Juju Charms Collection
nova-cloud-controller package

Merge lp:~gandelman-a/charms/precise/nova-cloud-controller/live_migration into lp:~charmers/charms/precise/nova-cloud-controller/trunk

Proposed by Adam Gandelman on 2013-01-09

Status:	Rejected
Rejected by:	Adam Gandelman on 2013-01-18
Proposed branch:	lp:~gandelman-a/charms/precise/nova-cloud-controller/live_migration
Merge into:	lp:~charmers/charms/precise/nova-cloud-controller/trunk
Diff against target:	819 lines (+493/-85) 9 files modified config.yaml (+0/-4) hooks/lib/nova/essex (+2/-2) hooks/lib/nova/folsom (+3/-5) hooks/lib/nova/grizzly (+80/-0) hooks/lib/nova/nova-common (+27/-2) hooks/lib/openstack-common (+136/-22) hooks/nova-cloud-controller-common (+190/-35) hooks/nova-cloud-controller-relations (+54/-14) revision (+1/-1)
To merge this branch:	bzr merge lp:~gandelman-a/charms/precise/nova-cloud-controller/live_migration
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
James Page		2013-01-09	Needs Fixing on 2013-01-09
Review via email: mp+142431@code.launchpad.net

Revision history for this message

Adam Gandelman (gandelman-a) wrote on 2013-01-09:

This adds grizzly support and makes nova-c-c the coordinator of ssh key access for compute nodes, for purposes of live migration.

Revision history for this message

James Page (james-page) wrote on 2013-01-09:

Hi Adam

First pass feedback

1) General approach to key distribution

Why use an HTTP server for distribution of keys and authorized hosts? This data could be passed using juju using bas64 encode/decode. That way if multiple cloud-controller instances are running the data transfer is simpler as data is always passed via juju rather than being retrieved from XX server.

2) QUANTUM_* variables

I hit a few issues testing this update with Quantum; most of the quantum functions rely on the QUANTUM_* variables being set every hook execution but the changes in nova-cloud-controller-common change this; as a result the initial configuration of quantum in hooks/lib/nova/nova-common fails as the PLUGIN is not set and configure_quantum_networking has a similar issue. Needs a bit more work.

review: Needs Fixing

lp:~gandelman-a/charms/precise/nova-cloud-controller/live_migration updated on 2013-01-09

56. By Adam Gandelman on 2013-01-09: Actually use determine_quantum_config when needed.

Revision history for this message

Adam Gandelman (gandelman-a) wrote on 2013-01-09:

James-

Thanks. I've updated the branch to address the second issue. There was existing functions set to deal with that issue, but they were not being called when needed.

Regarding key distribution, I've been hesitant to use the juju environment as a dumping ground for files but in this case I think you're right. Even with many compute nodes, the files / base64 encodings won't grow too big. I hadn't thought of the issue of multiple nova-c-c's but again you are right. It does complicate things and the current method would require some fixing to avoid nova-compute wget'ing the files from every nova-c-c node. I'll give the base64 method a shot and update the branch if it works out.

lp:~gandelman-a/charms/precise/nova-cloud-controller/live_migration updated on 2013-01-11

57. By Adam Gandelman on 2013-01-10: Replace WWW key distribution in favor of base64 encoded relation settings.
58. By Adam Gandelman on 2013-01-11: openstack-common: Update for Grizzly (and beyond) access via U.C.A.
59. By Adam Gandelman on 2013-01-11: Sync openstack-common.

Revision history for this message

Adam Gandelman (gandelman-a) wrote on 2013-01-18:

Closing this out. Rebased and redirected this work against other WIP charm branches:

https://code.launchpad.net/~gandelman-a/charms/precise/nova-cloud-controller/openstack-charmers-merge/+merge/143801

Unmerged revisions

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Adam Gandelman

Landscape

charmers

Juju Charms Collection
nova-cloud-controller package

Merge lp:~gandelman-a/charms/precise/nova-cloud-controller/live_migration into lp:~charmers/charms/precise/nova-cloud-controller/trunk

Commit message

Description of the change

Unmerged revisions

Preview Diff

Subscribers

 === modified file 'config.yaml'
 --- config.yaml	2012-12-03 15:06:35 +0000
 +++ config.yaml	2013-01-11 18:39:23 +0000
@@ -14,10 +14,6 @@
        Note that updating this setting to a source that is known to
        provide a later version of OpenStack will trigger a software
        upgrade.
--  nova-config:
--    default: /etc/nova/nova.conf
--    type: string
--    description: Full path to nova.conf
    rabbit-user:
      default: nova
      type: string
 === modified file 'hooks/lib/nova/essex'
 --- hooks/lib/nova/essex	2012-10-03 00:37:57 +0000
 +++ hooks/lib/nova/essex	2013-01-11 18:39:23 +0000
@@ -12,7 +12,7 @@
    local nova_conf=${NOVA_CONF:-/etc/nova/nova.conf}
    local api_conf=${API_CONF:-/etc/nova/api-paste.ini}
--
++  local libvirtd_conf=${LIBVIRTD_CONF:-/etc/libvirt/libvirtd.conf}
    [[ -z $key ]] && juju-log "$CHARM set_or_update: value $value missing key" && exit 1
    [[ -z $value ]] && juju-log "$CHARM set_or_update: key $key missing value" && exit 1
    [[ -z "$conf_file" ]] && conf_file=$nova_conf
@@ -22,7 +22,7 @@
                    pattern="--$key="
                    out=$pattern
                    ;;
--    "$api_conf") match="^$key = "
++    "$api_conf"|"$libvirtd_conf") match="^$key = "
                   pattern="$match"
                   out="$key = "
                   ;;
 === modified file 'hooks/lib/nova/folsom'
 --- hooks/lib/nova/folsom	2012-11-29 16:38:54 +0000
 +++ hooks/lib/nova/folsom	2013-01-11 18:39:23 +0000
@@ -15,6 +15,7 @@
    local quantum_conf=${QUANTUM_CONF:-/etc/quantum/quantum.conf}
    local quantum_api_conf=${QUANTUM_API_CONF:-/etc/quantum/api-paste.ini}
    local quantum_plugin_conf=${QUANTUM_PLUGIN_CONF:-/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini}
++  local libvirtd_conf=${LIBVIRTD_CONF:-/etc/libvirt/libvirtd.conf}
    [[ -z $key ]] && juju-log "$CHARM: set_or_update: value $value missing key" && exit 1
    [[ -z $value ]] && juju-log "$CHARM: set_or_update: key $key missing value" && exit 1
@@ -27,11 +28,8 @@
                    pattern="$key="
                    out=$pattern
                    ;;
--    "$api_conf") match="^$key = "
--                 pattern="$match"
--                 out="$key = "
--                 ;;
--    "$quantum_conf"|"$quantum_api_conf"|"$quantum_plugin_conf")
++    "$api_conf"|"$quantum_conf"|"$quantum_api_conf"|"$quantum_plugin_conf"| \
++    "$libvirtd_conf")
                   match="^$key = "
                   pattern="$match"
                   out="$key = "
 === added file 'hooks/lib/nova/grizzly'
 --- hooks/lib/nova/grizzly	1970-01-01 00:00:00 +0000
 +++ hooks/lib/nova/grizzly	2013-01-11 18:39:23 +0000
@@ -0,0 +1,80 @@
++#!/bin/bash -e
++
++# Folsom-specific functions
++
++nova_set_or_update() {
++  # TODO: This needs to be shared among folsom, grizzly and beyond.
++  # Set a config option in nova.conf or api-paste.ini, depending
++  # Defaults to updating nova.conf
++  local key="$1"
++  local value="$2"
++  local conf_file="$3"
++  local section="${4:-DEFAULT}"
++
++  local nova_conf=${NOVA_CONF:-/etc/nova/nova.conf}
++  local api_conf=${API_CONF:-/etc/nova/api-paste.ini}
++  local quantum_conf=${QUANTUM_CONF:-/etc/quantum/quantum.conf}
++  local quantum_api_conf=${QUANTUM_API_CONF:-/etc/quantum/api-paste.ini}
++  local quantum_plugin_conf=${QUANTUM_PLUGIN_CONF:-/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini}
++  local libvirtd_conf=${LIBVIRTD_CONF:-/etc/libvirt/libvirtd.conf}
++
++  [[ -z $key ]] && juju-log "$CHARM: set_or_update: value $value missing key" && exit 1
++  [[ -z $value ]] && juju-log "$CHARM: set_or_update: key $key missing value" && exit 1
++
++  [[ -z "$conf_file" ]] && conf_file=$nova_conf
++
++  local pattern=""
++  case "$conf_file" in
++    "$nova_conf") match="^$key="
++                  pattern="$key="
++                  out=$pattern
++                  ;;
++    "$api_conf"|"$quantum_conf"|"$quantum_api_conf"|"$quantum_plugin_conf"| \
++    "$libvirtd_conf")
++                 match="^$key = "
++                 pattern="$match"
++                 out="$key = "
++                 ;;
++    *) juju-log "$CHARM ERROR: set_or_update: Invalid conf_file ($conf_file)"
++  esac
++
++  cat $conf_file | grep "$match$value" >/dev/null &&
++    juju-log "$CHARM: $key=$value already in set in $conf_file" \
++      && return 0
++
++  case $conf_file in
++    "$quantum_conf"|"$quantum_api_conf"|"$quantum_plugin_conf")
++        python -c "
++import ConfigParser
++config = ConfigParser.RawConfigParser()
++config.read('$conf_file')
++config.set('$section','$key','$value')
++with open('$conf_file', 'wb') as configfile:
++    config.write(configfile)
++"
++      ;;
++    *)
++      if cat $conf_file | grep "$match" >/dev/null ; then
++        juju-log "$CHARM: Updating $conf_file, $key=$value"
++        sed -i "s|\($pattern\).*|\1$value|" $conf_file
++      else
++        juju-log "$CHARM: Setting new option $key=$value in $conf_file"
++        echo "$out$value" >>$conf_file
++      fi
++      ;;
++  esac
++}
++
++# Upgrade Helpers
++nova_pre_upgrade() {
++  # Pre-upgrade helper.  Caller should pass the version of OpenStack we are
++  # upgrading from.
++  return 0 # Nothing to do here, yet.
++}
++
++nova_post_upgrade() {
++  # Post-upgrade helper.  Caller should pass the version of OpenStack we are
++  # upgrading from.
++  juju-log "$CHARM: Running post-upgrade hook: $upgrade_from -> folsom."
++  # nothing to do here yet.
++}
 === modified file 'hooks/lib/nova/nova-common'
 --- hooks/lib/nova/nova-common	2012-12-06 21:32:44 +0000
 +++ hooks/lib/nova/nova-common	2013-01-11 18:39:23 +0000
@@ -32,9 +32,15 @@
  configure_volume_service() {
    local svc="$1"
++  local cur_vers="$(get_os_codename_package "nova-common")"
    case "$svc" in
--    "cinder") set_or_update "volume_api_class" "nova.volume.cinder.API" ;;
--    "nova-volume") set_or_update "volume_api_class" "nova.volume.api.API" ;;
++    "cinder")
++      set_or_update "volume_api_class" "nova.volume.cinder.API" ;;
++    "nova-volume")
++      # nova-volume only supported before grizzly.
++      [[ "$cur_vers" == "essex" ]] || [[ "$cur_vers" == "folsom" ]] &&
++        set_or_update "volume_api_class" "nova.volume.api.API"
++      ;;
      *) juju-log "$CHARM ERROR - configure_volume_service: Invalid service $svc"
         return 1 ;;
    esac
@@ -49,6 +55,25 @@
        ;;
      "FlatDHCPManager")
        set_or_update "network_manager" "nova.network.manager.FlatDHCPManager"
++
++      if [[ "$CHARM" == "nova-compute" ]] ; then
++        local flat_interface=$(config-get flat-interface)
++        local ec2_host=$(relation-get ec2_host)
++        set_or_update flat_inteface "$flat_interface"
++        set_or_update ec2_dmz_host "$ec2_host"
++
++        # Ensure flat_interface has link.
++        if ip link show $flat_interface >/dev/null 2>&1 ; then
++          ip link set $flat_interface up
++        fi
++
++        # work around (LP: #1035172)
++        if [[ -e /dev/vhost-net ]] ; then
++          iptables -A POSTROUTING -t mangle -p udp --dport 68 -j CHECKSUM \
++            --checksum-fill
++        fi
++      fi
++
        ;;
      "Quantum")
        local local_ip=$(get_ip `unit-get private-address`)
 === modified file 'hooks/lib/openstack-common'
 --- hooks/lib/openstack-common	2012-12-06 10:20:34 +0000
 +++ hooks/lib/openstack-common	2013-01-11 18:39:23 +0000
@@ -70,46 +70,62 @@
        # gpg key id tagged to end of url folloed by a |
        url=$(echo $src | cut -d'|' -f1)
        key=$(echo $src | cut -d'|' -f2)
--      if [[ -n "$key" ]] ; then
--        juju-log "$CHARM: Importing repository key: $key"
--        apt-key adv --keyserver keyserver.ubuntu.com --recv-keys "$key" || \
--          juju-log "$CHARM WARN: Could not import key from keyserver: $key"
--      else
--        juju-log "$CHARM No repository key specified"
--        url="$src"
--      fi
--      echo $url > /etc/apt/sources.list.d/juju_deb.list
++      juju-log "$CHARM: Importing repository key: $key"
++      apt-key adv --keyserver keyserver.ubuntu.com --recv-keys "$key" || \
++        juju-log "$CHARM WARN: Could not import key from keyserver: $key"
++    else
++      juju-log "$CHARM No repository key specified."
++      url="$src"
      fi
++    echo "$url" > /etc/apt/sources.list.d/juju_deb.list
      return 0
    fi
    # Cloud Archive
    if [[ "${src:0:6}" == "cloud:" ]] ; then
--    local archive_key="5EDB1B62EC4926EA"
--    local rel=$(echo $src | cut -d: -f2)
--    local u_rel=$(echo $rel | cut -d- -f1)
--    local ca_rel=$(echo $rel | cut -d- -f2)
++
++    # current os releases supported by the UCA.
++    local cloud_archive_versions="folsom grizzly"
++
++    local ca_rel=$(echo $src | cut -d: -f2)
++    local u_rel=$(echo $ca_rel | cut -d- -f1)
++    local os_rel=$(echo $ca_rel | cut -d- -f2 | cut -d/ -f1)
      [[ "$u_rel" != "$DISTRIB_CODENAME" ]] &&
        error_out "Cannot install from Cloud Archive pocket $src " \
                  "on this Ubuntu version ($DISTRIB_CODENAME)!"
--    if [[ "$ca_rel" == "folsom/staging" ]] ; then
--      # cloud archive staging is just a regular PPA.
--      add-apt-repository -y ppa:ubuntu-cloud-archive/folsom-staging
++    valid_release=""
++    for rel in $cloud_archive_versions ; do
++      if [[ "$os_rel" == "$rel" ]] ; then
++        valid_release=1
++        juju-log "Installing OpenStack ($os_rel) from the Ubuntu Cloud Archive."
++      fi
++    done
++    if [[ -z "$valid_release" ]] ; then
++      error_out "OpenStack release ($os_rel) not supported by "\
++                "the Ubuntu Cloud Archive."
++    fi
++
++    # CA staging repos are standard PPAs.
++    if echo $ca_rel | grep -q "staging" ; then
++      add-apt-repository -y ppa:ubuntu-cloud-archive/${os_rel}-staging
        return 0
      fi
++    # the others are LP-external deb repos.
      case "$ca_rel" in
--      "folsom"|"folsom/updates") pocket="precise-updates/folsom" ;;
--      "folsom/proposed") pocket="precise-proposed/folsom" ;;
++      "$u_rel-$os_rel"|"$u_rel-$os_rel/updates") pocket="$u_rel-updates/$os_rel" ;;
++      "$u_rel-$os_rel/proposed") pocket="$u_rel-proposed/$os_rel" ;;
++      "$u_rel-$os_rel"|"$os_rel/updates") pocket="$u_rel-updates/$os_rel" ;;
++      "$u_rel-$os_rel/proposed") pocket="$u_rel-proposed/$os_rel" ;;
        *) error_out "Invalid Cloud Archive repo specified: $src"
      esac
++    apt-get -y install ubuntu-cloud-keyring
      entry="deb http://ubuntu-cloud.archive.canonical.com/ubuntu $pocket main"
      echo "$entry" \
        >/etc/apt/sources.list.d/ubuntu-cloud-archive-$DISTRIB_CODENAME.list
--    apt-key  adv --keyserver keyserver.ubuntu.com --recv-keys $archive_key
      return 0
    fi
@@ -142,8 +158,8 @@
        case "$ca_rel" in
          "folsom"|"folsom/updates"|"folsom/proposed"|"folsom/staging")
            codename="folsom" ;;
--        "grizzly"|"grizzly/updates"|"grizzly/proposed"|"grizzy/staging")
--          codename="grizly" ;;
++        "grizzly"|"grizzly/updates"|"grizzly/proposed"|"grizzly/staging")
++          codename="grizzly" ;;
        esac
      fi
    fi
@@ -161,7 +177,7 @@
+ }
  get_os_codename_package() {
--  local pkg_vers=$(dpkg -l | grep "$1" | awk '{ print $3 }')
++  local pkg_vers=$(dpkg -l | grep "$1" | awk '{ print $3 }') || echo "none"
    case "${pkg_vers:0:6}" in
      "2011.2") echo "diablo" ;;
      "2012.1") echo "essex" ;;
@@ -200,3 +216,101 @@
      pass
+ "
+ }
++
++# Common storage routines used by cinder, nova-volume and swift-storage.
++clean_storage() {
++  # if configured to overwrite existing storage, we unmount the block-dev
++  # if mounted and clear any previous pv signatures
++  local block_dev="$1"
++  juju-log "Cleaining storage '$block_dev'"
++  if grep -q "^$block_dev" /proc/mounts ; then
++    mp=$(grep "^$block_dev" /proc/mounts   | awk '{ print $2 }')
++    juju-log "Unmounting $block_dev from $mp"
++    umount "$mp" || error_out "ERROR: Could not unmount storage from $mp"
++  fi
++  if pvdisplay "$block_dev" >/dev/null 2>&1 ; then
++    juju-log "Removing existing LVM PV signatures from $block_dev"
++
++    # deactivate any volgroups that may be built on this dev
++    vg=$(pvdisplay $block_dev | grep "VG Name" | awk '{ print $3 }')
++    if [[ -n "$vg" ]] ; then
++      juju-log "Deactivating existing volume group: $vg"
++      vgchange -an "$vg" ||
++        error_out "ERROR: Could not deactivate volgroup $vg.  Is it in use?"
++    fi
++    echo "yes" | pvremove -ff "$block_dev" ||
++      error_out "Could not pvremove $block_dev"
++  else
++    juju-log "Zapping disk of all GPT and MBR structures"
++    sgdisk --zap-all $block_dev ||
++      error_out "Unable to zap $block_dev"
++  fi
++}
++
++function get_block_device() {
++  # given a string, return full path to the block device for that
++  # if input is not a block device, find a loopback device
++  local input="$1"
++
++  case "$input" in
++    /dev/*) [[ ! -b "$input" ]] && error_out "$input does not exist."
++            echo "$input"; return 0;;
++    /*) :;;
++    *)  [[ ! -b "/dev/$input" ]] && error_out "/dev/$input does not exist."
++        echo "/dev/$input"; return 0;;
++  esac
++
++  # this represents a file
++  # support "/path/to/file|5G"
++  local fpath size oifs="$IFS"
++  if [ "${input#*|}" != "${input}" ]; then
++    size=${input##*|}
++    fpath=${input%|*}
++  else
++    fpath=${input}
++    size=5G
++  fi
++
++  ## loop devices are not namespaced.  This is bad for containers.
++  ## it means that the output of 'losetup' may have the given $fpath
++  ## in it, but that may not represent this containers $fpath, but
++  ## another containers.  To address that, we really need to
++  ## allow some uniq container-id to be expanded within path.
++  ## TODO: find a unique container-id that will be consistent for
++  ##       this container throughout its lifetime and expand it
++  ##       in the fpath.
++  # fpath=${fpath//%{id}/$THAT_ID}
++
++  local found=""
++  # parse through 'losetup -a' output, looking for this file
++  # output is expected to look like:
++  #   /dev/loop0: [0807]:961814 (/tmp/my.img)
++  found=$(losetup -a |
++    awk 'BEGIN { found=0; }
++         $3 == f { sub(/:$/,"",$1); print $1; found=found+1; }
++         END { if( found == 0 || found == 1 ) { exit(0); }; exit(1); }' \
++         f="($fpath)")
++
++  if [ $? -ne 0 ]; then
++    echo "multiple devices found for $fpath: $found" 1>&2
++    return 1;
++  fi
++
++  [ -n "$found" -a -b "$found" ] && { echo "$found"; return 1; }
++
++  if [ -n "$found" ]; then
++    echo "confused, $found is not a block device for $fpath";
++    return 1;
++  fi
++
++  # no existing device was found, create one
++  mkdir -p "${fpath%/*}"
++  truncate --size "$size" "$fpath" ||
++    { echo "failed to create $fpath of size $size"; return 1; }
++
++  found=$(losetup --find --show "$fpath") ||
++    { echo "failed to setup loop device for $fpath" 1>&2; return 1; }
++
++  echo "$found"
++  return 0
++}
 === modified file 'hooks/nova-cloud-controller-common'
 --- hooks/nova-cloud-controller-common	2012-12-03 11:17:36 +0000
 +++ hooks/nova-cloud-controller-common	2013-01-11 18:39:23 +0000
@@ -3,52 +3,97 @@
  CHARM="nova-cloud-controller"
  CONF_DIR="/etc/nova"
--SERVICES="nova-api-ec2 nova-api-os-compute nova-objectstore nova-cert nova-scheduler"
--
--# If we have a relation to nova-volume-service, we'll also manage its API
--# endpoint here.
--n_vol=$(relation-ids nova-volume-service)
--if [[ -n "$n_vol" ]] ; then
--  SERVICES="$SERVICES nova-api-os-volume"
--  dpkg -l | grep -q nova-api-os-volume || apt-get -y install nova-api-os-volume
--fi
--
--PACKAGES="$SERVICES python-mysqldb python-keystone uuid"
--
--NET_MANAGER=$(config-get network-manager)
--if [ "$NET_MANAGER" == "Quantum" ]; then
--    SERVICES="$SERVICES quantum-server"
--    PACKAGES="$PACKAGES quantum-server"
--    QUANTUM_PLUGIN=$(config-get quantum-plugin)
--    case $QUANTUM_PLUGIN in
--        "ovs")
--            PACKAGES="$PACKAGES quantum-plugin-openvswitch"
--            QUANTUM_CORE_PLUGIN="quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2"
--            QUANTUM_PLUGIN_CONF="/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini"
--            ;;
--        "nvp")
--            PACKAGES="$PACKAGES quantum-plugin-nicira"
--            QUANTUM_CORE_PLUGIN="quantum.plugins.nicira.nicira_nvp_plugin.QuantumPlugin.NvpPluginV2"
--            QUANTUM_PLUGIN_CONF="/etc/quantum/plugins/nicira/nvp.ini"
--            ;;
--        *)
--            juju-log "Unrecognised plugin for quantum: $QUANTUM_PLUGIN" && exit 1
--            ;;
--    esac
--fi
--
--NOVA_CONF=$(config-get nova-config)
++NOVA_CONF="/etc/nova/nova.conf"
  API_CONF="/etc/nova/api-paste.ini"
  QUANTUM_CONF="/etc/quantum/quantum.conf"
  QUANTUM_API_CONF="/etc/quantum/api-paste.ini"
++NET_MANAGER=$(config-get network-manager)
++
  if [[ -e $CHARM_DIR/lib/nova/nova-common ]] ; then
    . $CHARM_DIR/lib/nova/nova-common
  else
    juju-log "Couldn't load $CHARM_DIR/lib/nova/nova-common" && exit 1
  fi
++function determine_services {
++  # Sets the global $SERVICES which contains a list of all services
++  # managed by the charm.  This changes based on OpenStack release.
++  # Currently, the services also determines what ends up in $PACKAGES.
++
++  # base c-c services supported across all os releases since essex.
++  SERVICES="nova-api-ec2 nova-api-os-compute nova-objectstore nova-cert nova-scheduler"
++
++  # determine additional services, dependent on what version of OS.
++  local install_src="$(config-get openstack-origin)"
++  install_src=$(get_os_codename_install_source "$install_src")
++  local os_vers=$(get_os_codename_package "nova-common")
++  if [[ "$os_vers" == "none" ]] ; then
++    [[ "$install_src" == "unknown" ]] && echo "$SERVICES" && return 0
++  fi
++
++  os_vers="$install_src"
++  if [[ "$os_vers" != "essex" ]] && [[ "$os_vers" != "folsom" ]] ; then
++    # nova-conductor was introduced in grizzly.
++    SERVICES="$SERVICES nova-conductor"
++  else
++      local n_vol=$(relation-ids nova-volume-service)
++      if [[ -n "$n_vol" ]] ; then
++        # nova-volume was dropped in G but may still be deployed for E + F,
++        # but should only be managed when a relation to nova-volume exists.
++        SERVICES="$SERVICES nova-api-os-volume"
++        # need to also ensure the package gets installed here.  if the relation
++        # is introduced during another hook, a call to 'service_ctl all' will
++        # require it to be there.
++        dpkg -l | grep -q nova-api-os-volume ||
++          apt-get -y install nova-api-os-volume
++      fi
++  fi
++
++  # quantum is really only supported for folsom and beyond.
++  if [[ "$NET_MANAGER" == "Quantum" ]] ; then
++    [[ "$os_vers" == "essex" ]] &&
++      error_out "Quantum network manager only supported for Folsom + beyond."
++    SERVICES="$SERVICES quantum-server"
++  fi
++}
++
++function determine_packages {
++  # Derive a list of packages based on what our service needs are.  This changes
++  # depending on several factors.
++  determine_services
++  PACKAGES="$SERVICES python-mysqldb python-keystone uuid charm-helper-sh"
++
++  if echo $PACKAGES | grep -q "quantum-server" ; then
++    case "$(config-get quantum-plugin)" in
++      "ovs") PACKAGES="$PACKAGES quantum-plugin-openvswitch" ;;
++      "nvp") PACKAGES="$PACKAGES quantum-plugin-nicira" ;;
++    esac
++  fi
++  juju-log "$CHARM: Determined required packages: $PACKAGES."
++}
++
++function determine_quantum_config {
++  # Set QUANTUM_PLUGIN and point QUANTUM_CORE_PLUGIN and QUANTUM_PLUGIN_CONF
++  # to the correct files based on configuration.
++  QUANTUM_PLUGIN=${QUANTUM_PLUGIN:-$(config-get quantum-plugin)}
++  case "$QUANTUM_PLUGIN" in
++    "ovs")
++      QUANTUM_CORE_PLUGIN="quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2"
++      QUANTUM_PLUGIN_CONF="/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini"
++      ;;
++    "nvp")
++      QUANTUM_CORE_PLUGIN="quantum.plugins.nicira.nicira_nvp_plugin.QuantumPlugin.NvpPluginV2"
++      QUANTUM_PLUGIN_CONF="/etc/quantum/plugins/nicira/nvp.ini"
++      ;;
++  *)
++    juju-log "Unrecognised plugin for quantum: $QUANTUM_PLUGIN" && exit 1
++    ;;
++  esac
++}
++
  function configure_quantum_networking {
++  determine_quantum_config
    if [ "$(config-get conf-ext-net)" != "no" ] &&
       [ "$QUANTUM_PLUGIN" == "ovs" ] &&
       [ -f /etc/quantum/novarc ] &&
@@ -63,3 +108,113 @@
                      $(config-get ext-net-name)
    fi
+ }
++
++function ssh_authorized_keys {
++  local key="$1"
++  local action="$2"
++  local exists=""
++
++  local sunit=$(echo $JUJU_REMOTE_UNIT | cut -d/ -f1)
++  mkdir -p /etc/nova/compute_ssh/$sunit
++  local authorized_keys="/etc/nova/compute_ssh/$sunit/authorized_keys"
++
++  [[ -e "$authorized_keys" ]] &&
++    grep -q "^$key" $authorized_keys && exists="true"
++
++  if [[ "$action" == "add" ]] ; then
++    [[ -n "$exists" ]] &&
++      juju-log "$CHARM: SSH key already authorized for $JUJU_REMOTE_UNIT." &&
++        return 0
++
++    echo "$key" >>$authorized_keys
++    juju-log "$CHARM: Authorized new SSH key for $JUJU_REMOTE_UNIT."
++    return 0
++  elif [[ "$action" == "remove" ]] ; then
++    # we have no way of getting to the relation state during a departed hook.
++    # we only have the peer's unit name, so remove an authorized key based on
++    # its comment, which should can be derived from the remote unit name and
++    # gets passed in here from caller as key/$1
++    local key_ln=$(sed -n "\, ${key}$,=" $authorized_keys)
++    [[ -z "$key_ln" ]] &&
++      juju-log "$CHARM: Cannot remove SSH key for $key, not authorized?" &&
++        return 0
++
++    for ln in $key_ln ; do
++      sed -i "${ln}d" $authorized_keys
++      juju-log "$CHARM: Removed existing SSH key ($key) from authorized_keys."
++    done
++    return 0
++  else
++    error_out "$CHARM: ssh_authorize_keys() invalid action specified: $action."
++  fi
++}
++
++function ssh_known_hosts {
++  # Keeps the system-wide SSH known hosts file up to date with compute
++  # nodes host keys.
++  local host="$1"
++  local sunit=$(echo $JUJU_REMOTE_UNIT | cut -d/ -f1)
++  mkdir -p /etc/nova/compute_ssh/$sunit
++  local known_hosts="/etc/nova/compute_ssh/$sunit/known_hosts"
++  juju-log "$CHARM: Ensuring host is included and up to date in $known_hosts."
++
++  [[ ! -e $known_hosts ]] && touch $known_hosts
++
++  local remote_key=""
++  remote_key=$(ssh-keyscan -H -t rsa $host) ||
++    error_out "$CHARM: Couldn't obtain SSH host key from $host."
++  local existing=$(ssh-keygen -f $known_hosts -H -F $host | tail -n1)
++  if [[ -n "$existing" ]] ; then
++    juju-log "$CHARM: Found existing SSH known host key for $host."
++    [[ "$existing" == "$remote_key" ]] && echo "HI"
++    remote=$(echo $remote_key | awk '{ print $2" "$3 }')
++    existing=$(echo $existing | awk '{ print $2" "$3 }')
++    if [[ "$remote" == "$existing" ]] ; then
++      juju-log "$CHARM: SSH known host key for $host is up to date."
++      return 0
++    fi
++    juju-log "$CHARM: Removing outdated SSH host key for $host."
++    ssh-keygen -f $known_hosts -R $host
++  else
++    juju-log "$CHARM: No known hosts entry for $host."
++  fi
++  juju-log "$CHARM: Adding new SSH known hosts entry for $host."
++  echo $remote_key >>$known_hosts
++
++}
++
++function ssh_compute {
++  if [[ "$1" == "add" ]] ; then
++    local ssh_key=$(relation-get ssh_public_key)
++    [[ -z "$ssh_key" ]] &&
++      juju-log "$CHARM: ssh_compute peer not ready." && exit 0
++
++    ssh_authorized_keys "$ssh_key" "add"
++
++    # need to ensure known hosts entries for all possible addresses
++    . /usr/share/charm-helper/sh/net.sh
++    local known_hosts=""
++    local private_address=$(relation-get private-address)
++    known_hosts="$private_address"
++    if ! ch_is_ip "$private_address" ; then
++      known_hosts="$known_hosts $(get_ip $private_address)"
++      known_hosts="$known_hosts $(echo $private_address | cut -d. -f1)"
++    fi
++    for host in $known_hosts ; do
++      ssh_known_hosts "$host"
++    done
++  elif [[ "$1" == "remove" ]] ; then
++    # remove key by referencing remote unit, not entire key.
++    local remote_unit=$(echo $JUJU_REMOTE_UNIT | sed -e 's,/,-,g')
++    ssh_authorized_keys "$remote_unit" remove
++  else
++    error_out "ssh_compute: Invalid parameter: $1."
++  fi
++
++  local sunit=$(echo $JUJU_REMOTE_UNIT | cut -d/ -f1)
++
++  # base64 encodings should trigger new relation events as needed.
++  relation-set \
++    known_hosts="$(base64 /etc/nova/compute_ssh/$sunit/known_hosts)" \
++    authorized_keys="$(base64 /etc/nova/compute_ssh/$sunit/authorized_keys)"
++}
 === modified file 'hooks/nova-cloud-controller-relations'
 --- hooks/nova-cloud-controller-relations	2012-12-05 11:44:02 +0000
 +++ hooks/nova-cloud-controller-relations	2013-01-11 18:39:23 +0000
@@ -15,9 +15,13 @@
    configure_install_source "$(config-get openstack-origin)"
    apt-get update || exit 1
++  determine_packages
    DEBIAN_FRONTEND=noninteractive apt-get -y \
      install --no-install-recommends $PACKAGES || exit 1
++  if [[ "$NET_MANAGER" == "Quantum" ]] ; then
++    determine_quantum_config
++  fi
    configure_network_manager $NET_MANAGER
    # Configure any flags specified in deployment config
@@ -59,6 +63,7 @@
    if dpkg --compare-versions $(get_os_version_codename "$cur") lt \
                               $(get_os_version_codename "$available") ; then
      juju-log "$CHARM: Upgrading OpenStack release: $cur -> $available."
++    determine_packages
      do_openstack_upgrade "$install_src" $PACKAGES
    fi
@@ -68,6 +73,7 @@
      configure_quantum_networking
    fi
++  determine_services
    service_ctl all restart
+ }
@@ -110,7 +116,7 @@
      set_or_update rabbit_virtual_host "$rabbit_vhost" "$QUANTUM_CONF"
    fi
--  service_ctl all restart
++  determine_services && service_ctl all restart
+ }
  function db_joined {
@@ -144,9 +150,11 @@
    if [ "$NET_MANAGER" == "Quantum" ]; then
      local quantum_db_password=`relation-get quantum_password`
++    determine_quantum_config
      set_or_update sql_connection "mysql://quantum:$quantum_db_password@$db_host/quantum?charset=utf8" \
        $QUANTUM_PLUGIN_CONF "DATABASE"
    fi
++  determine_services
    service_ctl all stop
    /usr/bin/nova-manage db sync
    service_ctl all start
@@ -162,7 +170,7 @@
      juju-log "$CHARM - image-service_changed: Peer not ready?" && exit 0
    set_or_update glance_api_servers $api_server
    set_or_update image_service "nova.image.glance.GlanceImageService"
--  service_ctl all restart
++  determine_services && service_ctl all restart
+ }
  function keystone_joined {
@@ -272,8 +280,8 @@
  EOF
    fi
--  service_ctl all restart
--
++  determine_services && service_ctl all restart
++
    if [ "$NET_MANAGER" == "Quantum" ]; then
      configure_quantum_networking
      # ripple out changes to identity to connected services
@@ -300,8 +308,16 @@
      *) svc="nova-volume" ;;
    esac
++  local cur_vers=$(get_os_codename_package "nova-common")
++  if [[ "$cur_vers" != "essex" ]] && [[ "$cur_vers" != "folsom" ]] &&
++     [[ "$svc" == "nova-volume" ]] ; then
++    juju-log "$CHARM: WARNING nova-volume is only supported on Essex "\
++             "and Folsom.  Ignoring new relation to nova-volume service."
++    exit 0
++  fi
++
    configure_volume_service "$svc"
--  service_ctl all restart
++  deteremine_services && service_ctl all restart
    # The nova-volume API can be hosted here alongside the other
    # nova API services, but there needs to be a new endpoint
@@ -355,13 +371,35 @@
      relation-set quantum_plugin=$(config-get quantum-plugin)
    fi
--  # Compute's volume driver is dependent on volume service deployed.
--  local r_ids=$(relation-ids cinder-volume-service)
--  if [[ -n "$r_ids" ]] ; then
--    relation-set volume_service="cinder"
--  else
--    relation-set volume_service="nova-volume"
--  fi
++  # volume driver is dependent on os version, or presence
++  # of cinder (on folsom, at least)
++  local cur_vers=$(get_os_codename_package "nova-common")
++  local vol_drv="cinder"
++  case "$cur_vers" in
++    "essex")
++      vol_drv="nova-volume"
++      ;;
++    "folsom")
++      local r_ids=$(relation-get cinder-volume-service)
++      [[ -z "$r_ids" ]] && vol_drv="nova-volume"
++      ;;
++  esac
++  relation-set volume_service="$vol_drv"
++}
++
++compute_changed() {
++  local migration_auth="$(relation-get migration_auth_type)"
++  [[ -z "$migration_auth" ]] &&
++    juju-log "$CHARM: compute_changed - Peer not ready or "\
++             "no migration auth. configured." && exit 0
++
++  case "$migration_auth" in
++    "ssh") ssh_compute add ;;
++  esac
++}
++
++compute_departed() {
++  ssh_compute remove
+ }
  quantum_joined() {
@@ -387,10 +425,10 @@
  arg0=$(basename $0)
  case $arg0 in
--  "start"|"stop") service_ctl all $arg0 ;;
++  "start"|"stop") determine_services ; service_ctl all $arg0 ;;
    "install") install_hook ;;
    "config-changed") config_changed ;;
--  "upgrade-charm") upgrade_charm ;;
++  "upgrade-charm") upgrade_charm ;;
    "amqp-relation-joined") amqp_joined ;;
    "amqp-relation-changed") amqp_changed ;;
    "shared-db-relation-joined") db_joined ;;
@@ -402,6 +440,8 @@
    "cinder-volume-service-relation-joined") volume_joined ;;
    "nova-volume-service-relation-joined") volume_joined ;;
    "cloud-compute-relation-joined") compute_joined ;;
++  "cloud-compute-relation-changed") compute_changed ;;
++  "cloud-compute-relation-departed") compute_departed ;;
    "quantum-network-service-relation-joined") quantum_joined ;;
    *) exit 0 ;;
  esac
 === modified file 'revision'
 --- revision	2012-12-06 21:32:44 +0000
 +++ revision	2013-01-11 18:39:23 +0000
@@ -1,1 +1,1 @@
--166
++198

Juju Charms Collectionnova-cloud-controller package

Merge lp:~gandelman-a/charms/precise/nova-cloud-controller/live_migration into lp:~charmers/charms/precise/nova-cloud-controller/trunk

Commit message

Description of the change

Unmerged revisions

Preview Diff

Subscribers

Juju Charms Collection
nova-cloud-controller package