Juju Charms Collection
keystone package

Merge lp:~gandelman-a/charms/precise/keystone/openstack-charmers-merge into lp:~openstack-charmers/charms/precise/keystone/ha-support

  1. Precise Pangolin (12.04)
  2. openstack-charmers-merge
  3. Merge into ha-support
Proposed by Adam Gandelman
Status: Merged
Merged at revision: 46
Proposed branch: lp:~gandelman-a/charms/precise/keystone/openstack-charmers-merge
Merge into: lp:~openstack-charmers/charms/precise/keystone/ha-support
Diff against target: 347 lines (+97/-110)
5 files modified
config.yaml (+9/-0)
hooks/keystone-hooks (+18/-2)
hooks/lib/openstack_common.py (+35/-6)
hooks/utils.py (+34/-101)
revision (+1/-1)
To merge this branch: bzr merge lp:~gandelman-a/charms/precise/keystone/openstack-charmers-merge
Reviewer Review Type Date Requested Status
OpenStack Charmers Pending
Review via email: mp+143802@code.launchpad.net

Description of the change

This redirects a merge into the upstream charm toward the ~openstack-charmers WIP branches. Most the changes enable better grizzly support, the other changes are mostly openstack_common.py sync and a general rebase against upstream charm.

Original MP @ https://code.launchpad.net/~gandelman-a/charms/precise/keystone/grizzly/+merge/142429

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'config.yaml'
2--- config.yaml 2012-12-17 17:02:04 +0000
3+++ config.yaml 2013-01-18 00:33:20 +0000
4@@ -26,6 +26,10 @@
5 default: "/etc/keystone/keystone.conf"
6 type: string
7 description: "Location of keystone configuration file"
8+ log-level:
9+ default: WARNING
10+ type: string
11+ description: Log level (WARNING, INFO, DEBUG, ERROR)
12 service-port:
13 default: 5000
14 type: int
15@@ -99,3 +103,8 @@
16 description: |
17 Default multicast port number that will be used to communicate between
18 HA Cluster nodes.
19+ # PKI enablement and configuration (Grizzly and beyond)
20+ enable-pki:
21+ default: "false"
22+ type: string
23+ description: "Enable PKI token signing (Grizzly and beyond)"
24
25=== modified file 'hooks/keystone-hooks'
26--- hooks/keystone-hooks 2013-01-07 12:37:48 +0000
27+++ hooks/keystone-hooks 2013-01-18 00:33:20 +0000
28@@ -40,7 +40,7 @@
29 "desc": "S3 Compatible object-store"
30 },
31 "swift": {
32- "type": "storage",
33+ "type": "object-store",
34 "desc": "Swift Object Storage Service"
35 },
36 "quantum": {
37@@ -140,6 +140,14 @@
38 settings = relation_get_dict(relation_id=relation_id,
39 remote_unit=remote_unit)
40
41+ # Allow the remote service to request creation of any additional roles.
42+ # Currently used by Swift.
43+ if 'requested_roles' in settings and settings['requested_roles'] != 'None':
44+ roles = settings['requested_roles'].split(',')
45+ juju_log("Creating requested roles: %s" % roles)
46+ for role in roles:
47+ create_role(role, user=config['admin-user'], tenant='admin')
48+
49 # the minimum settings needed per endpoint
50 single = set(['service', 'region', 'public_url', 'admin_url',
51 'internal_url'])
52@@ -250,7 +258,8 @@
53 available = get_os_codename_install_source(config['openstack-origin'])
54 installed = get_os_codename_package('keystone')
55
56- if get_os_version_codename(available) > get_os_version_codename(installed):
57+ if (available and
58+ get_os_version_codename(available) > get_os_version_codename(installed)):
59 do_openstack_upgrade(config['openstack-origin'], packages)
60
61 set_admin_token(config['admin-token'])
62@@ -261,6 +270,13 @@
63 elif not is_clustered():
64 ensure_initial_admin(config)
65
66+ update_config_block('logger_root', level=config['log-level'],
67+ file='/etc/keystone/logging.conf')
68+ if get_os_version_package('keystone') >= '2013.1':
69+ # PKI introduced in Grizzly
70+ configure_pki_tokens(config)
71+
72+ execute("service keystone restart", echo=True)
73 cluster_changed()
74
75
76
77=== modified file 'hooks/lib/openstack_common.py'
78--- hooks/lib/openstack_common.py 2013-01-07 12:37:48 +0000
79+++ hooks/lib/openstack_common.py 2013-01-18 00:33:20 +0000
80@@ -23,6 +23,12 @@
81 '2013.1': 'grizzly'
82 }
83
84+# The ugly duckling
85+swift_codenames = {
86+ '1.4.3': 'diablo',
87+ '1.4.8': 'essex',
88+ '1.7.4': 'folsom'
89+}
90
91 def juju_log(msg):
92 subprocess.check_call(['juju-log', msg])
93@@ -119,12 +125,32 @@
94
95 vers = vers[:6]
96 try:
97- return openstack_codenames[vers]
98+ if 'swift' in pkg:
99+ vers = vers[:5]
100+ return swift_codenames[vers]
101+ else:
102+ vers = vers[:6]
103+ return openstack_codenames[vers]
104 except KeyError:
105 e = 'Could not determine OpenStack codename for version %s' % vers
106 error_out(e)
107
108
109+def get_os_version_package(pkg):
110+ '''Derive OpenStack version number from an installed package.'''
111+ codename = get_os_codename_package(pkg)
112+
113+ if 'swift' in pkg:
114+ vers_map = swift_codenames
115+ else:
116+ vers_map = openstack_codenames
117+
118+ for version, cname in vers_map.iteritems():
119+ if cname == codename:
120+ return version
121+ e = "Could not determine OpenStack version for package: %s" % pkg
122+ error_out(e)
123+
124 def configure_installation_source(rel):
125 '''Configure apt installation source.'''
126
127@@ -165,9 +191,11 @@
128 'version (%s)' % (ca_rel, ubuntu_rel)
129 error_out(e)
130
131- if ca_rel == 'folsom/staging':
132+ if 'staging' in ca_rel:
133 # staging is just a regular PPA.
134- cmd = 'add-apt-repository -y ppa:ubuntu-cloud-archive/folsom-staging'
135+ os_rel = ca_rel.split('/')[0]
136+ ppa = 'ppa:ubuntu-cloud-archive/%s-staging' % os_rel
137+ cmd = 'add-apt-repository -y %s' % ppa
138 subprocess.check_call(cmd.split(' '))
139 return
140
141@@ -175,7 +203,10 @@
142 pockets = {
143 'folsom': 'precise-updates/folsom',
144 'folsom/updates': 'precise-updates/folsom',
145- 'folsom/proposed': 'precise-proposed/folsom'
146+ 'folsom/proposed': 'precise-proposed/folsom',
147+ 'grizzly': 'precise-updates/grizzly',
148+ 'grizzly/updates': 'precise-updates/grizzly',
149+ 'grizzly/proposed': 'precise-proposed/grizzly'
150 }
151
152 try:
153@@ -192,11 +223,9 @@
154 else:
155 error_out("Invalid openstack-release specified: %s" % rel)
156
157-
158 HAPROXY_CONF = '/etc/haproxy/haproxy.cfg'
159 HAPROXY_DEFAULT = '/etc/default/haproxy'
160
161-
162 def configure_haproxy(units, service_ports, template_dir=None):
163 template_dir = template_dir or 'templates'
164 import jinja2
165
166=== modified file 'hooks/utils.py'
167--- hooks/utils.py 2012-12-18 13:46:21 +0000
168+++ hooks/utils.py 2013-01-18 00:33:20 +0000
169@@ -1,4 +1,5 @@
170 #!/usr/bin/python
171+import ConfigParser
172 import subprocess
173 import sys
174 import json
175@@ -164,106 +165,26 @@
176 keystone_conf)
177 error_out('Could not find admin_token line in %s' % keystone_conf)
178
179-def update_config_block(block, **kwargs):
180+def update_config_block(section, **kwargs):
181 """ Updates keystone.conf blocks given kwargs.
182- Can be used to update driver settings for a particular backend,
183- setting the sql connection, etc.
184-
185- Parses block heading as '[block]'
186-
187- If block does not exist, a new block will be created at end of file with
188- given kwargs
189- """
190- f = open(keystone_conf, "r+")
191- orig = f.readlines()
192- new = []
193- found_block = ""
194- heading = "[%s]\n" % block
195-
196- lines = len(orig)
197- ln = 0
198-
199- def update_block(block):
200- for k, v in kwargs.iteritems():
201- for l in block:
202- if l.strip().split(" ")[0] == k:
203- block[block.index(l)] = "%s = %s\n" % (k, v)
204- return
205- block.append('%s = %s\n' % (k, v))
206- block.append('\n')
207-
208- try:
209- found = False
210- while ln < lines:
211- if orig[ln] != heading:
212- new.append(orig[ln])
213- ln += 1
214- else:
215- new.append(orig[ln])
216- ln += 1
217- block = []
218- while orig[ln].strip() != '':
219- block.append(orig[ln])
220- ln += 1
221- update_block(block)
222- new += block
223- found = True
224-
225- if not found:
226- if new[(len(new) - 1)].strip() != '':
227- new.append('\n')
228- new.append('%s' % heading)
229- for k, v in kwargs.iteritems():
230- new.append('%s = %s\n' % (k, v))
231- new.append('\n')
232- except:
233- error_out('Error while attempting to update config block. '\
234- 'Refusing to overwite existing config.')
235-
236- return
237-
238- # backup original config
239- backup = open(keystone_conf + '.juju-back', 'w+')
240- for l in orig:
241- backup.write(l)
242- backup.close()
243-
244- # update config
245- f.seek(0)
246- f.truncate()
247- for l in new:
248- f.write(l)
249-
250-
251-def keystone_conf_update(opt, val):
252- """ Updates keystone.conf values
253- If option exists, it is reset to new value
254- If it does not, it added to the top of the config file after the [DEFAULT]
255- heading to keep it out of the paste deploy config
256- """
257- f = open(keystone_conf, "r+")
258- orig = f.readlines()
259- new = ""
260- found = False
261- for l in orig:
262- if l.split(' ')[0] == opt:
263- juju_log("Updating %s, setting %s = %s" % (keystone_conf, opt, val))
264- new += "%s = %s\n" % (opt, val)
265- found = True
266- else:
267- new += l
268- new = new.split('\n')
269- # insert a new value at the top of the file, after the 'DEFAULT' header so
270- # as not to muck up paste deploy configuration later in the file
271- if not found:
272- juju_log("Adding new config option %s = %s" % (opt, val))
273- header = new.index("[DEFAULT]")
274- new.insert((header+1), "%s = %s" % (opt, val))
275- f.seek(0)
276- f.truncate()
277- for l in new:
278- f.write("%s\n" % l)
279- f.close
280+ Update a config setting in a specific setting of a config
281+ file (/etc/keystone/keystone.conf, by default)
282+ """
283+ if 'file' in kwargs:
284+ conf_file = kwargs['file']
285+ del kwargs['file']
286+ else:
287+ conf_file = keystone_conf
288+ config = ConfigParser.RawConfigParser()
289+ config.read(conf_file)
290+
291+ if section != 'DEFAULT' and not config.has_section(section):
292+ config.add_section(section)
293+
294+ for k, v in kwargs.iteritems():
295+ config.set(section, k, v)
296+ with open(conf_file, 'wb') as out:
297+ config.write(out)
298
299 def create_service_entry(service_name, service_type, service_desc, owner=None):
300 """ Add a new service entry to keystone if one does not already exist """
301@@ -339,11 +260,11 @@
302 password=password,
303 email='juju@localhost',
304 tenant_id=tenant_id)
305- juju_log("Created new user '%s' pw: %s tenant: %s" % (name, password, tenant_id))
306+ juju_log("Created new user '%s' tenant: %s" % (name, tenant_id))
307 return
308 juju_log("A user named '%s' already exists" % name)
309
310-def create_role(name, user, tenant):
311+def create_role(name, user=None, tenant=None):
312 """ creates a role if it doesn't already exist. grants role to user """
313 import manager
314 manager = manager.KeystoneManager(endpoint='http://localhost:35357/v2.0/',
315@@ -355,6 +276,9 @@
316 else:
317 juju_log("A role named '%s' already exists" % name)
318
319+ if not user and not tenant:
320+ return
321+
322 # NOTE(adam_g): Keystone client requires id's for add_user_role, not names
323 user_id = manager.resolve_user_id(user)
324 role_id = manager.resolve_role_id(name)
325@@ -471,6 +395,15 @@
326 juju_log("Successfully updated password for user '%s'" % username)
327
328
329+def configure_pki_tokens(config):
330+ '''Configure PKI token signing, if enabled.'''
331+ if config['enable-pki'] not in ['True', 'true']:
332+ update_config_block('signing', token_format='UUID')
333+ else:
334+ juju_log('TODO: PKI Support, setting to UUID for now.')
335+ update_config_block('signing', token_format='UUID')
336+
337+
338 def do_openstack_upgrade(install_src, packages):
339 '''Upgrade packages from a given install src.'''
340
341
342=== modified file 'revision'
343--- revision 2013-01-07 12:37:48 +0000
344+++ revision 2013-01-18 00:33:20 +0000
345@@ -1,1 +1,1 @@
346-190
347+191

Subscribers

People subscribed via source and target branches