/')[1])
|
||||||
|
for peer in peers:
|
||||||
|
remote_unit_no = int(peer.split('/')[1])
|
||||||
|
if remote_unit_no < local_unit_no:
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
def eligible_leader(resource):
|
||||||
|
if is_clustered():
|
||||||
|
if not is_leader(resource):
|
||||||
|
log('Deferring action to CRM leader.', level=INFO)
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
peers = peer_units()
|
||||||
|
if peers and not oldest_peer(peers):
|
||||||
|
log('Deferring action to oldest service unit.', level=INFO)
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
def https():
|
||||||
|
'''
|
||||||
|
Determines whether enough data has been provided in configuration
|
||||||
|
or relation data to configure HTTPS
|
||||||
|
.
|
||||||
|
returns: boolean
|
||||||
|
'''
|
||||||
|
if config_get('use-https') == "yes":
|
||||||
|
return True
|
||||||
|
if config_get('ssl_cert') and config_get('ssl_key'):
|
||||||
|
return True
|
||||||
|
for r_id in relation_ids('identity-service'):
|
||||||
|
for unit in relation_list(r_id):
|
||||||
|
if None not in [
|
||||||
|
relation_get('https_keystone', rid=r_id, unit=unit),
|
||||||
|
relation_get('ssl_cert', rid=r_id, unit=unit),
|
||||||
|
relation_get('ssl_key', rid=r_id, unit=unit),
|
||||||
|
relation_get('ca_cert', rid=r_id, unit=unit),
|
||||||
|
]:
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def determine_api_port(public_port):
|
||||||
|
'''
|
||||||
|
Determine correct API server listening port based on
|
||||||
|
existence of HTTPS reverse proxy and/or haproxy.
|
||||||
|
|
||||||
|
public_port: int: standard public port for given service
|
||||||
|
|
||||||
|
returns: int: the correct listening port for the API service
|
||||||
|
'''
|
||||||
|
i = 0
|
||||||
|
if len(peer_units()) > 0 or is_clustered():
|
||||||
|
i += 1
|
||||||
|
if https():
|
||||||
|
i += 1
|
||||||
|
return public_port - (i * 10)
|
||||||
|
|
||||||
|
|
||||||
|
def determine_haproxy_port(public_port):
|
||||||
|
'''
|
||||||
|
Description: Determine correct proxy listening port based on public IP +
|
||||||
|
existence of HTTPS reverse proxy.
|
||||||
|
|
||||||
|
public_port: int: standard public port for given service
|
||||||
|
|
||||||
|
returns: int: the correct listening port for the HAProxy service
|
||||||
|
'''
|
||||||
|
i = 0
|
||||||
|
if https():
|
||||||
|
i += 1
|
||||||
|
return public_port - (i * 10)
|
||||||
|
|
||||||
|
|
||||||
|
def get_hacluster_config():
|
||||||
|
'''
|
||||||
|
Obtains all relevant configuration from charm configuration required
|
||||||
|
for initiating a relation to hacluster:
|
||||||
|
|
||||||
|
ha-bindiface, ha-mcastport, vip, vip_iface, vip_cidr
|
||||||
|
|
||||||
|
returns: dict: A dict containing settings keyed by setting name.
|
||||||
|
raises: HAIncompleteConfig if settings are missing.
|
||||||
|
'''
|
||||||
|
settings = ['ha-bindiface', 'ha-mcastport', 'vip', 'vip_iface', 'vip_cidr']
|
||||||
|
conf = {}
|
||||||
|
for setting in settings:
|
||||||
|
conf[setting] = config_get(setting)
|
||||||
|
missing = []
|
||||||
|
[missing.append(s) for s, v in conf.iteritems() if v is None]
|
||||||
|
if missing:
|
||||||
|
log('Insufficient config data to configure hacluster.', level=ERROR)
|
||||||
|
raise HAIncompleteConfig
|
||||||
|
return conf
|
||||||
|
|
||||||
|
|
||||||
|
def canonical_url(configs, vip_setting='vip'):
|
||||||
|
'''
|
||||||
|
Returns the correct HTTP URL to this host given the state of HTTPS
|
||||||
|
configuration and hacluster.
|
||||||
|
|
||||||
|
:configs : OSTemplateRenderer: A config tempating object to inspect for
|
||||||
|
a complete https context.
|
||||||
|
:vip_setting: str: Setting in charm config that specifies
|
||||||
|
VIP address.
|
||||||
|
'''
|
||||||
|
scheme = 'http'
|
||||||
|
if 'https' in configs.complete_contexts():
|
||||||
|
scheme = 'https'
|
||||||
|
if is_clustered():
|
||||||
|
addr = config_get(vip_setting)
|
||||||
|
else:
|
||||||
|
addr = unit_get('private-address')
|
||||||
|
return '%s://%s' % (scheme, addr)
|
|
@ -0,0 +1,294 @@
|
||||||
|
import os
|
||||||
|
|
||||||
|
from base64 import b64decode
|
||||||
|
|
||||||
|
from subprocess import (
|
||||||
|
check_call
|
||||||
|
)
|
||||||
|
|
||||||
|
from charmhelpers.core.hookenv import (
|
||||||
|
config,
|
||||||
|
local_unit,
|
||||||
|
log,
|
||||||
|
relation_get,
|
||||||
|
relation_ids,
|
||||||
|
related_units,
|
||||||
|
unit_get,
|
||||||
|
)
|
||||||
|
|
||||||
|
from charmhelpers.contrib.hahelpers.cluster import (
|
||||||
|
determine_api_port,
|
||||||
|
determine_haproxy_port,
|
||||||
|
https,
|
||||||
|
is_clustered,
|
||||||
|
peer_units,
|
||||||
|
)
|
||||||
|
|
||||||
|
from charmhelpers.contrib.hahelpers.apache import (
|
||||||
|
get_cert,
|
||||||
|
get_ca_cert,
|
||||||
|
)
|
||||||
|
|
||||||
|
CA_CERT_PATH = '/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt'
|
||||||
|
|
||||||
|
|
||||||
|
class OSContextError(Exception):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
def context_complete(ctxt):
|
||||||
|
_missing = []
|
||||||
|
for k, v in ctxt.iteritems():
|
||||||
|
if v is None or v == '':
|
||||||
|
_missing.append(k)
|
||||||
|
if _missing:
|
||||||
|
log('Missing required data: %s' % ' '.join(_missing), level='INFO')
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
class OSContextGenerator(object):
|
||||||
|
interfaces = []
|
||||||
|
|
||||||
|
def __call__(self):
|
||||||
|
raise NotImplementedError
|
||||||
|
|
||||||
|
|
||||||
|
class SharedDBContext(OSContextGenerator):
|
||||||
|
interfaces = ['shared-db']
|
||||||
|
|
||||||
|
def __call__(self):
|
||||||
|
log('Generating template context for shared-db')
|
||||||
|
conf = config()
|
||||||
|
try:
|
||||||
|
database = conf['database']
|
||||||
|
username = conf['database-user']
|
||||||
|
except KeyError as e:
|
||||||
|
log('Could not generate shared_db context. '
|
||||||
|
'Missing required charm config options: %s.' % e)
|
||||||
|
raise OSContextError
|
||||||
|
ctxt = {}
|
||||||
|
for rid in relation_ids('shared-db'):
|
||||||
|
for unit in related_units(rid):
|
||||||
|
ctxt = {
|
||||||
|
'database_host': relation_get('db_host', rid=rid,
|
||||||
|
unit=unit),
|
||||||
|
'database': database,
|
||||||
|
'database_user': username,
|
||||||
|
'database_password': relation_get('password', rid=rid,
|
||||||
|
unit=unit)
|
||||||
|
}
|
||||||
|
if not context_complete(ctxt):
|
||||||
|
return {}
|
||||||
|
return ctxt
|
||||||
|
|
||||||
|
|
||||||
|
class IdentityServiceContext(OSContextGenerator):
|
||||||
|
interfaces = ['identity-service']
|
||||||
|
|
||||||
|
def __call__(self):
|
||||||
|
log('Generating template context for identity-service')
|
||||||
|
ctxt = {}
|
||||||
|
|
||||||
|
for rid in relation_ids('identity-service'):
|
||||||
|
for unit in related_units(rid):
|
||||||
|
ctxt = {
|
||||||
|
'service_port': relation_get('service_port', rid=rid,
|
||||||
|
unit=unit),
|
||||||
|
'service_host': relation_get('service_host', rid=rid,
|
||||||
|
unit=unit),
|
||||||
|
'auth_host': relation_get('auth_host', rid=rid, unit=unit),
|
||||||
|
'auth_port': relation_get('auth_port', rid=rid, unit=unit),
|
||||||
|
'admin_tenant_name': relation_get('service_tenant',
|
||||||
|
rid=rid, unit=unit),
|
||||||
|
'admin_user': relation_get('service_username', rid=rid,
|
||||||
|
unit=unit),
|
||||||
|
'admin_password': relation_get('service_password', rid=rid,
|
||||||
|
unit=unit),
|
||||||
|
# XXX: Hard-coded http.
|
||||||
|
'service_protocol': 'http',
|
||||||
|
'auth_protocol': 'http',
|
||||||
|
}
|
||||||
|
if not context_complete(ctxt):
|
||||||
|
return {}
|
||||||
|
return ctxt
|
||||||
|
|
||||||
|
|
||||||
|
class AMQPContext(OSContextGenerator):
|
||||||
|
interfaces = ['amqp']
|
||||||
|
|
||||||
|
def __call__(self):
|
||||||
|
log('Generating template context for amqp')
|
||||||
|
conf = config()
|
||||||
|
try:
|
||||||
|
username = conf['rabbit-user']
|
||||||
|
vhost = conf['rabbit-vhost']
|
||||||
|
except KeyError as e:
|
||||||
|
log('Could not generate shared_db context. '
|
||||||
|
'Missing required charm config options: %s.' % e)
|
||||||
|
raise OSContextError
|
||||||
|
|
||||||
|
ctxt = {}
|
||||||
|
for rid in relation_ids('amqp'):
|
||||||
|
for unit in related_units(rid):
|
||||||
|
if relation_get('clustered', rid=rid, unit=unit):
|
||||||
|
rabbitmq_host = relation_get('vip', rid=rid, unit=unit)
|
||||||
|
else:
|
||||||
|
rabbitmq_host = relation_get('private-address',
|
||||||
|
rid=rid, unit=unit)
|
||||||
|
ctxt = {
|
||||||
|
'rabbitmq_host': rabbitmq_host,
|
||||||
|
'rabbitmq_user': username,
|
||||||
|
'rabbitmq_password': relation_get('password', rid=rid,
|
||||||
|
unit=unit),
|
||||||
|
'rabbitmq_virtual_host': vhost,
|
||||||
|
}
|
||||||
|
if not context_complete(ctxt):
|
||||||
|
return {}
|
||||||
|
return ctxt
|
||||||
|
|
||||||
|
|
||||||
|
class CephContext(OSContextGenerator):
|
||||||
|
interfaces = ['ceph']
|
||||||
|
|
||||||
|
def __call__(self):
|
||||||
|
'''This generates context for /etc/ceph/ceph.conf templates'''
|
||||||
|
log('Generating tmeplate context for ceph')
|
||||||
|
mon_hosts = []
|
||||||
|
auth = None
|
||||||
|
for rid in relation_ids('ceph'):
|
||||||
|
for unit in related_units(rid):
|
||||||
|
mon_hosts.append(relation_get('private-address', rid=rid,
|
||||||
|
unit=unit))
|
||||||
|
auth = relation_get('auth', rid=rid, unit=unit)
|
||||||
|
|
||||||
|
ctxt = {
|
||||||
|
'mon_hosts': ' '.join(mon_hosts),
|
||||||
|
'auth': auth,
|
||||||
|
}
|
||||||
|
if not context_complete(ctxt):
|
||||||
|
return {}
|
||||||
|
return ctxt
|
||||||
|
|
||||||
|
|
||||||
|
class HAProxyContext(OSContextGenerator):
|
||||||
|
interfaces = ['cluster']
|
||||||
|
|
||||||
|
def __call__(self):
|
||||||
|
'''
|
||||||
|
Builds half a context for the haproxy template, which describes
|
||||||
|
all peers to be included in the cluster. Each charm needs to include
|
||||||
|
its own context generator that describes the port mapping.
|
||||||
|
'''
|
||||||
|
if not relation_ids('cluster'):
|
||||||
|
return {}
|
||||||
|
|
||||||
|
cluster_hosts = {}
|
||||||
|
l_unit = local_unit().replace('/', '-')
|
||||||
|
cluster_hosts[l_unit] = unit_get('private-address')
|
||||||
|
|
||||||
|
for rid in relation_ids('cluster'):
|
||||||
|
for unit in related_units(rid):
|
||||||
|
_unit = unit.replace('/', '-')
|
||||||
|
addr = relation_get('private-address', rid=rid, unit=unit)
|
||||||
|
cluster_hosts[_unit] = addr
|
||||||
|
|
||||||
|
ctxt = {
|
||||||
|
'units': cluster_hosts,
|
||||||
|
}
|
||||||
|
if len(cluster_hosts.keys()) > 1:
|
||||||
|
# Enable haproxy when we have enough peers.
|
||||||
|
log('Ensuring haproxy enabled in /etc/default/haproxy.')
|
||||||
|
with open('/etc/default/haproxy', 'w') as out:
|
||||||
|
out.write('ENABLED=1\n')
|
||||||
|
return ctxt
|
||||||
|
log('HAProxy context is incomplete, this unit has no peers.')
|
||||||
|
return {}
|
||||||
|
|
||||||
|
|
||||||
|
class ImageServiceContext(OSContextGenerator):
|
||||||
|
interfaces = ['image-servce']
|
||||||
|
|
||||||
|
def __call__(self):
|
||||||
|
'''
|
||||||
|
Obtains the glance API server from the image-service relation. Useful
|
||||||
|
in nova and cinder (currently).
|
||||||
|
'''
|
||||||
|
log('Generating template context for image-service.')
|
||||||
|
rids = relation_ids('image-service')
|
||||||
|
if not rids:
|
||||||
|
return {}
|
||||||
|
for rid in rids:
|
||||||
|
for unit in related_units(rid):
|
||||||
|
api_server = relation_get('glance-api-server',
|
||||||
|
rid=rid, unit=unit)
|
||||||
|
if api_server:
|
||||||
|
return {'glance_api_servers': api_server}
|
||||||
|
log('ImageService context is incomplete. '
|
||||||
|
'Missing required relation data.')
|
||||||
|
return {}
|
||||||
|
|
||||||
|
|
||||||
|
class ApacheSSLContext(OSContextGenerator):
|
||||||
|
"""
|
||||||
|
Generates a context for an apache vhost configuration that configures
|
||||||
|
HTTPS reverse proxying for one or many endpoints. Generated context
|
||||||
|
looks something like:
|
||||||
|
{
|
||||||
|
'namespace': 'cinder',
|
||||||
|
'private_address': 'iscsi.mycinderhost.com',
|
||||||
|
'endpoints': [(8776, 8766), (8777, 8767)]
|
||||||
|
}
|
||||||
|
|
||||||
|
The endpoints list consists of a tuples mapping external ports
|
||||||
|
to internal ports.
|
||||||
|
"""
|
||||||
|
interfaces = ['https']
|
||||||
|
|
||||||
|
# charms should inherit this context and set external ports
|
||||||
|
# and service namespace accordingly.
|
||||||
|
external_ports = []
|
||||||
|
service_namespace = None
|
||||||
|
|
||||||
|
def enable_modules(self):
|
||||||
|
cmd = ['a2enmod', 'ssl', 'proxy', 'proxy_http']
|
||||||
|
check_call(cmd)
|
||||||
|
|
||||||
|
def configure_cert(self):
|
||||||
|
if not os.path.isdir('/etc/apache2/ssl'):
|
||||||
|
os.mkdir('/etc/apache2/ssl')
|
||||||
|
ssl_dir = os.path.join('/etc/apache2/ssl/', self.service_namespace)
|
||||||
|
if not os.path.isdir(ssl_dir):
|
||||||
|
os.mkdir(ssl_dir)
|
||||||
|
cert, key = get_cert()
|
||||||
|
with open(os.path.join(ssl_dir, 'cert'), 'w') as cert_out:
|
||||||
|
cert_out.write(b64decode(cert))
|
||||||
|
with open(os.path.join(ssl_dir, 'key'), 'w') as key_out:
|
||||||
|
key_out.write(b64decode(key))
|
||||||
|
ca_cert = get_ca_cert()
|
||||||
|
if ca_cert:
|
||||||
|
with open(CA_CERT_PATH, 'w') as ca_out:
|
||||||
|
ca_out.write(b64decode(ca_cert))
|
||||||
|
|
||||||
|
def __call__(self):
|
||||||
|
if isinstance(self.external_ports, basestring):
|
||||||
|
self.external_ports = [self.external_ports]
|
||||||
|
if (not self.external_ports or not https()):
|
||||||
|
return {}
|
||||||
|
|
||||||
|
self.configure_cert()
|
||||||
|
self.enable_modules()
|
||||||
|
|
||||||
|
ctxt = {
|
||||||
|
'namespace': self.service_namespace,
|
||||||
|
'private_address': unit_get('private-address'),
|
||||||
|
'endpoints': []
|
||||||
|
}
|
||||||
|
for ext_port in self.external_ports:
|
||||||
|
if peer_units() or is_clustered():
|
||||||
|
int_port = determine_haproxy_port(ext_port)
|
||||||
|
else:
|
||||||
|
int_port = determine_api_port(ext_port)
|
||||||
|
portmap = (int(ext_port), int(int_port))
|
||||||
|
ctxt['endpoints'].append(portmap)
|
||||||
|
return ctxt
|
|
@ -0,0 +1,2 @@
|
||||||
|
# dummy __init__.py to fool syncer into thinking this is a syncable python
|
||||||
|
# module
|
|
@ -0,0 +1,11 @@
|
||||||
|
###############################################################################
|
||||||
|
# [ WARNING ]
|
||||||
|
# cinder configuration file maintained by Juju
|
||||||
|
# local changes may be overwritten.
|
||||||
|
###############################################################################
|
||||||
|
{% if auth -%}
|
||||||
|
[global]
|
||||||
|
auth_supported = {{ auth }}
|
||||||
|
keyring = /etc/ceph/$cluster.$name.keyring
|
||||||
|
mon host = {{ mon_hosts }}
|
||||||
|
{% endif -%}
|
|
@ -0,0 +1,37 @@
|
||||||
|
global
|
||||||
|
log 127.0.0.1 local0
|
||||||
|
log 127.0.0.1 local1 notice
|
||||||
|
maxconn 20000
|
||||||
|
user haproxy
|
||||||
|
group haproxy
|
||||||
|
spread-checks 0
|
||||||
|
|
||||||
|
defaults
|
||||||
|
log global
|
||||||
|
mode http
|
||||||
|
option httplog
|
||||||
|
option dontlognull
|
||||||
|
retries 3
|
||||||
|
timeout queue 1000
|
||||||
|
timeout connect 1000
|
||||||
|
timeout client 30000
|
||||||
|
timeout server 30000
|
||||||
|
|
||||||
|
listen stats :8888
|
||||||
|
mode http
|
||||||
|
stats enable
|
||||||
|
stats hide-version
|
||||||
|
stats realm Haproxy\ Statistics
|
||||||
|
stats uri /
|
||||||
|
stats auth admin:password
|
||||||
|
|
||||||
|
{% if units -%}
|
||||||
|
{% for service, ports in service_ports.iteritems() -%}
|
||||||
|
listen {{ service }} 0.0.0.0:{{ ports[0] }}
|
||||||
|
balance roundrobin
|
||||||
|
option tcplog
|
||||||
|
{% for unit, address in units.iteritems() -%}
|
||||||
|
server {{ unit }} {{ address }}:{{ ports[1] }} check
|
||||||
|
{% endfor %}
|
||||||
|
{% endfor -%}
|
||||||
|
{% endif -%}
|
|
@ -0,0 +1,23 @@
|
||||||
|
{% if endpoints -%}
|
||||||
|
{% for ext, int in endpoints -%}
|
||||||
|
Listen {{ ext }}
|
||||||
|
NameVirtualHost *:{{ ext }}
|
||||||
|
<VirtualHost *:{{ ext }}>
|
||||||
|
ServerName {{ private_address }}
|
||||||
|
SSLEngine on
|
||||||
|
SSLCertificateFile /etc/apache2/ssl/{{ namespace }}/cert
|
||||||
|
SSLCertificateKeyFile /etc/apache2/ssl/{{ namespace }}/key
|
||||||
|
ProxyPass / http://localhost:{{ int }}/
|
||||||
|
ProxyPassReverse / http://localhost:{{ int }}/
|
||||||
|
ProxyPreserveHost on
|
||||||
|
</VirtualHost>
|
||||||
|
<Proxy *>
|
||||||
|
Order deny,allow
|
||||||
|
Allow from all
|
||||||
|
</Proxy>
|
||||||
|
<Location />
|
||||||
|
Order allow,deny
|
||||||
|
Allow from all
|
||||||
|
</Location>
|
||||||
|
{% endfor -%}
|
||||||
|
{% endif -%}
|
|
@ -0,0 +1,261 @@
|
||||||
|
import os
|
||||||
|
|
||||||
|
from charmhelpers.core.host import apt_install
|
||||||
|
|
||||||
|
from charmhelpers.core.hookenv import (
|
||||||
|
log,
|
||||||
|
ERROR,
|
||||||
|
INFO
|
||||||
|
)
|
||||||
|
|
||||||
|
from charmhelpers.contrib.openstack.utils import OPENSTACK_CODENAMES
|
||||||
|
|
||||||
|
try:
|
||||||
|
from jinja2 import FileSystemLoader, ChoiceLoader, Environment
|
||||||
|
except ImportError:
|
||||||
|
# python-jinja2 may not be installed yet, or we're running unittests.
|
||||||
|
FileSystemLoader = ChoiceLoader = Environment = None
|
||||||
|
|
||||||
|
|
||||||
|
class OSConfigException(Exception):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
def get_loader(templates_dir, os_release):
|
||||||
|
"""
|
||||||
|
Create a jinja2.ChoiceLoader containing template dirs up to
|
||||||
|
and including os_release. If directory template directory
|
||||||
|
is missing at templates_dir, it will be omitted from the loader.
|
||||||
|
templates_dir is added to the bottom of the search list as a base
|
||||||
|
loading dir.
|
||||||
|
|
||||||
|
A charm may also ship a templates dir with this module
|
||||||
|
and it will be appended to the bottom of the search list, eg:
|
||||||
|
hooks/charmhelpers/contrib/openstack/templates.
|
||||||
|
|
||||||
|
:param templates_dir: str: Base template directory containing release
|
||||||
|
sub-directories.
|
||||||
|
:param os_release : str: OpenStack release codename to construct template
|
||||||
|
loader.
|
||||||
|
|
||||||
|
:returns : jinja2.ChoiceLoader constructed with a list of
|
||||||
|
jinja2.FilesystemLoaders, ordered in descending
|
||||||
|
order by OpenStack release.
|
||||||
|
"""
|
||||||
|
tmpl_dirs = [(rel, os.path.join(templates_dir, rel))
|
||||||
|
for rel in OPENSTACK_CODENAMES.itervalues()]
|
||||||
|
|
||||||
|
if not os.path.isdir(templates_dir):
|
||||||
|
log('Templates directory not found @ %s.' % templates_dir,
|
||||||
|
level=ERROR)
|
||||||
|
raise OSConfigException
|
||||||
|
|
||||||
|
# the bottom contains tempaltes_dir and possibly a common templates dir
|
||||||
|
# shipped with the helper.
|
||||||
|
loaders = [FileSystemLoader(templates_dir)]
|
||||||
|
helper_templates = os.path.join(os.path.dirname(__file__), 'templates')
|
||||||
|
if os.path.isdir(helper_templates):
|
||||||
|
loaders.append(FileSystemLoader(helper_templates))
|
||||||
|
|
||||||
|
for rel, tmpl_dir in tmpl_dirs:
|
||||||
|
if os.path.isdir(tmpl_dir):
|
||||||
|
loaders.insert(0, FileSystemLoader(tmpl_dir))
|
||||||
|
if rel == os_release:
|
||||||
|
break
|
||||||
|
log('Creating choice loader with dirs: %s' %
|
||||||
|
[l.searchpath for l in loaders], level=INFO)
|
||||||
|
return ChoiceLoader(loaders)
|
||||||
|
|
||||||
|
|
||||||
|
class OSConfigTemplate(object):
|
||||||
|
"""
|
||||||
|
Associates a config file template with a list of context generators.
|
||||||
|
Responsible for constructing a template context based on those generators.
|
||||||
|
"""
|
||||||
|
def __init__(self, config_file, contexts):
|
||||||
|
self.config_file = config_file
|
||||||
|
|
||||||
|
if hasattr(contexts, '__call__'):
|
||||||
|
self.contexts = [contexts]
|
||||||
|
else:
|
||||||
|
self.contexts = contexts
|
||||||
|
|
||||||
|
self._complete_contexts = []
|
||||||
|
|
||||||
|
def context(self):
|
||||||
|
ctxt = {}
|
||||||
|
for context in self.contexts:
|
||||||
|
_ctxt = context()
|
||||||
|
if _ctxt:
|
||||||
|
ctxt.update(_ctxt)
|
||||||
|
# track interfaces for every complete context.
|
||||||
|
[self._complete_contexts.append(interface)
|
||||||
|
for interface in context.interfaces
|
||||||
|
if interface not in self._complete_contexts]
|
||||||
|
return ctxt
|
||||||
|
|
||||||
|
def complete_contexts(self):
|
||||||
|
'''
|
||||||
|
Return a list of interfaces that have atisfied contexts.
|
||||||
|
'''
|
||||||
|
if self._complete_contexts:
|
||||||
|
return self._complete_contexts
|
||||||
|
self.context()
|
||||||
|
return self._complete_contexts
|
||||||
|
|
||||||
|
|
||||||
|
class OSConfigRenderer(object):
|
||||||
|
"""
|
||||||
|
This class provides a common templating system to be used by OpenStack
|
||||||
|
charms. It is intended to help charms share common code and templates,
|
||||||
|
and ease the burden of managing config templates across multiple OpenStack
|
||||||
|
releases.
|
||||||
|
|
||||||
|
Basic usage:
|
||||||
|
# import some common context generates from charmhelpers
|
||||||
|
from charmhelpers.contrib.openstack import context
|
||||||
|
|
||||||
|
# Create a renderer object for a specific OS release.
|
||||||
|
configs = OSConfigRenderer(templates_dir='/tmp/templates',
|
||||||
|
openstack_release='folsom')
|
||||||
|
# register some config files with context generators.
|
||||||
|
configs.register(config_file='/etc/nova/nova.conf',
|
||||||
|
contexts=[context.SharedDBContext(),
|
||||||
|
context.AMQPContext()])
|
||||||
|
configs.register(config_file='/etc/nova/api-paste.ini',
|
||||||
|
contexts=[context.IdentityServiceContext()])
|
||||||
|
configs.register(config_file='/etc/haproxy/haproxy.conf',
|
||||||
|
contexts=[context.HAProxyContext()])
|
||||||
|
# write out a single config
|
||||||
|
configs.write('/etc/nova/nova.conf')
|
||||||
|
# write out all registered configs
|
||||||
|
configs.write_all()
|
||||||
|
|
||||||
|
Details:
|
||||||
|
|
||||||
|
OpenStack Releases and template loading
|
||||||
|
---------------------------------------
|
||||||
|
When the object is instantiated, it is associated with a specific OS
|
||||||
|
release. This dictates how the template loader will be constructed.
|
||||||
|
|
||||||
|
The constructed loader attempts to load the template from several places
|
||||||
|
in the following order:
|
||||||
|
- from the most recent OS release-specific template dir (if one exists)
|
||||||
|
- the base templates_dir
|
||||||
|
- a template directory shipped in the charm with this helper file.
|
||||||
|
|
||||||
|
|
||||||
|
For the example above, '/tmp/templates' contains the following structure:
|
||||||
|
/tmp/templates/nova.conf
|
||||||
|
/tmp/templates/api-paste.ini
|
||||||
|
/tmp/templates/grizzly/api-paste.ini
|
||||||
|
/tmp/templates/havana/api-paste.ini
|
||||||
|
|
||||||
|
Since it was registered with the grizzly release, it first seraches
|
||||||
|
the grizzly directory for nova.conf, then the templates dir.
|
||||||
|
|
||||||
|
When writing api-paste.ini, it will find the template in the grizzly
|
||||||
|
directory.
|
||||||
|
|
||||||
|
If the object were created with folsom, it would fall back to the
|
||||||
|
base templates dir for its api-paste.ini template.
|
||||||
|
|
||||||
|
This system should help manage changes in config files through
|
||||||
|
openstack releases, allowing charms to fall back to the most recently
|
||||||
|
updated config template for a given release
|
||||||
|
|
||||||
|
The haproxy.conf, since it is not shipped in the templates dir, will
|
||||||
|
be loaded from the module directory's template directory, eg
|
||||||
|
$CHARM/hooks/charmhelpers/contrib/openstack/templates. This allows
|
||||||
|
us to ship common templates (haproxy, apache) with the helpers.
|
||||||
|
|
||||||
|
Context generators
|
||||||
|
---------------------------------------
|
||||||
|
Context generators are used to generate template contexts during hook
|
||||||
|
execution. Doing so may require inspecting service relations, charm
|
||||||
|
config, etc. When registered, a config file is associated with a list
|
||||||
|
of generators. When a template is rendered and written, all context
|
||||||
|
generates are called in a chain to generate the context dictionary
|
||||||
|
passed to the jinja2 template. See context.py for more info.
|
||||||
|
"""
|
||||||
|
def __init__(self, templates_dir, openstack_release):
|
||||||
|
if not os.path.isdir(templates_dir):
|
||||||
|
log('Could not locate templates dir %s' % templates_dir,
|
||||||
|
level=ERROR)
|
||||||
|
raise OSConfigException
|
||||||
|
|
||||||
|
self.templates_dir = templates_dir
|
||||||
|
self.openstack_release = openstack_release
|
||||||
|
self.templates = {}
|
||||||
|
self._tmpl_env = None
|
||||||
|
|
||||||
|
if None in [Environment, ChoiceLoader, FileSystemLoader]:
|
||||||
|
# if this code is running, the object is created pre-install hook.
|
||||||
|
# jinja2 shouldn't get touched until the module is reloaded on next
|
||||||
|
# hook execution, with proper jinja2 bits successfully imported.
|
||||||
|
apt_install('python-jinja2')
|
||||||
|
|
||||||
|
def register(self, config_file, contexts):
|
||||||
|
"""
|
||||||
|
Register a config file with a list of context generators to be called
|
||||||
|
during rendering.
|
||||||
|
"""
|
||||||
|
self.templates[config_file] = OSConfigTemplate(config_file=config_file,
|
||||||
|
contexts=contexts)
|
||||||
|
log('Registered config file: %s' % config_file, level=INFO)
|
||||||
|
|
||||||
|
def _get_tmpl_env(self):
|
||||||
|
if not self._tmpl_env:
|
||||||
|
loader = get_loader(self.templates_dir, self.openstack_release)
|
||||||
|
self._tmpl_env = Environment(loader=loader)
|
||||||
|
|
||||||
|
def _get_template(self, template):
|
||||||
|
self._get_tmpl_env()
|
||||||
|
template = self._tmpl_env.get_template(template)
|
||||||
|
log('Loaded template from %s' % template.filename, level=INFO)
|
||||||
|
return template
|
||||||
|
|
||||||
|
def render(self, config_file):
|
||||||
|
if config_file not in self.templates:
|
||||||
|
log('Config not registered: %s' % config_file, level=ERROR)
|
||||||
|
raise OSConfigException
|
||||||
|
ctxt = self.templates[config_file].context()
|
||||||
|
_tmpl = os.path.basename(config_file)
|
||||||
|
log('Rendering from template: %s' % _tmpl, level=INFO)
|
||||||
|
template = self._get_template(_tmpl)
|
||||||
|
return template.render(ctxt)
|
||||||
|
|
||||||
|
def write(self, config_file):
|
||||||
|
"""
|
||||||
|
Write a single config file, raises if config file is not registered.
|
||||||
|
"""
|
||||||
|
if config_file not in self.templates:
|
||||||
|
log('Config not registered: %s' % config_file, level=ERROR)
|
||||||
|
raise OSConfigException
|
||||||
|
with open(config_file, 'wb') as out:
|
||||||
|
out.write(self.render(config_file))
|
||||||
|
log('Wrote template %s.' % config_file, level=INFO)
|
||||||
|
|
||||||
|
def write_all(self):
|
||||||
|
"""
|
||||||
|
Write out all registered config files.
|
||||||
|
"""
|
||||||
|
[self.write(k) for k in self.templates.iterkeys()]
|
||||||
|
|
||||||
|
def set_release(self, openstack_release):
|
||||||
|
"""
|
||||||
|
Resets the template environment and generates a new template loader
|
||||||
|
based on a the new openstack release.
|
||||||
|
"""
|
||||||
|
self._tmpl_env = None
|
||||||
|
self.openstack_release = openstack_release
|
||||||
|
self._get_tmpl_env()
|
||||||
|
|
||||||
|
def complete_contexts(self):
|
||||||
|
'''
|
||||||
|
Returns a list of context interfaces that yield a complete context.
|
||||||
|
'''
|
||||||
|
interfaces = []
|
||||||
|
[interfaces.extend(i.complete_contexts())
|
||||||
|
for i in self.templates.itervalues()]
|
||||||
|
return interfaces
|
|
@ -0,0 +1,273 @@
|
||||||
|
#!/usr/bin/python
|
||||||
|
|
||||||
|
# Common python helper functions used for OpenStack charms.
|
||||||
|
|
||||||
|
from collections import OrderedDict
|
||||||
|
|
||||||
|
import apt_pkg as apt
|
||||||
|
import subprocess
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
|
||||||
|
from charmhelpers.core.hookenv import (
|
||||||
|
config,
|
||||||
|
log as juju_log,
|
||||||
|
charm_dir,
|
||||||
|
)
|
||||||
|
|
||||||
|
from charmhelpers.core.host import (
|
||||||
|
lsb_release,
|
||||||
|
apt_install,
|
||||||
|
)
|
||||||
|
|
||||||
|
CLOUD_ARCHIVE_URL = "http://ubuntu-cloud.archive.canonical.com/ubuntu"
|
||||||
|
CLOUD_ARCHIVE_KEY_ID = '5EDB1B62EC4926EA'
|
||||||
|
|
||||||
|
UBUNTU_OPENSTACK_RELEASE = OrderedDict([
|
||||||
|
('oneiric', 'diablo'),
|
||||||
|
('precise', 'essex'),
|
||||||
|
('quantal', 'folsom'),
|
||||||
|
('raring', 'grizzly'),
|
||||||
|
('saucy', 'havana'),
|
||||||
|
])
|
||||||
|
|
||||||
|
|
||||||
|
OPENSTACK_CODENAMES = OrderedDict([
|
||||||
|
('2011.2', 'diablo'),
|
||||||
|
('2012.1', 'essex'),
|
||||||
|
('2012.2', 'folsom'),
|
||||||
|
('2013.1', 'grizzly'),
|
||||||
|
('2013.2', 'havana'),
|
||||||
|
('2014.1', 'icehouse'),
|
||||||
|
])
|
||||||
|
|
||||||
|
# The ugly duckling
|
||||||
|
SWIFT_CODENAMES = {
|
||||||
|
'1.4.3': 'diablo',
|
||||||
|
'1.4.8': 'essex',
|
||||||
|
'1.7.4': 'folsom',
|
||||||
|
'1.7.6': 'grizzly',
|
||||||
|
'1.7.7': 'grizzly',
|
||||||
|
'1.8.0': 'grizzly',
|
||||||
|
'1.9.0': 'havana',
|
||||||
|
'1.9.1': 'havana',
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
def error_out(msg):
|
||||||
|
juju_log("FATAL ERROR: %s" % msg, level='ERROR')
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
|
def get_os_codename_install_source(src):
|
||||||
|
'''Derive OpenStack release codename from a given installation source.'''
|
||||||
|
ubuntu_rel = lsb_release()['DISTRIB_CODENAME']
|
||||||
|
rel = ''
|
||||||
|
if src == 'distro':
|
||||||
|
try:
|
||||||
|
rel = UBUNTU_OPENSTACK_RELEASE[ubuntu_rel]
|
||||||
|
except KeyError:
|
||||||
|
e = 'Could not derive openstack release for '\
|
||||||
|
'this Ubuntu release: %s' % ubuntu_rel
|
||||||
|
error_out(e)
|
||||||
|
return rel
|
||||||
|
|
||||||
|
if src.startswith('cloud:'):
|
||||||
|
ca_rel = src.split(':')[1]
|
||||||
|
ca_rel = ca_rel.split('%s-' % ubuntu_rel)[1].split('/')[0]
|
||||||
|
return ca_rel
|
||||||
|
|
||||||
|
# Best guess match based on deb string provided
|
||||||
|
if src.startswith('deb') or src.startswith('ppa'):
|
||||||
|
for k, v in OPENSTACK_CODENAMES.iteritems():
|
||||||
|
if v in src:
|
||||||
|
return v
|
||||||
|
|
||||||
|
|
||||||
|
def get_os_version_install_source(src):
|
||||||
|
codename = get_os_codename_install_source(src)
|
||||||
|
return get_os_version_codename(codename)
|
||||||
|
|
||||||
|
|
||||||
|
def get_os_codename_version(vers):
|
||||||
|
'''Determine OpenStack codename from version number.'''
|
||||||
|
try:
|
||||||
|
return OPENSTACK_CODENAMES[vers]
|
||||||
|
except KeyError:
|
||||||
|
e = 'Could not determine OpenStack codename for version %s' % vers
|
||||||
|
error_out(e)
|
||||||
|
|
||||||
|
|
||||||
|
def get_os_version_codename(codename):
|
||||||
|
'''Determine OpenStack version number from codename.'''
|
||||||
|
for k, v in OPENSTACK_CODENAMES.iteritems():
|
||||||
|
if v == codename:
|
||||||
|
return k
|
||||||
|
e = 'Could not derive OpenStack version for '\
|
||||||
|
'codename: %s' % codename
|
||||||
|
error_out(e)
|
||||||
|
|
||||||
|
|
||||||
|
def get_os_codename_package(package, fatal=True):
|
||||||
|
'''Derive OpenStack release codename from an installed package.'''
|
||||||
|
apt.init()
|
||||||
|
cache = apt.Cache()
|
||||||
|
|
||||||
|
try:
|
||||||
|
pkg = cache[package]
|
||||||
|
except:
|
||||||
|
if not fatal:
|
||||||
|
return None
|
||||||
|
# the package is unknown to the current apt cache.
|
||||||
|
e = 'Could not determine version of package with no installation '\
|
||||||
|
'candidate: %s' % package
|
||||||
|
error_out(e)
|
||||||
|
|
||||||
|
if not pkg.current_ver:
|
||||||
|
if not fatal:
|
||||||
|
return None
|
||||||
|
# package is known, but no version is currently installed.
|
||||||
|
e = 'Could not determine version of uninstalled package: %s' % package
|
||||||
|
error_out(e)
|
||||||
|
|
||||||
|
vers = apt.UpstreamVersion(pkg.current_ver.ver_str)
|
||||||
|
|
||||||
|
try:
|
||||||
|
if 'swift' in pkg.name:
|
||||||
|
vers = vers[:5]
|
||||||
|
return SWIFT_CODENAMES[vers]
|
||||||
|
else:
|
||||||
|
vers = vers[:6]
|
||||||
|
return OPENSTACK_CODENAMES[vers]
|
||||||
|
except KeyError:
|
||||||
|
e = 'Could not determine OpenStack codename for version %s' % vers
|
||||||
|
error_out(e)
|
||||||
|
|
||||||
|
|
||||||
|
def get_os_version_package(pkg, fatal=True):
|
||||||
|
'''Derive OpenStack version number from an installed package.'''
|
||||||
|
codename = get_os_codename_package(pkg, fatal=fatal)
|
||||||
|
|
||||||
|
if not codename:
|
||||||
|
return None
|
||||||
|
|
||||||
|
if 'swift' in pkg:
|
||||||
|
vers_map = SWIFT_CODENAMES
|
||||||
|
else:
|
||||||
|
vers_map = OPENSTACK_CODENAMES
|
||||||
|
|
||||||
|
for version, cname in vers_map.iteritems():
|
||||||
|
if cname == codename:
|
||||||
|
return version
|
||||||
|
#e = "Could not determine OpenStack version for package: %s" % pkg
|
||||||
|
#error_out(e)
|
||||||
|
|
||||||
|
|
||||||
|
def import_key(keyid):
|
||||||
|
cmd = "apt-key adv --keyserver keyserver.ubuntu.com " \
|
||||||
|
"--recv-keys %s" % keyid
|
||||||
|
try:
|
||||||
|
subprocess.check_call(cmd.split(' '))
|
||||||
|
except subprocess.CalledProcessError:
|
||||||
|
error_out("Error importing repo key %s" % keyid)
|
||||||
|
|
||||||
|
|
||||||
|
def configure_installation_source(rel):
|
||||||
|
'''Configure apt installation source.'''
|
||||||
|
if rel == 'distro':
|
||||||
|
return
|
||||||
|
elif rel[:4] == "ppa:":
|
||||||
|
src = rel
|
||||||
|
subprocess.check_call(["add-apt-repository", "-y", src])
|
||||||
|
elif rel[:3] == "deb":
|
||||||
|
l = len(rel.split('|'))
|
||||||
|
if l == 2:
|
||||||
|
src, key = rel.split('|')
|
||||||
|
juju_log("Importing PPA key from keyserver for %s" % src)
|
||||||
|
import_key(key)
|
||||||
|
elif l == 1:
|
||||||
|
src = rel
|
||||||
|
with open('/etc/apt/sources.list.d/juju_deb.list', 'w') as f:
|
||||||
|
f.write(src)
|
||||||
|
elif rel[:6] == 'cloud:':
|
||||||
|
ubuntu_rel = lsb_release()['DISTRIB_CODENAME']
|
||||||
|
rel = rel.split(':')[1]
|
||||||
|
u_rel = rel.split('-')[0]
|
||||||
|
ca_rel = rel.split('-')[1]
|
||||||
|
|
||||||
|
if u_rel != ubuntu_rel:
|
||||||
|
e = 'Cannot install from Cloud Archive pocket %s on this Ubuntu '\
|
||||||
|
'version (%s)' % (ca_rel, ubuntu_rel)
|
||||||
|
error_out(e)
|
||||||
|
|
||||||
|
if 'staging' in ca_rel:
|
||||||
|
# staging is just a regular PPA.
|
||||||
|
os_rel = ca_rel.split('/')[0]
|
||||||
|
ppa = 'ppa:ubuntu-cloud-archive/%s-staging' % os_rel
|
||||||
|
cmd = 'add-apt-repository -y %s' % ppa
|
||||||
|
subprocess.check_call(cmd.split(' '))
|
||||||
|
return
|
||||||
|
|
||||||
|
# map charm config options to actual archive pockets.
|
||||||
|
pockets = {
|
||||||
|
'folsom': 'precise-updates/folsom',
|
||||||
|
'folsom/updates': 'precise-updates/folsom',
|
||||||
|
'folsom/proposed': 'precise-proposed/folsom',
|
||||||
|
'grizzly': 'precise-updates/grizzly',
|
||||||
|
'grizzly/updates': 'precise-updates/grizzly',
|
||||||
|
'grizzly/proposed': 'precise-proposed/grizzly',
|
||||||
|
'havana': 'precise-updates/havana',
|
||||||
|
'havana/updates': 'precise-updates/havana',
|
||||||
|
'havana/proposed': 'precise-proposed/havana',
|
||||||
|
}
|
||||||
|
|
||||||
|
try:
|
||||||
|
pocket = pockets[ca_rel]
|
||||||
|
except KeyError:
|
||||||
|
e = 'Invalid Cloud Archive release specified: %s' % rel
|
||||||
|
error_out(e)
|
||||||
|
|
||||||
|
src = "deb %s %s main" % (CLOUD_ARCHIVE_URL, pocket)
|
||||||
|
apt_install('ubuntu-cloud-keyring', fatal=True)
|
||||||
|
|
||||||
|
with open('/etc/apt/sources.list.d/cloud-archive.list', 'w') as f:
|
||||||
|
f.write(src)
|
||||||
|
else:
|
||||||
|
error_out("Invalid openstack-release specified: %s" % rel)
|
||||||
|
|
||||||
|
|
||||||
|
def save_script_rc(script_path="scripts/scriptrc", **env_vars):
|
||||||
|
"""
|
||||||
|
Write an rc file in the charm-delivered directory containing
|
||||||
|
exported environment variables provided by env_vars. Any charm scripts run
|
||||||
|
outside the juju hook environment can source this scriptrc to obtain
|
||||||
|
updated config information necessary to perform health checks or
|
||||||
|
service changes.
|
||||||
|
"""
|
||||||
|
juju_rc_path = "%s/%s" % (charm_dir(), script_path)
|
||||||
|
if not os.path.exists(os.path.dirname(juju_rc_path)):
|
||||||
|
os.mkdir(os.path.dirname(juju_rc_path))
|
||||||
|
with open(juju_rc_path, 'wb') as rc_script:
|
||||||
|
rc_script.write(
|
||||||
|
"#!/bin/bash\n")
|
||||||
|
[rc_script.write('export %s=%s\n' % (u, p))
|
||||||
|
for u, p in env_vars.iteritems() if u != "script_path"]
|
||||||
|
|
||||||
|
|
||||||
|
def openstack_upgrade_available(package):
|
||||||
|
"""
|
||||||
|
Determines if an OpenStack upgrade is available from installation
|
||||||
|
source, based on version of installed package.
|
||||||
|
|
||||||
|
:param package: str: Name of installed package.
|
||||||
|
|
||||||
|
:returns: bool: : Returns True if configured installation source offers
|
||||||
|
a newer version of package.
|
||||||
|
|
||||||
|
"""
|
||||||
|
|
||||||
|
src = config('openstack-origin')
|
||||||
|
cur_vers = get_os_version_package(package)
|
||||||
|
available_vers = get_os_version_install_source(src)
|
||||||
|
apt.init()
|
||||||
|
return apt.version_compare(available_vers, cur_vers) == 1
|
|
@ -0,0 +1,62 @@
|
||||||
|
|
||||||
|
import os
|
||||||
|
import re
|
||||||
|
|
||||||
|
from subprocess import (
|
||||||
|
check_call,
|
||||||
|
check_output,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
##################################################
|
||||||
|
# loopback device helpers.
|
||||||
|
##################################################
|
||||||
|
def loopback_devices():
|
||||||
|
'''
|
||||||
|
Parse through 'losetup -a' output to determine currently mapped
|
||||||
|
loopback devices. Output is expected to look like:
|
||||||
|
|
||||||
|
/dev/loop0: [0807]:961814 (/tmp/my.img)
|
||||||
|
|
||||||
|
:returns: dict: a dict mapping {loopback_dev: backing_file}
|
||||||
|
'''
|
||||||
|
loopbacks = {}
|
||||||
|
cmd = ['losetup', '-a']
|
||||||
|
devs = [d.strip().split(' ') for d in
|
||||||
|
check_output(cmd).splitlines() if d != '']
|
||||||
|
for dev, _, f in devs:
|
||||||
|
loopbacks[dev.replace(':', '')] = re.search('\((\S+)\)', f).groups()[0]
|
||||||
|
return loopbacks
|
||||||
|
|
||||||
|
|
||||||
|
def create_loopback(file_path):
|
||||||
|
'''
|
||||||
|
Create a loopback device for a given backing file.
|
||||||
|
|
||||||
|
:returns: str: Full path to new loopback device (eg, /dev/loop0)
|
||||||
|
'''
|
||||||
|
file_path = os.path.abspath(file_path)
|
||||||
|
check_call(['losetup', '--find', file_path])
|
||||||
|
for d, f in loopback_devices().iteritems():
|
||||||
|
if f == file_path:
|
||||||
|
return d
|
||||||
|
|
||||||
|
|
||||||
|
def ensure_loopback_device(path, size):
|
||||||
|
'''
|
||||||
|
Ensure a loopback device exists for a given backing file path and size.
|
||||||
|
If it a loopback device is not mapped to file, a new one will be created.
|
||||||
|
|
||||||
|
TODO: Confirm size of found loopback device.
|
||||||
|
|
||||||
|
:returns: str: Full path to the ensured loopback device (eg, /dev/loop0)
|
||||||
|
'''
|
||||||
|
for d, f in loopback_devices().iteritems():
|
||||||
|
if f == path:
|
||||||
|
return d
|
||||||
|
|
||||||
|
if not os.path.exists(path):
|
||||||
|
cmd = ['truncate', '--size', size, path]
|
||||||
|
check_call(cmd)
|
||||||
|
|
||||||
|
return create_loopback(path)
|
|
@ -0,0 +1,88 @@
|
||||||
|
from subprocess import (
|
||||||
|
CalledProcessError,
|
||||||
|
check_call,
|
||||||
|
check_output,
|
||||||
|
Popen,
|
||||||
|
PIPE,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
##################################################
|
||||||
|
# LVM helpers.
|
||||||
|
##################################################
|
||||||
|
def deactivate_lvm_volume_group(block_device):
|
||||||
|
'''
|
||||||
|
Deactivate any volume gruop associated with an LVM physical volume.
|
||||||
|
|
||||||
|
:param block_device: str: Full path to LVM physical volume
|
||||||
|
'''
|
||||||
|
vg = list_lvm_volume_group(block_device)
|
||||||
|
if vg:
|
||||||
|
cmd = ['vgchange', '-an', vg]
|
||||||
|
check_call(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
def is_lvm_physical_volume(block_device):
|
||||||
|
'''
|
||||||
|
Determine whether a block device is initialized as an LVM PV.
|
||||||
|
|
||||||
|
:param block_device: str: Full path of block device to inspect.
|
||||||
|
|
||||||
|
:returns: boolean: True if block device is a PV, False if not.
|
||||||
|
'''
|
||||||
|
try:
|
||||||
|
check_output(['pvdisplay', block_device])
|
||||||
|
return True
|
||||||
|
except CalledProcessError:
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def remove_lvm_physical_volume(block_device):
|
||||||
|
'''
|
||||||
|
Remove LVM PV signatures from a given block device.
|
||||||
|
|
||||||
|
:param block_device: str: Full path of block device to scrub.
|
||||||
|
'''
|
||||||
|
p = Popen(['pvremove', '-ff', block_device],
|
||||||
|
stdin=PIPE)
|
||||||
|
p.communicate(input='y\n')
|
||||||
|
|
||||||
|
|
||||||
|
def list_lvm_volume_group(block_device):
|
||||||
|
'''
|
||||||
|
List LVM volume group associated with a given block device.
|
||||||
|
|
||||||
|
Assumes block device is a valid LVM PV.
|
||||||
|
|
||||||
|
:param block_device: str: Full path of block device to inspect.
|
||||||
|
|
||||||
|
:returns: str: Name of volume group associated with block device or None
|
||||||
|
'''
|
||||||
|
vg = None
|
||||||
|
pvd = check_output(['pvdisplay', block_device]).splitlines()
|
||||||
|
for l in pvd:
|
||||||
|
if l.strip().startswith('VG Name'):
|
||||||
|
vg = ' '.join(l.split()).split(' ').pop()
|
||||||
|
return vg
|
||||||
|
|
||||||
|
|
||||||
|
def create_lvm_physical_volume(block_device):
|
||||||
|
'''
|
||||||
|
Initialize a block device as an LVM physical volume.
|
||||||
|
|
||||||
|
:param block_device: str: Full path of block device to initialize.
|
||||||
|
|
||||||
|
'''
|
||||||
|
check_call(['pvcreate', block_device])
|
||||||
|
|
||||||
|
|
||||||
|
def create_lvm_volume_group(volume_group, block_device):
|
||||||
|
'''
|
||||||
|
Create an LVM volume group backed by a given block device.
|
||||||
|
|
||||||
|
Assumes block device has already been initialized as an LVM PV.
|
||||||
|
|
||||||
|
:param volume_group: str: Name of volume group to create.
|
||||||
|
:block_device: str: Full path of PV-initialized block device.
|
||||||
|
'''
|
||||||
|
check_call(['vgcreate', volume_group, block_device])
|
|
@ -0,0 +1,25 @@
|
||||||
|
from os import stat
|
||||||
|
from stat import S_ISBLK
|
||||||
|
|
||||||
|
from subprocess import (
|
||||||
|
check_call
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def is_block_device(path):
|
||||||
|
'''
|
||||||
|
Confirm device at path is a valid block device node.
|
||||||
|
|
||||||
|
:returns: boolean: True if path is a block device, False if not.
|
||||||
|
'''
|
||||||
|
return S_ISBLK(stat(path).st_mode)
|
||||||
|
|
||||||
|
|
||||||
|
def zap_disk(block_device):
|
||||||
|
'''
|
||||||
|
Clear a block device of partition table. Relies on sgdisk, which is
|
||||||
|
installed as pat of the 'gdisk' package in Ubuntu.
|
||||||
|
|
||||||
|
:param block_device: str: Full path of block device to clean.
|
||||||
|
'''
|
||||||
|
check_call(['sgdisk', '--zap-all', block_device])
|
|
@ -0,0 +1,340 @@
|
||||||
|
"Interactions with the Juju environment"
|
||||||
|
# Copyright 2013 Canonical Ltd.
|
||||||
|
#
|
||||||
|
# Authors:
|
||||||
|
# Charm Helpers Developers <juju@lists.ubuntu.com>
|
||||||
|
|
||||||
|
import os
|
||||||
|
import json
|
||||||
|
import yaml
|
||||||
|
import subprocess
|
||||||
|
import UserDict
|
||||||
|
|
||||||
|
CRITICAL = "CRITICAL"
|
||||||
|
ERROR = "ERROR"
|
||||||
|
WARNING = "WARNING"
|
||||||
|
INFO = "INFO"
|
||||||
|
DEBUG = "DEBUG"
|
||||||
|
MARKER = object()
|
||||||
|
|
||||||
|
cache = {}
|
||||||
|
|
||||||
|
|
||||||
|
def cached(func):
|
||||||
|
''' Cache return values for multiple executions of func + args
|
||||||
|
|
||||||
|
For example:
|
||||||
|
|
||||||
|
@cached
|
||||||
|
def unit_get(attribute):
|
||||||
|
pass
|
||||||
|
|
||||||
|
unit_get('test')
|
||||||
|
|
||||||
|
will cache the result of unit_get + 'test' for future calls.
|
||||||
|
'''
|
||||||
|
def wrapper(*args, **kwargs):
|
||||||
|
global cache
|
||||||
|
key = str((func, args, kwargs))
|
||||||
|
try:
|
||||||
|
return cache[key]
|
||||||
|
except KeyError:
|
||||||
|
res = func(*args, **kwargs)
|
||||||
|
cache[key] = res
|
||||||
|
return res
|
||||||
|
return wrapper
|
||||||
|
|
||||||
|
|
||||||
|
def flush(key):
|
||||||
|
''' Flushes any entries from function cache where the
|
||||||
|
key is found in the function+args '''
|
||||||
|
flush_list = []
|
||||||
|
for item in cache:
|
||||||
|
if key in item:
|
||||||
|
flush_list.append(item)
|
||||||
|
for item in flush_list:
|
||||||
|
del cache[item]
|
||||||
|
|
||||||
|
|
||||||
|
def log(message, level=None):
|
||||||
|
"Write a message to the juju log"
|
||||||
|
command = ['juju-log']
|
||||||
|
if level:
|
||||||
|
command += ['-l', level]
|
||||||
|
command += [message]
|
||||||
|
subprocess.call(command)
|
||||||
|
|
||||||
|
|
||||||
|
class Serializable(UserDict.IterableUserDict):
|
||||||
|
"Wrapper, an object that can be serialized to yaml or json"
|
||||||
|
|
||||||
|
def __init__(self, obj):
|
||||||
|
# wrap the object
|
||||||
|
UserDict.IterableUserDict.__init__(self)
|
||||||
|
self.data = obj
|
||||||
|
|
||||||
|
def __getattr__(self, attr):
|
||||||
|
# See if this object has attribute.
|
||||||
|
if attr in ("json", "yaml", "data"):
|
||||||
|
return self.__dict__[attr]
|
||||||
|
# Check for attribute in wrapped object.
|
||||||
|
got = getattr(self.data, attr, MARKER)
|
||||||
|
if got is not MARKER:
|
||||||
|
return got
|
||||||
|
# Proxy to the wrapped object via dict interface.
|
||||||
|
try:
|
||||||
|
return self.data[attr]
|
||||||
|
except KeyError:
|
||||||
|
raise AttributeError(attr)
|
||||||
|
|
||||||
|
def __getstate__(self):
|
||||||
|
# Pickle as a standard dictionary.
|
||||||
|
return self.data
|
||||||
|
|
||||||
|
def __setstate__(self, state):
|
||||||
|
# Unpickle into our wrapper.
|
||||||
|
self.data = state
|
||||||
|
|
||||||
|
def json(self):
|
||||||
|
"Serialize the object to json"
|
||||||
|
return json.dumps(self.data)
|
||||||
|
|
||||||
|
def yaml(self):
|
||||||
|
"Serialize the object to yaml"
|
||||||
|
return yaml.dump(self.data)
|
||||||
|
|
||||||
|
|
||||||
|
def execution_environment():
|
||||||
|
"""A convenient bundling of the current execution context"""
|
||||||
|
context = {}
|
||||||
|
context['conf'] = config()
|
||||||
|
if relation_id():
|
||||||
|
context['reltype'] = relation_type()
|
||||||
|
context['relid'] = relation_id()
|
||||||
|
context['rel'] = relation_get()
|
||||||
|
context['unit'] = local_unit()
|
||||||
|
context['rels'] = relations()
|
||||||
|
context['env'] = os.environ
|
||||||
|
return context
|
||||||
|
|
||||||
|
|
||||||
|
def in_relation_hook():
|
||||||
|
"Determine whether we're running in a relation hook"
|
||||||
|
return 'JUJU_RELATION' in os.environ
|
||||||
|
|
||||||
|
|
||||||
|
def relation_type():
|
||||||
|
"The scope for the current relation hook"
|
||||||
|
return os.environ.get('JUJU_RELATION', None)
|
||||||
|
|
||||||
|
|
||||||
|
def relation_id():
|
||||||
|
"The relation ID for the current relation hook"
|
||||||
|
return os.environ.get('JUJU_RELATION_ID', None)
|
||||||
|
|
||||||
|
|
||||||
|
def local_unit():
|
||||||
|
"Local unit ID"
|
||||||
|
return os.environ['JUJU_UNIT_NAME']
|
||||||
|
|
||||||
|
|
||||||
|
def remote_unit():
|
||||||
|
"The remote unit for the current relation hook"
|
||||||
|
return os.environ['JUJU_REMOTE_UNIT']
|
||||||
|
|
||||||
|
|
||||||
|
def service_name():
|
||||||
|
"The name service group this unit belongs to"
|
||||||
|
return local_unit().split('/')[0]
|
||||||
|
|
||||||
|
|
||||||
|
@cached
|
||||||
|
def config(scope=None):
|
||||||
|
"Juju charm configuration"
|
||||||
|
config_cmd_line = ['config-get']
|
||||||
|
if scope is not None:
|
||||||
|
config_cmd_line.append(scope)
|
||||||
|
config_cmd_line.append('--format=json')
|
||||||
|
try:
|
||||||
|
return json.loads(subprocess.check_output(config_cmd_line))
|
||||||
|
except ValueError:
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
@cached
|
||||||
|
def relation_get(attribute=None, unit=None, rid=None):
|
||||||
|
_args = ['relation-get', '--format=json']
|
||||||
|
if rid:
|
||||||
|
_args.append('-r')
|
||||||
|
_args.append(rid)
|
||||||
|
_args.append(attribute or '-')
|
||||||
|
if unit:
|
||||||
|
_args.append(unit)
|
||||||
|
try:
|
||||||
|
return json.loads(subprocess.check_output(_args))
|
||||||
|
except ValueError:
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
def relation_set(relation_id=None, relation_settings={}, **kwargs):
|
||||||
|
relation_cmd_line = ['relation-set']
|
||||||
|
if relation_id is not None:
|
||||||
|
relation_cmd_line.extend(('-r', relation_id))
|
||||||
|
for k, v in (relation_settings.items() + kwargs.items()):
|
||||||
|
if v is None:
|
||||||
|
relation_cmd_line.append('{}='.format(k))
|
||||||
|
else:
|
||||||
|
relation_cmd_line.append('{}={}'.format(k, v))
|
||||||
|
subprocess.check_call(relation_cmd_line)
|
||||||
|
# Flush cache of any relation-gets for local unit
|
||||||
|
flush(local_unit())
|
||||||
|
|
||||||
|
|
||||||
|
@cached
|
||||||
|
def relation_ids(reltype=None):
|
||||||
|
"A list of relation_ids"
|
||||||
|
reltype = reltype or relation_type()
|
||||||
|
relid_cmd_line = ['relation-ids', '--format=json']
|
||||||
|
if reltype is not None:
|
||||||
|
relid_cmd_line.append(reltype)
|
||||||
|
return json.loads(subprocess.check_output(relid_cmd_line)) or []
|
||||||
|
return []
|
||||||
|
|
||||||
|
|
||||||
|
@cached
|
||||||
|
def related_units(relid=None):
|
||||||
|
"A list of related units"
|
||||||
|
relid = relid or relation_id()
|
||||||
|
units_cmd_line = ['relation-list', '--format=json']
|
||||||
|
if relid is not None:
|
||||||
|
units_cmd_line.extend(('-r', relid))
|
||||||
|
return json.loads(subprocess.check_output(units_cmd_line)) or []
|
||||||
|
|
||||||
|
|
||||||
|
@cached
|
||||||
|
def relation_for_unit(unit=None, rid=None):
|
||||||
|
"Get the json represenation of a unit's relation"
|
||||||
|
unit = unit or remote_unit()
|
||||||
|
relation = relation_get(unit=unit, rid=rid)
|
||||||
|
for key in relation:
|
||||||
|
if key.endswith('-list'):
|
||||||
|
relation[key] = relation[key].split()
|
||||||
|
relation['__unit__'] = unit
|
||||||
|
return relation
|
||||||
|
|
||||||
|
|
||||||
|
@cached
|
||||||
|
def relations_for_id(relid=None):
|
||||||
|
"Get relations of a specific relation ID"
|
||||||
|
relation_data = []
|
||||||
|
relid = relid or relation_ids()
|
||||||
|
for unit in related_units(relid):
|
||||||
|
unit_data = relation_for_unit(unit, relid)
|
||||||
|
unit_data['__relid__'] = relid
|
||||||
|
relation_data.append(unit_data)
|
||||||
|
return relation_data
|
||||||
|
|
||||||
|
|
||||||
|
@cached
|
||||||
|
def relations_of_type(reltype=None):
|
||||||
|
"Get relations of a specific type"
|
||||||
|
relation_data = []
|
||||||
|
reltype = reltype or relation_type()
|
||||||
|
for relid in relation_ids(reltype):
|
||||||
|
for relation in relations_for_id(relid):
|
||||||
|
relation['__relid__'] = relid
|
||||||
|
relation_data.append(relation)
|
||||||
|
return relation_data
|
||||||
|
|
||||||
|
|
||||||
|
@cached
|
||||||
|
def relation_types():
|
||||||
|
"Get a list of relation types supported by this charm"
|
||||||
|
charmdir = os.environ.get('CHARM_DIR', '')
|
||||||
|
mdf = open(os.path.join(charmdir, 'metadata.yaml'))
|
||||||
|
md = yaml.safe_load(mdf)
|
||||||
|
rel_types = []
|
||||||
|
for key in ('provides', 'requires', 'peers'):
|
||||||
|
section = md.get(key)
|
||||||
|
if section:
|
||||||
|
rel_types.extend(section.keys())
|
||||||
|
mdf.close()
|
||||||
|
return rel_types
|
||||||
|
|
||||||
|
|
||||||
|
@cached
|
||||||
|
def relations():
|
||||||
|
rels = {}
|
||||||
|
for reltype in relation_types():
|
||||||
|
relids = {}
|
||||||
|
for relid in relation_ids(reltype):
|
||||||
|
units = {local_unit(): relation_get(unit=local_unit(), rid=relid)}
|
||||||
|
for unit in related_units(relid):
|
||||||
|
reldata = relation_get(unit=unit, rid=relid)
|
||||||
|
units[unit] = reldata
|
||||||
|
relids[relid] = units
|
||||||
|
rels[reltype] = relids
|
||||||
|
return rels
|
||||||
|
|
||||||
|
|
||||||
|
def open_port(port, protocol="TCP"):
|
||||||
|
"Open a service network port"
|
||||||
|
_args = ['open-port']
|
||||||
|
_args.append('{}/{}'.format(port, protocol))
|
||||||
|
subprocess.check_call(_args)
|
||||||
|
|
||||||
|
|
||||||
|
def close_port(port, protocol="TCP"):
|
||||||
|
"Close a service network port"
|
||||||
|
_args = ['close-port']
|
||||||
|
_args.append('{}/{}'.format(port, protocol))
|
||||||
|
subprocess.check_call(_args)
|
||||||
|
|
||||||
|
|
||||||
|
@cached
|
||||||
|
def unit_get(attribute):
|
||||||
|
_args = ['unit-get', '--format=json', attribute]
|
||||||
|
try:
|
||||||
|
return json.loads(subprocess.check_output(_args))
|
||||||
|
except ValueError:
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
def unit_private_ip():
|
||||||
|
return unit_get('private-address')
|
||||||
|
|
||||||
|
|
||||||
|
class UnregisteredHookError(Exception):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
class Hooks(object):
|
||||||
|
def __init__(self):
|
||||||
|
super(Hooks, self).__init__()
|
||||||
|
self._hooks = {}
|
||||||
|
|
||||||
|
def register(self, name, function):
|
||||||
|
self._hooks[name] = function
|
||||||
|
|
||||||
|
def execute(self, args):
|
||||||
|
hook_name = os.path.basename(args[0])
|
||||||
|
if hook_name in self._hooks:
|
||||||
|
self._hooks[hook_name]()
|
||||||
|
else:
|
||||||
|
raise UnregisteredHookError(hook_name)
|
||||||
|
|
||||||
|
def hook(self, *hook_names):
|
||||||
|
def wrapper(decorated):
|
||||||
|
for hook_name in hook_names:
|
||||||
|
self.register(hook_name, decorated)
|
||||||
|
else:
|
||||||
|
self.register(decorated.__name__, decorated)
|
||||||
|
if '_' in decorated.__name__:
|
||||||
|
self.register(
|
||||||
|
decorated.__name__.replace('_', '-'), decorated)
|
||||||
|
return decorated
|
||||||
|
return wrapper
|
||||||
|
|
||||||
|
|
||||||
|
def charm_dir():
|
||||||
|
return os.environ.get('CHARM_DIR')
|
|
@ -0,0 +1,283 @@
|
||||||
|
"""Tools for working with the host system"""
|
||||||
|
# Copyright 2012 Canonical Ltd.
|
||||||
|
#
|
||||||
|
# Authors:
|
||||||
|
# Nick Moffitt <nick.moffitt@canonical.com>
|
||||||
|
# Matthew Wedgwood <matthew.wedgwood@canonical.com>
|
||||||
|
|
||||||
|
import apt_pkg
|
||||||
|
import os
|
||||||
|
import pwd
|
||||||
|
import grp
|
||||||
|
import random
|
||||||
|
import string
|
||||||
|
import subprocess
|
||||||
|
import hashlib
|
||||||
|
|
||||||
|
from collections import OrderedDict
|
||||||
|
|
||||||
|
from hookenv import log
|
||||||
|
|
||||||
|
|
||||||
|
def service_start(service_name):
|
||||||
|
service('start', service_name)
|
||||||
|
|
||||||
|
|
||||||
|
def service_stop(service_name):
|
||||||
|
service('stop', service_name)
|
||||||
|
|
||||||
|
|
||||||
|
def service_restart(service_name):
|
||||||
|
service('restart', service_name)
|
||||||
|
|
||||||
|
|
||||||
|
def service_reload(service_name, restart_on_failure=False):
|
||||||
|
if not service('reload', service_name) and restart_on_failure:
|
||||||
|
service('restart', service_name)
|
||||||
|
|
||||||
|
|
||||||
|
def service(action, service_name):
|
||||||
|
cmd = ['service', service_name, action]
|
||||||
|
return subprocess.call(cmd) == 0
|
||||||
|
|
||||||
|
|
||||||
|
def service_running(service):
|
||||||
|
try:
|
||||||
|
output = subprocess.check_output(['service', service, 'status'])
|
||||||
|
except subprocess.CalledProcessError:
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
if ("start/running" in output or "is running" in output):
|
||||||
|
return True
|
||||||
|
else:
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def adduser(username, password=None, shell='/bin/bash', system_user=False):
|
||||||
|
"""Add a user"""
|
||||||
|
try:
|
||||||
|
user_info = pwd.getpwnam(username)
|
||||||
|
log('user {0} already exists!'.format(username))
|
||||||
|
except KeyError:
|
||||||
|
log('creating user {0}'.format(username))
|
||||||
|
cmd = ['useradd']
|
||||||
|
if system_user or password is None:
|
||||||
|
cmd.append('--system')
|
||||||
|
else:
|
||||||
|
cmd.extend([
|
||||||
|
'--create-home',
|
||||||
|
'--shell', shell,
|
||||||
|
'--password', password,
|
||||||
|
])
|
||||||
|
cmd.append(username)
|
||||||
|
subprocess.check_call(cmd)
|
||||||
|
user_info = pwd.getpwnam(username)
|
||||||
|
return user_info
|
||||||
|
|
||||||
|
|
||||||
|
def add_user_to_group(username, group):
|
||||||
|
"""Add a user to a group"""
|
||||||
|
cmd = [
|
||||||
|
'gpasswd', '-a',
|
||||||
|
username,
|
||||||
|
group
|
||||||
|
]
|
||||||
|
log("Adding user {} to group {}".format(username, group))
|
||||||
|
subprocess.check_call(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
def rsync(from_path, to_path, flags='-r', options=None):
|
||||||
|
"""Replicate the contents of a path"""
|
||||||
|
options = options or ['--delete', '--executability']
|
||||||
|
cmd = ['/usr/bin/rsync', flags]
|
||||||
|
cmd.extend(options)
|
||||||
|
cmd.append(from_path)
|
||||||
|
cmd.append(to_path)
|
||||||
|
log(" ".join(cmd))
|
||||||
|
return subprocess.check_output(cmd).strip()
|
||||||
|
|
||||||
|
|
||||||
|
def symlink(source, destination):
|
||||||
|
"""Create a symbolic link"""
|
||||||
|
log("Symlinking {} as {}".format(source, destination))
|
||||||
|
cmd = [
|
||||||
|
'ln',
|
||||||
|
'-sf',
|
||||||
|
source,
|
||||||
|
destination,
|
||||||
|
]
|
||||||
|
subprocess.check_call(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
def mkdir(path, owner='root', group='root', perms=0555, force=False):
|
||||||
|
"""Create a directory"""
|
||||||
|
log("Making dir {} {}:{} {:o}".format(path, owner, group,
|
||||||
|
perms))
|
||||||
|
uid = pwd.getpwnam(owner).pw_uid
|
||||||
|
gid = grp.getgrnam(group).gr_gid
|
||||||
|
realpath = os.path.abspath(path)
|
||||||
|
if os.path.exists(realpath):
|
||||||
|
if force and not os.path.isdir(realpath):
|
||||||
|
log("Removing non-directory file {} prior to mkdir()".format(path))
|
||||||
|
os.unlink(realpath)
|
||||||
|
else:
|
||||||
|
os.makedirs(realpath, perms)
|
||||||
|
os.chown(realpath, uid, gid)
|
||||||
|
|
||||||
|
|
||||||
|
def write_file(path, content, owner='root', group='root', perms=0444):
|
||||||
|
"""Create or overwrite a file with the contents of a string"""
|
||||||
|
log("Writing file {} {}:{} {:o}".format(path, owner, group, perms))
|
||||||
|
uid = pwd.getpwnam(owner).pw_uid
|
||||||
|
gid = grp.getgrnam(group).gr_gid
|
||||||
|
with open(path, 'w') as target:
|
||||||
|
os.fchown(target.fileno(), uid, gid)
|
||||||
|
os.fchmod(target.fileno(), perms)
|
||||||
|
target.write(content)
|
||||||
|
|
||||||
|
|
||||||
|
def filter_installed_packages(packages):
|
||||||
|
"""Returns a list of packages that require installation"""
|
||||||
|
apt_pkg.init()
|
||||||
|
cache = apt_pkg.Cache()
|
||||||
|
_pkgs = []
|
||||||
|
for package in packages:
|
||||||
|
try:
|
||||||
|
p = cache[package]
|
||||||
|
p.current_ver or _pkgs.append(package)
|
||||||
|
except KeyError:
|
||||||
|
log('Package {} has no installation candidate.'.format(package),
|
||||||
|
level='WARNING')
|
||||||
|
_pkgs.append(package)
|
||||||
|
return _pkgs
|
||||||
|
|
||||||
|
|
||||||
|
def apt_install(packages, options=None, fatal=False):
|
||||||
|
"""Install one or more packages"""
|
||||||
|
options = options or []
|
||||||
|
cmd = ['apt-get', '-y']
|
||||||
|
cmd.extend(options)
|
||||||
|
cmd.append('install')
|
||||||
|
if isinstance(packages, basestring):
|
||||||
|
cmd.append(packages)
|
||||||
|
else:
|
||||||
|
cmd.extend(packages)
|
||||||
|
log("Installing {} with options: {}".format(packages,
|
||||||
|
options))
|
||||||
|
if fatal:
|
||||||
|
subprocess.check_call(cmd)
|
||||||
|
else:
|
||||||
|
subprocess.call(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
def apt_update(fatal=False):
|
||||||
|
"""Update local apt cache"""
|
||||||
|
cmd = ['apt-get', 'update']
|
||||||
|
if fatal:
|
||||||
|
subprocess.check_call(cmd)
|
||||||
|
else:
|
||||||
|
subprocess.call(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
def mount(device, mountpoint, options=None, persist=False):
|
||||||
|
'''Mount a filesystem'''
|
||||||
|
cmd_args = ['mount']
|
||||||
|
if options is not None:
|
||||||
|
cmd_args.extend(['-o', options])
|
||||||
|
cmd_args.extend([device, mountpoint])
|
||||||
|
try:
|
||||||
|
subprocess.check_output(cmd_args)
|
||||||
|
except subprocess.CalledProcessError, e:
|
||||||
|
log('Error mounting {} at {}\n{}'.format(device, mountpoint, e.output))
|
||||||
|
return False
|
||||||
|
if persist:
|
||||||
|
# TODO: update fstab
|
||||||
|
pass
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
def umount(mountpoint, persist=False):
|
||||||
|
'''Unmount a filesystem'''
|
||||||
|
cmd_args = ['umount', mountpoint]
|
||||||
|
try:
|
||||||
|
subprocess.check_output(cmd_args)
|
||||||
|
except subprocess.CalledProcessError, e:
|
||||||
|
log('Error unmounting {}\n{}'.format(mountpoint, e.output))
|
||||||
|
return False
|
||||||
|
if persist:
|
||||||
|
# TODO: update fstab
|
||||||
|
pass
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
def mounts():
|
||||||
|
'''List of all mounted volumes as [[mountpoint,device],[...]]'''
|
||||||
|
with open('/proc/mounts') as f:
|
||||||
|
# [['/mount/point','/dev/path'],[...]]
|
||||||
|
system_mounts = [m[1::-1] for m in [l.strip().split()
|
||||||
|
for l in f.readlines()]]
|
||||||
|
return system_mounts
|
||||||
|
|
||||||
|
|
||||||
|
def file_hash(path):
|
||||||
|
''' Generate a md5 hash of the contents of 'path' or None if not found '''
|
||||||
|
if os.path.exists(path):
|
||||||
|
h = hashlib.md5()
|
||||||
|
with open(path, 'r') as source:
|
||||||
|
h.update(source.read()) # IGNORE:E1101 - it does have update
|
||||||
|
return h.hexdigest()
|
||||||
|
else:
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
def restart_on_change(restart_map):
|
||||||
|
''' Restart services based on configuration files changing
|
||||||
|
|
||||||
|
This function is used a decorator, for example
|
||||||
|
|
||||||
|
@restart_on_change({
|
||||||
|
'/etc/ceph/ceph.conf': [ 'cinder-api', 'cinder-volume' ]
|
||||||
|
})
|
||||||
|
def ceph_client_changed():
|
||||||
|
...
|
||||||
|
|
||||||
|
In this example, the cinder-api and cinder-volume services
|
||||||
|
would be restarted if /etc/ceph/ceph.conf is changed by the
|
||||||
|
ceph_client_changed function.
|
||||||
|
'''
|
||||||
|
def wrap(f):
|
||||||
|
def wrapped_f(*args):
|
||||||
|
checksums = {}
|
||||||
|
for path in restart_map:
|
||||||
|
checksums[path] = file_hash(path)
|
||||||
|
f(*args)
|
||||||
|
restarts = []
|
||||||
|
for path in restart_map:
|
||||||
|
if checksums[path] != file_hash(path):
|
||||||
|
restarts += restart_map[path]
|
||||||
|
for service_name in list(OrderedDict.fromkeys(restarts)):
|
||||||
|
service('restart', service_name)
|
||||||
|
return wrapped_f
|
||||||
|
return wrap
|
||||||
|
|
||||||
|
|
||||||
|
def lsb_release():
|
||||||
|
'''Return /etc/lsb-release in a dict'''
|
||||||
|
d = {}
|
||||||
|
with open('/etc/lsb-release', 'r') as lsb:
|
||||||
|
for l in lsb:
|
||||||
|
k, v = l.split('=')
|
||||||
|
d[k.strip()] = v.strip()
|
||||||
|
return d
|
||||||
|
|
||||||
|
|
||||||
|
def pwgen(length=None):
|
||||||
|
'''Generate a random pasword.'''
|
||||||
|
if length is None:
|
||||||
|
length = random.choice(range(35, 45))
|
||||||
|
alphanumeric_chars = [
|
||||||
|
l for l in (string.letters + string.digits)
|
||||||
|
if l not in 'l0QD1vAEIOUaeiou']
|
||||||
|
random_chars = [
|
||||||
|
random.choice(alphanumeric_chars) for _ in range(length)]
|
||||||
|
return(''.join(random_chars))
|
|
@ -0,0 +1,124 @@
|
||||||
|
# TODO: Promote all of this to charm-helpers, its shared with nova-compute
|
||||||
|
|
||||||
|
from charmhelpers.core.hookenv import (
|
||||||
|
config,
|
||||||
|
log,
|
||||||
|
relation_get,
|
||||||
|
unit_private_ip,
|
||||||
|
ERROR,
|
||||||
|
)
|
||||||
|
|
||||||
|
from charmhelpers.contrib.openstack import context
|
||||||
|
|
||||||
|
from charmhelpers.core.host import apt_install, filter_installed_packages
|
||||||
|
|
||||||
|
from charmhelpers.contrib.openstack.utils import get_os_codename_package
|
||||||
|
|
||||||
|
|
||||||
|
def _save_flag_file(path, data):
|
||||||
|
'''
|
||||||
|
Saves local state about plugin or manager to specified file.
|
||||||
|
'''
|
||||||
|
# Wonder if we can move away from this now?
|
||||||
|
with open(path, 'wb') as out:
|
||||||
|
out.write(data)
|
||||||
|
|
||||||
|
|
||||||
|
class QuantumPluginContext(context.OSContextGenerator):
|
||||||
|
interfaces = []
|
||||||
|
|
||||||
|
def _ensure_packages(self, packages):
|
||||||
|
'''Install but do not upgrade required plugin packages'''
|
||||||
|
required = filter_installed_packages(packages)
|
||||||
|
if required:
|
||||||
|
apt_install(required, fatal=True)
|
||||||
|
|
||||||
|
def ovs_context(self):
|
||||||
|
q_driver = 'quantum.plugins.openvswitch.ovs_quantum_plugin.'\
|
||||||
|
'OVSQuantumPluginV2'
|
||||||
|
q_fw_driver = 'quantum.agent.linux.iptables_firewall.'\
|
||||||
|
'OVSHybridIptablesFirewallDriver'
|
||||||
|
|
||||||
|
if get_os_codename_package('nova-common') in ['essex', 'folsom']:
|
||||||
|
n_driver = 'nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver'
|
||||||
|
else:
|
||||||
|
n_driver = 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver'
|
||||||
|
n_fw_driver = 'nova.virt.firewall.NoopFirewallDriver'
|
||||||
|
|
||||||
|
ovs_ctxt = {
|
||||||
|
'quantum_plugin': 'ovs',
|
||||||
|
# quantum.conf
|
||||||
|
'core_plugin': q_driver,
|
||||||
|
# nova.conf
|
||||||
|
'libvirt_vif_driver': n_driver,
|
||||||
|
'libvirt_use_virtio_for_bridges': True,
|
||||||
|
# ovs config
|
||||||
|
'tenant_network_type': 'gre',
|
||||||
|
'enable_tunneling': True,
|
||||||
|
'tunnel_id_ranges': '1:1000',
|
||||||
|
'local_ip': unit_private_ip(),
|
||||||
|
}
|
||||||
|
|
||||||
|
q_sec_groups = relation_get('quantum_security_groups')
|
||||||
|
if q_sec_groups and q_sec_groups.lower() == 'yes':
|
||||||
|
ovs_ctxt['quantum_security_groups'] = True
|
||||||
|
# nova.conf
|
||||||
|
ovs_ctxt['nova_firewall_driver'] = n_fw_driver
|
||||||
|
# ovs conf
|
||||||
|
ovs_ctxt['ovs_firewall_driver'] = q_fw_driver
|
||||||
|
|
||||||
|
return ovs_ctxt
|
||||||
|
|
||||||
|
def __call__(self):
|
||||||
|
from nova_compute_utils import quantum_attribute
|
||||||
|
|
||||||
|
plugin = relation_get('quantum_plugin')
|
||||||
|
if not plugin:
|
||||||
|
return {}
|
||||||
|
|
||||||
|
self._ensure_packages(quantum_attribute(plugin, 'packages'))
|
||||||
|
|
||||||
|
ctxt = {}
|
||||||
|
|
||||||
|
if plugin == 'ovs':
|
||||||
|
ctxt.update(self.ovs_context())
|
||||||
|
|
||||||
|
_save_flag_file(path='/etc/nova/quantum_plugin.conf', data=plugin)
|
||||||
|
|
||||||
|
return ctxt
|
||||||
|
|
||||||
|
|
||||||
|
QUANTUM_PLUGINS = {
|
||||||
|
'ovs': {
|
||||||
|
'config': '/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini',
|
||||||
|
'contexts': [context.SharedDBContext(),
|
||||||
|
QuantumPluginContext()],
|
||||||
|
'services': ['quantum-plugin-openvswitch-agent'],
|
||||||
|
'packages': ['quantum-plugin-openvswitch-agent',
|
||||||
|
'openvswitch-datapath-dkms'],
|
||||||
|
},
|
||||||
|
'nvp': {
|
||||||
|
'config': '/etc/quantum/plugins/nicira/nvp.ini',
|
||||||
|
'services': [],
|
||||||
|
'packages': ['quantum-plugin-nicira'],
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
def quantum_enabled():
|
||||||
|
manager = config('network-manager')
|
||||||
|
if not manager:
|
||||||
|
return False
|
||||||
|
return manager.lower() == 'quantum'
|
||||||
|
|
||||||
|
|
||||||
|
def quantum_attribute(plugin, attr):
|
||||||
|
try:
|
||||||
|
_plugin = QUANTUM_PLUGINS[plugin]
|
||||||
|
except KeyError:
|
||||||
|
log('Unrecognised plugin for quantum: %s' % plugin, level=ERROR)
|
||||||
|
raise
|
||||||
|
try:
|
||||||
|
return _plugin[attr]
|
||||||
|
except KeyError:
|
||||||
|
return None
|
|
@ -0,0 +1,57 @@
|
||||||
|
|
||||||
|
from charmhelpers.core.hookenv import relation_ids, relation_set
|
||||||
|
from charmhelpers.core.host import apt_install, filter_installed_packages
|
||||||
|
from charmhelpers.contrib.openstack import context, utils
|
||||||
|
|
||||||
|
#from charmhelpers.contrib.hahelpers.cluster import (
|
||||||
|
# determine_api_port,
|
||||||
|
# determine_haproxy_port,
|
||||||
|
#)
|
||||||
|
|
||||||
|
|
||||||
|
class ApacheSSLContext(context.ApacheSSLContext):
|
||||||
|
|
||||||
|
interfaces = ['https']
|
||||||
|
external_ports = []
|
||||||
|
service_namespace = 'nova'
|
||||||
|
|
||||||
|
def __call__(self):
|
||||||
|
# late import to work around circular dependency
|
||||||
|
from nova_cc_utils import determine_ports
|
||||||
|
self.external_ports = determine_ports()
|
||||||
|
return super(ApacheSSLContext, self).__call__()
|
||||||
|
|
||||||
|
|
||||||
|
class VolumeServiceContext(context.OSContextGenerator):
|
||||||
|
interfaces = []
|
||||||
|
|
||||||
|
def __call__(self):
|
||||||
|
ctxt = {}
|
||||||
|
|
||||||
|
os_vers = utils.get_os_codename_package('nova-common')
|
||||||
|
|
||||||
|
if (relation_ids('nova-volume-service') and
|
||||||
|
os_vers in ['essex', 'folsom']):
|
||||||
|
# legacy nova-volume support, only supported in E and F
|
||||||
|
ctxt['volume_service_config'] = 'nova.volume.api.API'
|
||||||
|
install_pkg = filter_installed_packages(['nova-api-os-volume'])
|
||||||
|
if install_pkg:
|
||||||
|
apt_install(install_pkg)
|
||||||
|
elif relation_ids('cinder-volume-service'):
|
||||||
|
ctxt['volume_service_config'] = 'nova.volume.cinder.API'
|
||||||
|
# kick all compute nodes to know they should use cinder now.
|
||||||
|
[relation_set(volume_service='cinder', rid=rid)
|
||||||
|
for rid in relation_ids('cloud-compute')]
|
||||||
|
return ctxt
|
||||||
|
|
||||||
|
|
||||||
|
class HAProxyContext(context.OSContextGenerator):
|
||||||
|
interfaces = ['ceph']
|
||||||
|
|
||||||
|
def __call__(self):
|
||||||
|
'''
|
||||||
|
Extends the main charmhelpers HAProxyContext with a port mapping
|
||||||
|
specific to this charm.
|
||||||
|
Also used to extend nova.conf context with correct api_listening_ports
|
||||||
|
'''
|
||||||
|
# TODO
|
|
@ -0,0 +1,325 @@
|
||||||
|
#!/usr/bin/python
|
||||||
|
|
||||||
|
import sys
|
||||||
|
|
||||||
|
from subprocess import check_call
|
||||||
|
from urlparse import urlparse
|
||||||
|
|
||||||
|
from charmhelpers.core.hookenv import (
|
||||||
|
Hooks,
|
||||||
|
UnregisteredHookError,
|
||||||
|
config,
|
||||||
|
log,
|
||||||
|
relation_get,
|
||||||
|
relation_ids,
|
||||||
|
relation_set,
|
||||||
|
open_port,
|
||||||
|
unit_get,
|
||||||
|
)
|
||||||
|
|
||||||
|
from charmhelpers.core.host import (
|
||||||
|
apt_install, apt_update, filter_installed_packages, restart_on_change
|
||||||
|
)
|
||||||
|
|
||||||
|
from charmhelpers.contrib.openstack.utils import (
|
||||||
|
configure_installation_source,
|
||||||
|
openstack_upgrade_available,
|
||||||
|
)
|
||||||
|
|
||||||
|
from nova_cc_utils import (
|
||||||
|
auth_token_config,
|
||||||
|
determine_endpoints,
|
||||||
|
determine_packages,
|
||||||
|
determine_ports,
|
||||||
|
do_openstack_upgrade,
|
||||||
|
keystone_ca_cert_b64,
|
||||||
|
migrate_database,
|
||||||
|
save_script_rc,
|
||||||
|
ssh_compute_add,
|
||||||
|
quantum_plugin,
|
||||||
|
register_configs,
|
||||||
|
restart_map,
|
||||||
|
volume_service,
|
||||||
|
CLUSTER_RES,
|
||||||
|
)
|
||||||
|
|
||||||
|
from misc_utils import (
|
||||||
|
quantum_enabled,
|
||||||
|
quantum_attribute,
|
||||||
|
)
|
||||||
|
|
||||||
|
from charmhelpers.contrib.hahelpers.cluster import (
|
||||||
|
canonical_url,
|
||||||
|
eligible_leader,
|
||||||
|
get_hacluster_config,
|
||||||
|
is_leader,
|
||||||
|
)
|
||||||
|
|
||||||
|
hooks = Hooks()
|
||||||
|
CONFIGS = register_configs()
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook()
|
||||||
|
def install():
|
||||||
|
configure_installation_source(config('openstack-origin'))
|
||||||
|
apt_update()
|
||||||
|
apt_install(determine_packages(), fatal=True)
|
||||||
|
[open_port(port) for port in determine_ports()]
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook()
|
||||||
|
@restart_on_change(restart_map())
|
||||||
|
def config_changed():
|
||||||
|
if openstack_upgrade_available('nova-common'):
|
||||||
|
do_openstack_upgrade()
|
||||||
|
save_script_rc()
|
||||||
|
configure_https()
|
||||||
|
# XXX configure quantum networking
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('amqp-relation-joined')
|
||||||
|
@restart_on_change(restart_map())
|
||||||
|
def amqp_joined():
|
||||||
|
relation_set(username=config('rabbit-user'), vhost=config('rabbit-vhost'))
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('amqp-relation-changed')
|
||||||
|
@restart_on_change(restart_map())
|
||||||
|
def amqp_changed():
|
||||||
|
if 'amqp' not in CONFIGS.complete_contexts():
|
||||||
|
log('amqp relation incomplete. Peer not ready?')
|
||||||
|
return
|
||||||
|
CONFIGS.write('/etc/nova/nova.conf')
|
||||||
|
if quantum_enabled():
|
||||||
|
CONFIGS.write('/etc/quantum/quantum.conf')
|
||||||
|
# XXX Configure quantum networking (after-restart!?)
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('shared-db-relation-joined')
|
||||||
|
def db_joined():
|
||||||
|
relation_set(nova_database=config('database'),
|
||||||
|
nova_username=config('database-user'),
|
||||||
|
nova_hostname=unit_get('private-address'))
|
||||||
|
if quantum_enabled():
|
||||||
|
# request a database created for quantum if needed.
|
||||||
|
relation_set(quantum_database=config('database'),
|
||||||
|
quantum_username=config('database-user'),
|
||||||
|
quantum_hostname=unit_get('private-address'))
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('shared-db-relation-changed')
|
||||||
|
@restart_on_change(restart_map())
|
||||||
|
def db_changed():
|
||||||
|
if 'shared-db' not in CONFIGS.complete_contexts():
|
||||||
|
log('shared-db relation incomplete. Peer not ready?')
|
||||||
|
return
|
||||||
|
CONFIGS.write('/etc/nova/nova.conf')
|
||||||
|
|
||||||
|
if quantum_enabled():
|
||||||
|
plugin = quantum_plugin()
|
||||||
|
CONFIGS.write(quantum_attribute(plugin, 'config'))
|
||||||
|
|
||||||
|
if eligible_leader(CLUSTER_RES):
|
||||||
|
migrate_database()
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('image-service-relation-changed')
|
||||||
|
@restart_on_change(restart_map())
|
||||||
|
def image_service_changed():
|
||||||
|
if 'image-service' not in CONFIGS.complete_contexts():
|
||||||
|
log('image-service relation incomplete. Peer not ready?')
|
||||||
|
return
|
||||||
|
CONFIGS.write('/etc/nova/nova.conf')
|
||||||
|
# TODO: special case config flag for essex (strip protocol)
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('identity-service-relation-joined')
|
||||||
|
@restart_on_change(restart_map())
|
||||||
|
def identity_joined(rid=None):
|
||||||
|
relation_set(rid=rid, **determine_endpoints())
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('identity-service-relation-changed')
|
||||||
|
@restart_on_change(restart_map())
|
||||||
|
def identity_changed():
|
||||||
|
if 'identity-service' not in CONFIGS.complete_contexts():
|
||||||
|
log('identity-service relation incomplete. Peer not ready?')
|
||||||
|
return
|
||||||
|
CONFIGS.write('/etc/nova/api-paste.ini')
|
||||||
|
if quantum_enabled():
|
||||||
|
CONFIGS.write('/etc/quantum/api-paste.ini')
|
||||||
|
# XXX configure quantum networking
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('nova-volume-service-relation-joined',
|
||||||
|
'cinder-volume-service-relation-joined')
|
||||||
|
@restart_on_change(restart_map())
|
||||||
|
def volume_joined():
|
||||||
|
CONFIGS.write('/etc/nova/nova.conf')
|
||||||
|
# kick identity_joined() to publish possibly new nova-volume endpoint.
|
||||||
|
[identity_joined(rid) for rid in relation_ids('identity-service')]
|
||||||
|
|
||||||
|
|
||||||
|
def _auth_config():
|
||||||
|
'''Grab all KS auth token config from api-paste.ini, or return empty {}'''
|
||||||
|
ks_auth_host = auth_token_config('auth_host')
|
||||||
|
if not ks_auth_host:
|
||||||
|
# if there is no auth_host set, identity-service changed hooks
|
||||||
|
# have not fired, yet.
|
||||||
|
return {}
|
||||||
|
cfg = {
|
||||||
|
'auth_host': ks_auth_host,
|
||||||
|
'auth_port': auth_token_config('auth_port'),
|
||||||
|
'service_port': auth_token_config('service_port'),
|
||||||
|
'service_username': auth_token_config('admin_user'),
|
||||||
|
'service_password': auth_token_config('admin_password'),
|
||||||
|
'service_tenant_name': auth_token_config('admin_tenant_name'),
|
||||||
|
'auth_uri': auth_token_config('auth_uri'),
|
||||||
|
}
|
||||||
|
return cfg
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('cloud-compute-relation-joined')
|
||||||
|
def compute_joined(rid=None):
|
||||||
|
if not eligible_leader():
|
||||||
|
return
|
||||||
|
rel_settings = {
|
||||||
|
'network_manager': config('network-manager'),
|
||||||
|
'volume_service': volume_service(),
|
||||||
|
# (comment from bash vers) XXX Should point to VIP if clustered, or
|
||||||
|
# this may not even be needed.
|
||||||
|
'ec2_host': unit_get('private-address'),
|
||||||
|
}
|
||||||
|
|
||||||
|
ks_auth_config = _auth_config()
|
||||||
|
|
||||||
|
if quantum_enabled():
|
||||||
|
if ks_auth_config:
|
||||||
|
rel_settings.update(ks_auth_config)
|
||||||
|
rel_settings.update({
|
||||||
|
'quantum_plugin': quantum_plugin(),
|
||||||
|
'region': config('region'),
|
||||||
|
'quantum_security_groups': config('quantum_security_groups'),
|
||||||
|
})
|
||||||
|
|
||||||
|
ks_ca = keystone_ca_cert_b64()
|
||||||
|
if ks_auth_config and ks_ca:
|
||||||
|
rel_settings['ca_cert'] = ks_ca
|
||||||
|
relation_set(rid=rid, **rel_settings)
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('cloud-compute-relation-joined')
|
||||||
|
def compute_changed():
|
||||||
|
migration_auth = relation_get('migration_auth_type')
|
||||||
|
if migration_auth == 'ssh':
|
||||||
|
ssh_compute_add()
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('quantum-network-servicerelation-joined')
|
||||||
|
def quantum_joined(rid=None):
|
||||||
|
if not eligible_leader():
|
||||||
|
return
|
||||||
|
|
||||||
|
# XXX TODO: Need to add neutron/quantum compat. for pkg naming
|
||||||
|
required_pkg = filter_installed_packages(['quantum-server'])
|
||||||
|
if required_pkg:
|
||||||
|
apt_install(required_pkg)
|
||||||
|
|
||||||
|
url = canonical_url(CONFIGS) + ':9696'
|
||||||
|
|
||||||
|
rel_settings = {
|
||||||
|
'quantum_host': urlparse(url).hostname,
|
||||||
|
'quantum_url': url,
|
||||||
|
'quantum_port': 9696,
|
||||||
|
'quantum_plugin': config('quantum-plugin'),
|
||||||
|
'region': config('region')
|
||||||
|
}
|
||||||
|
|
||||||
|
# inform quantum about local keystone auth config
|
||||||
|
ks_auth_config = _auth_config()
|
||||||
|
rel_settings.update(ks_auth_config)
|
||||||
|
|
||||||
|
# must pass the keystone CA cert, if it exists.
|
||||||
|
ks_ca = keystone_ca_cert_b64()
|
||||||
|
if ks_auth_config and ks_ca:
|
||||||
|
rel_settings['ca_cert'] = ks_ca
|
||||||
|
|
||||||
|
relation_set(rid=rid, **rel_settings)
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('cluster-relation-changed',
|
||||||
|
'cluster-relation-departed')
|
||||||
|
@restart_on_change(restart_map())
|
||||||
|
def cluster_changed():
|
||||||
|
CONFIGS.write_all()
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('ha-relation-joined')
|
||||||
|
def ha_joined():
|
||||||
|
config = get_hacluster_config()
|
||||||
|
resources = {
|
||||||
|
'res_nova_vip': 'ocf:heartbeat:IPaddr2',
|
||||||
|
'res_nova_haproxy': 'lsb:haproxy',
|
||||||
|
}
|
||||||
|
vip_params = 'params ip="%s" cidr_netmask="%s" nic="%s"' % \
|
||||||
|
(config['vip'], config['vip_cidr'], config['vip_iface'])
|
||||||
|
resource_params = {
|
||||||
|
'res_nova_vip': vip_params,
|
||||||
|
'res_nova_haproxy': 'op monitor interval="5s"'
|
||||||
|
}
|
||||||
|
init_services = {
|
||||||
|
'res_nova_haproxy': 'haproxy'
|
||||||
|
}
|
||||||
|
clones = {
|
||||||
|
'cl_nova_haproxy': 'res_nova_haproxy'
|
||||||
|
}
|
||||||
|
relation_set(init_services=init_services,
|
||||||
|
corosync_bindiface=config['ha-bindiface'],
|
||||||
|
corosync_mcastport=config['ha-mcastport'],
|
||||||
|
resources=resources,
|
||||||
|
resource_params=resource_params,
|
||||||
|
clones=clones)
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('ha-relation-changed')
|
||||||
|
def ha_changed():
|
||||||
|
if not relation_get('clustered'):
|
||||||
|
log('ha_changed: hacluster subordinate not fully clustered.')
|
||||||
|
return
|
||||||
|
if not is_leader(CLUSTER_RES):
|
||||||
|
log('ha_changed: hacluster complete but we are not leader.')
|
||||||
|
return
|
||||||
|
log('Cluster configured, notifying other services and updating '
|
||||||
|
'keystone endpoint configuration')
|
||||||
|
for rid in relation_ids('identity-service'):
|
||||||
|
identity_joined(rid=rid)
|
||||||
|
|
||||||
|
|
||||||
|
def configure_https():
|
||||||
|
'''
|
||||||
|
Enables SSL API Apache config if appropriate and kicks identity-service
|
||||||
|
with any required api updates.
|
||||||
|
'''
|
||||||
|
# need to write all to ensure changes to the entire request pipeline
|
||||||
|
# propagate (c-api, haprxy, apache)
|
||||||
|
CONFIGS.write_all()
|
||||||
|
if 'https' in CONFIGS.complete_contexts():
|
||||||
|
cmd = ['a2ensite', 'openstack_https_frontend']
|
||||||
|
check_call(cmd)
|
||||||
|
else:
|
||||||
|
cmd = ['a2dissite', 'openstack_https_frontend']
|
||||||
|
check_call(cmd)
|
||||||
|
|
||||||
|
for rid in relation_ids('identity-service'):
|
||||||
|
identity_joined(rid=rid)
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
try:
|
||||||
|
hooks.execute(sys.argv)
|
||||||
|
except UnregisteredHookError as e:
|
||||||
|
log('Unknown hook {} - skipping.'.format(e))
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
|
@ -0,0 +1,212 @@
|
||||||
|
import os
|
||||||
|
import subprocess
|
||||||
|
import ConfigParser
|
||||||
|
|
||||||
|
from base64 import b64encode
|
||||||
|
from collections import OrderedDict
|
||||||
|
from copy import deepcopy
|
||||||
|
|
||||||
|
from charmhelpers.contrib.openstack import templating, context
|
||||||
|
|
||||||
|
from charmhelpers.contrib.openstack.utils import (
|
||||||
|
get_os_codename_package,
|
||||||
|
save_script_rc as _save_script_rc,
|
||||||
|
)
|
||||||
|
|
||||||
|
from charmhelpers.core.hookenv import (
|
||||||
|
config,
|
||||||
|
relation_ids,
|
||||||
|
)
|
||||||
|
|
||||||
|
import nova_cc_context
|
||||||
|
|
||||||
|
TEMPLATES = 'templates/'
|
||||||
|
|
||||||
|
CLUSTER_RES = 'res_nova_vip'
|
||||||
|
|
||||||
|
# removed from original: python-mysqldb python-keystone charm-helper-sh
|
||||||
|
BASE_PACKAGES = [
|
||||||
|
'apache2',
|
||||||
|
'haproxy',
|
||||||
|
'uuid',
|
||||||
|
]
|
||||||
|
|
||||||
|
BASE_SERVICES = [
|
||||||
|
'nova-api-ec2',
|
||||||
|
'nova-api-os-compute',
|
||||||
|
'nova-objectstore',
|
||||||
|
'nova-cert',
|
||||||
|
'nova-scheduler',
|
||||||
|
]
|
||||||
|
|
||||||
|
API_PORTS = {
|
||||||
|
'nova-api-ec2': 8773,
|
||||||
|
'nova-api-os-compute': 8774,
|
||||||
|
'nova-api-os-volume': 8776,
|
||||||
|
'nova-objectstore': 3333,
|
||||||
|
'quantum-server': 9696,
|
||||||
|
}
|
||||||
|
|
||||||
|
BASE_RESOURCE_MAP = OrderedDict([
|
||||||
|
('/etc/nova/nova.conf', {
|
||||||
|
'services': BASE_SERVICES,
|
||||||
|
'contexts': [context.AMQPContext(),
|
||||||
|
context.SharedDBContext(),
|
||||||
|
context.ImageServiceContext(),
|
||||||
|
nova_cc_context.VolumeServiceContext()],
|
||||||
|
}),
|
||||||
|
('/etc/nova/api-paste.ini', {
|
||||||
|
'services': [s for s in BASE_SERVICES if 'api' in s],
|
||||||
|
'contexts': [context.IdentityServiceContext()],
|
||||||
|
}),
|
||||||
|
('/etc/quantum/quantum.conf', {
|
||||||
|
'services': ['quantum-server'],
|
||||||
|
'contexts': [],
|
||||||
|
}),
|
||||||
|
('/etc/quantum/api-paste.ini', {
|
||||||
|
'services': ['quantum-server'],
|
||||||
|
'contexts': [],
|
||||||
|
}),
|
||||||
|
('/etc/haproxy/haproxy.cfg', {
|
||||||
|
'contexts': [context.HAProxyContext(),
|
||||||
|
nova_cc_context.HAProxyContext()],
|
||||||
|
'services': ['haproxy'],
|
||||||
|
}),
|
||||||
|
('/etc/apache2/sites-available/openstack_https_frontend', {
|
||||||
|
'contexts': [],
|
||||||
|
'contexts': [nova_cc_context.ApacheSSLContext()],
|
||||||
|
'services': ['apache2'],
|
||||||
|
}),
|
||||||
|
])
|
||||||
|
|
||||||
|
CA_CERT_PATH = '/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt'
|
||||||
|
|
||||||
|
|
||||||
|
def resource_map():
|
||||||
|
'''
|
||||||
|
Dynamically generate a map of resources that will be managed for a single
|
||||||
|
hook execution.
|
||||||
|
'''
|
||||||
|
resource_map = deepcopy(BASE_RESOURCE_MAP)
|
||||||
|
|
||||||
|
if relation_ids('nova-volume-service'):
|
||||||
|
# if we have a relation to a nova-volume service, we're
|
||||||
|
# also managing the nova-volume API endpoint (legacy)
|
||||||
|
resource_map['/etc/nova/nova.conf']['services'].append(
|
||||||
|
'nova-api-os-volume')
|
||||||
|
|
||||||
|
if config('network-manager').lower() != 'quantum':
|
||||||
|
# pop out quantum resources if not deploying it. easier to
|
||||||
|
# remove it from the base ordered dict than add it in later
|
||||||
|
# and still preserve ordering for restart_map().
|
||||||
|
[resource_map.pop(k) for k in list(resource_map.iterkeys())
|
||||||
|
if 'quantum' in k]
|
||||||
|
return resource_map
|
||||||
|
|
||||||
|
|
||||||
|
def register_configs():
|
||||||
|
release = get_os_codename_package('nova-common', fatal=False) or 'essex'
|
||||||
|
configs = templating.OSConfigRenderer(templates_dir=TEMPLATES,
|
||||||
|
openstack_release=release)
|
||||||
|
for cfg, rscs in resource_map.iteritems():
|
||||||
|
configs.register(cfg, rscs['contexts'])
|
||||||
|
return configs
|
||||||
|
|
||||||
|
|
||||||
|
def restart_map():
|
||||||
|
return {k: v['services'] for k, v in resource_map().iteritems()}
|
||||||
|
|
||||||
|
|
||||||
|
def determine_ports():
|
||||||
|
'''Assemble a list of API ports for services we are managing'''
|
||||||
|
ports = []
|
||||||
|
for cfg, services in restart_map().iteritems():
|
||||||
|
for service in services:
|
||||||
|
try:
|
||||||
|
ports.append(API_PORTS[service])
|
||||||
|
except KeyError:
|
||||||
|
pass
|
||||||
|
return ports
|
||||||
|
|
||||||
|
|
||||||
|
def determine_packages():
|
||||||
|
# currently all packages match service names
|
||||||
|
packages = [] + BASE_PACKAGES
|
||||||
|
for k, v in resource_map().iteritems():
|
||||||
|
packages.extend(v['services'])
|
||||||
|
return list(set(packages))
|
||||||
|
|
||||||
|
|
||||||
|
def save_script_rc():
|
||||||
|
env_vars = {
|
||||||
|
'OPENSTACK_PORT_MCASTPORT': config('ha-mcastport'),
|
||||||
|
'OPENSTACK_SERVICE_API_EC2': 'nova-api-ec2',
|
||||||
|
'OPENSTACK_SERVICE_API_OS_COMPUTE': 'nova-api-os-compute',
|
||||||
|
'OPENSTACK_SERVICE_CERT': 'nova-cert',
|
||||||
|
'OPENSTACK_SERVICE_CONDUCTOR': 'nova-conductor',
|
||||||
|
'OPENSTACK_SERVICE_OBJECTSTORE': 'nova-objectstore',
|
||||||
|
'OPENSTACK_SERVICE_SCHEDULER': 'nova-scheduler',
|
||||||
|
}
|
||||||
|
if relation_ids('nova-volume-service'):
|
||||||
|
env_vars['OPENSTACK_SERVICE_API_OS_VOL'] = 'nova-api-os-volume'
|
||||||
|
if config('network-manager').lower() == 'quantum':
|
||||||
|
env_vars['OPENSTACK_SERVICE_API_QUANTUM'] = 'quantum-server'
|
||||||
|
_save_script_rc(**env_vars)
|
||||||
|
|
||||||
|
|
||||||
|
def do_openstack_upgrade():
|
||||||
|
# TODO
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
def quantum_plugin():
|
||||||
|
return config('quantum-plugin').lower()
|
||||||
|
|
||||||
|
|
||||||
|
def volume_service():
|
||||||
|
'''Specifies correct volume API for specific OS release'''
|
||||||
|
os_vers = get_os_codename_package('nova-common')
|
||||||
|
if os_vers == 'essex':
|
||||||
|
return 'nova-volume'
|
||||||
|
elif os_vers == 'folsom': # support both drivers in folsom.
|
||||||
|
if not relation_ids('cinder-volume-service'):
|
||||||
|
return 'nova-volume'
|
||||||
|
return 'cinder'
|
||||||
|
|
||||||
|
|
||||||
|
def migrate_database():
|
||||||
|
'''Runs nova-manage to initialize a new database or migrate existing'''
|
||||||
|
cmd = ['nova-manage', 'db', 'sync']
|
||||||
|
subprocess.check_call(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
def auth_token_config(setting):
|
||||||
|
'''
|
||||||
|
Returns currently configured value for setting in api-paste.ini's
|
||||||
|
authtoken section, or None.
|
||||||
|
'''
|
||||||
|
config = ConfigParser.RawConfigParser()
|
||||||
|
config.read('/etc/nova/api-paste.ini')
|
||||||
|
try:
|
||||||
|
value = config.get('filter:authtoken', setting)
|
||||||
|
except:
|
||||||
|
return None
|
||||||
|
if value.startswith('%'):
|
||||||
|
return None
|
||||||
|
return value
|
||||||
|
|
||||||
|
|
||||||
|
def keystone_ca_cert_b64():
|
||||||
|
'''Returns the local Keystone-provided CA cert if it exists, or None.'''
|
||||||
|
if not os.path.isfile(CA_CERT_PATH):
|
||||||
|
return None
|
||||||
|
with open(CA_CERT_PATH) as _in:
|
||||||
|
return b64encode(_in.read())
|
||||||
|
|
||||||
|
|
||||||
|
def ssh_compute_add():
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
def determine_endpoints():
|
||||||
|
pass
|
|
@ -0,0 +1,2 @@
|
||||||
|
import sys
|
||||||
|
sys.path.append('hooks/')
|
|
@ -0,0 +1,57 @@
|
||||||
|
from mock import MagicMock, patch
|
||||||
|
|
||||||
|
from unit_tests.test_utils import CharmTestCase
|
||||||
|
|
||||||
|
import hooks.nova_cc_utils as utils
|
||||||
|
|
||||||
|
_reg = utils.register_configs
|
||||||
|
_map = utils.restart_map
|
||||||
|
|
||||||
|
utils.register_configs = MagicMock()
|
||||||
|
utils.restart_map = MagicMock()
|
||||||
|
|
||||||
|
import hooks.nova_cc_hooks as hooks
|
||||||
|
|
||||||
|
utils.register_configs = _reg
|
||||||
|
utils.restart_map = _map
|
||||||
|
|
||||||
|
|
||||||
|
TO_PATCH = [
|
||||||
|
'apt_update',
|
||||||
|
'apt_install',
|
||||||
|
'configure_installation_source',
|
||||||
|
'do_openstack_upgrade',
|
||||||
|
'openstack_upgrade_available',
|
||||||
|
'config',
|
||||||
|
'determine_packages',
|
||||||
|
'determine_ports',
|
||||||
|
'open_port',
|
||||||
|
'save_script_rc',
|
||||||
|
]
|
||||||
|
|
||||||
|
|
||||||
|
class NovaCCHooksTests(CharmTestCase):
|
||||||
|
def setUp(self):
|
||||||
|
super(NovaCCHooksTests, self).setUp(hooks, TO_PATCH)
|
||||||
|
self.config.side_effect = self.test_config.get
|
||||||
|
|
||||||
|
def test_install_hook(self):
|
||||||
|
self.determine_packages.return_value = [
|
||||||
|
'nova-scheduler', 'nova-api-ec2']
|
||||||
|
self.determine_ports.return_value = [80, 81, 82]
|
||||||
|
hooks.install()
|
||||||
|
self.apt_install.assert_called_with(
|
||||||
|
['nova-scheduler', 'nova-api-ec2'], fatal=True)
|
||||||
|
|
||||||
|
@patch.object(hooks, 'configure_https')
|
||||||
|
def test_config_changed_no_upgrade(self, conf_https):
|
||||||
|
self.openstack_upgrade_available.return_value = False
|
||||||
|
hooks.config_changed()
|
||||||
|
self.assertTrue(self.save_script_rc.called)
|
||||||
|
|
||||||
|
@patch.object(hooks, 'configure_https')
|
||||||
|
def test_config_changed_with_upgrade(self, conf_https):
|
||||||
|
self.openstack_upgrade_available.return_value = True
|
||||||
|
hooks.config_changed()
|
||||||
|
self.assertTrue(self.do_openstack_upgrade.called)
|
||||||
|
self.assertTrue(self.save_script_rc.called)
|
|
@ -0,0 +1,108 @@
|
||||||
|
from mock import patch, call
|
||||||
|
from copy import deepcopy
|
||||||
|
from unit_tests.test_utils import CharmTestCase
|
||||||
|
|
||||||
|
import hooks.nova_cc_utils as utils
|
||||||
|
|
||||||
|
TO_PATCH = [
|
||||||
|
'config',
|
||||||
|
'get_os_codename_package',
|
||||||
|
'relation_ids',
|
||||||
|
'_save_script_rc',
|
||||||
|
]
|
||||||
|
|
||||||
|
SCRIPTRC_ENV_VARS = {
|
||||||
|
'OPENSTACK_PORT_MCASTPORT': 5404,
|
||||||
|
'OPENSTACK_SERVICE_API_EC2': 'nova-api-ec2',
|
||||||
|
'OPENSTACK_SERVICE_API_OS_COMPUTE': 'nova-api-os-compute',
|
||||||
|
'OPENSTACK_SERVICE_CERT': 'nova-cert',
|
||||||
|
'OPENSTACK_SERVICE_CONDUCTOR': 'nova-conductor',
|
||||||
|
'OPENSTACK_SERVICE_OBJECTSTORE': 'nova-objectstore',
|
||||||
|
'OPENSTACK_SERVICE_SCHEDULER': 'nova-scheduler',
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
class NovaCCUtilsTests(CharmTestCase):
|
||||||
|
def setUp(self):
|
||||||
|
super(NovaCCUtilsTests, self).setUp(utils, TO_PATCH)
|
||||||
|
self.config.side_effect = self.test_config.get
|
||||||
|
|
||||||
|
def test_resource_map_quantum(self):
|
||||||
|
self.relation_ids.return_value = []
|
||||||
|
self.test_config.set('network-manager', 'Quantum')
|
||||||
|
_map = utils.resource_map()
|
||||||
|
confs = [
|
||||||
|
'/etc/quantum/quantum.conf',
|
||||||
|
'/etc/quantum/api-paste.ini'
|
||||||
|
]
|
||||||
|
[self.assertIn(q_conf, _map.keys()) for q_conf in confs]
|
||||||
|
|
||||||
|
def test_resource_map_nova_volume(self):
|
||||||
|
self.relation_ids.return_value = ['nova-volume-service:0']
|
||||||
|
_map = utils.resource_map()
|
||||||
|
self.assertIn('nova-api-os-volume',
|
||||||
|
_map['/etc/nova/nova.conf']['services'])
|
||||||
|
|
||||||
|
def test_determine_packages_quantum(self):
|
||||||
|
self.relation_ids.return_value = []
|
||||||
|
self.test_config.set('network-manager', 'Quantum')
|
||||||
|
pkgs = utils.determine_packages()
|
||||||
|
self.assertIn('quantum-server', pkgs)
|
||||||
|
|
||||||
|
def test_determine_packages_nova_volume(self):
|
||||||
|
self.relation_ids.return_value = ['nova-volume-service:0']
|
||||||
|
pkgs = utils.determine_packages()
|
||||||
|
self.assertIn('nova-api-os-volume', pkgs)
|
||||||
|
|
||||||
|
def test_determine_packages_base(self):
|
||||||
|
self.relation_ids.return_value = []
|
||||||
|
pkgs = utils.determine_packages()
|
||||||
|
ex = list(set(utils.BASE_PACKAGES + utils.BASE_SERVICES))
|
||||||
|
self.assertEquals(ex, pkgs)
|
||||||
|
|
||||||
|
@patch.object(utils, 'restart_map')
|
||||||
|
def test_determine_ports(self, restart_map):
|
||||||
|
restart_map.return_value = {
|
||||||
|
'/etc/nova/nova.conf': ['nova-api-os-compute', 'nova-api-ec2'],
|
||||||
|
'/etc/quantum/quantum.conf': ['quantum-server'],
|
||||||
|
}
|
||||||
|
ports = utils.determine_ports()
|
||||||
|
ex = [8773, 8774, 9696]
|
||||||
|
self.assertEquals(ex, sorted(ports))
|
||||||
|
|
||||||
|
def test_save_script_rc_base(self):
|
||||||
|
self.relation_ids.return_value = []
|
||||||
|
utils.save_script_rc()
|
||||||
|
self._save_script_rc.called_with(**SCRIPTRC_ENV_VARS)
|
||||||
|
|
||||||
|
def test_save_script_quantum(self):
|
||||||
|
self.relation_ids.return_value = []
|
||||||
|
self.test_config.set('network-manager', 'Quantum')
|
||||||
|
utils.save_script_rc()
|
||||||
|
_ex = deepcopy(SCRIPTRC_ENV_VARS)
|
||||||
|
_ex['OPENSTACK_SERVICE_API_QUANTUM'] = 'quantum-server'
|
||||||
|
self._save_script_rc.called_with(**_ex)
|
||||||
|
|
||||||
|
def test_save_script_nova_volume(self):
|
||||||
|
self.relation_ids.return_value = ['nvol:0']
|
||||||
|
utils.save_script_rc()
|
||||||
|
_ex = deepcopy(SCRIPTRC_ENV_VARS)
|
||||||
|
_ex['OPENSTACK_SERVICE_API_OS_VOL'] = 'nova-api-os-volume'
|
||||||
|
self._save_script_rc.called_with(**_ex)
|
||||||
|
|
||||||
|
def test_determine_volume_service_essex(self):
|
||||||
|
self.get_os_codename_package.return_value = 'essex'
|
||||||
|
self.assertEquals('nova-volume', utils.volume_service())
|
||||||
|
|
||||||
|
def test_determine_volume_service_folsom_cinder(self):
|
||||||
|
self.get_os_codename_package.return_value = 'folsom'
|
||||||
|
self.relation_ids.return_value = ['cinder:0']
|
||||||
|
self.assertEquals('cinder', utils.volume_service())
|
||||||
|
|
||||||
|
def test_determine_volume_service_folsom_nova_vol(self):
|
||||||
|
self.get_os_codename_package.return_value = 'folsom'
|
||||||
|
self.relation_ids.return_value = []
|
||||||
|
self.assertEquals('nova-volume', utils.volume_service())
|
||||||
|
|
||||||
|
def test_determine_volume_service_grizzly_and_beyond(self):
|
||||||
|
pass
|
|
@ -0,0 +1,118 @@
|
||||||
|
import logging
|
||||||
|
import unittest
|
||||||
|
import os
|
||||||
|
import yaml
|
||||||
|
|
||||||
|
from contextlib import contextmanager
|
||||||
|
from mock import patch, MagicMock
|
||||||
|
|
||||||
|
|
||||||
|
def load_config():
|
||||||
|
'''
|
||||||
|
Walk backwords from __file__ looking for config.yaml, load and return the
|
||||||
|
'options' section'
|
||||||
|
'''
|
||||||
|
config = None
|
||||||
|
f = __file__
|
||||||
|
while config is None:
|
||||||
|
d = os.path.dirname(f)
|
||||||
|
if os.path.isfile(os.path.join(d, 'config.yaml')):
|
||||||
|
config = os.path.join(d, 'config.yaml')
|
||||||
|
break
|
||||||
|
f = d
|
||||||
|
|
||||||
|
if not config:
|
||||||
|
logging.error('Could not find config.yaml in any parent directory '
|
||||||
|
'of %s. ' % file)
|
||||||
|
raise Exception
|
||||||
|
|
||||||
|
return yaml.safe_load(open(config).read())['options']
|
||||||
|
|
||||||
|
|
||||||
|
def get_default_config():
|
||||||
|
'''
|
||||||
|
Load default charm config from config.yaml return as a dict.
|
||||||
|
If no default is set in config.yaml, its value is None.
|
||||||
|
'''
|
||||||
|
default_config = {}
|
||||||
|
config = load_config()
|
||||||
|
for k, v in config.iteritems():
|
||||||
|
if 'default' in v:
|
||||||
|
default_config[k] = v['default']
|
||||||
|
else:
|
||||||
|
default_config[k] = None
|
||||||
|
return default_config
|
||||||
|
|
||||||
|
|
||||||
|
class CharmTestCase(unittest.TestCase):
|
||||||
|
def setUp(self, obj, patches):
|
||||||
|
super(CharmTestCase, self).setUp()
|
||||||
|
self.patches = patches
|
||||||
|
self.obj = obj
|
||||||
|
self.test_config = TestConfig()
|
||||||
|
self.test_relation = TestRelation()
|
||||||
|
self.patch_all()
|
||||||
|
|
||||||
|
def patch(self, method):
|
||||||
|
_m = patch.object(self.obj, method)
|
||||||
|
mock = _m.start()
|
||||||
|
self.addCleanup(_m.stop)
|
||||||
|
return mock
|
||||||
|
|
||||||
|
def patch_all(self):
|
||||||
|
for method in self.patches:
|
||||||
|
setattr(self, method, self.patch(method))
|
||||||
|
|
||||||
|
|
||||||
|
class TestConfig(object):
|
||||||
|
def __init__(self):
|
||||||
|
self.config = get_default_config()
|
||||||
|
|
||||||
|
def get(self, attr=None):
|
||||||
|
if not attr:
|
||||||
|
return self.get_all()
|
||||||
|
try:
|
||||||
|
return self.config[attr]
|
||||||
|
except KeyError:
|
||||||
|
return None
|
||||||
|
|
||||||
|
def get_all(self):
|
||||||
|
return self.config
|
||||||
|
|
||||||
|
def set(self, attr, value):
|
||||||
|
if attr not in self.config:
|
||||||
|
raise KeyError
|
||||||
|
self.config[attr] = value
|
||||||
|
|
||||||
|
|
||||||
|
class TestRelation(object):
|
||||||
|
def __init__(self, relation_data={}):
|
||||||
|
self.relation_data = relation_data
|
||||||
|
|
||||||
|
def set(self, relation_data):
|
||||||
|
self.relation_data = relation_data
|
||||||
|
|
||||||
|
def get(self, attr=None, unit=None, rid=None):
|
||||||
|
if attr is None:
|
||||||
|
return self.relation_data
|
||||||
|
elif attr in self.relation_data:
|
||||||
|
return self.relation_data[attr]
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
@contextmanager
|
||||||
|
def patch_open():
|
||||||
|
'''Patch open() to allow mocking both open() itself and the file that is
|
||||||
|
yielded.
|
||||||
|
|
||||||
|
Yields the mock for "open" and "file", respectively.'''
|
||||||
|
mock_open = MagicMock(spec=open)
|
||||||
|
mock_file = MagicMock(spec=file)
|
||||||
|
|
||||||
|
@contextmanager
|
||||||
|
def stub_open(*args, **kwargs):
|
||||||
|
mock_open(*args, **kwargs)
|
||||||
|
yield mock_file
|
||||||
|
|
||||||
|
with patch('__builtin__.open', stub_open):
|
||||||
|
yield mock_open, mock_file
|
Loading…
Reference in New Issue