Merge bootstack-ops:jjo-p-o-e-creds into bootstack-ops:master
- Git
- lp:bootstack-ops
- jjo-p-o-e-creds
- Merge into master
Proposed by
JuanJo Ciarlante
Status: | Merged |
---|---|
Merged at revision: | 656040d256b6bd788187f7c0ac331d4718fd57ba |
Proposed branch: | bootstack-ops:jjo-p-o-e-creds |
Merge into: | bootstack-ops:master |
Diff against target: |
253 lines (+117/-20) 7 files modified
ops-bundle/devel/opsdeploy-prometheus.yaml (+8/-7) ops-bundle/devel/prometheus.codetree (+4/-5) ops-bundle/manifest-prometheus (+3/-1) ops-bundle/production/opsdeploy-prometheus.yaml (+21/-2) ops-bundle/production/prometheus.codetree (+4/-5) ops-bundle/scripts/juju_bundle_export.sh (+1/-0) ops-bundle/scripts/prometheus_exporter_creds.py (+76/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Legacy - Canonical WTFB | Pending | ||
Review via email: mp+322262@code.launchpad.net |
Commit message
[jjo] add p-o-e charm instrumentation for its os-credentials settings + other fixes
Description of the change
[jjo] add p-o-e charm instrumentation for its os-credentials settings + other fixes
To post a comment you must log in.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/ops-bundle/devel/opsdeploy-prometheus.yaml b/ops-bundle/devel/opsdeploy-prometheus.yaml | |||
2 | index fef0e9e..485400c 100644 | |||
3 | --- a/ops-bundle/devel/opsdeploy-prometheus.yaml | |||
4 | +++ b/ops-bundle/devel/opsdeploy-prometheus.yaml | |||
5 | @@ -5,7 +5,7 @@ nil: | |||
6 | 5 | services: {} | 5 | services: {} |
7 | 6 | 6 | ||
8 | 7 | ops-bundle-prometheus: | 7 | ops-bundle-prometheus: |
10 | 8 | inherits: [ secrets, bsdeploy ] | 8 | inherits: [ secrets, bsdeploy, poe-secrets ] |
11 | 9 | series: xenial | 9 | series: xenial |
12 | 10 | overrides: | 10 | overrides: |
13 | 11 | snap_proxy: "http://10.76.12.1:8000" | 11 | snap_proxy: "http://10.76.12.1:8000" |
14 | @@ -29,7 +29,7 @@ ops-bundle-prometheus: | |||
15 | 29 | telegraf: | 29 | telegraf: |
16 | 30 | charm: telegraf | 30 | charm: telegraf |
17 | 31 | options: | 31 | options: |
19 | 32 | hostname: '{unit}' | 32 | hostname: '{host}' |
20 | 33 | prometheus_output_port: default | 33 | prometheus_output_port: default |
21 | 34 | 34 | ||
22 | 35 | # WIP | 35 | # WIP |
23 | @@ -39,9 +39,9 @@ ops-bundle-prometheus: | |||
24 | 39 | # to: *PROMSTACK_TO | 39 | # to: *PROMSTACK_TO |
25 | 40 | # | 40 | # |
26 | 41 | # # snap -> needs to be at metal or juju2 lxd | 41 | # # snap -> needs to be at metal or juju2 lxd |
30 | 42 | # prometheus-openstack-exporter: | 42 | prometheus-openstack-exporter: |
31 | 43 | # charm: prometheus-openstack-exporter | 43 | charm: prometheus-openstack-exporter |
32 | 44 | # to: *PROMSTACK_TO | 44 | to: *PROMSTACK_TO |
33 | 45 | 45 | ||
34 | 46 | relations: | 46 | relations: |
35 | 47 | # Connect the grafana -> prometheus -> telegraf stack | 47 | # Connect the grafana -> prometheus -> telegraf stack |
36 | @@ -49,7 +49,8 @@ ops-bundle-prometheus: | |||
37 | 49 | - ["telegraf:prometheus-client", "prometheus:target"] | 49 | - ["telegraf:prometheus-client", "prometheus:target"] |
38 | 50 | # Deploy telegraf on : os-hosts xor nova-compute, etc | 50 | # Deploy telegraf on : os-hosts xor nova-compute, etc |
39 | 51 | - ["telegraf:juju-info", "os-hosts"] | 51 | - ["telegraf:juju-info", "os-hosts"] |
41 | 52 | # WIP | 52 | # WIP: alertmanager |
42 | 53 | # - ["prometheus:alertmanager-service", "prometheus-alertmanager:alertmanager-service"] | 53 | # - ["prometheus:alertmanager-service", "prometheus-alertmanager:alertmanager-service"] |
43 | 54 | # WIP: prometheus-openstack-exporter | ||
44 | 54 | # - ["prometheus-openstack-exporter", "keystone"] | 55 | # - ["prometheus-openstack-exporter", "keystone"] |
46 | 55 | # - ["prometheus-openstack-exporter", "prometheus:target"] | 56 | - ["prometheus-openstack-exporter", "prometheus:target"] |
47 | diff --git a/ops-bundle/devel/prometheus.codetree b/ops-bundle/devel/prometheus.codetree | |||
48 | index 455ea24..aafc6e1 100644 | |||
49 | --- a/ops-bundle/devel/prometheus.codetree | |||
50 | +++ b/ops-bundle/devel/prometheus.codetree | |||
51 | @@ -1,7 +1,6 @@ | |||
52 | 1 | # Reporting | 1 | # Reporting |
58 | 2 | prometheus git+https://git.launchpad.net/prometheus-charm | 2 | prometheus cs:~prometheus-charmers/prometheus |
59 | 3 | grafana git+https://git.launchpad.net/grafana-charm | 3 | grafana cs:~prometheus-charmers/grafana |
60 | 4 | prometheus-alertmanager git+https://git.launchpad.net/prometheus-alertmanager-charm | 4 | telegraf cs:telegraf |
56 | 5 | telegraf git+https://git.launchpad.net/telegraf-charm | ||
57 | 6 | #prometheus-openstack-exporter cs:~jjo/prometheus-openstack-exporter | ||
61 | 7 | prometheus-openstack-exporter git+https://git.launchpad.net/~jjo/bootstack-ops/+git/prometheus-openstack-exporter-charm | 5 | prometheus-openstack-exporter git+https://git.launchpad.net/~jjo/bootstack-ops/+git/prometheus-openstack-exporter-charm |
62 | 6 | #prometheus-openstack-exporter cs:~jjo/prometheus-openstack-exporter | ||
63 | diff --git a/ops-bundle/manifest-prometheus b/ops-bundle/manifest-prometheus | |||
64 | index 9bd0bcb..b044a49 100644 | |||
65 | --- a/ops-bundle/manifest-prometheus | |||
66 | +++ b/ops-bundle/manifest-prometheus | |||
67 | @@ -3,12 +3,14 @@ | |||
68 | 3 | 3 | ||
69 | 4 | # Create bundle and codetree from running env | 4 | # Create bundle and codetree from running env |
70 | 5 | script config=scripts/juju_bundle_export.sh OUT_BUNDLE=bsdeploy.yaml OUT_CODETREE=bsdeploy.codetree NAME=bsdeploy | 5 | script config=scripts/juju_bundle_export.sh OUT_BUNDLE=bsdeploy.yaml OUT_CODETREE=bsdeploy.codetree NAME=bsdeploy |
71 | 6 | script config=scripts/prometheus_exporter_creds.py DEPLOY_BUNDLE=bsdeploy.yaml DEPLOY_NAME=bsdeploy OUT_FILE=poe-secrets.yaml | ||
72 | 6 | 7 | ||
73 | 7 | # Collect Charms for running env | 8 | # Collect Charms for running env |
74 | 8 | collect config=bsdeploy.codetree | 9 | collect config=bsdeploy.codetree |
75 | 9 | 10 | ||
76 | 10 | # Collect Charms for added services | 11 | # Collect Charms for added services |
77 | 11 | collect config=prometheus.codetree | 12 | collect config=prometheus.codetree |
78 | 13 | # mojo collect --options config=prometheus.codetree | ||
79 | 12 | 14 | ||
80 | 13 | # Some hints for peeking diffs | 15 | # Some hints for peeking diffs |
81 | 14 | # mojo deploy-diff --options local=secrets,bsdeploy.yaml config=opsdeploy-prometheus.yaml target=ops-bundle-prometheus | 16 | # mojo deploy-diff --options local=secrets,bsdeploy.yaml config=opsdeploy-prometheus.yaml target=ops-bundle-prometheus |
82 | @@ -18,4 +20,4 @@ collect config=prometheus.codetree | |||
83 | 18 | # Deploy services | 20 | # Deploy services |
84 | 19 | # "nil" deploy just inherits from running, should not deploy anything | 21 | # "nil" deploy just inherits from running, should not deploy anything |
85 | 20 | #deploy local=secrets,bsdeploy.yaml config=opsdeploy-prometheus.yaml target=nil | 22 | #deploy local=secrets,bsdeploy.yaml config=opsdeploy-prometheus.yaml target=nil |
87 | 21 | deploy local=secrets,bsdeploy.yaml config=opsdeploy-prometheus.yaml target=ops-bundle-prometheus | 23 | deploy local=secrets,poe-secrets.yaml,bsdeploy.yaml config=opsdeploy-prometheus.yaml target=ops-bundle-prometheus |
88 | diff --git a/ops-bundle/production/opsdeploy-prometheus.yaml b/ops-bundle/production/opsdeploy-prometheus.yaml | |||
89 | index f9fd133..485400c 100644 | |||
90 | --- a/ops-bundle/production/opsdeploy-prometheus.yaml | |||
91 | +++ b/ops-bundle/production/opsdeploy-prometheus.yaml | |||
92 | @@ -5,7 +5,7 @@ nil: | |||
93 | 5 | services: {} | 5 | services: {} |
94 | 6 | 6 | ||
95 | 7 | ops-bundle-prometheus: | 7 | ops-bundle-prometheus: |
97 | 8 | inherits: [ secrets, bsdeploy ] | 8 | inherits: [ secrets, bsdeploy, poe-secrets ] |
98 | 9 | series: xenial | 9 | series: xenial |
99 | 10 | overrides: | 10 | overrides: |
100 | 11 | snap_proxy: "http://10.76.12.1:8000" | 11 | snap_proxy: "http://10.76.12.1:8000" |
101 | @@ -15,23 +15,42 @@ ops-bundle-prometheus: | |||
102 | 15 | charm: prometheus | 15 | charm: prometheus |
103 | 16 | to: *PROMSTACK_TO | 16 | to: *PROMSTACK_TO |
104 | 17 | options: | 17 | options: |
105 | 18 | |||
106 | 18 | # non snap -> could be LXC'd | 19 | # non snap -> could be LXC'd |
107 | 19 | grafana: | 20 | grafana: |
108 | 20 | charm: grafana | 21 | charm: grafana |
109 | 21 | to: *PROMSTACK_TO | 22 | to: *PROMSTACK_TO |
110 | 22 | options: | 23 | options: |
111 | 24 | ## XXX: must go to secrets.yaml | ||
112 | 25 | admin_password: admin | ||
113 | 23 | install_file: https://grafanarel.s3.amazonaws.com/builds/grafana_4.1.2-1486989747_amd64.deb | 26 | install_file: https://grafanarel.s3.amazonaws.com/builds/grafana_4.1.2-1486989747_amd64.deb |
114 | 24 | 27 | ||
115 | 25 | # subord -> will land on relation to ppal services (os-hosts or nova-compute, etc) | 28 | # subord -> will land on relation to ppal services (os-hosts or nova-compute, etc) |
116 | 26 | telegraf: | 29 | telegraf: |
117 | 27 | charm: telegraf | 30 | charm: telegraf |
118 | 28 | options: | 31 | options: |
120 | 29 | hostname: '{unit}' | 32 | hostname: '{host}' |
121 | 30 | prometheus_output_port: default | 33 | prometheus_output_port: default |
122 | 31 | 34 | ||
123 | 35 | # WIP | ||
124 | 36 | # # snap -> needs to be at metal or juju2 lxd | ||
125 | 37 | # prometheus-alertmanager: | ||
126 | 38 | # charm: prometheus-alertmanager | ||
127 | 39 | # to: *PROMSTACK_TO | ||
128 | 40 | # | ||
129 | 41 | # # snap -> needs to be at metal or juju2 lxd | ||
130 | 42 | prometheus-openstack-exporter: | ||
131 | 43 | charm: prometheus-openstack-exporter | ||
132 | 44 | to: *PROMSTACK_TO | ||
133 | 45 | |||
134 | 32 | relations: | 46 | relations: |
135 | 33 | # Connect the grafana -> prometheus -> telegraf stack | 47 | # Connect the grafana -> prometheus -> telegraf stack |
136 | 34 | - ["prometheus:grafana-source", "grafana:grafana-source"] | 48 | - ["prometheus:grafana-source", "grafana:grafana-source"] |
137 | 35 | - ["telegraf:prometheus-client", "prometheus:target"] | 49 | - ["telegraf:prometheus-client", "prometheus:target"] |
138 | 36 | # Deploy telegraf on : os-hosts xor nova-compute, etc | 50 | # Deploy telegraf on : os-hosts xor nova-compute, etc |
139 | 37 | - ["telegraf:juju-info", "os-hosts"] | 51 | - ["telegraf:juju-info", "os-hosts"] |
140 | 52 | # WIP: alertmanager | ||
141 | 53 | # - ["prometheus:alertmanager-service", "prometheus-alertmanager:alertmanager-service"] | ||
142 | 54 | # WIP: prometheus-openstack-exporter | ||
143 | 55 | # - ["prometheus-openstack-exporter", "keystone"] | ||
144 | 56 | - ["prometheus-openstack-exporter", "prometheus:target"] | ||
145 | diff --git a/ops-bundle/production/prometheus.codetree b/ops-bundle/production/prometheus.codetree | |||
146 | index cd999eb..aafc6e1 100644 | |||
147 | --- a/ops-bundle/production/prometheus.codetree | |||
148 | +++ b/ops-bundle/production/prometheus.codetree | |||
149 | @@ -1,7 +1,6 @@ | |||
150 | 1 | # Reporting | 1 | # Reporting |
155 | 2 | prometheus git+https://git.launchpad.net/prometheus-charm | 2 | prometheus cs:~prometheus-charmers/prometheus |
156 | 3 | grafana git+https://git.launchpad.net/grafana-charm | 3 | grafana cs:~prometheus-charmers/grafana |
157 | 4 | #prometheus-alertmanager git+https://git.launchpad.net/prometheus-alertmanager-charm | 4 | telegraf cs:telegraf |
158 | 5 | telegraf git+https://git.launchpad.net/telegraf-charm | 5 | prometheus-openstack-exporter git+https://git.launchpad.net/~jjo/bootstack-ops/+git/prometheus-openstack-exporter-charm |
159 | 6 | #prometheus-openstack-exporter cs:~jjo/prometheus-openstack-exporter | 6 | #prometheus-openstack-exporter cs:~jjo/prometheus-openstack-exporter |
160 | 7 | #prometheus-openstack-exporter git+https://git.launchpad.net/~jjo/bootstack-ops/+git/prometheus-openstack-exporter-charm | ||
161 | diff --git a/ops-bundle/scripts/juju_bundle_export.sh b/ops-bundle/scripts/juju_bundle_export.sh | |||
162 | index 56e68ef..f0c8e93 100755 | |||
163 | --- a/ops-bundle/scripts/juju_bundle_export.sh | |||
164 | +++ b/ops-bundle/scripts/juju_bundle_export.sh | |||
165 | @@ -8,5 +8,6 @@ PY_SCRIPT=${0%.sh}.py | |||
166 | 8 | (set -x | 8 | (set -x |
167 | 9 | $PY_SCRIPT -o ${MOJO_LOCAL_DIR}/${OUT_BUNDLE} -c ${MOJO_SPEC_DIR}/${MOJO_STAGE}/${OUT_CODETREE} --name ${NAME} | 9 | $PY_SCRIPT -o ${MOJO_LOCAL_DIR}/${OUT_BUNDLE} -c ${MOJO_SPEC_DIR}/${MOJO_STAGE}/${OUT_CODETREE} --name ${NAME} |
168 | 10 | # HACK: above script will create xenial/CHARM while mojo likes ./CHARM | 10 | # HACK: above script will create xenial/CHARM while mojo likes ./CHARM |
169 | 11 | rm -rf ${MOJO_BUILD_DIR:?}/* | ||
170 | 11 | ln -sfn . ${MOJO_BUILD_DIR}/xenial | 12 | ln -sfn . ${MOJO_BUILD_DIR}/xenial |
171 | 12 | ) | 13 | ) |
172 | diff --git a/ops-bundle/scripts/prometheus_exporter_creds.py b/ops-bundle/scripts/prometheus_exporter_creds.py | |||
173 | 13 | new file mode 100755 | 14 | new file mode 100755 |
174 | index 0000000..8ccfb6e | |||
175 | --- /dev/null | |||
176 | +++ b/ops-bundle/scripts/prometheus_exporter_creds.py | |||
177 | @@ -0,0 +1,76 @@ | |||
178 | 1 | #!/usr/bin/env python3 | ||
179 | 2 | # XXX(jjo) HACK to ease os-credentials settings for p-o-e charm, | ||
180 | 3 | # crafted from bundle's keystone settings as saved from running env | ||
181 | 4 | # NOTE this is very mojo specific, as it not only relies on MOJO_LOCAL_DIR | ||
182 | 5 | # but also wants args passed as env vars (mojo manifest line) | ||
183 | 6 | import os | ||
184 | 7 | import yaml | ||
185 | 8 | import logging | ||
186 | 9 | |||
187 | 10 | logging.basicConfig() | ||
188 | 11 | logger = logging.getLogger() | ||
189 | 12 | |||
190 | 13 | # The bundle file where running env was saved | ||
191 | 14 | deploy_bundle = "{}/{}".format( | ||
192 | 15 | os.environ['MOJO_LOCAL_DIR'], | ||
193 | 16 | os.environ['DEPLOY_BUNDLE']) | ||
194 | 17 | |||
195 | 18 | # Then deployment name inside the bundle, e.g. 'bsdeploy' | ||
196 | 19 | deploy_name = os.environ['DEPLOY_NAME'] | ||
197 | 20 | |||
198 | 21 | # Output secrets.yaml file for p-o-e charm, it'll have | ||
199 | 22 | # 'os-credentials' and 'ssl_ca' settings | ||
200 | 23 | out_file = os.environ.get('OUT_FILE') | ||
201 | 24 | if out_file: | ||
202 | 25 | out_file = "{}/{}".format(os.environ['MOJO_LOCAL_DIR'], out_file) | ||
203 | 26 | |||
204 | 27 | # Output deployment name which contains p-o-e charm secrets | ||
205 | 28 | out_name = os.environ.get('OUT_NAME', 'poe-secrets') | ||
206 | 29 | auth_url = os.environ.get('OS_AUTH_URL') | ||
207 | 30 | |||
208 | 31 | # Load DEPLOY_BUNDLE[DEPLOY_NAME]'s keystone config | ||
209 | 32 | deploy = yaml.load(open(deploy_bundle).read())[deploy_name] | ||
210 | 33 | ks_config = deploy['services']['keystone']['options'] | ||
211 | 34 | |||
212 | 35 | # Having OS_AUTH_URL from the running shell env would be great, | ||
213 | 36 | # else try some educated guess | ||
214 | 37 | if not auth_url: | ||
215 | 38 | logging.warning("No 'OS_AUTH_URL' in environment, guessing from keystone") | ||
216 | 39 | hostname = ks_config.get('os-public-hostname', ks_config.get('vip')) | ||
217 | 40 | proto = 'https' if ks_config.get('https-service-endpoints') else 'http' | ||
218 | 41 | auth_url = '{}://{}:5000/v2.0'.format(proto, hostname) | ||
219 | 42 | |||
220 | 43 | logging.info( | ||
221 | 44 | "out_file: {}, out_name: {}, deploy_name: {}, auth_url: {}".format( | ||
222 | 45 | out_file, out_name, deploy_name, auth_url)) | ||
223 | 46 | |||
224 | 47 | # os-credentials must be a string'd YAML, i.e. can't directly be a python dict | ||
225 | 48 | # (as yaml.dump would save it as a yaml dict itself, while juju only supports | ||
226 | 49 | # "flat" non-structured settings) | ||
227 | 50 | poe_settings = { | ||
228 | 51 | 'os-credentials': '{{username: {}, password: {}, region_name: {}, auth_url: "{}" }}'.format( # noqa | ||
229 | 52 | 'Admin', ks_config['admin-password'], | ||
230 | 53 | ks_config['region'], auth_url) | ||
231 | 54 | } | ||
232 | 55 | |||
233 | 56 | # Only save ssl_ca if present in keystone | ||
234 | 57 | ssl_ca = ks_config.get('ssl_ca') | ||
235 | 58 | if ssl_ca: | ||
236 | 59 | poe_settings.update({'ssl_ca': ssl_ca}) | ||
237 | 60 | |||
238 | 61 | # Output mini-bundle with just p-o-e secrets, meant to be used | ||
239 | 62 | # as part of local= mojo manifest line, then inherited from | ||
240 | 63 | # prometheus.yaml main bundle | ||
241 | 64 | out_content = { | ||
242 | 65 | out_name: { | ||
243 | 66 | 'services': { | ||
244 | 67 | 'prometheus-openstack-exporter': { | ||
245 | 68 | 'options': poe_settings | ||
246 | 69 | } | ||
247 | 70 | } | ||
248 | 71 | } | ||
249 | 72 | } | ||
250 | 73 | |||
251 | 74 | # print to stdout if no OUT_FILE | ||
252 | 75 | print_kw = {'file': open(out_file, 'w')} if out_file else {} | ||
253 | 76 | print(yaml.dump(out_content, default_flow_style=False), **print_kw) |