Merge lp:~corey.bryant/charms/trusty/quantum-gateway/end-of-life into lp:~openstack-charmers/charms/trusty/quantum-gateway/next
- Trusty Tahr (14.04)
- end-of-life
- Merge into next
Proposed by
Corey Bryant
Status: | Merged |
---|---|
Merged at revision: | 114 |
Proposed branch: | lp:~corey.bryant/charms/trusty/quantum-gateway/end-of-life |
Merge into: | lp:~openstack-charmers/charms/trusty/quantum-gateway/next |
Diff against target: |
15436 lines (+344/-14080) 138 files modified
.bzrignore (+0/-1) .coveragerc (+0/-6) .project (+0/-17) .pydevproject (+0/-9) Makefile (+1/-13) README.md (+1/-207) actions.yaml (+0/-2) actions/git_reinstall.py (+0/-45) charm-helpers-hooks.yaml (+0/-9) charm-helpers-tests.yaml (+0/-5) files/NeutronAgentMon (+0/-155) files/neutron-ha-monitor.conf (+0/-4) files/neutron-ha-monitor.py (+0/-436) hooks/charmhelpers/contrib/__init__.py (+0/-15) hooks/charmhelpers/contrib/charmsupport/__init__.py (+0/-15) hooks/charmhelpers/contrib/charmsupport/nrpe.py (+0/-360) hooks/charmhelpers/contrib/charmsupport/volumes.py (+0/-175) hooks/charmhelpers/contrib/hahelpers/__init__.py (+0/-15) hooks/charmhelpers/contrib/hahelpers/apache.py (+0/-82) hooks/charmhelpers/contrib/hahelpers/cluster.py (+0/-272) hooks/charmhelpers/contrib/network/__init__.py (+0/-15) hooks/charmhelpers/contrib/network/ip.py (+0/-450) hooks/charmhelpers/contrib/network/ovs/__init__.py (+0/-96) hooks/charmhelpers/contrib/network/ufw.py (+0/-276) hooks/charmhelpers/contrib/openstack/__init__.py (+0/-15) hooks/charmhelpers/contrib/openstack/alternatives.py (+0/-33) hooks/charmhelpers/contrib/openstack/amulet/__init__.py (+0/-15) hooks/charmhelpers/contrib/openstack/amulet/deployment.py (+0/-146) hooks/charmhelpers/contrib/openstack/amulet/utils.py (+0/-294) hooks/charmhelpers/contrib/openstack/context.py (+0/-1328) hooks/charmhelpers/contrib/openstack/files/__init__.py (+0/-18) hooks/charmhelpers/contrib/openstack/files/check_haproxy.sh (+0/-32) hooks/charmhelpers/contrib/openstack/files/check_haproxy_queue_depth.sh (+0/-30) hooks/charmhelpers/contrib/openstack/ip.py (+0/-146) hooks/charmhelpers/contrib/openstack/neutron.py (+0/-322) hooks/charmhelpers/contrib/openstack/templates/__init__.py (+0/-18) hooks/charmhelpers/contrib/openstack/templates/ceph.conf (+0/-15) hooks/charmhelpers/contrib/openstack/templates/git.upstart (+0/-17) hooks/charmhelpers/contrib/openstack/templates/haproxy.cfg (+0/-58) hooks/charmhelpers/contrib/openstack/templates/openstack_https_frontend (+0/-24) hooks/charmhelpers/contrib/openstack/templates/openstack_https_frontend.conf (+0/-24) hooks/charmhelpers/contrib/openstack/templates/section-keystone-authtoken (+0/-9) hooks/charmhelpers/contrib/openstack/templates/section-rabbitmq-oslo (+0/-22) hooks/charmhelpers/contrib/openstack/templates/section-zeromq (+0/-14) hooks/charmhelpers/contrib/openstack/templating.py (+0/-295) hooks/charmhelpers/contrib/openstack/utils.py (+0/-642) hooks/charmhelpers/contrib/python/__init__.py (+0/-15) hooks/charmhelpers/contrib/python/debug.py (+0/-56) hooks/charmhelpers/contrib/python/packages.py (+0/-96) hooks/charmhelpers/contrib/python/rpdb.py (+0/-58) hooks/charmhelpers/contrib/python/version.py (+0/-34) hooks/charmhelpers/contrib/storage/__init__.py (+0/-15) hooks/charmhelpers/contrib/storage/linux/__init__.py (+0/-15) hooks/charmhelpers/contrib/storage/linux/ceph.py (+0/-444) hooks/charmhelpers/contrib/storage/linux/loopback.py (+0/-78) hooks/charmhelpers/contrib/storage/linux/lvm.py (+0/-105) hooks/charmhelpers/contrib/storage/linux/utils.py (+0/-70) hooks/charmhelpers/core/hookenv.py (+232/-38) hooks/charmhelpers/core/host.py (+56/-12) hooks/charmhelpers/core/services/base.py (+43/-19) hooks/charmhelpers/core/services/helpers.py (+2/-2) hooks/charmhelpers/fetch/__init__.py (+0/-439) hooks/charmhelpers/fetch/archiveurl.py (+0/-161) hooks/charmhelpers/fetch/bzrurl.py (+0/-78) hooks/charmhelpers/fetch/giturl.py (+0/-71) hooks/charmhelpers/payload/__init__.py (+0/-17) hooks/charmhelpers/payload/execd.py (+0/-66) hooks/quantum_contexts.py (+0/-193) hooks/quantum_hooks.py (+7/-327) hooks/quantum_utils.py (+0/-1153) metadata.yaml (+2/-0) setup.cfg (+0/-5) templates/ext-port.conf (+0/-16) templates/folsom/dhcp_agent.ini (+0/-10) templates/folsom/l3_agent.ini (+0/-8) templates/folsom/metadata_agent.ini (+0/-12) templates/folsom/nova.conf (+0/-26) templates/folsom/ovs_quantum_plugin.ini (+0/-8) templates/folsom/quantum.conf (+0/-15) templates/git/cron.d/neutron-dhcp-agent-netns-cleanup (+0/-4) templates/git/cron.d/neutron-l3-agent-netns-cleanup (+0/-4) templates/git/cron.d/neutron-lbaas-agent-netns-cleanup (+0/-4) templates/git/neutron_sudoers (+0/-4) templates/git/upstart/neutron-agent.upstart (+0/-25) templates/git/upstart/neutron-ovs-cleanup.upstart (+0/-13) templates/git/upstart/neutron-server.upstart (+0/-22) templates/grizzly/nova.conf (+0/-22) templates/grizzly/quantum.conf (+0/-11) templates/havana/dhcp_agent.ini (+0/-27) templates/havana/dnsmasq.conf (+0/-3) templates/havana/fwaas_driver.ini (+0/-7) templates/havana/l3_agent.ini (+0/-24) templates/havana/lbaas_agent.ini (+0/-8) templates/havana/metadata_agent.ini (+0/-18) templates/havana/metering_agent.ini (+0/-10) templates/havana/neutron.conf (+0/-16) templates/havana/nova.conf (+0/-27) templates/havana/ovs_neutron_plugin.ini (+0/-14) templates/havana/vpn_agent.ini (+0/-8) templates/icehouse/metadata_agent.ini (+0/-19) templates/icehouse/ml2_conf.ini (+0/-35) templates/icehouse/neutron.conf (+0/-18) templates/juno/l3_agent.ini (+0/-25) templates/juno/ml2_conf.ini (+0/-36) templates/kilo/fwaas_driver.ini (+0/-8) templates/kilo/lbaas_agent.ini (+0/-13) templates/kilo/neutron.conf (+0/-25) templates/kilo/nova.conf (+0/-33) templates/kilo/vpn_agent.ini (+0/-9) templates/os-charm-phy-nic-mtu.conf (+0/-22) templates/parts/database (+0/-1) templates/parts/rabbitmq (+0/-21) tests/00-setup (+0/-11) tests/014-basic-precise-icehouse (+0/-11) tests/015-basic-trusty-icehouse (+0/-9) tests/016-basic-trusty-juno (+0/-11) tests/017-basic-trusty-kilo (+0/-11) tests/018-basic-utopic-juno (+0/-9) tests/019-basic-vivid-kilo (+0/-9) tests/050-basic-trusty-icehouse-git (+0/-9) tests/051-basic-trusty-juno-git (+0/-12) tests/README (+0/-53) tests/basic_deployment.py (+0/-656) tests/charmhelpers/__init__.py (+0/-38) tests/charmhelpers/contrib/__init__.py (+0/-15) tests/charmhelpers/contrib/amulet/__init__.py (+0/-15) tests/charmhelpers/contrib/amulet/deployment.py (+0/-93) tests/charmhelpers/contrib/amulet/utils.py (+0/-323) tests/charmhelpers/contrib/openstack/__init__.py (+0/-15) tests/charmhelpers/contrib/openstack/amulet/__init__.py (+0/-15) tests/charmhelpers/contrib/openstack/amulet/deployment.py (+0/-146) tests/charmhelpers/contrib/openstack/amulet/utils.py (+0/-294) unit_tests/__init__.py (+0/-4) unit_tests/test_actions_git_reinstall.py (+0/-105) unit_tests/test_quantum_contexts.py (+0/-274) unit_tests/test_quantum_hooks.py (+0/-370) unit_tests/test_quantum_utils.py (+0/-1077) unit_tests/test_utils.py (+0/-100) |
To merge this branch: | bzr merge lp:~corey.bryant/charms/trusty/quantum-gateway/end-of-life |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
James Page | Approve | ||
Review via email:
|
Commit message
Description of the change
To post a comment you must log in.
Revision history for this message
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Corey Bryant (corey.bryant) wrote : | # |
Revision history for this message
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Corey Bryant (corey.bryant) wrote : | # |
I also stripped out any functionality from the charm.
- 115. By Corey Bryant
-
quantum-gateway charm has reached end-of-life
Strip all functionality from charm and issue status message
reporting end-of-life and pointing users to neutron-gateway charm.
Revision history for this message
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
James Page (james-page) wrote : | # |
Aside from the amendment to the README I think this is OK.
review:
Approve
Revision history for this message
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Corey Bryant (corey.bryant) wrote : | # |
James, Good point. I responded below. I hit a bug testing the charm upgrade and proposed a fix to charm-helpers.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === modified file '.bzrignore' | |||
2 | --- .bzrignore 2015-04-10 14:22:04 +0000 | |||
3 | +++ .bzrignore 2015-07-16 19:59:55 +0000 | |||
4 | @@ -1,3 +1,2 @@ | |||
5 | 1 | bin | 1 | bin |
6 | 2 | .coverage | ||
7 | 3 | tags | 2 | tags |
8 | 4 | 3 | ||
9 | === removed file '.coveragerc' | |||
10 | --- .coveragerc 2013-07-19 09:46:25 +0000 | |||
11 | +++ .coveragerc 1970-01-01 00:00:00 +0000 | |||
12 | @@ -1,6 +0,0 @@ | |||
13 | 1 | [report] | ||
14 | 2 | # Regexes for lines to exclude from consideration | ||
15 | 3 | exclude_lines = | ||
16 | 4 | if __name__ == .__main__.: | ||
17 | 5 | include= | ||
18 | 6 | hooks/quantum_* | ||
19 | 7 | 0 | ||
20 | === removed file '.project' | |||
21 | --- .project 2012-12-06 10:22:24 +0000 | |||
22 | +++ .project 1970-01-01 00:00:00 +0000 | |||
23 | @@ -1,17 +0,0 @@ | |||
24 | 1 | <?xml version="1.0" encoding="UTF-8"?> | ||
25 | 2 | <projectDescription> | ||
26 | 3 | <name>quantum-gateway</name> | ||
27 | 4 | <comment></comment> | ||
28 | 5 | <projects> | ||
29 | 6 | </projects> | ||
30 | 7 | <buildSpec> | ||
31 | 8 | <buildCommand> | ||
32 | 9 | <name>org.python.pydev.PyDevBuilder</name> | ||
33 | 10 | <arguments> | ||
34 | 11 | </arguments> | ||
35 | 12 | </buildCommand> | ||
36 | 13 | </buildSpec> | ||
37 | 14 | <natures> | ||
38 | 15 | <nature>org.python.pydev.pythonNature</nature> | ||
39 | 16 | </natures> | ||
40 | 17 | </projectDescription> | ||
41 | 18 | 0 | ||
42 | === removed file '.pydevproject' | |||
43 | --- .pydevproject 2013-07-19 09:46:25 +0000 | |||
44 | +++ .pydevproject 1970-01-01 00:00:00 +0000 | |||
45 | @@ -1,9 +0,0 @@ | |||
46 | 1 | <?xml version="1.0" encoding="UTF-8" standalone="no"?> | ||
47 | 2 | <?eclipse-pydev version="1.0"?><pydev_project> | ||
48 | 3 | <pydev_property name="org.python.pydev.PYTHON_PROJECT_VERSION">python 2.7</pydev_property> | ||
49 | 4 | <pydev_property name="org.python.pydev.PYTHON_PROJECT_INTERPRETER">Default</pydev_property> | ||
50 | 5 | <pydev_pathproperty name="org.python.pydev.PROJECT_SOURCE_PATH"> | ||
51 | 6 | <path>/quantum-gateway/hooks</path> | ||
52 | 7 | <path>/quantum-gateway/unit_tests</path> | ||
53 | 8 | </pydev_pathproperty> | ||
54 | 9 | </pydev_project> | ||
55 | 10 | 0 | ||
56 | === modified file 'Makefile' | |||
57 | --- Makefile 2015-04-16 21:32:07 +0000 | |||
58 | +++ Makefile 2015-07-16 19:59:55 +0000 | |||
59 | @@ -2,13 +2,9 @@ | |||
60 | 2 | PYTHON := /usr/bin/env python | 2 | PYTHON := /usr/bin/env python |
61 | 3 | 3 | ||
62 | 4 | lint: | 4 | lint: |
64 | 5 | @flake8 --exclude hooks/charmhelpers actions hooks unit_tests tests | 5 | @flake8 --exclude hooks/charmhelpers hooks |
65 | 6 | @charm proof | 6 | @charm proof |
66 | 7 | 7 | ||
67 | 8 | unit_test: | ||
68 | 9 | @echo Starting unit tests... | ||
69 | 10 | @$(PYTHON) /usr/bin/nosetests --nologcapture --with-coverage unit_tests | ||
70 | 11 | |||
71 | 12 | bin/charm_helpers_sync.py: | 8 | bin/charm_helpers_sync.py: |
72 | 13 | @mkdir -p bin | 9 | @mkdir -p bin |
73 | 14 | @bzr cat lp:charm-helpers/tools/charm_helpers_sync/charm_helpers_sync.py \ | 10 | @bzr cat lp:charm-helpers/tools/charm_helpers_sync/charm_helpers_sync.py \ |
74 | @@ -16,14 +12,6 @@ | |||
75 | 16 | 12 | ||
76 | 17 | sync: bin/charm_helpers_sync.py | 13 | sync: bin/charm_helpers_sync.py |
77 | 18 | @$(PYTHON) bin/charm_helpers_sync.py -c charm-helpers-hooks.yaml | 14 | @$(PYTHON) bin/charm_helpers_sync.py -c charm-helpers-hooks.yaml |
78 | 19 | @$(PYTHON) bin/charm_helpers_sync.py -c charm-helpers-tests.yaml | ||
79 | 20 | |||
80 | 21 | test: | ||
81 | 22 | @echo Starting Amulet tests... | ||
82 | 23 | # coreycb note: The -v should only be temporary until Amulet sends | ||
83 | 24 | # raise_status() messages to stderr: | ||
84 | 25 | # https://bugs.launchpad.net/amulet/+bug/1320357 | ||
85 | 26 | @juju test -v -p AMULET_HTTP_PROXY,AMULET_OS_VIP --timeout 2700 | ||
86 | 27 | 15 | ||
87 | 28 | publish: lint unit_test | 16 | publish: lint unit_test |
88 | 29 | bzr push lp:charms/quantum-gateway | 17 | bzr push lp:charms/quantum-gateway |
89 | 30 | 18 | ||
90 | === modified file 'README.md' | |||
91 | --- README.md 2015-05-01 10:33:20 +0000 | |||
92 | +++ README.md 2015-07-16 19:59:55 +0000 | |||
93 | @@ -1,210 +1,4 @@ | |||
94 | 1 | Overview | 1 | Overview |
95 | 2 | -------- | 2 | -------- |
96 | 3 | 3 | ||
304 | 4 | Neutron provides flexible software defined networking (SDN) for OpenStack. | 4 | This charm has reached end-of-life. Please use the neutron-gateway charm. |
98 | 5 | |||
99 | 6 | This charm is designed to be used in conjunction with the rest of the OpenStack | ||
100 | 7 | related charms in the charm store) to virtualized the network that Nova Compute | ||
101 | 8 | instances plug into. | ||
102 | 9 | |||
103 | 10 | Its designed as a replacement for nova-network; however it does not yet | ||
104 | 11 | support all of the features as nova-network (such as multihost) so may not | ||
105 | 12 | be suitable for all. | ||
106 | 13 | |||
107 | 14 | Neutron supports a rich plugin/extension framework for propriety networking | ||
108 | 15 | solutions and supports (in core) Nicira NVP, NEC, Cisco and others... | ||
109 | 16 | |||
110 | 17 | The Openstack charms currently only support the fully free OpenvSwitch plugin | ||
111 | 18 | and implements the 'Provider Router with Private Networks' use case. | ||
112 | 19 | |||
113 | 20 | See the upstream [Neutron documentation](http://docs.openstack.org/trunk/openstack-network/admin/content/use_cases_single_router.html) | ||
114 | 21 | for more details. | ||
115 | 22 | |||
116 | 23 | |||
117 | 24 | Usage | ||
118 | 25 | ----- | ||
119 | 26 | |||
120 | 27 | In order to use Neutron with Openstack, you will need to deploy the | ||
121 | 28 | nova-compute and nova-cloud-controller charms with the network-manager | ||
122 | 29 | configuration set to 'Neutron': | ||
123 | 30 | |||
124 | 31 | nova-cloud-controller: | ||
125 | 32 | network-manager: Neutron | ||
126 | 33 | |||
127 | 34 | This decision must be made prior to deploying Openstack with Juju as | ||
128 | 35 | Neutron is deployed baked into these charms from install onwards: | ||
129 | 36 | |||
130 | 37 | juju deploy nova-compute | ||
131 | 38 | juju deploy --config config.yaml nova-cloud-controller | ||
132 | 39 | juju add-relation nova-compute nova-cloud-controller | ||
133 | 40 | |||
134 | 41 | The Neutron Gateway can then be added to the deploying: | ||
135 | 42 | |||
136 | 43 | juju deploy quantum-gateway | ||
137 | 44 | juju add-relation quantum-gateway mysql | ||
138 | 45 | juju add-relation quantum-gateway rabbitmq-server | ||
139 | 46 | juju add-relation quantum-gateway nova-cloud-controller | ||
140 | 47 | |||
141 | 48 | The gateway provides two key services; L3 network routing and DHCP services. | ||
142 | 49 | |||
143 | 50 | These are both required in a fully functional Neutron Openstack deployment. | ||
144 | 51 | |||
145 | 52 | See upstream [Neutron multi extnet](http://docs.openstack.org/trunk/config-reference/content/adv_cfg_l3_agent_multi_extnet.html) | ||
146 | 53 | |||
147 | 54 | Configuration Options | ||
148 | 55 | --------------------- | ||
149 | 56 | |||
150 | 57 | External Port Configuration | ||
151 | 58 | =========================== | ||
152 | 59 | |||
153 | 60 | If the port to be used for external traffic is consistent accross all physical | ||
154 | 61 | servers then is can be specified by simply setting ext-port to the nic id: | ||
155 | 62 | |||
156 | 63 | quantum-gateway: | ||
157 | 64 | ext-port: eth2 | ||
158 | 65 | |||
159 | 66 | However, if it varies between hosts then the mac addresses of the external | ||
160 | 67 | nics for each host can be passed as a space seperated list: | ||
161 | 68 | |||
162 | 69 | quantum-gateway: | ||
163 | 70 | ext-port: <MAC ext port host 1> <MAC ext port host 2> <MAC ext port host 3> | ||
164 | 71 | |||
165 | 72 | |||
166 | 73 | Multiple Floating Pools | ||
167 | 74 | ======================= | ||
168 | 75 | |||
169 | 76 | If multiple floating pools are needed then an L3 agent (which corresponds to | ||
170 | 77 | a quantum-gateway for the sake of this charm) is needed for each one. Each | ||
171 | 78 | gateway needs to be deployed as a seperate service so that the external | ||
172 | 79 | network id can be set differently for each gateway e.g. | ||
173 | 80 | |||
174 | 81 | juju deploy quantum-gateway quantum-gateway-extnet1 | ||
175 | 82 | juju add-relation quantum-gateway-extnet1 mysql | ||
176 | 83 | juju add-relation quantum-gateway-extnet1 rabbitmq-server | ||
177 | 84 | juju add-relation quantum-gateway-extnet1 nova-cloud-controller | ||
178 | 85 | juju deploy quantum-gateway quantum-gateway-extnet2 | ||
179 | 86 | juju add-relation quantum-gateway-extnet2 mysql | ||
180 | 87 | juju add-relation quantum-gateway-extnet2 rabbitmq-server | ||
181 | 88 | juju add-relation quantum-gateway-extnet2 nova-cloud-controller | ||
182 | 89 | |||
183 | 90 | Create extnet1 and extnet2 via neutron client and take a note of their ids | ||
184 | 91 | |||
185 | 92 | juju set quantum-gateway-extnet1 "run-internal-router=leader" | ||
186 | 93 | juju set quantum-gateway-extnet2 "run-internal-router=none" | ||
187 | 94 | juju set quantum-gateway-extnet1 "external-network-id=<extnet1 id>" | ||
188 | 95 | juju set quantum-gateway-extnet2 "external-network-id=<extnet2 id>" | ||
189 | 96 | |||
190 | 97 | Instance MTU | ||
191 | 98 | ============ | ||
192 | 99 | |||
193 | 100 | When using Open vSwitch plugin with GRE tunnels default MTU of 1500 can cause | ||
194 | 101 | packet fragmentation due to GRE overhead. One solution is to increase the MTU on | ||
195 | 102 | physical hosts and network equipment. When this is not possible or practical the | ||
196 | 103 | charm's instance-mtu option can be used to reduce instance MTU via DHCP. | ||
197 | 104 | |||
198 | 105 | juju set quantum-gateway instance-mtu=1400 | ||
199 | 106 | |||
200 | 107 | OpenStack upstream documentation recomments a MTU value of 1400: | ||
201 | 108 | [Openstack documentation](http://docs.openstack.org/admin-guide-cloud/content/openvswitch_plugin.html) | ||
202 | 109 | |||
203 | 110 | Note that this option was added in Havana and will be ignored in older releases. | ||
204 | 111 | |||
205 | 112 | Deploying from source | ||
206 | 113 | ===================== | ||
207 | 114 | |||
208 | 115 | The minimum openstack-origin-git config required to deploy from source is: | ||
209 | 116 | |||
210 | 117 | openstack-origin-git: include-file://neutron-juno.yaml | ||
211 | 118 | |||
212 | 119 | neutron-juno.yaml | ||
213 | 120 | ----------------- | ||
214 | 121 | repositories: | ||
215 | 122 | - {name: requirements, | ||
216 | 123 | repository: 'git://github.com/openstack/requirements', | ||
217 | 124 | branch: stable/juno} | ||
218 | 125 | - {name: neutron, | ||
219 | 126 | repository: 'git://github.com/openstack/neutron', | ||
220 | 127 | branch: stable/juno} | ||
221 | 128 | |||
222 | 129 | Note that there are only two 'name' values the charm knows about: 'requirements' | ||
223 | 130 | and 'neutron'. These repositories must correspond to these 'name' values. | ||
224 | 131 | Additionally, the requirements repository must be specified first and the | ||
225 | 132 | neutron repository must be specified last. All other repostories are installed | ||
226 | 133 | in the order in which they are specified. | ||
227 | 134 | |||
228 | 135 | The following is a full list of current tip repos (may not be up-to-date): | ||
229 | 136 | |||
230 | 137 | openstack-origin-git: include-file://neutron-master.yaml | ||
231 | 138 | |||
232 | 139 | neutron-master.yaml | ||
233 | 140 | ------------------- | ||
234 | 141 | repositories: | ||
235 | 142 | - {name: requirements, | ||
236 | 143 | repository: 'git://github.com/openstack/requirements', | ||
237 | 144 | branch: master} | ||
238 | 145 | - {name: oslo-concurrency, | ||
239 | 146 | repository: 'git://github.com/openstack/oslo.concurrency', | ||
240 | 147 | branch: master} | ||
241 | 148 | - {name: oslo-config, | ||
242 | 149 | repository: 'git://github.com/openstack/oslo.config', | ||
243 | 150 | branch: master} | ||
244 | 151 | - {name: oslo-context, | ||
245 | 152 | repository: 'git://github.com/openstack/oslo.context', | ||
246 | 153 | branch: master} | ||
247 | 154 | - {name: oslo-db, | ||
248 | 155 | repository: 'git://github.com/openstack/oslo.db', | ||
249 | 156 | branch: master} | ||
250 | 157 | - {name: oslo-i18n, | ||
251 | 158 | repository: 'git://github.com/openstack/oslo.i18n', | ||
252 | 159 | branch: master} | ||
253 | 160 | - {name: oslo-messaging, | ||
254 | 161 | repository: 'git://github.com/openstack/oslo.messaging', | ||
255 | 162 | branch: master} | ||
256 | 163 | - {name: oslo-middleware, | ||
257 | 164 | repository': 'git://github.com/openstack/oslo.middleware', | ||
258 | 165 | branch: master} | ||
259 | 166 | - {name: oslo-rootwrap', | ||
260 | 167 | repository: 'git://github.com/openstack/oslo.rootwrap', | ||
261 | 168 | branch: master} | ||
262 | 169 | - {name: oslo-serialization, | ||
263 | 170 | repository: 'git://github.com/openstack/oslo.serialization', | ||
264 | 171 | branch: master} | ||
265 | 172 | - {name: oslo-utils, | ||
266 | 173 | repository: 'git://github.com/openstack/oslo.utils', | ||
267 | 174 | branch: master} | ||
268 | 175 | - {name: pbr, | ||
269 | 176 | repository: 'git://github.com/openstack-dev/pbr', | ||
270 | 177 | branch: master} | ||
271 | 178 | - {name: stevedore, | ||
272 | 179 | repository: 'git://github.com/openstack/stevedore', | ||
273 | 180 | branch: 'master'} | ||
274 | 181 | - {name: python-keystoneclient, | ||
275 | 182 | repository: 'git://github.com/openstack/python-keystoneclient', | ||
276 | 183 | branch: master} | ||
277 | 184 | - {name: python-neutronclient, | ||
278 | 185 | repository: 'git://github.com/openstack/python-neutronclient', | ||
279 | 186 | branch: master} | ||
280 | 187 | - {name: python-novaclient, | ||
281 | 188 | repository': 'git://github.com/openstack/python-novaclient', | ||
282 | 189 | branch: master} | ||
283 | 190 | - {name: keystonemiddleware, | ||
284 | 191 | repository: 'git://github.com/openstack/keystonemiddleware', | ||
285 | 192 | branch: master} | ||
286 | 193 | - {name: neutron-fwaas, | ||
287 | 194 | repository': 'git://github.com/openstack/neutron-fwaas', | ||
288 | 195 | branch: master} | ||
289 | 196 | - {name: neutron-lbaas, | ||
290 | 197 | repository: 'git://github.com/openstack/neutron-lbaas', | ||
291 | 198 | branch: master} | ||
292 | 199 | - {name: neutron-vpnaas, | ||
293 | 200 | repository: 'git://github.com/openstack/neutron-vpnaas', | ||
294 | 201 | branch: master} | ||
295 | 202 | - {name: neutron, | ||
296 | 203 | repository: 'git://github.com/openstack/neutron', | ||
297 | 204 | branch: master} | ||
298 | 205 | |||
299 | 206 | TODO | ||
300 | 207 | ---- | ||
301 | 208 | |||
302 | 209 | * Provide more network configuration use cases. | ||
303 | 210 | * Support VLAN in addition to GRE+OpenFlow for L2 separation. | ||
305 | 211 | 5 | ||
306 | === removed directory 'actions' | |||
307 | === removed file 'actions.yaml' | |||
308 | --- actions.yaml 2015-04-10 14:22:04 +0000 | |||
309 | +++ actions.yaml 1970-01-01 00:00:00 +0000 | |||
310 | @@ -1,2 +0,0 @@ | |||
311 | 1 | git-reinstall: | ||
312 | 2 | description: Reinstall quantum-gateway from the openstack-origin-git repositories. | ||
313 | 3 | 0 | ||
314 | === removed symlink 'actions/git-reinstall' | |||
315 | === target was u'git_reinstall.py' | |||
316 | === removed file 'actions/git_reinstall.py' | |||
317 | --- actions/git_reinstall.py 2015-04-15 16:46:22 +0000 | |||
318 | +++ actions/git_reinstall.py 1970-01-01 00:00:00 +0000 | |||
319 | @@ -1,45 +0,0 @@ | |||
320 | 1 | #!/usr/bin/python | ||
321 | 2 | import sys | ||
322 | 3 | import traceback | ||
323 | 4 | |||
324 | 5 | sys.path.append('hooks/') | ||
325 | 6 | |||
326 | 7 | from charmhelpers.contrib.openstack.utils import ( | ||
327 | 8 | git_install_requested, | ||
328 | 9 | ) | ||
329 | 10 | |||
330 | 11 | from charmhelpers.core.hookenv import ( | ||
331 | 12 | action_set, | ||
332 | 13 | action_fail, | ||
333 | 14 | config, | ||
334 | 15 | ) | ||
335 | 16 | |||
336 | 17 | from quantum_utils import ( | ||
337 | 18 | git_install, | ||
338 | 19 | ) | ||
339 | 20 | |||
340 | 21 | from quantum_hooks import ( | ||
341 | 22 | config_changed, | ||
342 | 23 | ) | ||
343 | 24 | |||
344 | 25 | |||
345 | 26 | def git_reinstall(): | ||
346 | 27 | """Reinstall from source and restart services. | ||
347 | 28 | |||
348 | 29 | If the openstack-origin-git config option was used to install openstack | ||
349 | 30 | from source git repositories, then this action can be used to reinstall | ||
350 | 31 | from updated git repositories, followed by a restart of services.""" | ||
351 | 32 | if not git_install_requested(): | ||
352 | 33 | action_fail('openstack-origin-git is not configured') | ||
353 | 34 | return | ||
354 | 35 | |||
355 | 36 | try: | ||
356 | 37 | git_install(config('openstack-origin-git')) | ||
357 | 38 | config_changed() | ||
358 | 39 | except: | ||
359 | 40 | action_set({'traceback': traceback.format_exc()}) | ||
360 | 41 | action_fail('git-reinstall resulted in an unexpected error') | ||
361 | 42 | |||
362 | 43 | |||
363 | 44 | if __name__ == '__main__': | ||
364 | 45 | git_reinstall() | ||
365 | 46 | 0 | ||
366 | === modified file 'charm-helpers-hooks.yaml' | |||
367 | --- charm-helpers-hooks.yaml 2015-05-02 22:35:06 +0000 | |||
368 | +++ charm-helpers-hooks.yaml 2015-07-16 19:59:55 +0000 | |||
369 | @@ -2,12 +2,3 @@ | |||
370 | 2 | destination: hooks/charmhelpers | 2 | destination: hooks/charmhelpers |
371 | 3 | include: | 3 | include: |
372 | 4 | - core | 4 | - core |
373 | 5 | - fetch | ||
374 | 6 | - contrib.openstack|inc=* | ||
375 | 7 | - contrib.hahelpers | ||
376 | 8 | - contrib.network | ||
377 | 9 | - contrib.python.packages | ||
378 | 10 | - contrib.storage.linux | ||
379 | 11 | - contrib.python | ||
380 | 12 | - payload.execd | ||
381 | 13 | - contrib.charmsupport | ||
382 | 14 | 5 | ||
383 | === removed file 'charm-helpers-tests.yaml' | |||
384 | --- charm-helpers-tests.yaml 2015-05-02 22:35:06 +0000 | |||
385 | +++ charm-helpers-tests.yaml 1970-01-01 00:00:00 +0000 | |||
386 | @@ -1,5 +0,0 @@ | |||
387 | 1 | branch: lp:charm-helpers | ||
388 | 2 | destination: tests/charmhelpers | ||
389 | 3 | include: | ||
390 | 4 | - contrib.amulet | ||
391 | 5 | - contrib.openstack.amulet | ||
392 | 6 | 0 | ||
393 | === removed directory 'files' | |||
394 | === removed file 'files/NeutronAgentMon' | |||
395 | --- files/NeutronAgentMon 2015-01-15 10:00:38 +0000 | |||
396 | +++ files/NeutronAgentMon 1970-01-01 00:00:00 +0000 | |||
397 | @@ -1,155 +0,0 @@ | |||
398 | 1 | #!/bin/sh | ||
399 | 2 | # | ||
400 | 3 | # | ||
401 | 4 | # NeutronAgentMon OCF RA. | ||
402 | 5 | # Starts crm_mon in background which logs cluster status as | ||
403 | 6 | # html to the specified file. | ||
404 | 7 | # | ||
405 | 8 | # Copyright 2014 Canonical Ltd. | ||
406 | 9 | # | ||
407 | 10 | # Authors: Hui Xiang <hui.xiang@canonical.com> | ||
408 | 11 | # Edward Hope-Morley <edward.hope-morley@canonical.com> | ||
409 | 12 | # | ||
410 | 13 | # OCF instance parameters: | ||
411 | 14 | # OCF_RESKEY_file | ||
412 | 15 | |||
413 | 16 | ####################################################################### | ||
414 | 17 | # Initialization: | ||
415 | 18 | : ${OCF_FUNCTIONS=${OCF_ROOT}/resource.d/heartbeat/.ocf-shellfuncs} | ||
416 | 19 | . ${OCF_FUNCTIONS} | ||
417 | 20 | : ${__OCF_ACTION=$1} | ||
418 | 21 | |||
419 | 22 | ####################################################################### | ||
420 | 23 | |||
421 | 24 | meta_data() { | ||
422 | 25 | cat <<END | ||
423 | 26 | <?xml version="1.0"?> | ||
424 | 27 | <!DOCTYPE resource-agent SYSTEM "ra-api-1.dtd"> | ||
425 | 28 | <resource-agent name="NeutronAgentMon"> | ||
426 | 29 | <version>1.0</version> | ||
427 | 30 | |||
428 | 31 | <longdesc lang="en"> | ||
429 | 32 | This is a NeutronAgentMon Resource Agent. | ||
430 | 33 | It monitors the 'neutron-ha-monitor daemon' status. | ||
431 | 34 | </longdesc> | ||
432 | 35 | <shortdesc lang="en">Monitor '/usr/local/bin/neutron-ha-monitor.py' in the background.</shortdesc> | ||
433 | 36 | |||
434 | 37 | <parameters> | ||
435 | 38 | |||
436 | 39 | <parameter name="file" unique="0"> | ||
437 | 40 | <longdesc lang="en"> | ||
438 | 41 | The file we want to run as a daemon. | ||
439 | 42 | </longdesc> | ||
440 | 43 | <shortdesc lang="en">The file we want to run as a daemon.</shortdesc> | ||
441 | 44 | <content type="string" default="/usr/local/bin/neutron-ha-monitor.py" /> | ||
442 | 45 | </parameter> | ||
443 | 46 | |||
444 | 47 | </parameters> | ||
445 | 48 | |||
446 | 49 | <actions> | ||
447 | 50 | <action name="start" timeout="20" /> | ||
448 | 51 | <action name="stop" timeout="20" /> | ||
449 | 52 | <action name="monitor" depth="0" timeout="20" interval="60" /> | ||
450 | 53 | <action name="meta-data" timeout="5" /> | ||
451 | 54 | <action name="validate-all" timeout="30" /> | ||
452 | 55 | </actions> | ||
453 | 56 | </resource-agent> | ||
454 | 57 | END | ||
455 | 58 | } | ||
456 | 59 | |||
457 | 60 | ####################################################################### | ||
458 | 61 | |||
459 | 62 | NeutronAgentMon_usage() { | ||
460 | 63 | cat <<END | ||
461 | 64 | usage: $0 {start|stop|monitor|validate-all|meta-data} | ||
462 | 65 | |||
463 | 66 | Expects to have a fully populated OCF RA-compliant environment set. | ||
464 | 67 | END | ||
465 | 68 | } | ||
466 | 69 | |||
467 | 70 | NeutronAgentMon_exit() { | ||
468 | 71 | if [ $1 != 0 ]; then | ||
469 | 72 | exit $OCF_ERR_GENERIC | ||
470 | 73 | else | ||
471 | 74 | exit $OCF_SUCCESS | ||
472 | 75 | fi | ||
473 | 76 | } | ||
474 | 77 | |||
475 | 78 | NeutronAgentMon_start() { | ||
476 | 79 | pid=`sudo ps -aux | grep neutron-ha-m\[o\]nitor.py | awk -F' ' '{print $2}'` | ||
477 | 80 | if [ -z $pid ]; then | ||
478 | 81 | ocf_log info "[NeutronAgentMon_start] Start Monitor daemon." | ||
479 | 82 | sudo mkdir -p /var/log/neutron-ha | ||
480 | 83 | sudo python /usr/local/bin/neutron-ha-monitor.py \ | ||
481 | 84 | --config-file /var/lib/juju-neutron-ha/neutron-ha-monitor.conf \ | ||
482 | 85 | --log-file /var/log/neutron-ha/monitor.log >> /dev/null 2>&1 & echo $! | ||
483 | 86 | sleep 5 | ||
484 | 87 | else | ||
485 | 88 | ocf_log warn "[NeutronAgentMon_start] Monitor daemon already running." | ||
486 | 89 | fi | ||
487 | 90 | NeutronAgentMon_exit $? | ||
488 | 91 | } | ||
489 | 92 | |||
490 | 93 | NeutronAgentMon_stop() { | ||
491 | 94 | pid=`sudo ps -aux | grep neutron-ha-m\[o\]nitor.py | awk -F' ' '{print $2}'` | ||
492 | 95 | if [ ! -z $pid ]; then | ||
493 | 96 | sudo kill -s 9 $pid | ||
494 | 97 | ocf_log info "[NeutronAgentMon_stop] Pid $pid is killed." | ||
495 | 98 | else | ||
496 | 99 | ocf_log warn "[NeutronAgentMon_stop] Monitor daemon already stopped." | ||
497 | 100 | fi | ||
498 | 101 | NeutronAgentMon_exit 0 | ||
499 | 102 | } | ||
500 | 103 | |||
501 | 104 | NeutronAgentMon_monitor() { | ||
502 | 105 | pid=`sudo ps -aux | grep neutron-ha-m\[o\]nitor.py | awk -F' ' '{print $2}'` | ||
503 | 106 | if [ ! -z $pid ]; then | ||
504 | 107 | ocf_log info "[NeutronAgentMon_monitor] success." | ||
505 | 108 | exit $OCF_SUCCESS | ||
506 | 109 | fi | ||
507 | 110 | exit $OCF_NOT_RUNNING | ||
508 | 111 | } | ||
509 | 112 | |||
510 | 113 | NeutronAgentMon_validate() { | ||
511 | 114 | # Existence of the user | ||
512 | 115 | if [ -f $OCF_RESKEY_file ]; then | ||
513 | 116 | echo "Validate OK" | ||
514 | 117 | return $OCF_SUCCESS | ||
515 | 118 | else | ||
516 | 119 | ocf_log err "The file $OCF_RESKEY_file does not exist!" | ||
517 | 120 | exit $OCF_ERR_ARGS | ||
518 | 121 | fi | ||
519 | 122 | } | ||
520 | 123 | |||
521 | 124 | if [ $# -ne 1 ]; then | ||
522 | 125 | NeutronAgentMon_usage | ||
523 | 126 | exit $OCF_ERR_ARGS | ||
524 | 127 | fi | ||
525 | 128 | |||
526 | 129 | : ${OCF_RESKEY_update:="15000"} | ||
527 | 130 | : ${OCF_RESKEY_pidfile:="/tmp/NeutronAgentMon_${OCF_RESOURCE_INSTANCE}.pid"} | ||
528 | 131 | : ${OCF_RESKEY_htmlfile:="/tmp/NeutronAgentMon_${OCF_RESOURCE_INSTANCE}.html"} | ||
529 | 132 | |||
530 | 133 | OCF_RESKEY_update=`expr $OCF_RESKEY_update / 1000` | ||
531 | 134 | |||
532 | 135 | case $__OCF_ACTION in | ||
533 | 136 | meta-data) meta_data | ||
534 | 137 | exit $OCF_SUCCESS | ||
535 | 138 | ;; | ||
536 | 139 | start) NeutronAgentMon_start | ||
537 | 140 | ;; | ||
538 | 141 | stop) NeutronAgentMon_stop | ||
539 | 142 | ;; | ||
540 | 143 | monitor) NeutronAgentMon_monitor | ||
541 | 144 | ;; | ||
542 | 145 | validate-all) NeutronAgentMon_validate | ||
543 | 146 | ;; | ||
544 | 147 | usage|help) NeutronAgentMon_usage | ||
545 | 148 | exit $OCF_SUCCESS | ||
546 | 149 | ;; | ||
547 | 150 | *) NeutronAgentMon_usage | ||
548 | 151 | exit $OCF_ERR_UNIMPLEMENTED | ||
549 | 152 | ;; | ||
550 | 153 | esac | ||
551 | 154 | |||
552 | 155 | exit $? | ||
553 | 156 | 0 | ||
554 | === removed file 'files/neutron-ha-monitor.conf' | |||
555 | --- files/neutron-ha-monitor.conf 2015-01-15 10:00:38 +0000 | |||
556 | +++ files/neutron-ha-monitor.conf 1970-01-01 00:00:00 +0000 | |||
557 | @@ -1,4 +0,0 @@ | |||
558 | 1 | [DEFAULT] | ||
559 | 2 | verbose=True | ||
560 | 3 | #debug=True | ||
561 | 4 | check_interval=8 | ||
562 | 5 | 0 | ||
563 | === removed file 'files/neutron-ha-monitor.py' | |||
564 | --- files/neutron-ha-monitor.py 2015-01-19 10:43:09 +0000 | |||
565 | +++ files/neutron-ha-monitor.py 1970-01-01 00:00:00 +0000 | |||
566 | @@ -1,436 +0,0 @@ | |||
567 | 1 | # Copyright 2014 Canonical Ltd. | ||
568 | 2 | # | ||
569 | 3 | # Authors: Hui Xiang <hui.xiang@canonical.com> | ||
570 | 4 | # Joshua Zhang <joshua.zhang@canonical.com> | ||
571 | 5 | # Edward Hope-Morley <edward.hope-morley@canonical.com> | ||
572 | 6 | # | ||
573 | 7 | |||
574 | 8 | """ | ||
575 | 9 | Helpers for monitoring Neutron agents, reschedule failed agents, | ||
576 | 10 | cleaned resources on failed nodes. | ||
577 | 11 | """ | ||
578 | 12 | |||
579 | 13 | import os | ||
580 | 14 | import re | ||
581 | 15 | import sys | ||
582 | 16 | import signal | ||
583 | 17 | import socket | ||
584 | 18 | import subprocess | ||
585 | 19 | import time | ||
586 | 20 | |||
587 | 21 | from oslo.config import cfg | ||
588 | 22 | from neutron.agent.linux import ovs_lib | ||
589 | 23 | from neutron.agent.linux import ip_lib | ||
590 | 24 | from neutron.common import exceptions | ||
591 | 25 | from neutron.openstack.common import log as logging | ||
592 | 26 | |||
593 | 27 | LOG = logging.getLogger(__name__) | ||
594 | 28 | |||
595 | 29 | |||
596 | 30 | class Daemon(object): | ||
597 | 31 | """A generic daemon class. | ||
598 | 32 | |||
599 | 33 | Usage: subclass the Daemon class and override the run() method | ||
600 | 34 | """ | ||
601 | 35 | def __init__(self, stdin='/dev/null', stdout='/dev/null', | ||
602 | 36 | stderr='/dev/null', procname='python'): | ||
603 | 37 | self.stdin = stdin | ||
604 | 38 | self.stdout = stdout | ||
605 | 39 | self.stderr = stderr | ||
606 | 40 | self.procname = procname | ||
607 | 41 | |||
608 | 42 | def _fork(self): | ||
609 | 43 | try: | ||
610 | 44 | pid = os.fork() | ||
611 | 45 | if pid > 0: | ||
612 | 46 | sys.exit(0) | ||
613 | 47 | except OSError: | ||
614 | 48 | LOG.exception('Fork failed') | ||
615 | 49 | sys.exit(1) | ||
616 | 50 | |||
617 | 51 | def daemonize(self): | ||
618 | 52 | """Daemonize process by doing Stevens double fork.""" | ||
619 | 53 | # fork first time | ||
620 | 54 | self._fork() | ||
621 | 55 | |||
622 | 56 | # decouple from parent environment | ||
623 | 57 | os.chdir("/") | ||
624 | 58 | os.setsid() | ||
625 | 59 | os.umask(0) | ||
626 | 60 | # fork second time | ||
627 | 61 | self._fork() | ||
628 | 62 | |||
629 | 63 | # redirect standard file descriptors | ||
630 | 64 | sys.stdout.flush() | ||
631 | 65 | sys.stderr.flush() | ||
632 | 66 | stdin = open(self.stdin, 'r') | ||
633 | 67 | stdout = open(self.stdout, 'a+') | ||
634 | 68 | stderr = open(self.stderr, 'a+', 0) | ||
635 | 69 | os.dup2(stdin.fileno(), sys.stdin.fileno()) | ||
636 | 70 | os.dup2(stdout.fileno(), sys.stdout.fileno()) | ||
637 | 71 | os.dup2(stderr.fileno(), sys.stderr.fileno()) | ||
638 | 72 | |||
639 | 73 | signal.signal(signal.SIGTERM, self.handle_sigterm) | ||
640 | 74 | |||
641 | 75 | def handle_sigterm(self, signum, frame): | ||
642 | 76 | sys.exit(0) | ||
643 | 77 | |||
644 | 78 | def start(self): | ||
645 | 79 | """Start the daemon.""" | ||
646 | 80 | self.daemonize() | ||
647 | 81 | self.run() | ||
648 | 82 | |||
649 | 83 | def run(self): | ||
650 | 84 | """Override this method when subclassing Daemon. | ||
651 | 85 | |||
652 | 86 | start() will call this method after the process has daemonized. | ||
653 | 87 | """ | ||
654 | 88 | pass | ||
655 | 89 | |||
656 | 90 | |||
657 | 91 | class MonitorNeutronAgentsDaemon(Daemon): | ||
658 | 92 | def __init__(self): | ||
659 | 93 | super(MonitorNeutronAgentsDaemon, self).__init__() | ||
660 | 94 | logging.setup('Neuron-HA-Monitor') | ||
661 | 95 | LOG.info('Monitor Neutron Agent Loop Init') | ||
662 | 96 | self.hostname = None | ||
663 | 97 | self.env = {} | ||
664 | 98 | |||
665 | 99 | def get_env(self): | ||
666 | 100 | envrc_f = '/etc/legacy_ha_envrc' | ||
667 | 101 | envrc_f_m = False | ||
668 | 102 | if os.path.isfile(envrc_f): | ||
669 | 103 | ctime = time.ctime(os.stat(envrc_f).st_ctime) | ||
670 | 104 | mtime = time.ctime(os.stat(envrc_f).st_mtime) | ||
671 | 105 | if ctime != mtime: | ||
672 | 106 | envrc_f_m = True | ||
673 | 107 | |||
674 | 108 | if not self.env or envrc_f_m: | ||
675 | 109 | with open(envrc_f, 'r') as f: | ||
676 | 110 | for line in f: | ||
677 | 111 | data = line.strip().split('=') | ||
678 | 112 | if data and data[0] and data[1]: | ||
679 | 113 | self.env[data[0]] = data[1] | ||
680 | 114 | else: | ||
681 | 115 | raise Exception("OpenStack env data uncomplete.") | ||
682 | 116 | return self.env | ||
683 | 117 | |||
684 | 118 | def get_hostname(self): | ||
685 | 119 | if not self.hostname: | ||
686 | 120 | self.hostname = socket.gethostname() | ||
687 | 121 | return self.hostname | ||
688 | 122 | |||
689 | 123 | def get_root_helper(self): | ||
690 | 124 | return 'sudo' | ||
691 | 125 | |||
692 | 126 | def list_monitor_res(self): | ||
693 | 127 | # List crm resource 'cl_monitor' running node | ||
694 | 128 | nodes = [] | ||
695 | 129 | cmd = ['crm', 'resource', 'show', 'cl_monitor'] | ||
696 | 130 | output = subprocess.check_output(cmd) | ||
697 | 131 | pattern = re.compile('resource cl_monitor is running on: (.*) ') | ||
698 | 132 | nodes = pattern.findall(output) | ||
699 | 133 | return nodes | ||
700 | 134 | |||
701 | 135 | def get_crm_res_lead_node(self): | ||
702 | 136 | nodes = self.list_monitor_res() | ||
703 | 137 | if nodes: | ||
704 | 138 | return nodes[0].strip() | ||
705 | 139 | else: | ||
706 | 140 | LOG.error('Failed to get crm resource.') | ||
707 | 141 | return None | ||
708 | 142 | |||
709 | 143 | def unplug_device(self, device): | ||
710 | 144 | try: | ||
711 | 145 | device.link.delete() | ||
712 | 146 | except RuntimeError: | ||
713 | 147 | root_helper = self.get_root_helper() | ||
714 | 148 | # Maybe the device is OVS port, so try to delete | ||
715 | 149 | bridge_name = ovs_lib.get_bridge_for_iface(root_helper, | ||
716 | 150 | device.name) | ||
717 | 151 | if bridge_name: | ||
718 | 152 | bridge = ovs_lib.OVSBridge(bridge_name, root_helper) | ||
719 | 153 | bridge.delete_port(device.name) | ||
720 | 154 | else: | ||
721 | 155 | LOG.debug('Unable to find bridge for device: %s', device.name) | ||
722 | 156 | |||
723 | 157 | def get_pattern(self, key, text): | ||
724 | 158 | if not key or not text: | ||
725 | 159 | LOG.debug('Invalid key(%s) or text(%s)' % (key, text)) | ||
726 | 160 | return None | ||
727 | 161 | |||
728 | 162 | pattern = re.compile('%s' % key) | ||
729 | 163 | result = pattern.findall(text) | ||
730 | 164 | return result | ||
731 | 165 | |||
732 | 166 | def _cleanup(self, key1, key2): | ||
733 | 167 | namespaces = [] | ||
734 | 168 | if key1: | ||
735 | 169 | for k in key1.iterkeys(): | ||
736 | 170 | namespaces.append(key2 + '-' + k) | ||
737 | 171 | else: | ||
738 | 172 | try: | ||
739 | 173 | cmd = ['sudo', 'ip', 'netns'] | ||
740 | 174 | ns = subprocess.check_output(cmd) | ||
741 | 175 | namespaces = self.get_pattern('(%s.*)' % key2, ns) | ||
742 | 176 | except RuntimeError as e: | ||
743 | 177 | LOG.error('Failed to list namespace, (%s)' % e) | ||
744 | 178 | |||
745 | 179 | if namespaces: | ||
746 | 180 | LOG.info('Namespaces: %s is going to be deleted.' % namespaces) | ||
747 | 181 | self.destroy_namespaces(namespaces) | ||
748 | 182 | |||
749 | 183 | def cleanup_dhcp(self, networks): | ||
750 | 184 | self._cleanup(networks, 'qdhcp') | ||
751 | 185 | |||
752 | 186 | def cleanup_router(self, routers): | ||
753 | 187 | self._cleanup(routers, 'qrouter') | ||
754 | 188 | |||
755 | 189 | def destroy_namespaces(self, namespaces): | ||
756 | 190 | try: | ||
757 | 191 | root_helper = self.get_root_helper() | ||
758 | 192 | for namespace in namespaces: | ||
759 | 193 | ip = ip_lib.IPWrapper(root_helper, namespace) | ||
760 | 194 | if ip.netns.exists(namespace): | ||
761 | 195 | for device in ip.get_devices(exclude_loopback=True): | ||
762 | 196 | self.unplug_device(device) | ||
763 | 197 | |||
764 | 198 | ip.garbage_collect_namespace() | ||
765 | 199 | except Exception: | ||
766 | 200 | LOG.exception('Error unable to destroy namespace: %s', namespace) | ||
767 | 201 | |||
768 | 202 | def is_same_host(self, host): | ||
769 | 203 | return str(host).strip() == self.get_hostname() | ||
770 | 204 | |||
771 | 205 | def validate_reschedule(self): | ||
772 | 206 | crm_no_1_node = self.get_crm_res_lead_node() | ||
773 | 207 | if not crm_no_1_node: | ||
774 | 208 | LOG.error('No crm first node could be found.') | ||
775 | 209 | return False | ||
776 | 210 | |||
777 | 211 | if not self.is_same_host(crm_no_1_node): | ||
778 | 212 | LOG.warn('Only the first crm node %s could reschedule. ' | ||
779 | 213 | % crm_no_1_node) | ||
780 | 214 | return False | ||
781 | 215 | return True | ||
782 | 216 | |||
783 | 217 | def l3_agents_reschedule(self, l3_agents, routers, quantum): | ||
784 | 218 | if not self.validate_reschedule(): | ||
785 | 219 | return | ||
786 | 220 | |||
787 | 221 | index = 0 | ||
788 | 222 | for router_id in routers: | ||
789 | 223 | agent = index % len(l3_agents) | ||
790 | 224 | LOG.info('Moving router %s from %s to %s' % | ||
791 | 225 | (router_id, routers[router_id], l3_agents[agent])) | ||
792 | 226 | try: | ||
793 | 227 | quantum.remove_router_from_l3_agent(l3_agent=routers[router_id], | ||
794 | 228 | router_id=router_id) | ||
795 | 229 | except exceptions.NeutronException as e: | ||
796 | 230 | LOG.error('Remove router raised exception: %s' % e) | ||
797 | 231 | try: | ||
798 | 232 | quantum.add_router_to_l3_agent(l3_agent=l3_agents[agent], | ||
799 | 233 | body={'router_id': router_id}) | ||
800 | 234 | except exceptions.NeutronException as e: | ||
801 | 235 | LOG.error('Add router raised exception: %s' % e) | ||
802 | 236 | index += 1 | ||
803 | 237 | |||
804 | 238 | def dhcp_agents_reschedule(self, dhcp_agents, networks, quantum): | ||
805 | 239 | if not self.validate_reschedule(): | ||
806 | 240 | return | ||
807 | 241 | |||
808 | 242 | index = 0 | ||
809 | 243 | for network_id in networks: | ||
810 | 244 | agent = index % len(dhcp_agents) | ||
811 | 245 | LOG.info('Moving network %s from %s to %s' % (network_id, | ||
812 | 246 | networks[network_id], dhcp_agents[agent])) | ||
813 | 247 | try: | ||
814 | 248 | quantum.remove_network_from_dhcp_agent( | ||
815 | 249 | dhcp_agent=networks[network_id], network_id=network_id) | ||
816 | 250 | except exceptions.NeutronException as e: | ||
817 | 251 | LOG.error('Remove network raised exception: %s' % e) | ||
818 | 252 | try: | ||
819 | 253 | quantum.add_network_to_dhcp_agent( | ||
820 | 254 | dhcp_agent=dhcp_agents[agent], | ||
821 | 255 | body={'network_id': network_id}) | ||
822 | 256 | except exceptions.NeutronException as e: | ||
823 | 257 | LOG.error('Add network raised exception: %s' % e) | ||
824 | 258 | index += 1 | ||
825 | 259 | |||
826 | 260 | def get_quantum_client(self): | ||
827 | 261 | env = self.get_env() | ||
828 | 262 | if not env: | ||
829 | 263 | LOG.info('Unable to re-assign resources at this time') | ||
830 | 264 | return None | ||
831 | 265 | |||
832 | 266 | try: | ||
833 | 267 | from quantumclient.v2_0 import client | ||
834 | 268 | except ImportError: | ||
835 | 269 | # Try to import neutronclient instead for havana+ | ||
836 | 270 | from neutronclient.v2_0 import client | ||
837 | 271 | |||
838 | 272 | auth_url = '%(auth_protocol)s://%(keystone_host)s:%(auth_port)s/v2.0' \ | ||
839 | 273 | % env | ||
840 | 274 | quantum = client.Client(username=env['service_username'], | ||
841 | 275 | password=env['service_password'], | ||
842 | 276 | tenant_name=env['service_tenant'], | ||
843 | 277 | auth_url=auth_url, | ||
844 | 278 | region_name=env['region']) | ||
845 | 279 | return quantum | ||
846 | 280 | |||
847 | 281 | def reassign_agent_resources(self, quantum=None): | ||
848 | 282 | """Use agent scheduler API to detect down agents and re-schedule""" | ||
849 | 283 | if not quantum: | ||
850 | 284 | LOG.error('Failed to get quantum client.') | ||
851 | 285 | return | ||
852 | 286 | |||
853 | 287 | try: | ||
854 | 288 | DHCP_AGENT = "DHCP Agent" | ||
855 | 289 | L3_AGENT = "L3 Agent" | ||
856 | 290 | agents = quantum.list_agents(agent_type=DHCP_AGENT) | ||
857 | 291 | except exceptions.NeutronException as e: | ||
858 | 292 | LOG.error('Failed to get quantum agents, %s' % e) | ||
859 | 293 | return | ||
860 | 294 | |||
861 | 295 | dhcp_agents = [] | ||
862 | 296 | l3_agents = [] | ||
863 | 297 | networks = {} | ||
864 | 298 | for agent in agents['agents']: | ||
865 | 299 | hosted_networks = quantum.list_networks_on_dhcp_agent( | ||
866 | 300 | agent['id'])['networks'] | ||
867 | 301 | if not agent['alive']: | ||
868 | 302 | LOG.info('DHCP Agent %s down' % agent['id']) | ||
869 | 303 | for network in hosted_networks: | ||
870 | 304 | networks[network['id']] = agent['id'] | ||
871 | 305 | if self.is_same_host(agent['host']): | ||
872 | 306 | self.cleanup_dhcp(networks) | ||
873 | 307 | else: | ||
874 | 308 | dhcp_agents.append(agent['id']) | ||
875 | 309 | LOG.info('Active dhcp agents: %s' % agent['id']) | ||
876 | 310 | if not hosted_networks and self.is_same_host(agent['host']): | ||
877 | 311 | self.cleanup_dhcp(None) | ||
878 | 312 | |||
879 | 313 | agents = quantum.list_agents(agent_type=L3_AGENT) | ||
880 | 314 | routers = {} | ||
881 | 315 | for agent in agents['agents']: | ||
882 | 316 | hosted_routers = quantum.list_routers_on_l3_agent( | ||
883 | 317 | agent['id'])['routers'] | ||
884 | 318 | if not agent['alive']: | ||
885 | 319 | LOG.info('L3 Agent %s down' % agent['id']) | ||
886 | 320 | for router in hosted_routers: | ||
887 | 321 | routers[router['id']] = agent['id'] | ||
888 | 322 | if self.is_same_host(agent['host']): | ||
889 | 323 | self.cleanup_router(routers) | ||
890 | 324 | else: | ||
891 | 325 | l3_agents.append(agent['id']) | ||
892 | 326 | LOG.info('Active l3 agents: %s' % agent['id']) | ||
893 | 327 | if not hosted_routers and self.is_same_host(agent['host']): | ||
894 | 328 | self.cleanup_router(None) | ||
895 | 329 | |||
896 | 330 | if not networks and not routers: | ||
897 | 331 | LOG.info('No networks and routers hosted on failed agents.') | ||
898 | 332 | return | ||
899 | 333 | |||
900 | 334 | if len(dhcp_agents) == 0 and len(l3_agents) == 0: | ||
901 | 335 | LOG.error('Unable to relocate resources, there are %s dhcp_agents ' | ||
902 | 336 | 'and %s l3_agents in this cluster' % (len(dhcp_agents), | ||
903 | 337 | len(l3_agents))) | ||
904 | 338 | return | ||
905 | 339 | |||
906 | 340 | if len(l3_agents) > 0: | ||
907 | 341 | self.l3_agents_reschedule(l3_agents, routers, quantum) | ||
908 | 342 | # new l3 node will not create a tunnel if don't restart ovs process | ||
909 | 343 | |||
910 | 344 | if len(dhcp_agents) > 0: | ||
911 | 345 | self.dhcp_agents_reschedule(dhcp_agents, networks, quantum) | ||
912 | 346 | |||
913 | 347 | |||
914 | 348 | def check_ovs_tunnel(self, quantum=None): | ||
915 | 349 | ''' | ||
916 | 350 | Work around for Bug #1411163 | ||
917 | 351 | No fdb entries added when failover dhcp and l3 agent together. | ||
918 | 352 | ''' | ||
919 | 353 | if not quantum: | ||
920 | 354 | LOG.error('Failed to get quantum client.') | ||
921 | 355 | return | ||
922 | 356 | |||
923 | 357 | try: | ||
924 | 358 | OVS_AGENT = 'Open vSwitch agent' | ||
925 | 359 | agents = quantum.list_agents(agent_type=OVS_AGENT) | ||
926 | 360 | except exceptions.NeutronException as e: | ||
927 | 361 | LOG.error('No ovs agent found on localhost, error:%s.' % e) | ||
928 | 362 | return | ||
929 | 363 | |||
930 | 364 | for agent in agents['agents']: | ||
931 | 365 | if self.is_same_host(agent['host']) and agent['alive']: | ||
932 | 366 | conf = agent['configurations'] | ||
933 | 367 | if 'gre' in conf['tunnel_types'] and conf['l2_population'] \ | ||
934 | 368 | and conf['devices']: | ||
935 | 369 | LOG.debug('local ovs agent:%s' % agent) | ||
936 | 370 | ovs_output = subprocess.check_output(['ovs-vsctl', | ||
937 | 371 | 'list-ports', 'br-tun']) | ||
938 | 372 | ports = ovs_output.strip().split('\n') | ||
939 | 373 | look_up_gre_port = False | ||
940 | 374 | for port in ports: | ||
941 | 375 | if port.startswith('gre-'): | ||
942 | 376 | look_up_gre_port = True | ||
943 | 377 | break | ||
944 | 378 | if not look_up_gre_port: | ||
945 | 379 | try: | ||
946 | 380 | LOG.error('Local agent has devices, but no ovs tunnel is created,' | ||
947 | 381 | 'restart ovs agent.') | ||
948 | 382 | cmd = ['sudo', 'service', 'neutron-plugin-openvswitch-agent', | ||
949 | 383 | 'restart'] | ||
950 | 384 | subprocess.call(cmd) | ||
951 | 385 | except subprocess.CalledProcessError: | ||
952 | 386 | LOG.error('Failed to restart neutron-plugin-openvswitch-agent.') | ||
953 | 387 | |||
954 | 388 | def check_local_agents(self): | ||
955 | 389 | services = ['openvswitch-switch', 'neutron-dhcp-agent', | ||
956 | 390 | 'neutron-metadata-agent', 'neutron-vpn-agent'] | ||
957 | 391 | for s in services: | ||
958 | 392 | status = ['sudo', 'service', s, 'status'] | ||
959 | 393 | restart = ['sudo', 'service', s, 'restart'] | ||
960 | 394 | start = ['sudo', 'service', s, 'start'] | ||
961 | 395 | stop = '%s stop/waiting' % s | ||
962 | 396 | try: | ||
963 | 397 | output = subprocess.check_output(status) | ||
964 | 398 | if output.strip() == stop: | ||
965 | 399 | subprocess.check_output(start) | ||
966 | 400 | LOG.error('Restart service: %s' % s) | ||
967 | 401 | if s == 'neutron-metadata-agent': | ||
968 | 402 | subprocess.check_output(['sudo', 'service', | ||
969 | 403 | 'neutron-vpn-agent', | ||
970 | 404 | 'restart']) | ||
971 | 405 | LOG.error('Restart neutron-vpn-agent') | ||
972 | 406 | except subprocess.CalledProcessError: | ||
973 | 407 | LOG.error('Restart service: %s' % s) | ||
974 | 408 | subprocess.check_output(restart) | ||
975 | 409 | if s == 'neutron-metadata-agent': | ||
976 | 410 | subprocess.check_output(['sudo', 'service', | ||
977 | 411 | 'neutron-vpn-agent', | ||
978 | 412 | 'restart']) | ||
979 | 413 | |||
980 | 414 | def run(self): | ||
981 | 415 | while True: | ||
982 | 416 | LOG.info('Monitor Neutron HA Agent Loop Start') | ||
983 | 417 | quantum = self.get_quantum_client() | ||
984 | 418 | self.reassign_agent_resources(quantum=quantum) | ||
985 | 419 | self.check_ovs_tunnel(quantum=quantum) | ||
986 | 420 | self.check_local_agents() | ||
987 | 421 | LOG.info('sleep %s' % cfg.CONF.check_interval) | ||
988 | 422 | time.sleep(float(cfg.CONF.check_interval)) | ||
989 | 423 | |||
990 | 424 | |||
991 | 425 | if __name__ == '__main__': | ||
992 | 426 | opts = [ | ||
993 | 427 | cfg.StrOpt('check_interval', | ||
994 | 428 | default=8, | ||
995 | 429 | help='Check Neutron Agents interval.'), | ||
996 | 430 | ] | ||
997 | 431 | |||
998 | 432 | cfg.CONF.register_cli_opts(opts) | ||
999 | 433 | cfg.CONF(project='monitor_neutron_agents', default_config_files=[]) | ||
1000 | 434 | logging.setup('Neuron-HA-Monitor') | ||
1001 | 435 | monitor_daemon = MonitorNeutronAgentsDaemon() | ||
1002 | 436 | monitor_daemon.start() | ||
1003 | 437 | 0 | ||
1004 | === removed symlink 'hooks/amqp-nova-relation-changed' | |||
1005 | === target was u'quantum_hooks.py' | |||
1006 | === removed symlink 'hooks/amqp-nova-relation-departed' | |||
1007 | === target was u'quantum_hooks.py' | |||
1008 | === removed symlink 'hooks/amqp-nova-relation-joined' | |||
1009 | === target was u'quantum_hooks.py' | |||
1010 | === removed symlink 'hooks/amqp-relation-changed' | |||
1011 | === target was u'quantum_hooks.py' | |||
1012 | === removed symlink 'hooks/amqp-relation-departed' | |||
1013 | === target was u'quantum_hooks.py' | |||
1014 | === removed symlink 'hooks/amqp-relation-joined' | |||
1015 | === target was u'quantum_hooks.py' | |||
1016 | === removed directory 'hooks/charmhelpers/contrib' | |||
1017 | === removed file 'hooks/charmhelpers/contrib/__init__.py' | |||
1018 | --- hooks/charmhelpers/contrib/__init__.py 2015-01-23 11:08:26 +0000 | |||
1019 | +++ hooks/charmhelpers/contrib/__init__.py 1970-01-01 00:00:00 +0000 | |||
1020 | @@ -1,15 +0,0 @@ | |||
1021 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
1022 | 2 | # | ||
1023 | 3 | # This file is part of charm-helpers. | ||
1024 | 4 | # | ||
1025 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
1026 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
1027 | 7 | # published by the Free Software Foundation. | ||
1028 | 8 | # | ||
1029 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
1030 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1031 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
1032 | 12 | # GNU Lesser General Public License for more details. | ||
1033 | 13 | # | ||
1034 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
1035 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
1036 | 16 | 0 | ||
1037 | === removed directory 'hooks/charmhelpers/contrib/charmsupport' | |||
1038 | === removed file 'hooks/charmhelpers/contrib/charmsupport/__init__.py' | |||
1039 | --- hooks/charmhelpers/contrib/charmsupport/__init__.py 2015-01-23 11:08:26 +0000 | |||
1040 | +++ hooks/charmhelpers/contrib/charmsupport/__init__.py 1970-01-01 00:00:00 +0000 | |||
1041 | @@ -1,15 +0,0 @@ | |||
1042 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
1043 | 2 | # | ||
1044 | 3 | # This file is part of charm-helpers. | ||
1045 | 4 | # | ||
1046 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
1047 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
1048 | 7 | # published by the Free Software Foundation. | ||
1049 | 8 | # | ||
1050 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
1051 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1052 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
1053 | 12 | # GNU Lesser General Public License for more details. | ||
1054 | 13 | # | ||
1055 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
1056 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
1057 | 16 | 0 | ||
1058 | === removed file 'hooks/charmhelpers/contrib/charmsupport/nrpe.py' | |||
1059 | --- hooks/charmhelpers/contrib/charmsupport/nrpe.py 2015-04-19 09:02:48 +0000 | |||
1060 | +++ hooks/charmhelpers/contrib/charmsupport/nrpe.py 1970-01-01 00:00:00 +0000 | |||
1061 | @@ -1,360 +0,0 @@ | |||
1062 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
1063 | 2 | # | ||
1064 | 3 | # This file is part of charm-helpers. | ||
1065 | 4 | # | ||
1066 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
1067 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
1068 | 7 | # published by the Free Software Foundation. | ||
1069 | 8 | # | ||
1070 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
1071 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1072 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
1073 | 12 | # GNU Lesser General Public License for more details. | ||
1074 | 13 | # | ||
1075 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
1076 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
1077 | 16 | |||
1078 | 17 | """Compatibility with the nrpe-external-master charm""" | ||
1079 | 18 | # Copyright 2012 Canonical Ltd. | ||
1080 | 19 | # | ||
1081 | 20 | # Authors: | ||
1082 | 21 | # Matthew Wedgwood <matthew.wedgwood@canonical.com> | ||
1083 | 22 | |||
1084 | 23 | import subprocess | ||
1085 | 24 | import pwd | ||
1086 | 25 | import grp | ||
1087 | 26 | import os | ||
1088 | 27 | import glob | ||
1089 | 28 | import shutil | ||
1090 | 29 | import re | ||
1091 | 30 | import shlex | ||
1092 | 31 | import yaml | ||
1093 | 32 | |||
1094 | 33 | from charmhelpers.core.hookenv import ( | ||
1095 | 34 | config, | ||
1096 | 35 | local_unit, | ||
1097 | 36 | log, | ||
1098 | 37 | relation_ids, | ||
1099 | 38 | relation_set, | ||
1100 | 39 | relations_of_type, | ||
1101 | 40 | ) | ||
1102 | 41 | |||
1103 | 42 | from charmhelpers.core.host import service | ||
1104 | 43 | |||
1105 | 44 | # This module adds compatibility with the nrpe-external-master and plain nrpe | ||
1106 | 45 | # subordinate charms. To use it in your charm: | ||
1107 | 46 | # | ||
1108 | 47 | # 1. Update metadata.yaml | ||
1109 | 48 | # | ||
1110 | 49 | # provides: | ||
1111 | 50 | # (...) | ||
1112 | 51 | # nrpe-external-master: | ||
1113 | 52 | # interface: nrpe-external-master | ||
1114 | 53 | # scope: container | ||
1115 | 54 | # | ||
1116 | 55 | # and/or | ||
1117 | 56 | # | ||
1118 | 57 | # provides: | ||
1119 | 58 | # (...) | ||
1120 | 59 | # local-monitors: | ||
1121 | 60 | # interface: local-monitors | ||
1122 | 61 | # scope: container | ||
1123 | 62 | |||
1124 | 63 | # | ||
1125 | 64 | # 2. Add the following to config.yaml | ||
1126 | 65 | # | ||
1127 | 66 | # nagios_context: | ||
1128 | 67 | # default: "juju" | ||
1129 | 68 | # type: string | ||
1130 | 69 | # description: | | ||
1131 | 70 | # Used by the nrpe subordinate charms. | ||
1132 | 71 | # A string that will be prepended to instance name to set the host name | ||
1133 | 72 | # in nagios. So for instance the hostname would be something like: | ||
1134 | 73 | # juju-myservice-0 | ||
1135 | 74 | # If you're running multiple environments with the same services in them | ||
1136 | 75 | # this allows you to differentiate between them. | ||
1137 | 76 | # nagios_servicegroups: | ||
1138 | 77 | # default: "" | ||
1139 | 78 | # type: string | ||
1140 | 79 | # description: | | ||
1141 | 80 | # A comma-separated list of nagios servicegroups. | ||
1142 | 81 | # If left empty, the nagios_context will be used as the servicegroup | ||
1143 | 82 | # | ||
1144 | 83 | # 3. Add custom checks (Nagios plugins) to files/nrpe-external-master | ||
1145 | 84 | # | ||
1146 | 85 | # 4. Update your hooks.py with something like this: | ||
1147 | 86 | # | ||
1148 | 87 | # from charmsupport.nrpe import NRPE | ||
1149 | 88 | # (...) | ||
1150 | 89 | # def update_nrpe_config(): | ||
1151 | 90 | # nrpe_compat = NRPE() | ||
1152 | 91 | # nrpe_compat.add_check( | ||
1153 | 92 | # shortname = "myservice", | ||
1154 | 93 | # description = "Check MyService", | ||
1155 | 94 | # check_cmd = "check_http -w 2 -c 10 http://localhost" | ||
1156 | 95 | # ) | ||
1157 | 96 | # nrpe_compat.add_check( | ||
1158 | 97 | # "myservice_other", | ||
1159 | 98 | # "Check for widget failures", | ||
1160 | 99 | # check_cmd = "/srv/myapp/scripts/widget_check" | ||
1161 | 100 | # ) | ||
1162 | 101 | # nrpe_compat.write() | ||
1163 | 102 | # | ||
1164 | 103 | # def config_changed(): | ||
1165 | 104 | # (...) | ||
1166 | 105 | # update_nrpe_config() | ||
1167 | 106 | # | ||
1168 | 107 | # def nrpe_external_master_relation_changed(): | ||
1169 | 108 | # update_nrpe_config() | ||
1170 | 109 | # | ||
1171 | 110 | # def local_monitors_relation_changed(): | ||
1172 | 111 | # update_nrpe_config() | ||
1173 | 112 | # | ||
1174 | 113 | # 5. ln -s hooks.py nrpe-external-master-relation-changed | ||
1175 | 114 | # ln -s hooks.py local-monitors-relation-changed | ||
1176 | 115 | |||
1177 | 116 | |||
1178 | 117 | class CheckException(Exception): | ||
1179 | 118 | pass | ||
1180 | 119 | |||
1181 | 120 | |||
1182 | 121 | class Check(object): | ||
1183 | 122 | shortname_re = '[A-Za-z0-9-_]+$' | ||
1184 | 123 | service_template = (""" | ||
1185 | 124 | #--------------------------------------------------- | ||
1186 | 125 | # This file is Juju managed | ||
1187 | 126 | #--------------------------------------------------- | ||
1188 | 127 | define service {{ | ||
1189 | 128 | use active-service | ||
1190 | 129 | host_name {nagios_hostname} | ||
1191 | 130 | service_description {nagios_hostname}[{shortname}] """ | ||
1192 | 131 | """{description} | ||
1193 | 132 | check_command check_nrpe!{command} | ||
1194 | 133 | servicegroups {nagios_servicegroup} | ||
1195 | 134 | }} | ||
1196 | 135 | """) | ||
1197 | 136 | |||
1198 | 137 | def __init__(self, shortname, description, check_cmd): | ||
1199 | 138 | super(Check, self).__init__() | ||
1200 | 139 | # XXX: could be better to calculate this from the service name | ||
1201 | 140 | if not re.match(self.shortname_re, shortname): | ||
1202 | 141 | raise CheckException("shortname must match {}".format( | ||
1203 | 142 | Check.shortname_re)) | ||
1204 | 143 | self.shortname = shortname | ||
1205 | 144 | self.command = "check_{}".format(shortname) | ||
1206 | 145 | # Note: a set of invalid characters is defined by the | ||
1207 | 146 | # Nagios server config | ||
1208 | 147 | # The default is: illegal_object_name_chars=`~!$%^&*"|'<>?,()= | ||
1209 | 148 | self.description = description | ||
1210 | 149 | self.check_cmd = self._locate_cmd(check_cmd) | ||
1211 | 150 | |||
1212 | 151 | def _locate_cmd(self, check_cmd): | ||
1213 | 152 | search_path = ( | ||
1214 | 153 | '/usr/lib/nagios/plugins', | ||
1215 | 154 | '/usr/local/lib/nagios/plugins', | ||
1216 | 155 | ) | ||
1217 | 156 | parts = shlex.split(check_cmd) | ||
1218 | 157 | for path in search_path: | ||
1219 | 158 | if os.path.exists(os.path.join(path, parts[0])): | ||
1220 | 159 | command = os.path.join(path, parts[0]) | ||
1221 | 160 | if len(parts) > 1: | ||
1222 | 161 | command += " " + " ".join(parts[1:]) | ||
1223 | 162 | return command | ||
1224 | 163 | log('Check command not found: {}'.format(parts[0])) | ||
1225 | 164 | return '' | ||
1226 | 165 | |||
1227 | 166 | def write(self, nagios_context, hostname, nagios_servicegroups): | ||
1228 | 167 | nrpe_check_file = '/etc/nagios/nrpe.d/{}.cfg'.format( | ||
1229 | 168 | self.command) | ||
1230 | 169 | with open(nrpe_check_file, 'w') as nrpe_check_config: | ||
1231 | 170 | nrpe_check_config.write("# check {}\n".format(self.shortname)) | ||
1232 | 171 | nrpe_check_config.write("command[{}]={}\n".format( | ||
1233 | 172 | self.command, self.check_cmd)) | ||
1234 | 173 | |||
1235 | 174 | if not os.path.exists(NRPE.nagios_exportdir): | ||
1236 | 175 | log('Not writing service config as {} is not accessible'.format( | ||
1237 | 176 | NRPE.nagios_exportdir)) | ||
1238 | 177 | else: | ||
1239 | 178 | self.write_service_config(nagios_context, hostname, | ||
1240 | 179 | nagios_servicegroups) | ||
1241 | 180 | |||
1242 | 181 | def write_service_config(self, nagios_context, hostname, | ||
1243 | 182 | nagios_servicegroups): | ||
1244 | 183 | for f in os.listdir(NRPE.nagios_exportdir): | ||
1245 | 184 | if re.search('.*{}.cfg'.format(self.command), f): | ||
1246 | 185 | os.remove(os.path.join(NRPE.nagios_exportdir, f)) | ||
1247 | 186 | |||
1248 | 187 | templ_vars = { | ||
1249 | 188 | 'nagios_hostname': hostname, | ||
1250 | 189 | 'nagios_servicegroup': nagios_servicegroups, | ||
1251 | 190 | 'description': self.description, | ||
1252 | 191 | 'shortname': self.shortname, | ||
1253 | 192 | 'command': self.command, | ||
1254 | 193 | } | ||
1255 | 194 | nrpe_service_text = Check.service_template.format(**templ_vars) | ||
1256 | 195 | nrpe_service_file = '{}/service__{}_{}.cfg'.format( | ||
1257 | 196 | NRPE.nagios_exportdir, hostname, self.command) | ||
1258 | 197 | with open(nrpe_service_file, 'w') as nrpe_service_config: | ||
1259 | 198 | nrpe_service_config.write(str(nrpe_service_text)) | ||
1260 | 199 | |||
1261 | 200 | def run(self): | ||
1262 | 201 | subprocess.call(self.check_cmd) | ||
1263 | 202 | |||
1264 | 203 | |||
1265 | 204 | class NRPE(object): | ||
1266 | 205 | nagios_logdir = '/var/log/nagios' | ||
1267 | 206 | nagios_exportdir = '/var/lib/nagios/export' | ||
1268 | 207 | nrpe_confdir = '/etc/nagios/nrpe.d' | ||
1269 | 208 | |||
1270 | 209 | def __init__(self, hostname=None): | ||
1271 | 210 | super(NRPE, self).__init__() | ||
1272 | 211 | self.config = config() | ||
1273 | 212 | self.nagios_context = self.config['nagios_context'] | ||
1274 | 213 | if 'nagios_servicegroups' in self.config and self.config['nagios_servicegroups']: | ||
1275 | 214 | self.nagios_servicegroups = self.config['nagios_servicegroups'] | ||
1276 | 215 | else: | ||
1277 | 216 | self.nagios_servicegroups = self.nagios_context | ||
1278 | 217 | self.unit_name = local_unit().replace('/', '-') | ||
1279 | 218 | if hostname: | ||
1280 | 219 | self.hostname = hostname | ||
1281 | 220 | else: | ||
1282 | 221 | self.hostname = "{}-{}".format(self.nagios_context, self.unit_name) | ||
1283 | 222 | self.checks = [] | ||
1284 | 223 | |||
1285 | 224 | def add_check(self, *args, **kwargs): | ||
1286 | 225 | self.checks.append(Check(*args, **kwargs)) | ||
1287 | 226 | |||
1288 | 227 | def write(self): | ||
1289 | 228 | try: | ||
1290 | 229 | nagios_uid = pwd.getpwnam('nagios').pw_uid | ||
1291 | 230 | nagios_gid = grp.getgrnam('nagios').gr_gid | ||
1292 | 231 | except: | ||
1293 | 232 | log("Nagios user not set up, nrpe checks not updated") | ||
1294 | 233 | return | ||
1295 | 234 | |||
1296 | 235 | if not os.path.exists(NRPE.nagios_logdir): | ||
1297 | 236 | os.mkdir(NRPE.nagios_logdir) | ||
1298 | 237 | os.chown(NRPE.nagios_logdir, nagios_uid, nagios_gid) | ||
1299 | 238 | |||
1300 | 239 | nrpe_monitors = {} | ||
1301 | 240 | monitors = {"monitors": {"remote": {"nrpe": nrpe_monitors}}} | ||
1302 | 241 | for nrpecheck in self.checks: | ||
1303 | 242 | nrpecheck.write(self.nagios_context, self.hostname, | ||
1304 | 243 | self.nagios_servicegroups) | ||
1305 | 244 | nrpe_monitors[nrpecheck.shortname] = { | ||
1306 | 245 | "command": nrpecheck.command, | ||
1307 | 246 | } | ||
1308 | 247 | |||
1309 | 248 | service('restart', 'nagios-nrpe-server') | ||
1310 | 249 | |||
1311 | 250 | monitor_ids = relation_ids("local-monitors") + \ | ||
1312 | 251 | relation_ids("nrpe-external-master") | ||
1313 | 252 | for rid in monitor_ids: | ||
1314 | 253 | relation_set(relation_id=rid, monitors=yaml.dump(monitors)) | ||
1315 | 254 | |||
1316 | 255 | |||
1317 | 256 | def get_nagios_hostcontext(relation_name='nrpe-external-master'): | ||
1318 | 257 | """ | ||
1319 | 258 | Query relation with nrpe subordinate, return the nagios_host_context | ||
1320 | 259 | |||
1321 | 260 | :param str relation_name: Name of relation nrpe sub joined to | ||
1322 | 261 | """ | ||
1323 | 262 | for rel in relations_of_type(relation_name): | ||
1324 | 263 | if 'nagios_hostname' in rel: | ||
1325 | 264 | return rel['nagios_host_context'] | ||
1326 | 265 | |||
1327 | 266 | |||
1328 | 267 | def get_nagios_hostname(relation_name='nrpe-external-master'): | ||
1329 | 268 | """ | ||
1330 | 269 | Query relation with nrpe subordinate, return the nagios_hostname | ||
1331 | 270 | |||
1332 | 271 | :param str relation_name: Name of relation nrpe sub joined to | ||
1333 | 272 | """ | ||
1334 | 273 | for rel in relations_of_type(relation_name): | ||
1335 | 274 | if 'nagios_hostname' in rel: | ||
1336 | 275 | return rel['nagios_hostname'] | ||
1337 | 276 | |||
1338 | 277 | |||
1339 | 278 | def get_nagios_unit_name(relation_name='nrpe-external-master'): | ||
1340 | 279 | """ | ||
1341 | 280 | Return the nagios unit name prepended with host_context if needed | ||
1342 | 281 | |||
1343 | 282 | :param str relation_name: Name of relation nrpe sub joined to | ||
1344 | 283 | """ | ||
1345 | 284 | host_context = get_nagios_hostcontext(relation_name) | ||
1346 | 285 | if host_context: | ||
1347 | 286 | unit = "%s:%s" % (host_context, local_unit()) | ||
1348 | 287 | else: | ||
1349 | 288 | unit = local_unit() | ||
1350 | 289 | return unit | ||
1351 | 290 | |||
1352 | 291 | |||
1353 | 292 | def add_init_service_checks(nrpe, services, unit_name): | ||
1354 | 293 | """ | ||
1355 | 294 | Add checks for each service in list | ||
1356 | 295 | |||
1357 | 296 | :param NRPE nrpe: NRPE object to add check to | ||
1358 | 297 | :param list services: List of services to check | ||
1359 | 298 | :param str unit_name: Unit name to use in check description | ||
1360 | 299 | """ | ||
1361 | 300 | for svc in services: | ||
1362 | 301 | upstart_init = '/etc/init/%s.conf' % svc | ||
1363 | 302 | sysv_init = '/etc/init.d/%s' % svc | ||
1364 | 303 | if os.path.exists(upstart_init): | ||
1365 | 304 | nrpe.add_check( | ||
1366 | 305 | shortname=svc, | ||
1367 | 306 | description='process check {%s}' % unit_name, | ||
1368 | 307 | check_cmd='check_upstart_job %s' % svc | ||
1369 | 308 | ) | ||
1370 | 309 | elif os.path.exists(sysv_init): | ||
1371 | 310 | cronpath = '/etc/cron.d/nagios-service-check-%s' % svc | ||
1372 | 311 | cron_file = ('*/5 * * * * root ' | ||
1373 | 312 | '/usr/local/lib/nagios/plugins/check_exit_status.pl ' | ||
1374 | 313 | '-s /etc/init.d/%s status > ' | ||
1375 | 314 | '/var/lib/nagios/service-check-%s.txt\n' % (svc, | ||
1376 | 315 | svc) | ||
1377 | 316 | ) | ||
1378 | 317 | f = open(cronpath, 'w') | ||
1379 | 318 | f.write(cron_file) | ||
1380 | 319 | f.close() | ||
1381 | 320 | nrpe.add_check( | ||
1382 | 321 | shortname=svc, | ||
1383 | 322 | description='process check {%s}' % unit_name, | ||
1384 | 323 | check_cmd='check_status_file.py -f ' | ||
1385 | 324 | '/var/lib/nagios/service-check-%s.txt' % svc, | ||
1386 | 325 | ) | ||
1387 | 326 | |||
1388 | 327 | |||
1389 | 328 | def copy_nrpe_checks(): | ||
1390 | 329 | """ | ||
1391 | 330 | Copy the nrpe checks into place | ||
1392 | 331 | |||
1393 | 332 | """ | ||
1394 | 333 | NAGIOS_PLUGINS = '/usr/local/lib/nagios/plugins' | ||
1395 | 334 | nrpe_files_dir = os.path.join(os.getenv('CHARM_DIR'), 'hooks', | ||
1396 | 335 | 'charmhelpers', 'contrib', 'openstack', | ||
1397 | 336 | 'files') | ||
1398 | 337 | |||
1399 | 338 | if not os.path.exists(NAGIOS_PLUGINS): | ||
1400 | 339 | os.makedirs(NAGIOS_PLUGINS) | ||
1401 | 340 | for fname in glob.glob(os.path.join(nrpe_files_dir, "check_*")): | ||
1402 | 341 | if os.path.isfile(fname): | ||
1403 | 342 | shutil.copy2(fname, | ||
1404 | 343 | os.path.join(NAGIOS_PLUGINS, os.path.basename(fname))) | ||
1405 | 344 | |||
1406 | 345 | |||
1407 | 346 | def add_haproxy_checks(nrpe, unit_name): | ||
1408 | 347 | """ | ||
1409 | 348 | Add checks for each service in list | ||
1410 | 349 | |||
1411 | 350 | :param NRPE nrpe: NRPE object to add check to | ||
1412 | 351 | :param str unit_name: Unit name to use in check description | ||
1413 | 352 | """ | ||
1414 | 353 | nrpe.add_check( | ||
1415 | 354 | shortname='haproxy_servers', | ||
1416 | 355 | description='Check HAProxy {%s}' % unit_name, | ||
1417 | 356 | check_cmd='check_haproxy.sh') | ||
1418 | 357 | nrpe.add_check( | ||
1419 | 358 | shortname='haproxy_queue', | ||
1420 | 359 | description='Check HAProxy queue depth {%s}' % unit_name, | ||
1421 | 360 | check_cmd='check_haproxy_queue_depth.sh') | ||
1422 | 361 | 0 | ||
1423 | === removed file 'hooks/charmhelpers/contrib/charmsupport/volumes.py' | |||
1424 | --- hooks/charmhelpers/contrib/charmsupport/volumes.py 2015-01-23 11:08:26 +0000 | |||
1425 | +++ hooks/charmhelpers/contrib/charmsupport/volumes.py 1970-01-01 00:00:00 +0000 | |||
1426 | @@ -1,175 +0,0 @@ | |||
1427 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
1428 | 2 | # | ||
1429 | 3 | # This file is part of charm-helpers. | ||
1430 | 4 | # | ||
1431 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
1432 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
1433 | 7 | # published by the Free Software Foundation. | ||
1434 | 8 | # | ||
1435 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
1436 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1437 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
1438 | 12 | # GNU Lesser General Public License for more details. | ||
1439 | 13 | # | ||
1440 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
1441 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
1442 | 16 | |||
1443 | 17 | ''' | ||
1444 | 18 | Functions for managing volumes in juju units. One volume is supported per unit. | ||
1445 | 19 | Subordinates may have their own storage, provided it is on its own partition. | ||
1446 | 20 | |||
1447 | 21 | Configuration stanzas:: | ||
1448 | 22 | |||
1449 | 23 | volume-ephemeral: | ||
1450 | 24 | type: boolean | ||
1451 | 25 | default: true | ||
1452 | 26 | description: > | ||
1453 | 27 | If false, a volume is mounted as sepecified in "volume-map" | ||
1454 | 28 | If true, ephemeral storage will be used, meaning that log data | ||
1455 | 29 | will only exist as long as the machine. YOU HAVE BEEN WARNED. | ||
1456 | 30 | volume-map: | ||
1457 | 31 | type: string | ||
1458 | 32 | default: {} | ||
1459 | 33 | description: > | ||
1460 | 34 | YAML map of units to device names, e.g: | ||
1461 | 35 | "{ rsyslog/0: /dev/vdb, rsyslog/1: /dev/vdb }" | ||
1462 | 36 | Service units will raise a configure-error if volume-ephemeral | ||
1463 | 37 | is 'true' and no volume-map value is set. Use 'juju set' to set a | ||
1464 | 38 | value and 'juju resolved' to complete configuration. | ||
1465 | 39 | |||
1466 | 40 | Usage:: | ||
1467 | 41 | |||
1468 | 42 | from charmsupport.volumes import configure_volume, VolumeConfigurationError | ||
1469 | 43 | from charmsupport.hookenv import log, ERROR | ||
1470 | 44 | def post_mount_hook(): | ||
1471 | 45 | stop_service('myservice') | ||
1472 | 46 | def post_mount_hook(): | ||
1473 | 47 | start_service('myservice') | ||
1474 | 48 | |||
1475 | 49 | if __name__ == '__main__': | ||
1476 | 50 | try: | ||
1477 | 51 | configure_volume(before_change=pre_mount_hook, | ||
1478 | 52 | after_change=post_mount_hook) | ||
1479 | 53 | except VolumeConfigurationError: | ||
1480 | 54 | log('Storage could not be configured', ERROR) | ||
1481 | 55 | |||
1482 | 56 | ''' | ||
1483 | 57 | |||
1484 | 58 | # XXX: Known limitations | ||
1485 | 59 | # - fstab is neither consulted nor updated | ||
1486 | 60 | |||
1487 | 61 | import os | ||
1488 | 62 | from charmhelpers.core import hookenv | ||
1489 | 63 | from charmhelpers.core import host | ||
1490 | 64 | import yaml | ||
1491 | 65 | |||
1492 | 66 | |||
1493 | 67 | MOUNT_BASE = '/srv/juju/volumes' | ||
1494 | 68 | |||
1495 | 69 | |||
1496 | 70 | class VolumeConfigurationError(Exception): | ||
1497 | 71 | '''Volume configuration data is missing or invalid''' | ||
1498 | 72 | pass | ||
1499 | 73 | |||
1500 | 74 | |||
1501 | 75 | def get_config(): | ||
1502 | 76 | '''Gather and sanity-check volume configuration data''' | ||
1503 | 77 | volume_config = {} | ||
1504 | 78 | config = hookenv.config() | ||
1505 | 79 | |||
1506 | 80 | errors = False | ||
1507 | 81 | |||
1508 | 82 | if config.get('volume-ephemeral') in (True, 'True', 'true', 'Yes', 'yes'): | ||
1509 | 83 | volume_config['ephemeral'] = True | ||
1510 | 84 | else: | ||
1511 | 85 | volume_config['ephemeral'] = False | ||
1512 | 86 | |||
1513 | 87 | try: | ||
1514 | 88 | volume_map = yaml.safe_load(config.get('volume-map', '{}')) | ||
1515 | 89 | except yaml.YAMLError as e: | ||
1516 | 90 | hookenv.log("Error parsing YAML volume-map: {}".format(e), | ||
1517 | 91 | hookenv.ERROR) | ||
1518 | 92 | errors = True | ||
1519 | 93 | if volume_map is None: | ||
1520 | 94 | # probably an empty string | ||
1521 | 95 | volume_map = {} | ||
1522 | 96 | elif not isinstance(volume_map, dict): | ||
1523 | 97 | hookenv.log("Volume-map should be a dictionary, not {}".format( | ||
1524 | 98 | type(volume_map))) | ||
1525 | 99 | errors = True | ||
1526 | 100 | |||
1527 | 101 | volume_config['device'] = volume_map.get(os.environ['JUJU_UNIT_NAME']) | ||
1528 | 102 | if volume_config['device'] and volume_config['ephemeral']: | ||
1529 | 103 | # asked for ephemeral storage but also defined a volume ID | ||
1530 | 104 | hookenv.log('A volume is defined for this unit, but ephemeral ' | ||
1531 | 105 | 'storage was requested', hookenv.ERROR) | ||
1532 | 106 | errors = True | ||
1533 | 107 | elif not volume_config['device'] and not volume_config['ephemeral']: | ||
1534 | 108 | # asked for permanent storage but did not define volume ID | ||
1535 | 109 | hookenv.log('Ephemeral storage was requested, but there is no volume ' | ||
1536 | 110 | 'defined for this unit.', hookenv.ERROR) | ||
1537 | 111 | errors = True | ||
1538 | 112 | |||
1539 | 113 | unit_mount_name = hookenv.local_unit().replace('/', '-') | ||
1540 | 114 | volume_config['mountpoint'] = os.path.join(MOUNT_BASE, unit_mount_name) | ||
1541 | 115 | |||
1542 | 116 | if errors: | ||
1543 | 117 | return None | ||
1544 | 118 | return volume_config | ||
1545 | 119 | |||
1546 | 120 | |||
1547 | 121 | def mount_volume(config): | ||
1548 | 122 | if os.path.exists(config['mountpoint']): | ||
1549 | 123 | if not os.path.isdir(config['mountpoint']): | ||
1550 | 124 | hookenv.log('Not a directory: {}'.format(config['mountpoint'])) | ||
1551 | 125 | raise VolumeConfigurationError() | ||
1552 | 126 | else: | ||
1553 | 127 | host.mkdir(config['mountpoint']) | ||
1554 | 128 | if os.path.ismount(config['mountpoint']): | ||
1555 | 129 | unmount_volume(config) | ||
1556 | 130 | if not host.mount(config['device'], config['mountpoint'], persist=True): | ||
1557 | 131 | raise VolumeConfigurationError() | ||
1558 | 132 | |||
1559 | 133 | |||
1560 | 134 | def unmount_volume(config): | ||
1561 | 135 | if os.path.ismount(config['mountpoint']): | ||
1562 | 136 | if not host.umount(config['mountpoint'], persist=True): | ||
1563 | 137 | raise VolumeConfigurationError() | ||
1564 | 138 | |||
1565 | 139 | |||
1566 | 140 | def managed_mounts(): | ||
1567 | 141 | '''List of all mounted managed volumes''' | ||
1568 | 142 | return filter(lambda mount: mount[0].startswith(MOUNT_BASE), host.mounts()) | ||
1569 | 143 | |||
1570 | 144 | |||
1571 | 145 | def configure_volume(before_change=lambda: None, after_change=lambda: None): | ||
1572 | 146 | '''Set up storage (or don't) according to the charm's volume configuration. | ||
1573 | 147 | Returns the mount point or "ephemeral". before_change and after_change | ||
1574 | 148 | are optional functions to be called if the volume configuration changes. | ||
1575 | 149 | ''' | ||
1576 | 150 | |||
1577 | 151 | config = get_config() | ||
1578 | 152 | if not config: | ||
1579 | 153 | hookenv.log('Failed to read volume configuration', hookenv.CRITICAL) | ||
1580 | 154 | raise VolumeConfigurationError() | ||
1581 | 155 | |||
1582 | 156 | if config['ephemeral']: | ||
1583 | 157 | if os.path.ismount(config['mountpoint']): | ||
1584 | 158 | before_change() | ||
1585 | 159 | unmount_volume(config) | ||
1586 | 160 | after_change() | ||
1587 | 161 | return 'ephemeral' | ||
1588 | 162 | else: | ||
1589 | 163 | # persistent storage | ||
1590 | 164 | if os.path.ismount(config['mountpoint']): | ||
1591 | 165 | mounts = dict(managed_mounts()) | ||
1592 | 166 | if mounts.get(config['mountpoint']) != config['device']: | ||
1593 | 167 | before_change() | ||
1594 | 168 | unmount_volume(config) | ||
1595 | 169 | mount_volume(config) | ||
1596 | 170 | after_change() | ||
1597 | 171 | else: | ||
1598 | 172 | before_change() | ||
1599 | 173 | mount_volume(config) | ||
1600 | 174 | after_change() | ||
1601 | 175 | return config['mountpoint'] | ||
1602 | 176 | 0 | ||
1603 | === removed directory 'hooks/charmhelpers/contrib/hahelpers' | |||
1604 | === removed file 'hooks/charmhelpers/contrib/hahelpers/__init__.py' | |||
1605 | --- hooks/charmhelpers/contrib/hahelpers/__init__.py 2015-01-23 11:08:26 +0000 | |||
1606 | +++ hooks/charmhelpers/contrib/hahelpers/__init__.py 1970-01-01 00:00:00 +0000 | |||
1607 | @@ -1,15 +0,0 @@ | |||
1608 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
1609 | 2 | # | ||
1610 | 3 | # This file is part of charm-helpers. | ||
1611 | 4 | # | ||
1612 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
1613 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
1614 | 7 | # published by the Free Software Foundation. | ||
1615 | 8 | # | ||
1616 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
1617 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1618 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
1619 | 12 | # GNU Lesser General Public License for more details. | ||
1620 | 13 | # | ||
1621 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
1622 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
1623 | 16 | 0 | ||
1624 | === removed file 'hooks/charmhelpers/contrib/hahelpers/apache.py' | |||
1625 | --- hooks/charmhelpers/contrib/hahelpers/apache.py 2015-02-24 12:07:07 +0000 | |||
1626 | +++ hooks/charmhelpers/contrib/hahelpers/apache.py 1970-01-01 00:00:00 +0000 | |||
1627 | @@ -1,82 +0,0 @@ | |||
1628 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
1629 | 2 | # | ||
1630 | 3 | # This file is part of charm-helpers. | ||
1631 | 4 | # | ||
1632 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
1633 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
1634 | 7 | # published by the Free Software Foundation. | ||
1635 | 8 | # | ||
1636 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
1637 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1638 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
1639 | 12 | # GNU Lesser General Public License for more details. | ||
1640 | 13 | # | ||
1641 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
1642 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
1643 | 16 | |||
1644 | 17 | # | ||
1645 | 18 | # Copyright 2012 Canonical Ltd. | ||
1646 | 19 | # | ||
1647 | 20 | # This file is sourced from lp:openstack-charm-helpers | ||
1648 | 21 | # | ||
1649 | 22 | # Authors: | ||
1650 | 23 | # James Page <james.page@ubuntu.com> | ||
1651 | 24 | # Adam Gandelman <adamg@ubuntu.com> | ||
1652 | 25 | # | ||
1653 | 26 | |||
1654 | 27 | import subprocess | ||
1655 | 28 | |||
1656 | 29 | from charmhelpers.core.hookenv import ( | ||
1657 | 30 | config as config_get, | ||
1658 | 31 | relation_get, | ||
1659 | 32 | relation_ids, | ||
1660 | 33 | related_units as relation_list, | ||
1661 | 34 | log, | ||
1662 | 35 | INFO, | ||
1663 | 36 | ) | ||
1664 | 37 | |||
1665 | 38 | |||
1666 | 39 | def get_cert(cn=None): | ||
1667 | 40 | # TODO: deal with multiple https endpoints via charm config | ||
1668 | 41 | cert = config_get('ssl_cert') | ||
1669 | 42 | key = config_get('ssl_key') | ||
1670 | 43 | if not (cert and key): | ||
1671 | 44 | log("Inspecting identity-service relations for SSL certificate.", | ||
1672 | 45 | level=INFO) | ||
1673 | 46 | cert = key = None | ||
1674 | 47 | if cn: | ||
1675 | 48 | ssl_cert_attr = 'ssl_cert_{}'.format(cn) | ||
1676 | 49 | ssl_key_attr = 'ssl_key_{}'.format(cn) | ||
1677 | 50 | else: | ||
1678 | 51 | ssl_cert_attr = 'ssl_cert' | ||
1679 | 52 | ssl_key_attr = 'ssl_key' | ||
1680 | 53 | for r_id in relation_ids('identity-service'): | ||
1681 | 54 | for unit in relation_list(r_id): | ||
1682 | 55 | if not cert: | ||
1683 | 56 | cert = relation_get(ssl_cert_attr, | ||
1684 | 57 | rid=r_id, unit=unit) | ||
1685 | 58 | if not key: | ||
1686 | 59 | key = relation_get(ssl_key_attr, | ||
1687 | 60 | rid=r_id, unit=unit) | ||
1688 | 61 | return (cert, key) | ||
1689 | 62 | |||
1690 | 63 | |||
1691 | 64 | def get_ca_cert(): | ||
1692 | 65 | ca_cert = config_get('ssl_ca') | ||
1693 | 66 | if ca_cert is None: | ||
1694 | 67 | log("Inspecting identity-service relations for CA SSL certificate.", | ||
1695 | 68 | level=INFO) | ||
1696 | 69 | for r_id in relation_ids('identity-service'): | ||
1697 | 70 | for unit in relation_list(r_id): | ||
1698 | 71 | if ca_cert is None: | ||
1699 | 72 | ca_cert = relation_get('ca_cert', | ||
1700 | 73 | rid=r_id, unit=unit) | ||
1701 | 74 | return ca_cert | ||
1702 | 75 | |||
1703 | 76 | |||
1704 | 77 | def install_ca_cert(ca_cert): | ||
1705 | 78 | if ca_cert: | ||
1706 | 79 | with open('/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt', | ||
1707 | 80 | 'w') as crt: | ||
1708 | 81 | crt.write(ca_cert) | ||
1709 | 82 | subprocess.check_call(['update-ca-certificates', '--fresh']) | ||
1710 | 83 | 0 | ||
1711 | === removed file 'hooks/charmhelpers/contrib/hahelpers/cluster.py' | |||
1712 | --- hooks/charmhelpers/contrib/hahelpers/cluster.py 2015-03-31 15:13:53 +0000 | |||
1713 | +++ hooks/charmhelpers/contrib/hahelpers/cluster.py 1970-01-01 00:00:00 +0000 | |||
1714 | @@ -1,272 +0,0 @@ | |||
1715 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
1716 | 2 | # | ||
1717 | 3 | # This file is part of charm-helpers. | ||
1718 | 4 | # | ||
1719 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
1720 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
1721 | 7 | # published by the Free Software Foundation. | ||
1722 | 8 | # | ||
1723 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
1724 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1725 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
1726 | 12 | # GNU Lesser General Public License for more details. | ||
1727 | 13 | # | ||
1728 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
1729 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
1730 | 16 | |||
1731 | 17 | # | ||
1732 | 18 | # Copyright 2012 Canonical Ltd. | ||
1733 | 19 | # | ||
1734 | 20 | # Authors: | ||
1735 | 21 | # James Page <james.page@ubuntu.com> | ||
1736 | 22 | # Adam Gandelman <adamg@ubuntu.com> | ||
1737 | 23 | # | ||
1738 | 24 | |||
1739 | 25 | """ | ||
1740 | 26 | Helpers for clustering and determining "cluster leadership" and other | ||
1741 | 27 | clustering-related helpers. | ||
1742 | 28 | """ | ||
1743 | 29 | |||
1744 | 30 | import subprocess | ||
1745 | 31 | import os | ||
1746 | 32 | |||
1747 | 33 | from socket import gethostname as get_unit_hostname | ||
1748 | 34 | |||
1749 | 35 | import six | ||
1750 | 36 | |||
1751 | 37 | from charmhelpers.core.hookenv import ( | ||
1752 | 38 | log, | ||
1753 | 39 | relation_ids, | ||
1754 | 40 | related_units as relation_list, | ||
1755 | 41 | relation_get, | ||
1756 | 42 | config as config_get, | ||
1757 | 43 | INFO, | ||
1758 | 44 | ERROR, | ||
1759 | 45 | WARNING, | ||
1760 | 46 | unit_get, | ||
1761 | 47 | ) | ||
1762 | 48 | from charmhelpers.core.decorators import ( | ||
1763 | 49 | retry_on_exception, | ||
1764 | 50 | ) | ||
1765 | 51 | from charmhelpers.core.strutils import ( | ||
1766 | 52 | bool_from_string, | ||
1767 | 53 | ) | ||
1768 | 54 | |||
1769 | 55 | |||
1770 | 56 | class HAIncompleteConfig(Exception): | ||
1771 | 57 | pass | ||
1772 | 58 | |||
1773 | 59 | |||
1774 | 60 | class CRMResourceNotFound(Exception): | ||
1775 | 61 | pass | ||
1776 | 62 | |||
1777 | 63 | |||
1778 | 64 | def is_elected_leader(resource): | ||
1779 | 65 | """ | ||
1780 | 66 | Returns True if the charm executing this is the elected cluster leader. | ||
1781 | 67 | |||
1782 | 68 | It relies on two mechanisms to determine leadership: | ||
1783 | 69 | 1. If the charm is part of a corosync cluster, call corosync to | ||
1784 | 70 | determine leadership. | ||
1785 | 71 | 2. If the charm is not part of a corosync cluster, the leader is | ||
1786 | 72 | determined as being "the alive unit with the lowest unit numer". In | ||
1787 | 73 | other words, the oldest surviving unit. | ||
1788 | 74 | """ | ||
1789 | 75 | if is_clustered(): | ||
1790 | 76 | if not is_crm_leader(resource): | ||
1791 | 77 | log('Deferring action to CRM leader.', level=INFO) | ||
1792 | 78 | return False | ||
1793 | 79 | else: | ||
1794 | 80 | peers = peer_units() | ||
1795 | 81 | if peers and not oldest_peer(peers): | ||
1796 | 82 | log('Deferring action to oldest service unit.', level=INFO) | ||
1797 | 83 | return False | ||
1798 | 84 | return True | ||
1799 | 85 | |||
1800 | 86 | |||
1801 | 87 | def is_clustered(): | ||
1802 | 88 | for r_id in (relation_ids('ha') or []): | ||
1803 | 89 | for unit in (relation_list(r_id) or []): | ||
1804 | 90 | clustered = relation_get('clustered', | ||
1805 | 91 | rid=r_id, | ||
1806 | 92 | unit=unit) | ||
1807 | 93 | if clustered: | ||
1808 | 94 | return True | ||
1809 | 95 | return False | ||
1810 | 96 | |||
1811 | 97 | |||
1812 | 98 | @retry_on_exception(5, base_delay=2, exc_type=CRMResourceNotFound) | ||
1813 | 99 | def is_crm_leader(resource, retry=False): | ||
1814 | 100 | """ | ||
1815 | 101 | Returns True if the charm calling this is the elected corosync leader, | ||
1816 | 102 | as returned by calling the external "crm" command. | ||
1817 | 103 | |||
1818 | 104 | We allow this operation to be retried to avoid the possibility of getting a | ||
1819 | 105 | false negative. See LP #1396246 for more info. | ||
1820 | 106 | """ | ||
1821 | 107 | cmd = ['crm', 'resource', 'show', resource] | ||
1822 | 108 | try: | ||
1823 | 109 | status = subprocess.check_output(cmd, stderr=subprocess.STDOUT) | ||
1824 | 110 | if not isinstance(status, six.text_type): | ||
1825 | 111 | status = six.text_type(status, "utf-8") | ||
1826 | 112 | except subprocess.CalledProcessError: | ||
1827 | 113 | status = None | ||
1828 | 114 | |||
1829 | 115 | if status and get_unit_hostname() in status: | ||
1830 | 116 | return True | ||
1831 | 117 | |||
1832 | 118 | if status and "resource %s is NOT running" % (resource) in status: | ||
1833 | 119 | raise CRMResourceNotFound("CRM resource %s not found" % (resource)) | ||
1834 | 120 | |||
1835 | 121 | return False | ||
1836 | 122 | |||
1837 | 123 | |||
1838 | 124 | def is_leader(resource): | ||
1839 | 125 | log("is_leader is deprecated. Please consider using is_crm_leader " | ||
1840 | 126 | "instead.", level=WARNING) | ||
1841 | 127 | return is_crm_leader(resource) | ||
1842 | 128 | |||
1843 | 129 | |||
1844 | 130 | def peer_units(peer_relation="cluster"): | ||
1845 | 131 | peers = [] | ||
1846 | 132 | for r_id in (relation_ids(peer_relation) or []): | ||
1847 | 133 | for unit in (relation_list(r_id) or []): | ||
1848 | 134 | peers.append(unit) | ||
1849 | 135 | return peers | ||
1850 | 136 | |||
1851 | 137 | |||
1852 | 138 | def peer_ips(peer_relation='cluster', addr_key='private-address'): | ||
1853 | 139 | '''Return a dict of peers and their private-address''' | ||
1854 | 140 | peers = {} | ||
1855 | 141 | for r_id in relation_ids(peer_relation): | ||
1856 | 142 | for unit in relation_list(r_id): | ||
1857 | 143 | peers[unit] = relation_get(addr_key, rid=r_id, unit=unit) | ||
1858 | 144 | return peers | ||
1859 | 145 | |||
1860 | 146 | |||
1861 | 147 | def oldest_peer(peers): | ||
1862 | 148 | """Determines who the oldest peer is by comparing unit numbers.""" | ||
1863 | 149 | local_unit_no = int(os.getenv('JUJU_UNIT_NAME').split('/')[1]) | ||
1864 | 150 | for peer in peers: | ||
1865 | 151 | remote_unit_no = int(peer.split('/')[1]) | ||
1866 | 152 | if remote_unit_no < local_unit_no: | ||
1867 | 153 | return False | ||
1868 | 154 | return True | ||
1869 | 155 | |||
1870 | 156 | |||
1871 | 157 | def eligible_leader(resource): | ||
1872 | 158 | log("eligible_leader is deprecated. Please consider using " | ||
1873 | 159 | "is_elected_leader instead.", level=WARNING) | ||
1874 | 160 | return is_elected_leader(resource) | ||
1875 | 161 | |||
1876 | 162 | |||
1877 | 163 | def https(): | ||
1878 | 164 | ''' | ||
1879 | 165 | Determines whether enough data has been provided in configuration | ||
1880 | 166 | or relation data to configure HTTPS | ||
1881 | 167 | . | ||
1882 | 168 | returns: boolean | ||
1883 | 169 | ''' | ||
1884 | 170 | use_https = config_get('use-https') | ||
1885 | 171 | if use_https and bool_from_string(use_https): | ||
1886 | 172 | return True | ||
1887 | 173 | if config_get('ssl_cert') and config_get('ssl_key'): | ||
1888 | 174 | return True | ||
1889 | 175 | for r_id in relation_ids('identity-service'): | ||
1890 | 176 | for unit in relation_list(r_id): | ||
1891 | 177 | # TODO - needs fixing for new helper as ssl_cert/key suffixes with CN | ||
1892 | 178 | rel_state = [ | ||
1893 | 179 | relation_get('https_keystone', rid=r_id, unit=unit), | ||
1894 | 180 | relation_get('ca_cert', rid=r_id, unit=unit), | ||
1895 | 181 | ] | ||
1896 | 182 | # NOTE: works around (LP: #1203241) | ||
1897 | 183 | if (None not in rel_state) and ('' not in rel_state): | ||
1898 | 184 | return True | ||
1899 | 185 | return False | ||
1900 | 186 | |||
1901 | 187 | |||
1902 | 188 | def determine_api_port(public_port, singlenode_mode=False): | ||
1903 | 189 | ''' | ||
1904 | 190 | Determine correct API server listening port based on | ||
1905 | 191 | existence of HTTPS reverse proxy and/or haproxy. | ||
1906 | 192 | |||
1907 | 193 | public_port: int: standard public port for given service | ||
1908 | 194 | |||
1909 | 195 | singlenode_mode: boolean: Shuffle ports when only a single unit is present | ||
1910 | 196 | |||
1911 | 197 | returns: int: the correct listening port for the API service | ||
1912 | 198 | ''' | ||
1913 | 199 | i = 0 | ||
1914 | 200 | if singlenode_mode: | ||
1915 | 201 | i += 1 | ||
1916 | 202 | elif len(peer_units()) > 0 or is_clustered(): | ||
1917 | 203 | i += 1 | ||
1918 | 204 | if https(): | ||
1919 | 205 | i += 1 | ||
1920 | 206 | return public_port - (i * 10) | ||
1921 | 207 | |||
1922 | 208 | |||
1923 | 209 | def determine_apache_port(public_port, singlenode_mode=False): | ||
1924 | 210 | ''' | ||
1925 | 211 | Description: Determine correct apache listening port based on public IP + | ||
1926 | 212 | state of the cluster. | ||
1927 | 213 | |||
1928 | 214 | public_port: int: standard public port for given service | ||
1929 | 215 | |||
1930 | 216 | singlenode_mode: boolean: Shuffle ports when only a single unit is present | ||
1931 | 217 | |||
1932 | 218 | returns: int: the correct listening port for the HAProxy service | ||
1933 | 219 | ''' | ||
1934 | 220 | i = 0 | ||
1935 | 221 | if singlenode_mode: | ||
1936 | 222 | i += 1 | ||
1937 | 223 | elif len(peer_units()) > 0 or is_clustered(): | ||
1938 | 224 | i += 1 | ||
1939 | 225 | return public_port - (i * 10) | ||
1940 | 226 | |||
1941 | 227 | |||
1942 | 228 | def get_hacluster_config(exclude_keys=None): | ||
1943 | 229 | ''' | ||
1944 | 230 | Obtains all relevant configuration from charm configuration required | ||
1945 | 231 | for initiating a relation to hacluster: | ||
1946 | 232 | |||
1947 | 233 | ha-bindiface, ha-mcastport, vip | ||
1948 | 234 | |||
1949 | 235 | param: exclude_keys: list of setting key(s) to be excluded. | ||
1950 | 236 | returns: dict: A dict containing settings keyed by setting name. | ||
1951 | 237 | raises: HAIncompleteConfig if settings are missing. | ||
1952 | 238 | ''' | ||
1953 | 239 | settings = ['ha-bindiface', 'ha-mcastport', 'vip'] | ||
1954 | 240 | conf = {} | ||
1955 | 241 | for setting in settings: | ||
1956 | 242 | if exclude_keys and setting in exclude_keys: | ||
1957 | 243 | continue | ||
1958 | 244 | |||
1959 | 245 | conf[setting] = config_get(setting) | ||
1960 | 246 | missing = [] | ||
1961 | 247 | [missing.append(s) for s, v in six.iteritems(conf) if v is None] | ||
1962 | 248 | if missing: | ||
1963 | 249 | log('Insufficient config data to configure hacluster.', level=ERROR) | ||
1964 | 250 | raise HAIncompleteConfig | ||
1965 | 251 | return conf | ||
1966 | 252 | |||
1967 | 253 | |||
1968 | 254 | def canonical_url(configs, vip_setting='vip'): | ||
1969 | 255 | ''' | ||
1970 | 256 | Returns the correct HTTP URL to this host given the state of HTTPS | ||
1971 | 257 | configuration and hacluster. | ||
1972 | 258 | |||
1973 | 259 | :configs : OSTemplateRenderer: A config tempating object to inspect for | ||
1974 | 260 | a complete https context. | ||
1975 | 261 | |||
1976 | 262 | :vip_setting: str: Setting in charm config that specifies | ||
1977 | 263 | VIP address. | ||
1978 | 264 | ''' | ||
1979 | 265 | scheme = 'http' | ||
1980 | 266 | if 'https' in configs.complete_contexts(): | ||
1981 | 267 | scheme = 'https' | ||
1982 | 268 | if is_clustered(): | ||
1983 | 269 | addr = config_get(vip_setting) | ||
1984 | 270 | else: | ||
1985 | 271 | addr = unit_get('private-address') | ||
1986 | 272 | return '%s://%s' % (scheme, addr) | ||
1987 | 273 | 0 | ||
1988 | === removed directory 'hooks/charmhelpers/contrib/network' | |||
1989 | === removed file 'hooks/charmhelpers/contrib/network/__init__.py' | |||
1990 | --- hooks/charmhelpers/contrib/network/__init__.py 2015-01-23 11:08:26 +0000 | |||
1991 | +++ hooks/charmhelpers/contrib/network/__init__.py 1970-01-01 00:00:00 +0000 | |||
1992 | @@ -1,15 +0,0 @@ | |||
1993 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
1994 | 2 | # | ||
1995 | 3 | # This file is part of charm-helpers. | ||
1996 | 4 | # | ||
1997 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
1998 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
1999 | 7 | # published by the Free Software Foundation. | ||
2000 | 8 | # | ||
2001 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
2002 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
2003 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
2004 | 12 | # GNU Lesser General Public License for more details. | ||
2005 | 13 | # | ||
2006 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
2007 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
2008 | 16 | 0 | ||
2009 | === removed file 'hooks/charmhelpers/contrib/network/ip.py' | |||
2010 | --- hooks/charmhelpers/contrib/network/ip.py 2015-03-31 15:13:53 +0000 | |||
2011 | +++ hooks/charmhelpers/contrib/network/ip.py 1970-01-01 00:00:00 +0000 | |||
2012 | @@ -1,450 +0,0 @@ | |||
2013 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
2014 | 2 | # | ||
2015 | 3 | # This file is part of charm-helpers. | ||
2016 | 4 | # | ||
2017 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
2018 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
2019 | 7 | # published by the Free Software Foundation. | ||
2020 | 8 | # | ||
2021 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
2022 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
2023 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
2024 | 12 | # GNU Lesser General Public License for more details. | ||
2025 | 13 | # | ||
2026 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
2027 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
2028 | 16 | |||
2029 | 17 | import glob | ||
2030 | 18 | import re | ||
2031 | 19 | import subprocess | ||
2032 | 20 | import six | ||
2033 | 21 | import socket | ||
2034 | 22 | |||
2035 | 23 | from functools import partial | ||
2036 | 24 | |||
2037 | 25 | from charmhelpers.core.hookenv import unit_get | ||
2038 | 26 | from charmhelpers.fetch import apt_install | ||
2039 | 27 | from charmhelpers.core.hookenv import ( | ||
2040 | 28 | log, | ||
2041 | 29 | WARNING, | ||
2042 | 30 | ) | ||
2043 | 31 | |||
2044 | 32 | try: | ||
2045 | 33 | import netifaces | ||
2046 | 34 | except ImportError: | ||
2047 | 35 | apt_install('python-netifaces') | ||
2048 | 36 | import netifaces | ||
2049 | 37 | |||
2050 | 38 | try: | ||
2051 | 39 | import netaddr | ||
2052 | 40 | except ImportError: | ||
2053 | 41 | apt_install('python-netaddr') | ||
2054 | 42 | import netaddr | ||
2055 | 43 | |||
2056 | 44 | |||
2057 | 45 | def _validate_cidr(network): | ||
2058 | 46 | try: | ||
2059 | 47 | netaddr.IPNetwork(network) | ||
2060 | 48 | except (netaddr.core.AddrFormatError, ValueError): | ||
2061 | 49 | raise ValueError("Network (%s) is not in CIDR presentation format" % | ||
2062 | 50 | network) | ||
2063 | 51 | |||
2064 | 52 | |||
2065 | 53 | def no_ip_found_error_out(network): | ||
2066 | 54 | errmsg = ("No IP address found in network: %s" % network) | ||
2067 | 55 | raise ValueError(errmsg) | ||
2068 | 56 | |||
2069 | 57 | |||
2070 | 58 | def get_address_in_network(network, fallback=None, fatal=False): | ||
2071 | 59 | """Get an IPv4 or IPv6 address within the network from the host. | ||
2072 | 60 | |||
2073 | 61 | :param network (str): CIDR presentation format. For example, | ||
2074 | 62 | '192.168.1.0/24'. | ||
2075 | 63 | :param fallback (str): If no address is found, return fallback. | ||
2076 | 64 | :param fatal (boolean): If no address is found, fallback is not | ||
2077 | 65 | set and fatal is True then exit(1). | ||
2078 | 66 | """ | ||
2079 | 67 | if network is None: | ||
2080 | 68 | if fallback is not None: | ||
2081 | 69 | return fallback | ||
2082 | 70 | |||
2083 | 71 | if fatal: | ||
2084 | 72 | no_ip_found_error_out(network) | ||
2085 | 73 | else: | ||
2086 | 74 | return None | ||
2087 | 75 | |||
2088 | 76 | _validate_cidr(network) | ||
2089 | 77 | network = netaddr.IPNetwork(network) | ||
2090 | 78 | for iface in netifaces.interfaces(): | ||
2091 | 79 | addresses = netifaces.ifaddresses(iface) | ||
2092 | 80 | if network.version == 4 and netifaces.AF_INET in addresses: | ||
2093 | 81 | addr = addresses[netifaces.AF_INET][0]['addr'] | ||
2094 | 82 | netmask = addresses[netifaces.AF_INET][0]['netmask'] | ||
2095 | 83 | cidr = netaddr.IPNetwork("%s/%s" % (addr, netmask)) | ||
2096 | 84 | if cidr in network: | ||
2097 | 85 | return str(cidr.ip) | ||
2098 | 86 | |||
2099 | 87 | if network.version == 6 and netifaces.AF_INET6 in addresses: | ||
2100 | 88 | for addr in addresses[netifaces.AF_INET6]: | ||
2101 | 89 | if not addr['addr'].startswith('fe80'): | ||
2102 | 90 | cidr = netaddr.IPNetwork("%s/%s" % (addr['addr'], | ||
2103 | 91 | addr['netmask'])) | ||
2104 | 92 | if cidr in network: | ||
2105 | 93 | return str(cidr.ip) | ||
2106 | 94 | |||
2107 | 95 | if fallback is not None: | ||
2108 | 96 | return fallback | ||
2109 | 97 | |||
2110 | 98 | if fatal: | ||
2111 | 99 | no_ip_found_error_out(network) | ||
2112 | 100 | |||
2113 | 101 | return None | ||
2114 | 102 | |||
2115 | 103 | |||
2116 | 104 | def is_ipv6(address): | ||
2117 | 105 | """Determine whether provided address is IPv6 or not.""" | ||
2118 | 106 | try: | ||
2119 | 107 | address = netaddr.IPAddress(address) | ||
2120 | 108 | except netaddr.AddrFormatError: | ||
2121 | 109 | # probably a hostname - so not an address at all! | ||
2122 | 110 | return False | ||
2123 | 111 | |||
2124 | 112 | return address.version == 6 | ||
2125 | 113 | |||
2126 | 114 | |||
2127 | 115 | def is_address_in_network(network, address): | ||
2128 | 116 | """ | ||
2129 | 117 | Determine whether the provided address is within a network range. | ||
2130 | 118 | |||
2131 | 119 | :param network (str): CIDR presentation format. For example, | ||
2132 | 120 | '192.168.1.0/24'. | ||
2133 | 121 | :param address: An individual IPv4 or IPv6 address without a net | ||
2134 | 122 | mask or subnet prefix. For example, '192.168.1.1'. | ||
2135 | 123 | :returns boolean: Flag indicating whether address is in network. | ||
2136 | 124 | """ | ||
2137 | 125 | try: | ||
2138 | 126 | network = netaddr.IPNetwork(network) | ||
2139 | 127 | except (netaddr.core.AddrFormatError, ValueError): | ||
2140 | 128 | raise ValueError("Network (%s) is not in CIDR presentation format" % | ||
2141 | 129 | network) | ||
2142 | 130 | |||
2143 | 131 | try: | ||
2144 | 132 | address = netaddr.IPAddress(address) | ||
2145 | 133 | except (netaddr.core.AddrFormatError, ValueError): | ||
2146 | 134 | raise ValueError("Address (%s) is not in correct presentation format" % | ||
2147 | 135 | address) | ||
2148 | 136 | |||
2149 | 137 | if address in network: | ||
2150 | 138 | return True | ||
2151 | 139 | else: | ||
2152 | 140 | return False | ||
2153 | 141 | |||
2154 | 142 | |||
2155 | 143 | def _get_for_address(address, key): | ||
2156 | 144 | """Retrieve an attribute of or the physical interface that | ||
2157 | 145 | the IP address provided could be bound to. | ||
2158 | 146 | |||
2159 | 147 | :param address (str): An individual IPv4 or IPv6 address without a net | ||
2160 | 148 | mask or subnet prefix. For example, '192.168.1.1'. | ||
2161 | 149 | :param key: 'iface' for the physical interface name or an attribute | ||
2162 | 150 | of the configured interface, for example 'netmask'. | ||
2163 | 151 | :returns str: Requested attribute or None if address is not bindable. | ||
2164 | 152 | """ | ||
2165 | 153 | address = netaddr.IPAddress(address) | ||
2166 | 154 | for iface in netifaces.interfaces(): | ||
2167 | 155 | addresses = netifaces.ifaddresses(iface) | ||
2168 | 156 | if address.version == 4 and netifaces.AF_INET in addresses: | ||
2169 | 157 | addr = addresses[netifaces.AF_INET][0]['addr'] | ||
2170 | 158 | netmask = addresses[netifaces.AF_INET][0]['netmask'] | ||
2171 | 159 | network = netaddr.IPNetwork("%s/%s" % (addr, netmask)) | ||
2172 | 160 | cidr = network.cidr | ||
2173 | 161 | if address in cidr: | ||
2174 | 162 | if key == 'iface': | ||
2175 | 163 | return iface | ||
2176 | 164 | else: | ||
2177 | 165 | return addresses[netifaces.AF_INET][0][key] | ||
2178 | 166 | |||
2179 | 167 | if address.version == 6 and netifaces.AF_INET6 in addresses: | ||
2180 | 168 | for addr in addresses[netifaces.AF_INET6]: | ||
2181 | 169 | if not addr['addr'].startswith('fe80'): | ||
2182 | 170 | network = netaddr.IPNetwork("%s/%s" % (addr['addr'], | ||
2183 | 171 | addr['netmask'])) | ||
2184 | 172 | cidr = network.cidr | ||
2185 | 173 | if address in cidr: | ||
2186 | 174 | if key == 'iface': | ||
2187 | 175 | return iface | ||
2188 | 176 | elif key == 'netmask' and cidr: | ||
2189 | 177 | return str(cidr).split('/')[1] | ||
2190 | 178 | else: | ||
2191 | 179 | return addr[key] | ||
2192 | 180 | |||
2193 | 181 | return None | ||
2194 | 182 | |||
2195 | 183 | |||
2196 | 184 | get_iface_for_address = partial(_get_for_address, key='iface') | ||
2197 | 185 | |||
2198 | 186 | |||
2199 | 187 | get_netmask_for_address = partial(_get_for_address, key='netmask') | ||
2200 | 188 | |||
2201 | 189 | |||
2202 | 190 | def format_ipv6_addr(address): | ||
2203 | 191 | """If address is IPv6, wrap it in '[]' otherwise return None. | ||
2204 | 192 | |||
2205 | 193 | This is required by most configuration files when specifying IPv6 | ||
2206 | 194 | addresses. | ||
2207 | 195 | """ | ||
2208 | 196 | if is_ipv6(address): | ||
2209 | 197 | return "[%s]" % address | ||
2210 | 198 | |||
2211 | 199 | return None | ||
2212 | 200 | |||
2213 | 201 | |||
2214 | 202 | def get_iface_addr(iface='eth0', inet_type='AF_INET', inc_aliases=False, | ||
2215 | 203 | fatal=True, exc_list=None): | ||
2216 | 204 | """Return the assigned IP address for a given interface, if any.""" | ||
2217 | 205 | # Extract nic if passed /dev/ethX | ||
2218 | 206 | if '/' in iface: | ||
2219 | 207 | iface = iface.split('/')[-1] | ||
2220 | 208 | |||
2221 | 209 | if not exc_list: | ||
2222 | 210 | exc_list = [] | ||
2223 | 211 | |||
2224 | 212 | try: | ||
2225 | 213 | inet_num = getattr(netifaces, inet_type) | ||
2226 | 214 | except AttributeError: | ||
2227 | 215 | raise Exception("Unknown inet type '%s'" % str(inet_type)) | ||
2228 | 216 | |||
2229 | 217 | interfaces = netifaces.interfaces() | ||
2230 | 218 | if inc_aliases: | ||
2231 | 219 | ifaces = [] | ||
2232 | 220 | for _iface in interfaces: | ||
2233 | 221 | if iface == _iface or _iface.split(':')[0] == iface: | ||
2234 | 222 | ifaces.append(_iface) | ||
2235 | 223 | |||
2236 | 224 | if fatal and not ifaces: | ||
2237 | 225 | raise Exception("Invalid interface '%s'" % iface) | ||
2238 | 226 | |||
2239 | 227 | ifaces.sort() | ||
2240 | 228 | else: | ||
2241 | 229 | if iface not in interfaces: | ||
2242 | 230 | if fatal: | ||
2243 | 231 | raise Exception("Interface '%s' not found " % (iface)) | ||
2244 | 232 | else: | ||
2245 | 233 | return [] | ||
2246 | 234 | |||
2247 | 235 | else: | ||
2248 | 236 | ifaces = [iface] | ||
2249 | 237 | |||
2250 | 238 | addresses = [] | ||
2251 | 239 | for netiface in ifaces: | ||
2252 | 240 | net_info = netifaces.ifaddresses(netiface) | ||
2253 | 241 | if inet_num in net_info: | ||
2254 | 242 | for entry in net_info[inet_num]: | ||
2255 | 243 | if 'addr' in entry and entry['addr'] not in exc_list: | ||
2256 | 244 | addresses.append(entry['addr']) | ||
2257 | 245 | |||
2258 | 246 | if fatal and not addresses: | ||
2259 | 247 | raise Exception("Interface '%s' doesn't have any %s addresses." % | ||
2260 | 248 | (iface, inet_type)) | ||
2261 | 249 | |||
2262 | 250 | return sorted(addresses) | ||
2263 | 251 | |||
2264 | 252 | |||
2265 | 253 | get_ipv4_addr = partial(get_iface_addr, inet_type='AF_INET') | ||
2266 | 254 | |||
2267 | 255 | |||
2268 | 256 | def get_iface_from_addr(addr): | ||
2269 | 257 | """Work out on which interface the provided address is configured.""" | ||
2270 | 258 | for iface in netifaces.interfaces(): | ||
2271 | 259 | addresses = netifaces.ifaddresses(iface) | ||
2272 | 260 | for inet_type in addresses: | ||
2273 | 261 | for _addr in addresses[inet_type]: | ||
2274 | 262 | _addr = _addr['addr'] | ||
2275 | 263 | # link local | ||
2276 | 264 | ll_key = re.compile("(.+)%.*") | ||
2277 | 265 | raw = re.match(ll_key, _addr) | ||
2278 | 266 | if raw: | ||
2279 | 267 | _addr = raw.group(1) | ||
2280 | 268 | |||
2281 | 269 | if _addr == addr: | ||
2282 | 270 | log("Address '%s' is configured on iface '%s'" % | ||
2283 | 271 | (addr, iface)) | ||
2284 | 272 | return iface | ||
2285 | 273 | |||
2286 | 274 | msg = "Unable to infer net iface on which '%s' is configured" % (addr) | ||
2287 | 275 | raise Exception(msg) | ||
2288 | 276 | |||
2289 | 277 | |||
2290 | 278 | def sniff_iface(f): | ||
2291 | 279 | """Ensure decorated function is called with a value for iface. | ||
2292 | 280 | |||
2293 | 281 | If no iface provided, inject net iface inferred from unit private address. | ||
2294 | 282 | """ | ||
2295 | 283 | def iface_sniffer(*args, **kwargs): | ||
2296 | 284 | if not kwargs.get('iface', None): | ||
2297 | 285 | kwargs['iface'] = get_iface_from_addr(unit_get('private-address')) | ||
2298 | 286 | |||
2299 | 287 | return f(*args, **kwargs) | ||
2300 | 288 | |||
2301 | 289 | return iface_sniffer | ||
2302 | 290 | |||
2303 | 291 | |||
2304 | 292 | @sniff_iface | ||
2305 | 293 | def get_ipv6_addr(iface=None, inc_aliases=False, fatal=True, exc_list=None, | ||
2306 | 294 | dynamic_only=True): | ||
2307 | 295 | """Get assigned IPv6 address for a given interface. | ||
2308 | 296 | |||
2309 | 297 | Returns list of addresses found. If no address found, returns empty list. | ||
2310 | 298 | |||
2311 | 299 | If iface is None, we infer the current primary interface by doing a reverse | ||
2312 | 300 | lookup on the unit private-address. | ||
2313 | 301 | |||
2314 | 302 | We currently only support scope global IPv6 addresses i.e. non-temporary | ||
2315 | 303 | addresses. If no global IPv6 address is found, return the first one found | ||
2316 | 304 | in the ipv6 address list. | ||
2317 | 305 | """ | ||
2318 | 306 | addresses = get_iface_addr(iface=iface, inet_type='AF_INET6', | ||
2319 | 307 | inc_aliases=inc_aliases, fatal=fatal, | ||
2320 | 308 | exc_list=exc_list) | ||
2321 | 309 | |||
2322 | 310 | if addresses: | ||
2323 | 311 | global_addrs = [] | ||
2324 | 312 | for addr in addresses: | ||
2325 | 313 | key_scope_link_local = re.compile("^fe80::..(.+)%(.+)") | ||
2326 | 314 | m = re.match(key_scope_link_local, addr) | ||
2327 | 315 | if m: | ||
2328 | 316 | eui_64_mac = m.group(1) | ||
2329 | 317 | iface = m.group(2) | ||
2330 | 318 | else: | ||
2331 | 319 | global_addrs.append(addr) | ||
2332 | 320 | |||
2333 | 321 | if global_addrs: | ||
2334 | 322 | # Make sure any found global addresses are not temporary | ||
2335 | 323 | cmd = ['ip', 'addr', 'show', iface] | ||
2336 | 324 | out = subprocess.check_output(cmd).decode('UTF-8') | ||
2337 | 325 | if dynamic_only: | ||
2338 | 326 | key = re.compile("inet6 (.+)/[0-9]+ scope global dynamic.*") | ||
2339 | 327 | else: | ||
2340 | 328 | key = re.compile("inet6 (.+)/[0-9]+ scope global.*") | ||
2341 | 329 | |||
2342 | 330 | addrs = [] | ||
2343 | 331 | for line in out.split('\n'): | ||
2344 | 332 | line = line.strip() | ||
2345 | 333 | m = re.match(key, line) | ||
2346 | 334 | if m and 'temporary' not in line: | ||
2347 | 335 | # Return the first valid address we find | ||
2348 | 336 | for addr in global_addrs: | ||
2349 | 337 | if m.group(1) == addr: | ||
2350 | 338 | if not dynamic_only or \ | ||
2351 | 339 | m.group(1).endswith(eui_64_mac): | ||
2352 | 340 | addrs.append(addr) | ||
2353 | 341 | |||
2354 | 342 | if addrs: | ||
2355 | 343 | return addrs | ||
2356 | 344 | |||
2357 | 345 | if fatal: | ||
2358 | 346 | raise Exception("Interface '%s' does not have a scope global " | ||
2359 | 347 | "non-temporary ipv6 address." % iface) | ||
2360 | 348 | |||
2361 | 349 | return [] | ||
2362 | 350 | |||
2363 | 351 | |||
2364 | 352 | def get_bridges(vnic_dir='/sys/devices/virtual/net'): | ||
2365 | 353 | """Return a list of bridges on the system.""" | ||
2366 | 354 | b_regex = "%s/*/bridge" % vnic_dir | ||
2367 | 355 | return [x.replace(vnic_dir, '').split('/')[1] for x in glob.glob(b_regex)] | ||
2368 | 356 | |||
2369 | 357 | |||
2370 | 358 | def get_bridge_nics(bridge, vnic_dir='/sys/devices/virtual/net'): | ||
2371 | 359 | """Return a list of nics comprising a given bridge on the system.""" | ||
2372 | 360 | brif_regex = "%s/%s/brif/*" % (vnic_dir, bridge) | ||
2373 | 361 | return [x.split('/')[-1] for x in glob.glob(brif_regex)] | ||
2374 | 362 | |||
2375 | 363 | |||
2376 | 364 | def is_bridge_member(nic): | ||
2377 | 365 | """Check if a given nic is a member of a bridge.""" | ||
2378 | 366 | for bridge in get_bridges(): | ||
2379 | 367 | if nic in get_bridge_nics(bridge): | ||
2380 | 368 | return True | ||
2381 | 369 | |||
2382 | 370 | return False | ||
2383 | 371 | |||
2384 | 372 | |||
2385 | 373 | def is_ip(address): | ||
2386 | 374 | """ | ||
2387 | 375 | Returns True if address is a valid IP address. | ||
2388 | 376 | """ | ||
2389 | 377 | try: | ||
2390 | 378 | # Test to see if already an IPv4 address | ||
2391 | 379 | socket.inet_aton(address) | ||
2392 | 380 | return True | ||
2393 | 381 | except socket.error: | ||
2394 | 382 | return False | ||
2395 | 383 | |||
2396 | 384 | |||
2397 | 385 | def ns_query(address): | ||
2398 | 386 | try: | ||
2399 | 387 | import dns.resolver | ||
2400 | 388 | except ImportError: | ||
2401 | 389 | apt_install('python-dnspython') | ||
2402 | 390 | import dns.resolver | ||
2403 | 391 | |||
2404 | 392 | if isinstance(address, dns.name.Name): | ||
2405 | 393 | rtype = 'PTR' | ||
2406 | 394 | elif isinstance(address, six.string_types): | ||
2407 | 395 | rtype = 'A' | ||
2408 | 396 | else: | ||
2409 | 397 | return None | ||
2410 | 398 | |||
2411 | 399 | answers = dns.resolver.query(address, rtype) | ||
2412 | 400 | if answers: | ||
2413 | 401 | return str(answers[0]) | ||
2414 | 402 | return None | ||
2415 | 403 | |||
2416 | 404 | |||
2417 | 405 | def get_host_ip(hostname, fallback=None): | ||
2418 | 406 | """ | ||
2419 | 407 | Resolves the IP for a given hostname, or returns | ||
2420 | 408 | the input if it is already an IP. | ||
2421 | 409 | """ | ||
2422 | 410 | if is_ip(hostname): | ||
2423 | 411 | return hostname | ||
2424 | 412 | |||
2425 | 413 | ip_addr = ns_query(hostname) | ||
2426 | 414 | if not ip_addr: | ||
2427 | 415 | try: | ||
2428 | 416 | ip_addr = socket.gethostbyname(hostname) | ||
2429 | 417 | except: | ||
2430 | 418 | log("Failed to resolve hostname '%s'" % (hostname), | ||
2431 | 419 | level=WARNING) | ||
2432 | 420 | return fallback | ||
2433 | 421 | return ip_addr | ||
2434 | 422 | |||
2435 | 423 | |||
2436 | 424 | def get_hostname(address, fqdn=True): | ||
2437 | 425 | """ | ||
2438 | 426 | Resolves hostname for given IP, or returns the input | ||
2439 | 427 | if it is already a hostname. | ||
2440 | 428 | """ | ||
2441 | 429 | if is_ip(address): | ||
2442 | 430 | try: | ||
2443 | 431 | import dns.reversename | ||
2444 | 432 | except ImportError: | ||
2445 | 433 | apt_install("python-dnspython") | ||
2446 | 434 | import dns.reversename | ||
2447 | 435 | |||
2448 | 436 | rev = dns.reversename.from_address(address) | ||
2449 | 437 | result = ns_query(rev) | ||
2450 | 438 | if not result: | ||
2451 | 439 | return None | ||
2452 | 440 | else: | ||
2453 | 441 | result = address | ||
2454 | 442 | |||
2455 | 443 | if fqdn: | ||
2456 | 444 | # strip trailing . | ||
2457 | 445 | if result.endswith('.'): | ||
2458 | 446 | return result[:-1] | ||
2459 | 447 | else: | ||
2460 | 448 | return result | ||
2461 | 449 | else: | ||
2462 | 450 | return result.split('.')[0] | ||
2463 | 451 | 0 | ||
2464 | === removed directory 'hooks/charmhelpers/contrib/network/ovs' | |||
2465 | === removed file 'hooks/charmhelpers/contrib/network/ovs/__init__.py' | |||
2466 | --- hooks/charmhelpers/contrib/network/ovs/__init__.py 2015-01-23 11:08:26 +0000 | |||
2467 | +++ hooks/charmhelpers/contrib/network/ovs/__init__.py 1970-01-01 00:00:00 +0000 | |||
2468 | @@ -1,96 +0,0 @@ | |||
2469 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
2470 | 2 | # | ||
2471 | 3 | # This file is part of charm-helpers. | ||
2472 | 4 | # | ||
2473 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
2474 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
2475 | 7 | # published by the Free Software Foundation. | ||
2476 | 8 | # | ||
2477 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
2478 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
2479 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
2480 | 12 | # GNU Lesser General Public License for more details. | ||
2481 | 13 | # | ||
2482 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
2483 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
2484 | 16 | |||
2485 | 17 | ''' Helpers for interacting with OpenvSwitch ''' | ||
2486 | 18 | import subprocess | ||
2487 | 19 | import os | ||
2488 | 20 | from charmhelpers.core.hookenv import ( | ||
2489 | 21 | log, WARNING | ||
2490 | 22 | ) | ||
2491 | 23 | from charmhelpers.core.host import ( | ||
2492 | 24 | service | ||
2493 | 25 | ) | ||
2494 | 26 | |||
2495 | 27 | |||
2496 | 28 | def add_bridge(name): | ||
2497 | 29 | ''' Add the named bridge to openvswitch ''' | ||
2498 | 30 | log('Creating bridge {}'.format(name)) | ||
2499 | 31 | subprocess.check_call(["ovs-vsctl", "--", "--may-exist", "add-br", name]) | ||
2500 | 32 | |||
2501 | 33 | |||
2502 | 34 | def del_bridge(name): | ||
2503 | 35 | ''' Delete the named bridge from openvswitch ''' | ||
2504 | 36 | log('Deleting bridge {}'.format(name)) | ||
2505 | 37 | subprocess.check_call(["ovs-vsctl", "--", "--if-exists", "del-br", name]) | ||
2506 | 38 | |||
2507 | 39 | |||
2508 | 40 | def add_bridge_port(name, port, promisc=False): | ||
2509 | 41 | ''' Add a port to the named openvswitch bridge ''' | ||
2510 | 42 | log('Adding port {} to bridge {}'.format(port, name)) | ||
2511 | 43 | subprocess.check_call(["ovs-vsctl", "--", "--may-exist", "add-port", | ||
2512 | 44 | name, port]) | ||
2513 | 45 | subprocess.check_call(["ip", "link", "set", port, "up"]) | ||
2514 | 46 | if promisc: | ||
2515 | 47 | subprocess.check_call(["ip", "link", "set", port, "promisc", "on"]) | ||
2516 | 48 | else: | ||
2517 | 49 | subprocess.check_call(["ip", "link", "set", port, "promisc", "off"]) | ||
2518 | 50 | |||
2519 | 51 | |||
2520 | 52 | def del_bridge_port(name, port): | ||
2521 | 53 | ''' Delete a port from the named openvswitch bridge ''' | ||
2522 | 54 | log('Deleting port {} from bridge {}'.format(port, name)) | ||
2523 | 55 | subprocess.check_call(["ovs-vsctl", "--", "--if-exists", "del-port", | ||
2524 | 56 | name, port]) | ||
2525 | 57 | subprocess.check_call(["ip", "link", "set", port, "down"]) | ||
2526 | 58 | subprocess.check_call(["ip", "link", "set", port, "promisc", "off"]) | ||
2527 | 59 | |||
2528 | 60 | |||
2529 | 61 | def set_manager(manager): | ||
2530 | 62 | ''' Set the controller for the local openvswitch ''' | ||
2531 | 63 | log('Setting manager for local ovs to {}'.format(manager)) | ||
2532 | 64 | subprocess.check_call(['ovs-vsctl', 'set-manager', | ||
2533 | 65 | 'ssl:{}'.format(manager)]) | ||
2534 | 66 | |||
2535 | 67 | |||
2536 | 68 | CERT_PATH = '/etc/openvswitch/ovsclient-cert.pem' | ||
2537 | 69 | |||
2538 | 70 | |||
2539 | 71 | def get_certificate(): | ||
2540 | 72 | ''' Read openvswitch certificate from disk ''' | ||
2541 | 73 | if os.path.exists(CERT_PATH): | ||
2542 | 74 | log('Reading ovs certificate from {}'.format(CERT_PATH)) | ||
2543 | 75 | with open(CERT_PATH, 'r') as cert: | ||
2544 | 76 | full_cert = cert.read() | ||
2545 | 77 | begin_marker = "-----BEGIN CERTIFICATE-----" | ||
2546 | 78 | end_marker = "-----END CERTIFICATE-----" | ||
2547 | 79 | begin_index = full_cert.find(begin_marker) | ||
2548 | 80 | end_index = full_cert.rfind(end_marker) | ||
2549 | 81 | if end_index == -1 or begin_index == -1: | ||
2550 | 82 | raise RuntimeError("Certificate does not contain valid begin" | ||
2551 | 83 | " and end markers.") | ||
2552 | 84 | full_cert = full_cert[begin_index:(end_index + len(end_marker))] | ||
2553 | 85 | return full_cert | ||
2554 | 86 | else: | ||
2555 | 87 | log('Certificate not found', level=WARNING) | ||
2556 | 88 | return None | ||
2557 | 89 | |||
2558 | 90 | |||
2559 | 91 | def full_restart(): | ||
2560 | 92 | ''' Full restart and reload of openvswitch ''' | ||
2561 | 93 | if os.path.exists('/etc/init/openvswitch-force-reload-kmod.conf'): | ||
2562 | 94 | service('start', 'openvswitch-force-reload-kmod') | ||
2563 | 95 | else: | ||
2564 | 96 | service('force-reload-kmod', 'openvswitch-switch') | ||
2565 | 97 | 0 | ||
2566 | === removed file 'hooks/charmhelpers/contrib/network/ufw.py' | |||
2567 | --- hooks/charmhelpers/contrib/network/ufw.py 2015-03-23 18:25:01 +0000 | |||
2568 | +++ hooks/charmhelpers/contrib/network/ufw.py 1970-01-01 00:00:00 +0000 | |||
2569 | @@ -1,276 +0,0 @@ | |||
2570 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
2571 | 2 | # | ||
2572 | 3 | # This file is part of charm-helpers. | ||
2573 | 4 | # | ||
2574 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
2575 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
2576 | 7 | # published by the Free Software Foundation. | ||
2577 | 8 | # | ||
2578 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
2579 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
2580 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
2581 | 12 | # GNU Lesser General Public License for more details. | ||
2582 | 13 | # | ||
2583 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
2584 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
2585 | 16 | |||
2586 | 17 | """ | ||
2587 | 18 | This module contains helpers to add and remove ufw rules. | ||
2588 | 19 | |||
2589 | 20 | Examples: | ||
2590 | 21 | |||
2591 | 22 | - open SSH port for subnet 10.0.3.0/24: | ||
2592 | 23 | |||
2593 | 24 | >>> from charmhelpers.contrib.network import ufw | ||
2594 | 25 | >>> ufw.enable() | ||
2595 | 26 | >>> ufw.grant_access(src='10.0.3.0/24', dst='any', port='22', proto='tcp') | ||
2596 | 27 | |||
2597 | 28 | - open service by name as defined in /etc/services: | ||
2598 | 29 | |||
2599 | 30 | >>> from charmhelpers.contrib.network import ufw | ||
2600 | 31 | >>> ufw.enable() | ||
2601 | 32 | >>> ufw.service('ssh', 'open') | ||
2602 | 33 | |||
2603 | 34 | - close service by port number: | ||
2604 | 35 | |||
2605 | 36 | >>> from charmhelpers.contrib.network import ufw | ||
2606 | 37 | >>> ufw.enable() | ||
2607 | 38 | >>> ufw.service('4949', 'close') # munin | ||
2608 | 39 | """ | ||
2609 | 40 | import re | ||
2610 | 41 | import os | ||
2611 | 42 | import subprocess | ||
2612 | 43 | from charmhelpers.core import hookenv | ||
2613 | 44 | |||
2614 | 45 | __author__ = "Felipe Reyes <felipe.reyes@canonical.com>" | ||
2615 | 46 | |||
2616 | 47 | |||
2617 | 48 | class UFWError(Exception): | ||
2618 | 49 | pass | ||
2619 | 50 | |||
2620 | 51 | |||
2621 | 52 | class UFWIPv6Error(UFWError): | ||
2622 | 53 | pass | ||
2623 | 54 | |||
2624 | 55 | |||
2625 | 56 | def is_enabled(): | ||
2626 | 57 | """ | ||
2627 | 58 | Check if `ufw` is enabled | ||
2628 | 59 | |||
2629 | 60 | :returns: True if ufw is enabled | ||
2630 | 61 | """ | ||
2631 | 62 | output = subprocess.check_output(['ufw', 'status'], | ||
2632 | 63 | universal_newlines=True, | ||
2633 | 64 | env={'LANG': 'en_US', | ||
2634 | 65 | 'PATH': os.environ['PATH']}) | ||
2635 | 66 | |||
2636 | 67 | m = re.findall(r'^Status: active\n', output, re.M) | ||
2637 | 68 | |||
2638 | 69 | return len(m) >= 1 | ||
2639 | 70 | |||
2640 | 71 | |||
2641 | 72 | def is_ipv6_ok(soft_fail=False): | ||
2642 | 73 | """ | ||
2643 | 74 | Check if IPv6 support is present and ip6tables functional | ||
2644 | 75 | |||
2645 | 76 | :param soft_fail: If set to True and IPv6 support is broken, then reports | ||
2646 | 77 | that the host doesn't have IPv6 support, otherwise a | ||
2647 | 78 | UFWIPv6Error exception is raised. | ||
2648 | 79 | :returns: True if IPv6 is working, False otherwise | ||
2649 | 80 | """ | ||
2650 | 81 | |||
2651 | 82 | # do we have IPv6 in the machine? | ||
2652 | 83 | if os.path.isdir('/proc/sys/net/ipv6'): | ||
2653 | 84 | # is ip6tables kernel module loaded? | ||
2654 | 85 | lsmod = subprocess.check_output(['lsmod'], universal_newlines=True) | ||
2655 | 86 | matches = re.findall('^ip6_tables[ ]+', lsmod, re.M) | ||
2656 | 87 | if len(matches) == 0: | ||
2657 | 88 | # ip6tables support isn't complete, let's try to load it | ||
2658 | 89 | try: | ||
2659 | 90 | subprocess.check_output(['modprobe', 'ip6_tables'], | ||
2660 | 91 | universal_newlines=True) | ||
2661 | 92 | # great, we could load the module | ||
2662 | 93 | return True | ||
2663 | 94 | except subprocess.CalledProcessError as ex: | ||
2664 | 95 | hookenv.log("Couldn't load ip6_tables module: %s" % ex.output, | ||
2665 | 96 | level="WARN") | ||
2666 | 97 | # we are in a world where ip6tables isn't working | ||
2667 | 98 | if soft_fail: | ||
2668 | 99 | # so we inform that the machine doesn't have IPv6 | ||
2669 | 100 | return False | ||
2670 | 101 | else: | ||
2671 | 102 | raise UFWIPv6Error("IPv6 firewall support broken") | ||
2672 | 103 | else: | ||
2673 | 104 | # the module is present :) | ||
2674 | 105 | return True | ||
2675 | 106 | |||
2676 | 107 | else: | ||
2677 | 108 | # the system doesn't have IPv6 | ||
2678 | 109 | return False | ||
2679 | 110 | |||
2680 | 111 | |||
2681 | 112 | def disable_ipv6(): | ||
2682 | 113 | """ | ||
2683 | 114 | Disable ufw IPv6 support in /etc/default/ufw | ||
2684 | 115 | """ | ||
2685 | 116 | exit_code = subprocess.call(['sed', '-i', 's/IPV6=.*/IPV6=no/g', | ||
2686 | 117 | '/etc/default/ufw']) | ||
2687 | 118 | if exit_code == 0: | ||
2688 | 119 | hookenv.log('IPv6 support in ufw disabled', level='INFO') | ||
2689 | 120 | else: | ||
2690 | 121 | hookenv.log("Couldn't disable IPv6 support in ufw", level="ERROR") | ||
2691 | 122 | raise UFWError("Couldn't disable IPv6 support in ufw") | ||
2692 | 123 | |||
2693 | 124 | |||
2694 | 125 | def enable(soft_fail=False): | ||
2695 | 126 | """ | ||
2696 | 127 | Enable ufw | ||
2697 | 128 | |||
2698 | 129 | :param soft_fail: If set to True silently disables IPv6 support in ufw, | ||
2699 | 130 | otherwise a UFWIPv6Error exception is raised when IP6 | ||
2700 | 131 | support is broken. | ||
2701 | 132 | :returns: True if ufw is successfully enabled | ||
2702 | 133 | """ | ||
2703 | 134 | if is_enabled(): | ||
2704 | 135 | return True | ||
2705 | 136 | |||
2706 | 137 | if not is_ipv6_ok(soft_fail): | ||
2707 | 138 | disable_ipv6() | ||
2708 | 139 | |||
2709 | 140 | output = subprocess.check_output(['ufw', 'enable'], | ||
2710 | 141 | universal_newlines=True, | ||
2711 | 142 | env={'LANG': 'en_US', | ||
2712 | 143 | 'PATH': os.environ['PATH']}) | ||
2713 | 144 | |||
2714 | 145 | m = re.findall('^Firewall is active and enabled on system startup\n', | ||
2715 | 146 | output, re.M) | ||
2716 | 147 | hookenv.log(output, level='DEBUG') | ||
2717 | 148 | |||
2718 | 149 | if len(m) == 0: | ||
2719 | 150 | hookenv.log("ufw couldn't be enabled", level='WARN') | ||
2720 | 151 | return False | ||
2721 | 152 | else: | ||
2722 | 153 | hookenv.log("ufw enabled", level='INFO') | ||
2723 | 154 | return True | ||
2724 | 155 | |||
2725 | 156 | |||
2726 | 157 | def disable(): | ||
2727 | 158 | """ | ||
2728 | 159 | Disable ufw | ||
2729 | 160 | |||
2730 | 161 | :returns: True if ufw is successfully disabled | ||
2731 | 162 | """ | ||
2732 | 163 | if not is_enabled(): | ||
2733 | 164 | return True | ||
2734 | 165 | |||
2735 | 166 | output = subprocess.check_output(['ufw', 'disable'], | ||
2736 | 167 | universal_newlines=True, | ||
2737 | 168 | env={'LANG': 'en_US', | ||
2738 | 169 | 'PATH': os.environ['PATH']}) | ||
2739 | 170 | |||
2740 | 171 | m = re.findall(r'^Firewall stopped and disabled on system startup\n', | ||
2741 | 172 | output, re.M) | ||
2742 | 173 | hookenv.log(output, level='DEBUG') | ||
2743 | 174 | |||
2744 | 175 | if len(m) == 0: | ||
2745 | 176 | hookenv.log("ufw couldn't be disabled", level='WARN') | ||
2746 | 177 | return False | ||
2747 | 178 | else: | ||
2748 | 179 | hookenv.log("ufw disabled", level='INFO') | ||
2749 | 180 | return True | ||
2750 | 181 | |||
2751 | 182 | |||
2752 | 183 | def modify_access(src, dst='any', port=None, proto=None, action='allow'): | ||
2753 | 184 | """ | ||
2754 | 185 | Grant access to an address or subnet | ||
2755 | 186 | |||
2756 | 187 | :param src: address (e.g. 192.168.1.234) or subnet | ||
2757 | 188 | (e.g. 192.168.1.0/24). | ||
2758 | 189 | :param dst: destiny of the connection, if the machine has multiple IPs and | ||
2759 | 190 | connections to only one of those have to accepted this is the | ||
2760 | 191 | field has to be set. | ||
2761 | 192 | :param port: destiny port | ||
2762 | 193 | :param proto: protocol (tcp or udp) | ||
2763 | 194 | :param action: `allow` or `delete` | ||
2764 | 195 | """ | ||
2765 | 196 | if not is_enabled(): | ||
2766 | 197 | hookenv.log('ufw is disabled, skipping modify_access()', level='WARN') | ||
2767 | 198 | return | ||
2768 | 199 | |||
2769 | 200 | if action == 'delete': | ||
2770 | 201 | cmd = ['ufw', 'delete', 'allow'] | ||
2771 | 202 | else: | ||
2772 | 203 | cmd = ['ufw', action] | ||
2773 | 204 | |||
2774 | 205 | if src is not None: | ||
2775 | 206 | cmd += ['from', src] | ||
2776 | 207 | |||
2777 | 208 | if dst is not None: | ||
2778 | 209 | cmd += ['to', dst] | ||
2779 | 210 | |||
2780 | 211 | if port is not None: | ||
2781 | 212 | cmd += ['port', str(port)] | ||
2782 | 213 | |||
2783 | 214 | if proto is not None: | ||
2784 | 215 | cmd += ['proto', proto] | ||
2785 | 216 | |||
2786 | 217 | hookenv.log('ufw {}: {}'.format(action, ' '.join(cmd)), level='DEBUG') | ||
2787 | 218 | p = subprocess.Popen(cmd, stdout=subprocess.PIPE) | ||
2788 | 219 | (stdout, stderr) = p.communicate() | ||
2789 | 220 | |||
2790 | 221 | hookenv.log(stdout, level='INFO') | ||
2791 | 222 | |||
2792 | 223 | if p.returncode != 0: | ||
2793 | 224 | hookenv.log(stderr, level='ERROR') | ||
2794 | 225 | hookenv.log('Error running: {}, exit code: {}'.format(' '.join(cmd), | ||
2795 | 226 | p.returncode), | ||
2796 | 227 | level='ERROR') | ||
2797 | 228 | |||
2798 | 229 | |||
2799 | 230 | def grant_access(src, dst='any', port=None, proto=None): | ||
2800 | 231 | """ | ||
2801 | 232 | Grant access to an address or subnet | ||
2802 | 233 | |||
2803 | 234 | :param src: address (e.g. 192.168.1.234) or subnet | ||
2804 | 235 | (e.g. 192.168.1.0/24). | ||
2805 | 236 | :param dst: destiny of the connection, if the machine has multiple IPs and | ||
2806 | 237 | connections to only one of those have to accepted this is the | ||
2807 | 238 | field has to be set. | ||
2808 | 239 | :param port: destiny port | ||
2809 | 240 | :param proto: protocol (tcp or udp) | ||
2810 | 241 | """ | ||
2811 | 242 | return modify_access(src, dst=dst, port=port, proto=proto, action='allow') | ||
2812 | 243 | |||
2813 | 244 | |||
2814 | 245 | def revoke_access(src, dst='any', port=None, proto=None): | ||
2815 | 246 | """ | ||
2816 | 247 | Revoke access to an address or subnet | ||
2817 | 248 | |||
2818 | 249 | :param src: address (e.g. 192.168.1.234) or subnet | ||
2819 | 250 | (e.g. 192.168.1.0/24). | ||
2820 | 251 | :param dst: destiny of the connection, if the machine has multiple IPs and | ||
2821 | 252 | connections to only one of those have to accepted this is the | ||
2822 | 253 | field has to be set. | ||
2823 | 254 | :param port: destiny port | ||
2824 | 255 | :param proto: protocol (tcp or udp) | ||
2825 | 256 | """ | ||
2826 | 257 | return modify_access(src, dst=dst, port=port, proto=proto, action='delete') | ||
2827 | 258 | |||
2828 | 259 | |||
2829 | 260 | def service(name, action): | ||
2830 | 261 | """ | ||
2831 | 262 | Open/close access to a service | ||
2832 | 263 | |||
2833 | 264 | :param name: could be a service name defined in `/etc/services` or a port | ||
2834 | 265 | number. | ||
2835 | 266 | :param action: `open` or `close` | ||
2836 | 267 | """ | ||
2837 | 268 | if action == 'open': | ||
2838 | 269 | subprocess.check_output(['ufw', 'allow', str(name)], | ||
2839 | 270 | universal_newlines=True) | ||
2840 | 271 | elif action == 'close': | ||
2841 | 272 | subprocess.check_output(['ufw', 'delete', 'allow', str(name)], | ||
2842 | 273 | universal_newlines=True) | ||
2843 | 274 | else: | ||
2844 | 275 | raise UFWError(("'{}' not supported, use 'allow' " | ||
2845 | 276 | "or 'delete'").format(action)) | ||
2846 | 277 | 0 | ||
2847 | === removed directory 'hooks/charmhelpers/contrib/openstack' | |||
2848 | === removed file 'hooks/charmhelpers/contrib/openstack/__init__.py' | |||
2849 | --- hooks/charmhelpers/contrib/openstack/__init__.py 2015-01-23 11:08:26 +0000 | |||
2850 | +++ hooks/charmhelpers/contrib/openstack/__init__.py 1970-01-01 00:00:00 +0000 | |||
2851 | @@ -1,15 +0,0 @@ | |||
2852 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
2853 | 2 | # | ||
2854 | 3 | # This file is part of charm-helpers. | ||
2855 | 4 | # | ||
2856 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
2857 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
2858 | 7 | # published by the Free Software Foundation. | ||
2859 | 8 | # | ||
2860 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
2861 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
2862 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
2863 | 12 | # GNU Lesser General Public License for more details. | ||
2864 | 13 | # | ||
2865 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
2866 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
2867 | 16 | 0 | ||
2868 | === removed file 'hooks/charmhelpers/contrib/openstack/alternatives.py' | |||
2869 | --- hooks/charmhelpers/contrib/openstack/alternatives.py 2015-01-23 11:08:26 +0000 | |||
2870 | +++ hooks/charmhelpers/contrib/openstack/alternatives.py 1970-01-01 00:00:00 +0000 | |||
2871 | @@ -1,33 +0,0 @@ | |||
2872 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
2873 | 2 | # | ||
2874 | 3 | # This file is part of charm-helpers. | ||
2875 | 4 | # | ||
2876 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
2877 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
2878 | 7 | # published by the Free Software Foundation. | ||
2879 | 8 | # | ||
2880 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
2881 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
2882 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
2883 | 12 | # GNU Lesser General Public License for more details. | ||
2884 | 13 | # | ||
2885 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
2886 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
2887 | 16 | |||
2888 | 17 | ''' Helper for managing alternatives for file conflict resolution ''' | ||
2889 | 18 | |||
2890 | 19 | import subprocess | ||
2891 | 20 | import shutil | ||
2892 | 21 | import os | ||
2893 | 22 | |||
2894 | 23 | |||
2895 | 24 | def install_alternative(name, target, source, priority=50): | ||
2896 | 25 | ''' Install alternative configuration ''' | ||
2897 | 26 | if (os.path.exists(target) and not os.path.islink(target)): | ||
2898 | 27 | # Move existing file/directory away before installing | ||
2899 | 28 | shutil.move(target, '{}.bak'.format(target)) | ||
2900 | 29 | cmd = [ | ||
2901 | 30 | 'update-alternatives', '--force', '--install', | ||
2902 | 31 | target, name, source, str(priority) | ||
2903 | 32 | ] | ||
2904 | 33 | subprocess.check_call(cmd) | ||
2905 | 34 | 0 | ||
2906 | === removed directory 'hooks/charmhelpers/contrib/openstack/amulet' | |||
2907 | === removed file 'hooks/charmhelpers/contrib/openstack/amulet/__init__.py' | |||
2908 | --- hooks/charmhelpers/contrib/openstack/amulet/__init__.py 2015-01-23 11:08:26 +0000 | |||
2909 | +++ hooks/charmhelpers/contrib/openstack/amulet/__init__.py 1970-01-01 00:00:00 +0000 | |||
2910 | @@ -1,15 +0,0 @@ | |||
2911 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
2912 | 2 | # | ||
2913 | 3 | # This file is part of charm-helpers. | ||
2914 | 4 | # | ||
2915 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
2916 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
2917 | 7 | # published by the Free Software Foundation. | ||
2918 | 8 | # | ||
2919 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
2920 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
2921 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
2922 | 12 | # GNU Lesser General Public License for more details. | ||
2923 | 13 | # | ||
2924 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
2925 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
2926 | 16 | 0 | ||
2927 | === removed file 'hooks/charmhelpers/contrib/openstack/amulet/deployment.py' | |||
2928 | --- hooks/charmhelpers/contrib/openstack/amulet/deployment.py 2015-04-23 14:54:24 +0000 | |||
2929 | +++ hooks/charmhelpers/contrib/openstack/amulet/deployment.py 1970-01-01 00:00:00 +0000 | |||
2930 | @@ -1,146 +0,0 @@ | |||
2931 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
2932 | 2 | # | ||
2933 | 3 | # This file is part of charm-helpers. | ||
2934 | 4 | # | ||
2935 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
2936 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
2937 | 7 | # published by the Free Software Foundation. | ||
2938 | 8 | # | ||
2939 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
2940 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
2941 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
2942 | 12 | # GNU Lesser General Public License for more details. | ||
2943 | 13 | # | ||
2944 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
2945 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
2946 | 16 | |||
2947 | 17 | import six | ||
2948 | 18 | from collections import OrderedDict | ||
2949 | 19 | from charmhelpers.contrib.amulet.deployment import ( | ||
2950 | 20 | AmuletDeployment | ||
2951 | 21 | ) | ||
2952 | 22 | |||
2953 | 23 | |||
2954 | 24 | class OpenStackAmuletDeployment(AmuletDeployment): | ||
2955 | 25 | """OpenStack amulet deployment. | ||
2956 | 26 | |||
2957 | 27 | This class inherits from AmuletDeployment and has additional support | ||
2958 | 28 | that is specifically for use by OpenStack charms. | ||
2959 | 29 | """ | ||
2960 | 30 | |||
2961 | 31 | def __init__(self, series=None, openstack=None, source=None, stable=True): | ||
2962 | 32 | """Initialize the deployment environment.""" | ||
2963 | 33 | super(OpenStackAmuletDeployment, self).__init__(series) | ||
2964 | 34 | self.openstack = openstack | ||
2965 | 35 | self.source = source | ||
2966 | 36 | self.stable = stable | ||
2967 | 37 | # Note(coreycb): this needs to be changed when new next branches come | ||
2968 | 38 | # out. | ||
2969 | 39 | self.current_next = "trusty" | ||
2970 | 40 | |||
2971 | 41 | def _determine_branch_locations(self, other_services): | ||
2972 | 42 | """Determine the branch locations for the other services. | ||
2973 | 43 | |||
2974 | 44 | Determine if the local branch being tested is derived from its | ||
2975 | 45 | stable or next (dev) branch, and based on this, use the corresonding | ||
2976 | 46 | stable or next branches for the other_services.""" | ||
2977 | 47 | base_charms = ['mysql', 'mongodb'] | ||
2978 | 48 | |||
2979 | 49 | if self.series in ['precise', 'trusty']: | ||
2980 | 50 | base_series = self.series | ||
2981 | 51 | else: | ||
2982 | 52 | base_series = self.current_next | ||
2983 | 53 | |||
2984 | 54 | if self.stable: | ||
2985 | 55 | for svc in other_services: | ||
2986 | 56 | temp = 'lp:charms/{}/{}' | ||
2987 | 57 | svc['location'] = temp.format(base_series, | ||
2988 | 58 | svc['name']) | ||
2989 | 59 | else: | ||
2990 | 60 | for svc in other_services: | ||
2991 | 61 | if svc['name'] in base_charms: | ||
2992 | 62 | temp = 'lp:charms/{}/{}' | ||
2993 | 63 | svc['location'] = temp.format(base_series, | ||
2994 | 64 | svc['name']) | ||
2995 | 65 | else: | ||
2996 | 66 | temp = 'lp:~openstack-charmers/charms/{}/{}/next' | ||
2997 | 67 | svc['location'] = temp.format(self.current_next, | ||
2998 | 68 | svc['name']) | ||
2999 | 69 | return other_services | ||
3000 | 70 | |||
3001 | 71 | def _add_services(self, this_service, other_services): | ||
3002 | 72 | """Add services to the deployment and set openstack-origin/source.""" | ||
3003 | 73 | other_services = self._determine_branch_locations(other_services) | ||
3004 | 74 | |||
3005 | 75 | super(OpenStackAmuletDeployment, self)._add_services(this_service, | ||
3006 | 76 | other_services) | ||
3007 | 77 | |||
3008 | 78 | services = other_services | ||
3009 | 79 | services.append(this_service) | ||
3010 | 80 | use_source = ['mysql', 'mongodb', 'rabbitmq-server', 'ceph', | ||
3011 | 81 | 'ceph-osd', 'ceph-radosgw'] | ||
3012 | 82 | # Openstack subordinate charms do not expose an origin option as that | ||
3013 | 83 | # is controlled by the principle | ||
3014 | 84 | ignore = ['neutron-openvswitch'] | ||
3015 | 85 | |||
3016 | 86 | if self.openstack: | ||
3017 | 87 | for svc in services: | ||
3018 | 88 | if svc['name'] not in use_source + ignore: | ||
3019 | 89 | config = {'openstack-origin': self.openstack} | ||
3020 | 90 | self.d.configure(svc['name'], config) | ||
3021 | 91 | |||
3022 | 92 | if self.source: | ||
3023 | 93 | for svc in services: | ||
3024 | 94 | if svc['name'] in use_source and svc['name'] not in ignore: | ||
3025 | 95 | config = {'source': self.source} | ||
3026 | 96 | self.d.configure(svc['name'], config) | ||
3027 | 97 | |||
3028 | 98 | def _configure_services(self, configs): | ||
3029 | 99 | """Configure all of the services.""" | ||
3030 | 100 | for service, config in six.iteritems(configs): | ||
3031 | 101 | self.d.configure(service, config) | ||
3032 | 102 | |||
3033 | 103 | def _get_openstack_release(self): | ||
3034 | 104 | """Get openstack release. | ||
3035 | 105 | |||
3036 | 106 | Return an integer representing the enum value of the openstack | ||
3037 | 107 | release. | ||
3038 | 108 | """ | ||
3039 | 109 | # Must be ordered by OpenStack release (not by Ubuntu release): | ||
3040 | 110 | (self.precise_essex, self.precise_folsom, self.precise_grizzly, | ||
3041 | 111 | self.precise_havana, self.precise_icehouse, | ||
3042 | 112 | self.trusty_icehouse, self.trusty_juno, self.utopic_juno, | ||
3043 | 113 | self.trusty_kilo, self.vivid_kilo) = range(10) | ||
3044 | 114 | |||
3045 | 115 | releases = { | ||
3046 | 116 | ('precise', None): self.precise_essex, | ||
3047 | 117 | ('precise', 'cloud:precise-folsom'): self.precise_folsom, | ||
3048 | 118 | ('precise', 'cloud:precise-grizzly'): self.precise_grizzly, | ||
3049 | 119 | ('precise', 'cloud:precise-havana'): self.precise_havana, | ||
3050 | 120 | ('precise', 'cloud:precise-icehouse'): self.precise_icehouse, | ||
3051 | 121 | ('trusty', None): self.trusty_icehouse, | ||
3052 | 122 | ('trusty', 'cloud:trusty-juno'): self.trusty_juno, | ||
3053 | 123 | ('trusty', 'cloud:trusty-kilo'): self.trusty_kilo, | ||
3054 | 124 | ('utopic', None): self.utopic_juno, | ||
3055 | 125 | ('vivid', None): self.vivid_kilo} | ||
3056 | 126 | return releases[(self.series, self.openstack)] | ||
3057 | 127 | |||
3058 | 128 | def _get_openstack_release_string(self): | ||
3059 | 129 | """Get openstack release string. | ||
3060 | 130 | |||
3061 | 131 | Return a string representing the openstack release. | ||
3062 | 132 | """ | ||
3063 | 133 | releases = OrderedDict([ | ||
3064 | 134 | ('precise', 'essex'), | ||
3065 | 135 | ('quantal', 'folsom'), | ||
3066 | 136 | ('raring', 'grizzly'), | ||
3067 | 137 | ('saucy', 'havana'), | ||
3068 | 138 | ('trusty', 'icehouse'), | ||
3069 | 139 | ('utopic', 'juno'), | ||
3070 | 140 | ('vivid', 'kilo'), | ||
3071 | 141 | ]) | ||
3072 | 142 | if self.openstack: | ||
3073 | 143 | os_origin = self.openstack.split(':')[1] | ||
3074 | 144 | return os_origin.split('%s-' % self.series)[1].split('/')[0] | ||
3075 | 145 | else: | ||
3076 | 146 | return releases[self.series] | ||
3077 | 147 | 0 | ||
3078 | === removed file 'hooks/charmhelpers/contrib/openstack/amulet/utils.py' | |||
3079 | --- hooks/charmhelpers/contrib/openstack/amulet/utils.py 2015-03-31 15:13:53 +0000 | |||
3080 | +++ hooks/charmhelpers/contrib/openstack/amulet/utils.py 1970-01-01 00:00:00 +0000 | |||
3081 | @@ -1,294 +0,0 @@ | |||
3082 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
3083 | 2 | # | ||
3084 | 3 | # This file is part of charm-helpers. | ||
3085 | 4 | # | ||
3086 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
3087 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
3088 | 7 | # published by the Free Software Foundation. | ||
3089 | 8 | # | ||
3090 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
3091 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
3092 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
3093 | 12 | # GNU Lesser General Public License for more details. | ||
3094 | 13 | # | ||
3095 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
3096 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
3097 | 16 | |||
3098 | 17 | import logging | ||
3099 | 18 | import os | ||
3100 | 19 | import time | ||
3101 | 20 | import urllib | ||
3102 | 21 | |||
3103 | 22 | import glanceclient.v1.client as glance_client | ||
3104 | 23 | import keystoneclient.v2_0 as keystone_client | ||
3105 | 24 | import novaclient.v1_1.client as nova_client | ||
3106 | 25 | |||
3107 | 26 | import six | ||
3108 | 27 | |||
3109 | 28 | from charmhelpers.contrib.amulet.utils import ( | ||
3110 | 29 | AmuletUtils | ||
3111 | 30 | ) | ||
3112 | 31 | |||
3113 | 32 | DEBUG = logging.DEBUG | ||
3114 | 33 | ERROR = logging.ERROR | ||
3115 | 34 | |||
3116 | 35 | |||
3117 | 36 | class OpenStackAmuletUtils(AmuletUtils): | ||
3118 | 37 | """OpenStack amulet utilities. | ||
3119 | 38 | |||
3120 | 39 | This class inherits from AmuletUtils and has additional support | ||
3121 | 40 | that is specifically for use by OpenStack charms. | ||
3122 | 41 | """ | ||
3123 | 42 | |||
3124 | 43 | def __init__(self, log_level=ERROR): | ||
3125 | 44 | """Initialize the deployment environment.""" | ||
3126 | 45 | super(OpenStackAmuletUtils, self).__init__(log_level) | ||
3127 | 46 | |||
3128 | 47 | def validate_endpoint_data(self, endpoints, admin_port, internal_port, | ||
3129 | 48 | public_port, expected): | ||
3130 | 49 | """Validate endpoint data. | ||
3131 | 50 | |||
3132 | 51 | Validate actual endpoint data vs expected endpoint data. The ports | ||
3133 | 52 | are used to find the matching endpoint. | ||
3134 | 53 | """ | ||
3135 | 54 | found = False | ||
3136 | 55 | for ep in endpoints: | ||
3137 | 56 | self.log.debug('endpoint: {}'.format(repr(ep))) | ||
3138 | 57 | if (admin_port in ep.adminurl and | ||
3139 | 58 | internal_port in ep.internalurl and | ||
3140 | 59 | public_port in ep.publicurl): | ||
3141 | 60 | found = True | ||
3142 | 61 | actual = {'id': ep.id, | ||
3143 | 62 | 'region': ep.region, | ||
3144 | 63 | 'adminurl': ep.adminurl, | ||
3145 | 64 | 'internalurl': ep.internalurl, | ||
3146 | 65 | 'publicurl': ep.publicurl, | ||
3147 | 66 | 'service_id': ep.service_id} | ||
3148 | 67 | ret = self._validate_dict_data(expected, actual) | ||
3149 | 68 | if ret: | ||
3150 | 69 | return 'unexpected endpoint data - {}'.format(ret) | ||
3151 | 70 | |||
3152 | 71 | if not found: | ||
3153 | 72 | return 'endpoint not found' | ||
3154 | 73 | |||
3155 | 74 | def validate_svc_catalog_endpoint_data(self, expected, actual): | ||
3156 | 75 | """Validate service catalog endpoint data. | ||
3157 | 76 | |||
3158 | 77 | Validate a list of actual service catalog endpoints vs a list of | ||
3159 | 78 | expected service catalog endpoints. | ||
3160 | 79 | """ | ||
3161 | 80 | self.log.debug('actual: {}'.format(repr(actual))) | ||
3162 | 81 | for k, v in six.iteritems(expected): | ||
3163 | 82 | if k in actual: | ||
3164 | 83 | ret = self._validate_dict_data(expected[k][0], actual[k][0]) | ||
3165 | 84 | if ret: | ||
3166 | 85 | return self.endpoint_error(k, ret) | ||
3167 | 86 | else: | ||
3168 | 87 | return "endpoint {} does not exist".format(k) | ||
3169 | 88 | return ret | ||
3170 | 89 | |||
3171 | 90 | def validate_tenant_data(self, expected, actual): | ||
3172 | 91 | """Validate tenant data. | ||
3173 | 92 | |||
3174 | 93 | Validate a list of actual tenant data vs list of expected tenant | ||
3175 | 94 | data. | ||
3176 | 95 | """ | ||
3177 | 96 | self.log.debug('actual: {}'.format(repr(actual))) | ||
3178 | 97 | for e in expected: | ||
3179 | 98 | found = False | ||
3180 | 99 | for act in actual: | ||
3181 | 100 | a = {'enabled': act.enabled, 'description': act.description, | ||
3182 | 101 | 'name': act.name, 'id': act.id} | ||
3183 | 102 | if e['name'] == a['name']: | ||
3184 | 103 | found = True | ||
3185 | 104 | ret = self._validate_dict_data(e, a) | ||
3186 | 105 | if ret: | ||
3187 | 106 | return "unexpected tenant data - {}".format(ret) | ||
3188 | 107 | if not found: | ||
3189 | 108 | return "tenant {} does not exist".format(e['name']) | ||
3190 | 109 | return ret | ||
3191 | 110 | |||
3192 | 111 | def validate_role_data(self, expected, actual): | ||
3193 | 112 | """Validate role data. | ||
3194 | 113 | |||
3195 | 114 | Validate a list of actual role data vs a list of expected role | ||
3196 | 115 | data. | ||
3197 | 116 | """ | ||
3198 | 117 | self.log.debug('actual: {}'.format(repr(actual))) | ||
3199 | 118 | for e in expected: | ||
3200 | 119 | found = False | ||
3201 | 120 | for act in actual: | ||
3202 | 121 | a = {'name': act.name, 'id': act.id} | ||
3203 | 122 | if e['name'] == a['name']: | ||
3204 | 123 | found = True | ||
3205 | 124 | ret = self._validate_dict_data(e, a) | ||
3206 | 125 | if ret: | ||
3207 | 126 | return "unexpected role data - {}".format(ret) | ||
3208 | 127 | if not found: | ||
3209 | 128 | return "role {} does not exist".format(e['name']) | ||
3210 | 129 | return ret | ||
3211 | 130 | |||
3212 | 131 | def validate_user_data(self, expected, actual): | ||
3213 | 132 | """Validate user data. | ||
3214 | 133 | |||
3215 | 134 | Validate a list of actual user data vs a list of expected user | ||
3216 | 135 | data. | ||
3217 | 136 | """ | ||
3218 | 137 | self.log.debug('actual: {}'.format(repr(actual))) | ||
3219 | 138 | for e in expected: | ||
3220 | 139 | found = False | ||
3221 | 140 | for act in actual: | ||
3222 | 141 | a = {'enabled': act.enabled, 'name': act.name, | ||
3223 | 142 | 'email': act.email, 'tenantId': act.tenantId, | ||
3224 | 143 | 'id': act.id} | ||
3225 | 144 | if e['name'] == a['name']: | ||
3226 | 145 | found = True | ||
3227 | 146 | ret = self._validate_dict_data(e, a) | ||
3228 | 147 | if ret: | ||
3229 | 148 | return "unexpected user data - {}".format(ret) | ||
3230 | 149 | if not found: | ||
3231 | 150 | return "user {} does not exist".format(e['name']) | ||
3232 | 151 | return ret | ||
3233 | 152 | |||
3234 | 153 | def validate_flavor_data(self, expected, actual): | ||
3235 | 154 | """Validate flavor data. | ||
3236 | 155 | |||
3237 | 156 | Validate a list of actual flavors vs a list of expected flavors. | ||
3238 | 157 | """ | ||
3239 | 158 | self.log.debug('actual: {}'.format(repr(actual))) | ||
3240 | 159 | act = [a.name for a in actual] | ||
3241 | 160 | return self._validate_list_data(expected, act) | ||
3242 | 161 | |||
3243 | 162 | def tenant_exists(self, keystone, tenant): | ||
3244 | 163 | """Return True if tenant exists.""" | ||
3245 | 164 | return tenant in [t.name for t in keystone.tenants.list()] | ||
3246 | 165 | |||
3247 | 166 | def authenticate_keystone_admin(self, keystone_sentry, user, password, | ||
3248 | 167 | tenant): | ||
3249 | 168 | """Authenticates admin user with the keystone admin endpoint.""" | ||
3250 | 169 | unit = keystone_sentry | ||
3251 | 170 | service_ip = unit.relation('shared-db', | ||
3252 | 171 | 'mysql:shared-db')['private-address'] | ||
3253 | 172 | ep = "http://{}:35357/v2.0".format(service_ip.strip().decode('utf-8')) | ||
3254 | 173 | return keystone_client.Client(username=user, password=password, | ||
3255 | 174 | tenant_name=tenant, auth_url=ep) | ||
3256 | 175 | |||
3257 | 176 | def authenticate_keystone_user(self, keystone, user, password, tenant): | ||
3258 | 177 | """Authenticates a regular user with the keystone public endpoint.""" | ||
3259 | 178 | ep = keystone.service_catalog.url_for(service_type='identity', | ||
3260 | 179 | endpoint_type='publicURL') | ||
3261 | 180 | return keystone_client.Client(username=user, password=password, | ||
3262 | 181 | tenant_name=tenant, auth_url=ep) | ||
3263 | 182 | |||
3264 | 183 | def authenticate_glance_admin(self, keystone): | ||
3265 | 184 | """Authenticates admin user with glance.""" | ||
3266 | 185 | ep = keystone.service_catalog.url_for(service_type='image', | ||
3267 | 186 | endpoint_type='adminURL') | ||
3268 | 187 | return glance_client.Client(ep, token=keystone.auth_token) | ||
3269 | 188 | |||
3270 | 189 | def authenticate_nova_user(self, keystone, user, password, tenant): | ||
3271 | 190 | """Authenticates a regular user with nova-api.""" | ||
3272 | 191 | ep = keystone.service_catalog.url_for(service_type='identity', | ||
3273 | 192 | endpoint_type='publicURL') | ||
3274 | 193 | return nova_client.Client(username=user, api_key=password, | ||
3275 | 194 | project_id=tenant, auth_url=ep) | ||
3276 | 195 | |||
3277 | 196 | def create_cirros_image(self, glance, image_name): | ||
3278 | 197 | """Download the latest cirros image and upload it to glance.""" | ||
3279 | 198 | http_proxy = os.getenv('AMULET_HTTP_PROXY') | ||
3280 | 199 | self.log.debug('AMULET_HTTP_PROXY: {}'.format(http_proxy)) | ||
3281 | 200 | if http_proxy: | ||
3282 | 201 | proxies = {'http': http_proxy} | ||
3283 | 202 | opener = urllib.FancyURLopener(proxies) | ||
3284 | 203 | else: | ||
3285 | 204 | opener = urllib.FancyURLopener() | ||
3286 | 205 | |||
3287 | 206 | f = opener.open("http://download.cirros-cloud.net/version/released") | ||
3288 | 207 | version = f.read().strip() | ||
3289 | 208 | cirros_img = "cirros-{}-x86_64-disk.img".format(version) | ||
3290 | 209 | local_path = os.path.join('tests', cirros_img) | ||
3291 | 210 | |||
3292 | 211 | if not os.path.exists(local_path): | ||
3293 | 212 | cirros_url = "http://{}/{}/{}".format("download.cirros-cloud.net", | ||
3294 | 213 | version, cirros_img) | ||
3295 | 214 | opener.retrieve(cirros_url, local_path) | ||
3296 | 215 | f.close() | ||
3297 | 216 | |||
3298 | 217 | with open(local_path) as f: | ||
3299 | 218 | image = glance.images.create(name=image_name, is_public=True, | ||
3300 | 219 | disk_format='qcow2', | ||
3301 | 220 | container_format='bare', data=f) | ||
3302 | 221 | count = 1 | ||
3303 | 222 | status = image.status | ||
3304 | 223 | while status != 'active' and count < 10: | ||
3305 | 224 | time.sleep(3) | ||
3306 | 225 | image = glance.images.get(image.id) | ||
3307 | 226 | status = image.status | ||
3308 | 227 | self.log.debug('image status: {}'.format(status)) | ||
3309 | 228 | count += 1 | ||
3310 | 229 | |||
3311 | 230 | if status != 'active': | ||
3312 | 231 | self.log.error('image creation timed out') | ||
3313 | 232 | return None | ||
3314 | 233 | |||
3315 | 234 | return image | ||
3316 | 235 | |||
3317 | 236 | def delete_image(self, glance, image): | ||
3318 | 237 | """Delete the specified image.""" | ||
3319 | 238 | num_before = len(list(glance.images.list())) | ||
3320 | 239 | glance.images.delete(image) | ||
3321 | 240 | |||
3322 | 241 | count = 1 | ||
3323 | 242 | num_after = len(list(glance.images.list())) | ||
3324 | 243 | while num_after != (num_before - 1) and count < 10: | ||
3325 | 244 | time.sleep(3) | ||
3326 | 245 | num_after = len(list(glance.images.list())) | ||
3327 | 246 | self.log.debug('number of images: {}'.format(num_after)) | ||
3328 | 247 | count += 1 | ||
3329 | 248 | |||
3330 | 249 | if num_after != (num_before - 1): | ||
3331 | 250 | self.log.error('image deletion timed out') | ||
3332 | 251 | return False | ||
3333 | 252 | |||
3334 | 253 | return True | ||
3335 | 254 | |||
3336 | 255 | def create_instance(self, nova, image_name, instance_name, flavor): | ||
3337 | 256 | """Create the specified instance.""" | ||
3338 | 257 | image = nova.images.find(name=image_name) | ||
3339 | 258 | flavor = nova.flavors.find(name=flavor) | ||
3340 | 259 | instance = nova.servers.create(name=instance_name, image=image, | ||
3341 | 260 | flavor=flavor) | ||
3342 | 261 | |||
3343 | 262 | count = 1 | ||
3344 | 263 | status = instance.status | ||
3345 | 264 | while status != 'ACTIVE' and count < 60: | ||
3346 | 265 | time.sleep(3) | ||
3347 | 266 | instance = nova.servers.get(instance.id) | ||
3348 | 267 | status = instance.status | ||
3349 | 268 | self.log.debug('instance status: {}'.format(status)) | ||
3350 | 269 | count += 1 | ||
3351 | 270 | |||
3352 | 271 | if status != 'ACTIVE': | ||
3353 | 272 | self.log.error('instance creation timed out') | ||
3354 | 273 | return None | ||
3355 | 274 | |||
3356 | 275 | return instance | ||
3357 | 276 | |||
3358 | 277 | def delete_instance(self, nova, instance): | ||
3359 | 278 | """Delete the specified instance.""" | ||
3360 | 279 | num_before = len(list(nova.servers.list())) | ||
3361 | 280 | nova.servers.delete(instance) | ||
3362 | 281 | |||
3363 | 282 | count = 1 | ||
3364 | 283 | num_after = len(list(nova.servers.list())) | ||
3365 | 284 | while num_after != (num_before - 1) and count < 10: | ||
3366 | 285 | time.sleep(3) | ||
3367 | 286 | num_after = len(list(nova.servers.list())) | ||
3368 | 287 | self.log.debug('number of instances: {}'.format(num_after)) | ||
3369 | 288 | count += 1 | ||
3370 | 289 | |||
3371 | 290 | if num_after != (num_before - 1): | ||
3372 | 291 | self.log.error('instance deletion timed out') | ||
3373 | 292 | return False | ||
3374 | 293 | |||
3375 | 294 | return True | ||
3376 | 295 | 0 | ||
3377 | === removed file 'hooks/charmhelpers/contrib/openstack/context.py' | |||
3378 | --- hooks/charmhelpers/contrib/openstack/context.py 2015-04-16 21:35:13 +0000 | |||
3379 | +++ hooks/charmhelpers/contrib/openstack/context.py 1970-01-01 00:00:00 +0000 | |||
3380 | @@ -1,1328 +0,0 @@ | |||
3381 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
3382 | 2 | # | ||
3383 | 3 | # This file is part of charm-helpers. | ||
3384 | 4 | # | ||
3385 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
3386 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
3387 | 7 | # published by the Free Software Foundation. | ||
3388 | 8 | # | ||
3389 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
3390 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
3391 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
3392 | 12 | # GNU Lesser General Public License for more details. | ||
3393 | 13 | # | ||
3394 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
3395 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
3396 | 16 | |||
3397 | 17 | import json | ||
3398 | 18 | import os | ||
3399 | 19 | import re | ||
3400 | 20 | import time | ||
3401 | 21 | from base64 import b64decode | ||
3402 | 22 | from subprocess import check_call | ||
3403 | 23 | |||
3404 | 24 | import six | ||
3405 | 25 | import yaml | ||
3406 | 26 | |||
3407 | 27 | from charmhelpers.fetch import ( | ||
3408 | 28 | apt_install, | ||
3409 | 29 | filter_installed_packages, | ||
3410 | 30 | ) | ||
3411 | 31 | from charmhelpers.core.hookenv import ( | ||
3412 | 32 | config, | ||
3413 | 33 | is_relation_made, | ||
3414 | 34 | local_unit, | ||
3415 | 35 | log, | ||
3416 | 36 | relation_get, | ||
3417 | 37 | relation_ids, | ||
3418 | 38 | related_units, | ||
3419 | 39 | relation_set, | ||
3420 | 40 | unit_get, | ||
3421 | 41 | unit_private_ip, | ||
3422 | 42 | charm_name, | ||
3423 | 43 | DEBUG, | ||
3424 | 44 | INFO, | ||
3425 | 45 | WARNING, | ||
3426 | 46 | ERROR, | ||
3427 | 47 | ) | ||
3428 | 48 | |||
3429 | 49 | from charmhelpers.core.sysctl import create as sysctl_create | ||
3430 | 50 | from charmhelpers.core.strutils import bool_from_string | ||
3431 | 51 | |||
3432 | 52 | from charmhelpers.core.host import ( | ||
3433 | 53 | list_nics, | ||
3434 | 54 | get_nic_hwaddr, | ||
3435 | 55 | mkdir, | ||
3436 | 56 | write_file, | ||
3437 | 57 | ) | ||
3438 | 58 | from charmhelpers.contrib.hahelpers.cluster import ( | ||
3439 | 59 | determine_apache_port, | ||
3440 | 60 | determine_api_port, | ||
3441 | 61 | https, | ||
3442 | 62 | is_clustered, | ||
3443 | 63 | ) | ||
3444 | 64 | from charmhelpers.contrib.hahelpers.apache import ( | ||
3445 | 65 | get_cert, | ||
3446 | 66 | get_ca_cert, | ||
3447 | 67 | install_ca_cert, | ||
3448 | 68 | ) | ||
3449 | 69 | from charmhelpers.contrib.openstack.neutron import ( | ||
3450 | 70 | neutron_plugin_attribute, | ||
3451 | 71 | parse_data_port_mappings, | ||
3452 | 72 | ) | ||
3453 | 73 | from charmhelpers.contrib.openstack.ip import ( | ||
3454 | 74 | resolve_address, | ||
3455 | 75 | INTERNAL, | ||
3456 | 76 | ) | ||
3457 | 77 | from charmhelpers.contrib.network.ip import ( | ||
3458 | 78 | get_address_in_network, | ||
3459 | 79 | get_ipv4_addr, | ||
3460 | 80 | get_ipv6_addr, | ||
3461 | 81 | get_netmask_for_address, | ||
3462 | 82 | format_ipv6_addr, | ||
3463 | 83 | is_address_in_network, | ||
3464 | 84 | is_bridge_member, | ||
3465 | 85 | ) | ||
3466 | 86 | from charmhelpers.contrib.openstack.utils import get_host_ip | ||
3467 | 87 | CA_CERT_PATH = '/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt' | ||
3468 | 88 | ADDRESS_TYPES = ['admin', 'internal', 'public'] | ||
3469 | 89 | |||
3470 | 90 | |||
3471 | 91 | class OSContextError(Exception): | ||
3472 | 92 | pass | ||
3473 | 93 | |||
3474 | 94 | |||
3475 | 95 | def ensure_packages(packages): | ||
3476 | 96 | """Install but do not upgrade required plugin packages.""" | ||
3477 | 97 | required = filter_installed_packages(packages) | ||
3478 | 98 | if required: | ||
3479 | 99 | apt_install(required, fatal=True) | ||
3480 | 100 | |||
3481 | 101 | |||
3482 | 102 | def context_complete(ctxt): | ||
3483 | 103 | _missing = [] | ||
3484 | 104 | for k, v in six.iteritems(ctxt): | ||
3485 | 105 | if v is None or v == '': | ||
3486 | 106 | _missing.append(k) | ||
3487 | 107 | |||
3488 | 108 | if _missing: | ||
3489 | 109 | log('Missing required data: %s' % ' '.join(_missing), level=INFO) | ||
3490 | 110 | return False | ||
3491 | 111 | |||
3492 | 112 | return True | ||
3493 | 113 | |||
3494 | 114 | |||
3495 | 115 | def config_flags_parser(config_flags): | ||
3496 | 116 | """Parses config flags string into dict. | ||
3497 | 117 | |||
3498 | 118 | This parsing method supports a few different formats for the config | ||
3499 | 119 | flag values to be parsed: | ||
3500 | 120 | |||
3501 | 121 | 1. A string in the simple format of key=value pairs, with the possibility | ||
3502 | 122 | of specifying multiple key value pairs within the same string. For | ||
3503 | 123 | example, a string in the format of 'key1=value1, key2=value2' will | ||
3504 | 124 | return a dict of: | ||
3505 | 125 | {'key1': 'value1', | ||
3506 | 126 | 'key2': 'value2'}. | ||
3507 | 127 | |||
3508 | 128 | 2. A string in the above format, but supporting a comma-delimited list | ||
3509 | 129 | of values for the same key. For example, a string in the format of | ||
3510 | 130 | 'key1=value1, key2=value3,value4,value5' will return a dict of: | ||
3511 | 131 | {'key1', 'value1', | ||
3512 | 132 | 'key2', 'value2,value3,value4'} | ||
3513 | 133 | |||
3514 | 134 | 3. A string containing a colon character (:) prior to an equal | ||
3515 | 135 | character (=) will be treated as yaml and parsed as such. This can be | ||
3516 | 136 | used to specify more complex key value pairs. For example, | ||
3517 | 137 | a string in the format of 'key1: subkey1=value1, subkey2=value2' will | ||
3518 | 138 | return a dict of: | ||
3519 | 139 | {'key1', 'subkey1=value1, subkey2=value2'} | ||
3520 | 140 | |||
3521 | 141 | The provided config_flags string may be a list of comma-separated values | ||
3522 | 142 | which themselves may be comma-separated list of values. | ||
3523 | 143 | """ | ||
3524 | 144 | # If we find a colon before an equals sign then treat it as yaml. | ||
3525 | 145 | # Note: limit it to finding the colon first since this indicates assignment | ||
3526 | 146 | # for inline yaml. | ||
3527 | 147 | colon = config_flags.find(':') | ||
3528 | 148 | equals = config_flags.find('=') | ||
3529 | 149 | if colon > 0: | ||
3530 | 150 | if colon < equals or equals < 0: | ||
3531 | 151 | return yaml.safe_load(config_flags) | ||
3532 | 152 | |||
3533 | 153 | if config_flags.find('==') >= 0: | ||
3534 | 154 | log("config_flags is not in expected format (key=value)", level=ERROR) | ||
3535 | 155 | raise OSContextError | ||
3536 | 156 | |||
3537 | 157 | # strip the following from each value. | ||
3538 | 158 | post_strippers = ' ,' | ||
3539 | 159 | # we strip any leading/trailing '=' or ' ' from the string then | ||
3540 | 160 | # split on '='. | ||
3541 | 161 | split = config_flags.strip(' =').split('=') | ||
3542 | 162 | limit = len(split) | ||
3543 | 163 | flags = {} | ||
3544 | 164 | for i in range(0, limit - 1): | ||
3545 | 165 | current = split[i] | ||
3546 | 166 | next = split[i + 1] | ||
3547 | 167 | vindex = next.rfind(',') | ||
3548 | 168 | if (i == limit - 2) or (vindex < 0): | ||
3549 | 169 | value = next | ||
3550 | 170 | else: | ||
3551 | 171 | value = next[:vindex] | ||
3552 | 172 | |||
3553 | 173 | if i == 0: | ||
3554 | 174 | key = current | ||
3555 | 175 | else: | ||
3556 | 176 | # if this not the first entry, expect an embedded key. | ||
3557 | 177 | index = current.rfind(',') | ||
3558 | 178 | if index < 0: | ||
3559 | 179 | log("Invalid config value(s) at index %s" % (i), level=ERROR) | ||
3560 | 180 | raise OSContextError | ||
3561 | 181 | key = current[index + 1:] | ||
3562 | 182 | |||
3563 | 183 | # Add to collection. | ||
3564 | 184 | flags[key.strip(post_strippers)] = value.rstrip(post_strippers) | ||
3565 | 185 | |||
3566 | 186 | return flags | ||
3567 | 187 | |||
3568 | 188 | |||
3569 | 189 | class OSContextGenerator(object): | ||
3570 | 190 | """Base class for all context generators.""" | ||
3571 | 191 | interfaces = [] | ||
3572 | 192 | |||
3573 | 193 | def __call__(self): | ||
3574 | 194 | raise NotImplementedError | ||
3575 | 195 | |||
3576 | 196 | |||
3577 | 197 | class SharedDBContext(OSContextGenerator): | ||
3578 | 198 | interfaces = ['shared-db'] | ||
3579 | 199 | |||
3580 | 200 | def __init__(self, | ||
3581 | 201 | database=None, user=None, relation_prefix=None, ssl_dir=None): | ||
3582 | 202 | """Allows inspecting relation for settings prefixed with | ||
3583 | 203 | relation_prefix. This is useful for parsing access for multiple | ||
3584 | 204 | databases returned via the shared-db interface (eg, nova_password, | ||
3585 | 205 | quantum_password) | ||
3586 | 206 | """ | ||
3587 | 207 | self.relation_prefix = relation_prefix | ||
3588 | 208 | self.database = database | ||
3589 | 209 | self.user = user | ||
3590 | 210 | self.ssl_dir = ssl_dir | ||
3591 | 211 | |||
3592 | 212 | def __call__(self): | ||
3593 | 213 | self.database = self.database or config('database') | ||
3594 | 214 | self.user = self.user or config('database-user') | ||
3595 | 215 | if None in [self.database, self.user]: | ||
3596 | 216 | log("Could not generate shared_db context. Missing required charm " | ||
3597 | 217 | "config options. (database name and user)", level=ERROR) | ||
3598 | 218 | raise OSContextError | ||
3599 | 219 | |||
3600 | 220 | ctxt = {} | ||
3601 | 221 | |||
3602 | 222 | # NOTE(jamespage) if mysql charm provides a network upon which | ||
3603 | 223 | # access to the database should be made, reconfigure relation | ||
3604 | 224 | # with the service units local address and defer execution | ||
3605 | 225 | access_network = relation_get('access-network') | ||
3606 | 226 | if access_network is not None: | ||
3607 | 227 | if self.relation_prefix is not None: | ||
3608 | 228 | hostname_key = "{}_hostname".format(self.relation_prefix) | ||
3609 | 229 | else: | ||
3610 | 230 | hostname_key = "hostname" | ||
3611 | 231 | access_hostname = get_address_in_network(access_network, | ||
3612 | 232 | unit_get('private-address')) | ||
3613 | 233 | set_hostname = relation_get(attribute=hostname_key, | ||
3614 | 234 | unit=local_unit()) | ||
3615 | 235 | if set_hostname != access_hostname: | ||
3616 | 236 | relation_set(relation_settings={hostname_key: access_hostname}) | ||
3617 | 237 | return None # Defer any further hook execution for now.... | ||
3618 | 238 | |||
3619 | 239 | password_setting = 'password' | ||
3620 | 240 | if self.relation_prefix: | ||
3621 | 241 | password_setting = self.relation_prefix + '_password' | ||
3622 | 242 | |||
3623 | 243 | for rid in relation_ids('shared-db'): | ||
3624 | 244 | for unit in related_units(rid): | ||
3625 | 245 | rdata = relation_get(rid=rid, unit=unit) | ||
3626 | 246 | host = rdata.get('db_host') | ||
3627 | 247 | host = format_ipv6_addr(host) or host | ||
3628 | 248 | ctxt = { | ||
3629 | 249 | 'database_host': host, | ||
3630 | 250 | 'database': self.database, | ||
3631 | 251 | 'database_user': self.user, | ||
3632 | 252 | 'database_password': rdata.get(password_setting), | ||
3633 | 253 | 'database_type': 'mysql' | ||
3634 | 254 | } | ||
3635 | 255 | if context_complete(ctxt): | ||
3636 | 256 | db_ssl(rdata, ctxt, self.ssl_dir) | ||
3637 | 257 | return ctxt | ||
3638 | 258 | return {} | ||
3639 | 259 | |||
3640 | 260 | |||
3641 | 261 | class PostgresqlDBContext(OSContextGenerator): | ||
3642 | 262 | interfaces = ['pgsql-db'] | ||
3643 | 263 | |||
3644 | 264 | def __init__(self, database=None): | ||
3645 | 265 | self.database = database | ||
3646 | 266 | |||
3647 | 267 | def __call__(self): | ||
3648 | 268 | self.database = self.database or config('database') | ||
3649 | 269 | if self.database is None: | ||
3650 | 270 | log('Could not generate postgresql_db context. Missing required ' | ||
3651 | 271 | 'charm config options. (database name)', level=ERROR) | ||
3652 | 272 | raise OSContextError | ||
3653 | 273 | |||
3654 | 274 | ctxt = {} | ||
3655 | 275 | for rid in relation_ids(self.interfaces[0]): | ||
3656 | 276 | for unit in related_units(rid): | ||
3657 | 277 | rel_host = relation_get('host', rid=rid, unit=unit) | ||
3658 | 278 | rel_user = relation_get('user', rid=rid, unit=unit) | ||
3659 | 279 | rel_passwd = relation_get('password', rid=rid, unit=unit) | ||
3660 | 280 | ctxt = {'database_host': rel_host, | ||
3661 | 281 | 'database': self.database, | ||
3662 | 282 | 'database_user': rel_user, | ||
3663 | 283 | 'database_password': rel_passwd, | ||
3664 | 284 | 'database_type': 'postgresql'} | ||
3665 | 285 | if context_complete(ctxt): | ||
3666 | 286 | return ctxt | ||
3667 | 287 | |||
3668 | 288 | return {} | ||
3669 | 289 | |||
3670 | 290 | |||
3671 | 291 | def db_ssl(rdata, ctxt, ssl_dir): | ||
3672 | 292 | if 'ssl_ca' in rdata and ssl_dir: | ||
3673 | 293 | ca_path = os.path.join(ssl_dir, 'db-client.ca') | ||
3674 | 294 | with open(ca_path, 'w') as fh: | ||
3675 | 295 | fh.write(b64decode(rdata['ssl_ca'])) | ||
3676 | 296 | |||
3677 | 297 | ctxt['database_ssl_ca'] = ca_path | ||
3678 | 298 | elif 'ssl_ca' in rdata: | ||
3679 | 299 | log("Charm not setup for ssl support but ssl ca found", level=INFO) | ||
3680 | 300 | return ctxt | ||
3681 | 301 | |||
3682 | 302 | if 'ssl_cert' in rdata: | ||
3683 | 303 | cert_path = os.path.join( | ||
3684 | 304 | ssl_dir, 'db-client.cert') | ||
3685 | 305 | if not os.path.exists(cert_path): | ||
3686 | 306 | log("Waiting 1m for ssl client cert validity", level=INFO) | ||
3687 | 307 | time.sleep(60) | ||
3688 | 308 | |||
3689 | 309 | with open(cert_path, 'w') as fh: | ||
3690 | 310 | fh.write(b64decode(rdata['ssl_cert'])) | ||
3691 | 311 | |||
3692 | 312 | ctxt['database_ssl_cert'] = cert_path | ||
3693 | 313 | key_path = os.path.join(ssl_dir, 'db-client.key') | ||
3694 | 314 | with open(key_path, 'w') as fh: | ||
3695 | 315 | fh.write(b64decode(rdata['ssl_key'])) | ||
3696 | 316 | |||
3697 | 317 | ctxt['database_ssl_key'] = key_path | ||
3698 | 318 | |||
3699 | 319 | return ctxt | ||
3700 | 320 | |||
3701 | 321 | |||
3702 | 322 | class IdentityServiceContext(OSContextGenerator): | ||
3703 | 323 | |||
3704 | 324 | def __init__(self, service=None, service_user=None, rel_name='identity-service'): | ||
3705 | 325 | self.service = service | ||
3706 | 326 | self.service_user = service_user | ||
3707 | 327 | self.rel_name = rel_name | ||
3708 | 328 | self.interfaces = [self.rel_name] | ||
3709 | 329 | |||
3710 | 330 | def __call__(self): | ||
3711 | 331 | log('Generating template context for ' + self.rel_name, level=DEBUG) | ||
3712 | 332 | ctxt = {} | ||
3713 | 333 | |||
3714 | 334 | if self.service and self.service_user: | ||
3715 | 335 | # This is required for pki token signing if we don't want /tmp to | ||
3716 | 336 | # be used. | ||
3717 | 337 | cachedir = '/var/cache/%s' % (self.service) | ||
3718 | 338 | if not os.path.isdir(cachedir): | ||
3719 | 339 | log("Creating service cache dir %s" % (cachedir), level=DEBUG) | ||
3720 | 340 | mkdir(path=cachedir, owner=self.service_user, | ||
3721 | 341 | group=self.service_user, perms=0o700) | ||
3722 | 342 | |||
3723 | 343 | ctxt['signing_dir'] = cachedir | ||
3724 | 344 | |||
3725 | 345 | for rid in relation_ids(self.rel_name): | ||
3726 | 346 | for unit in related_units(rid): | ||
3727 | 347 | rdata = relation_get(rid=rid, unit=unit) | ||
3728 | 348 | serv_host = rdata.get('service_host') | ||
3729 | 349 | serv_host = format_ipv6_addr(serv_host) or serv_host | ||
3730 | 350 | auth_host = rdata.get('auth_host') | ||
3731 | 351 | auth_host = format_ipv6_addr(auth_host) or auth_host | ||
3732 | 352 | svc_protocol = rdata.get('service_protocol') or 'http' | ||
3733 | 353 | auth_protocol = rdata.get('auth_protocol') or 'http' | ||
3734 | 354 | ctxt.update({'service_port': rdata.get('service_port'), | ||
3735 | 355 | 'service_host': serv_host, | ||
3736 | 356 | 'auth_host': auth_host, | ||
3737 | 357 | 'auth_port': rdata.get('auth_port'), | ||
3738 | 358 | 'admin_tenant_name': rdata.get('service_tenant'), | ||
3739 | 359 | 'admin_user': rdata.get('service_username'), | ||
3740 | 360 | 'admin_password': rdata.get('service_password'), | ||
3741 | 361 | 'service_protocol': svc_protocol, | ||
3742 | 362 | 'auth_protocol': auth_protocol}) | ||
3743 | 363 | |||
3744 | 364 | if context_complete(ctxt): | ||
3745 | 365 | # NOTE(jamespage) this is required for >= icehouse | ||
3746 | 366 | # so a missing value just indicates keystone needs | ||
3747 | 367 | # upgrading | ||
3748 | 368 | ctxt['admin_tenant_id'] = rdata.get('service_tenant_id') | ||
3749 | 369 | return ctxt | ||
3750 | 370 | |||
3751 | 371 | return {} | ||
3752 | 372 | |||
3753 | 373 | |||
3754 | 374 | class AMQPContext(OSContextGenerator): | ||
3755 | 375 | |||
3756 | 376 | def __init__(self, ssl_dir=None, rel_name='amqp', relation_prefix=None): | ||
3757 | 377 | self.ssl_dir = ssl_dir | ||
3758 | 378 | self.rel_name = rel_name | ||
3759 | 379 | self.relation_prefix = relation_prefix | ||
3760 | 380 | self.interfaces = [rel_name] | ||
3761 | 381 | |||
3762 | 382 | def __call__(self): | ||
3763 | 383 | log('Generating template context for amqp', level=DEBUG) | ||
3764 | 384 | conf = config() | ||
3765 | 385 | if self.relation_prefix: | ||
3766 | 386 | user_setting = '%s-rabbit-user' % (self.relation_prefix) | ||
3767 | 387 | vhost_setting = '%s-rabbit-vhost' % (self.relation_prefix) | ||
3768 | 388 | else: | ||
3769 | 389 | user_setting = 'rabbit-user' | ||
3770 | 390 | vhost_setting = 'rabbit-vhost' | ||
3771 | 391 | |||
3772 | 392 | try: | ||
3773 | 393 | username = conf[user_setting] | ||
3774 | 394 | vhost = conf[vhost_setting] | ||
3775 | 395 | except KeyError as e: | ||
3776 | 396 | log('Could not generate shared_db context. Missing required charm ' | ||
3777 | 397 | 'config options: %s.' % e, level=ERROR) | ||
3778 | 398 | raise OSContextError | ||
3779 | 399 | |||
3780 | 400 | ctxt = {} | ||
3781 | 401 | for rid in relation_ids(self.rel_name): | ||
3782 | 402 | ha_vip_only = False | ||
3783 | 403 | for unit in related_units(rid): | ||
3784 | 404 | if relation_get('clustered', rid=rid, unit=unit): | ||
3785 | 405 | ctxt['clustered'] = True | ||
3786 | 406 | vip = relation_get('vip', rid=rid, unit=unit) | ||
3787 | 407 | vip = format_ipv6_addr(vip) or vip | ||
3788 | 408 | ctxt['rabbitmq_host'] = vip | ||
3789 | 409 | else: | ||
3790 | 410 | host = relation_get('private-address', rid=rid, unit=unit) | ||
3791 | 411 | host = format_ipv6_addr(host) or host | ||
3792 | 412 | ctxt['rabbitmq_host'] = host | ||
3793 | 413 | |||
3794 | 414 | ctxt.update({ | ||
3795 | 415 | 'rabbitmq_user': username, | ||
3796 | 416 | 'rabbitmq_password': relation_get('password', rid=rid, | ||
3797 | 417 | unit=unit), | ||
3798 | 418 | 'rabbitmq_virtual_host': vhost, | ||
3799 | 419 | }) | ||
3800 | 420 | |||
3801 | 421 | ssl_port = relation_get('ssl_port', rid=rid, unit=unit) | ||
3802 | 422 | if ssl_port: | ||
3803 | 423 | ctxt['rabbit_ssl_port'] = ssl_port | ||
3804 | 424 | |||
3805 | 425 | ssl_ca = relation_get('ssl_ca', rid=rid, unit=unit) | ||
3806 | 426 | if ssl_ca: | ||
3807 | 427 | ctxt['rabbit_ssl_ca'] = ssl_ca | ||
3808 | 428 | |||
3809 | 429 | if relation_get('ha_queues', rid=rid, unit=unit) is not None: | ||
3810 | 430 | ctxt['rabbitmq_ha_queues'] = True | ||
3811 | 431 | |||
3812 | 432 | ha_vip_only = relation_get('ha-vip-only', | ||
3813 | 433 | rid=rid, unit=unit) is not None | ||
3814 | 434 | |||
3815 | 435 | if context_complete(ctxt): | ||
3816 | 436 | if 'rabbit_ssl_ca' in ctxt: | ||
3817 | 437 | if not self.ssl_dir: | ||
3818 | 438 | log("Charm not setup for ssl support but ssl ca " | ||
3819 | 439 | "found", level=INFO) | ||
3820 | 440 | break | ||
3821 | 441 | |||
3822 | 442 | ca_path = os.path.join( | ||
3823 | 443 | self.ssl_dir, 'rabbit-client-ca.pem') | ||
3824 | 444 | with open(ca_path, 'w') as fh: | ||
3825 | 445 | fh.write(b64decode(ctxt['rabbit_ssl_ca'])) | ||
3826 | 446 | ctxt['rabbit_ssl_ca'] = ca_path | ||
3827 | 447 | |||
3828 | 448 | # Sufficient information found = break out! | ||
3829 | 449 | break | ||
3830 | 450 | |||
3831 | 451 | # Used for active/active rabbitmq >= grizzly | ||
3832 | 452 | if (('clustered' not in ctxt or ha_vip_only) and | ||
3833 | 453 | len(related_units(rid)) > 1): | ||
3834 | 454 | rabbitmq_hosts = [] | ||
3835 | 455 | for unit in related_units(rid): | ||
3836 | 456 | host = relation_get('private-address', rid=rid, unit=unit) | ||
3837 | 457 | host = format_ipv6_addr(host) or host | ||
3838 | 458 | rabbitmq_hosts.append(host) | ||
3839 | 459 | |||
3840 | 460 | ctxt['rabbitmq_hosts'] = ','.join(sorted(rabbitmq_hosts)) | ||
3841 | 461 | |||
3842 | 462 | oslo_messaging_flags = conf.get('oslo-messaging-flags', None) | ||
3843 | 463 | if oslo_messaging_flags: | ||
3844 | 464 | ctxt['oslo_messaging_flags'] = config_flags_parser( | ||
3845 | 465 | oslo_messaging_flags) | ||
3846 | 466 | |||
3847 | 467 | if not context_complete(ctxt): | ||
3848 | 468 | return {} | ||
3849 | 469 | |||
3850 | 470 | return ctxt | ||
3851 | 471 | |||
3852 | 472 | |||
3853 | 473 | class CephContext(OSContextGenerator): | ||
3854 | 474 | """Generates context for /etc/ceph/ceph.conf templates.""" | ||
3855 | 475 | interfaces = ['ceph'] | ||
3856 | 476 | |||
3857 | 477 | def __call__(self): | ||
3858 | 478 | if not relation_ids('ceph'): | ||
3859 | 479 | return {} | ||
3860 | 480 | |||
3861 | 481 | log('Generating template context for ceph', level=DEBUG) | ||
3862 | 482 | mon_hosts = [] | ||
3863 | 483 | auth = None | ||
3864 | 484 | key = None | ||
3865 | 485 | use_syslog = str(config('use-syslog')).lower() | ||
3866 | 486 | for rid in relation_ids('ceph'): | ||
3867 | 487 | for unit in related_units(rid): | ||
3868 | 488 | auth = relation_get('auth', rid=rid, unit=unit) | ||
3869 | 489 | key = relation_get('key', rid=rid, unit=unit) | ||
3870 | 490 | ceph_pub_addr = relation_get('ceph-public-address', rid=rid, | ||
3871 | 491 | unit=unit) | ||
3872 | 492 | unit_priv_addr = relation_get('private-address', rid=rid, | ||
3873 | 493 | unit=unit) | ||
3874 | 494 | ceph_addr = ceph_pub_addr or unit_priv_addr | ||
3875 | 495 | ceph_addr = format_ipv6_addr(ceph_addr) or ceph_addr | ||
3876 | 496 | mon_hosts.append(ceph_addr) | ||
3877 | 497 | |||
3878 | 498 | ctxt = {'mon_hosts': ' '.join(sorted(mon_hosts)), | ||
3879 | 499 | 'auth': auth, | ||
3880 | 500 | 'key': key, | ||
3881 | 501 | 'use_syslog': use_syslog} | ||
3882 | 502 | |||
3883 | 503 | if not os.path.isdir('/etc/ceph'): | ||
3884 | 504 | os.mkdir('/etc/ceph') | ||
3885 | 505 | |||
3886 | 506 | if not context_complete(ctxt): | ||
3887 | 507 | return {} | ||
3888 | 508 | |||
3889 | 509 | ensure_packages(['ceph-common']) | ||
3890 | 510 | return ctxt | ||
3891 | 511 | |||
3892 | 512 | |||
3893 | 513 | class HAProxyContext(OSContextGenerator): | ||
3894 | 514 | """Provides half a context for the haproxy template, which describes | ||
3895 | 515 | all peers to be included in the cluster. Each charm needs to include | ||
3896 | 516 | its own context generator that describes the port mapping. | ||
3897 | 517 | """ | ||
3898 | 518 | interfaces = ['cluster'] | ||
3899 | 519 | |||
3900 | 520 | def __init__(self, singlenode_mode=False): | ||
3901 | 521 | self.singlenode_mode = singlenode_mode | ||
3902 | 522 | |||
3903 | 523 | def __call__(self): | ||
3904 | 524 | if not relation_ids('cluster') and not self.singlenode_mode: | ||
3905 | 525 | return {} | ||
3906 | 526 | |||
3907 | 527 | if config('prefer-ipv6'): | ||
3908 | 528 | addr = get_ipv6_addr(exc_list=[config('vip')])[0] | ||
3909 | 529 | else: | ||
3910 | 530 | addr = get_host_ip(unit_get('private-address')) | ||
3911 | 531 | |||
3912 | 532 | l_unit = local_unit().replace('/', '-') | ||
3913 | 533 | cluster_hosts = {} | ||
3914 | 534 | |||
3915 | 535 | # NOTE(jamespage): build out map of configured network endpoints | ||
3916 | 536 | # and associated backends | ||
3917 | 537 | for addr_type in ADDRESS_TYPES: | ||
3918 | 538 | cfg_opt = 'os-{}-network'.format(addr_type) | ||
3919 | 539 | laddr = get_address_in_network(config(cfg_opt)) | ||
3920 | 540 | if laddr: | ||
3921 | 541 | netmask = get_netmask_for_address(laddr) | ||
3922 | 542 | cluster_hosts[laddr] = {'network': "{}/{}".format(laddr, | ||
3923 | 543 | netmask), | ||
3924 | 544 | 'backends': {l_unit: laddr}} | ||
3925 | 545 | for rid in relation_ids('cluster'): | ||
3926 | 546 | for unit in related_units(rid): | ||
3927 | 547 | _laddr = relation_get('{}-address'.format(addr_type), | ||
3928 | 548 | rid=rid, unit=unit) | ||
3929 | 549 | if _laddr: | ||
3930 | 550 | _unit = unit.replace('/', '-') | ||
3931 | 551 | cluster_hosts[laddr]['backends'][_unit] = _laddr | ||
3932 | 552 | |||
3933 | 553 | # NOTE(jamespage) add backend based on private address - this | ||
3934 | 554 | # with either be the only backend or the fallback if no acls | ||
3935 | 555 | # match in the frontend | ||
3936 | 556 | cluster_hosts[addr] = {} | ||
3937 | 557 | netmask = get_netmask_for_address(addr) | ||
3938 | 558 | cluster_hosts[addr] = {'network': "{}/{}".format(addr, netmask), | ||
3939 | 559 | 'backends': {l_unit: addr}} | ||
3940 | 560 | for rid in relation_ids('cluster'): | ||
3941 | 561 | for unit in related_units(rid): | ||
3942 | 562 | _laddr = relation_get('private-address', | ||
3943 | 563 | rid=rid, unit=unit) | ||
3944 | 564 | if _laddr: | ||
3945 | 565 | _unit = unit.replace('/', '-') | ||
3946 | 566 | cluster_hosts[addr]['backends'][_unit] = _laddr | ||
3947 | 567 | |||
3948 | 568 | ctxt = { | ||
3949 | 569 | 'frontends': cluster_hosts, | ||
3950 | 570 | 'default_backend': addr | ||
3951 | 571 | } | ||
3952 | 572 | |||
3953 | 573 | if config('haproxy-server-timeout'): | ||
3954 | 574 | ctxt['haproxy_server_timeout'] = config('haproxy-server-timeout') | ||
3955 | 575 | |||
3956 | 576 | if config('haproxy-client-timeout'): | ||
3957 | 577 | ctxt['haproxy_client_timeout'] = config('haproxy-client-timeout') | ||
3958 | 578 | |||
3959 | 579 | if config('prefer-ipv6'): | ||
3960 | 580 | ctxt['ipv6'] = True | ||
3961 | 581 | ctxt['local_host'] = 'ip6-localhost' | ||
3962 | 582 | ctxt['haproxy_host'] = '::' | ||
3963 | 583 | ctxt['stat_port'] = ':::8888' | ||
3964 | 584 | else: | ||
3965 | 585 | ctxt['local_host'] = '127.0.0.1' | ||
3966 | 586 | ctxt['haproxy_host'] = '0.0.0.0' | ||
3967 | 587 | ctxt['stat_port'] = ':8888' | ||
3968 | 588 | |||
3969 | 589 | for frontend in cluster_hosts: | ||
3970 | 590 | if (len(cluster_hosts[frontend]['backends']) > 1 or | ||
3971 | 591 | self.singlenode_mode): | ||
3972 | 592 | # Enable haproxy when we have enough peers. | ||
3973 | 593 | log('Ensuring haproxy enabled in /etc/default/haproxy.', | ||
3974 | 594 | level=DEBUG) | ||
3975 | 595 | with open('/etc/default/haproxy', 'w') as out: | ||
3976 | 596 | out.write('ENABLED=1\n') | ||
3977 | 597 | |||
3978 | 598 | return ctxt | ||
3979 | 599 | |||
3980 | 600 | log('HAProxy context is incomplete, this unit has no peers.', | ||
3981 | 601 | level=INFO) | ||
3982 | 602 | return {} | ||
3983 | 603 | |||
3984 | 604 | |||
3985 | 605 | class ImageServiceContext(OSContextGenerator): | ||
3986 | 606 | interfaces = ['image-service'] | ||
3987 | 607 | |||
3988 | 608 | def __call__(self): | ||
3989 | 609 | """Obtains the glance API server from the image-service relation. | ||
3990 | 610 | Useful in nova and cinder (currently). | ||
3991 | 611 | """ | ||
3992 | 612 | log('Generating template context for image-service.', level=DEBUG) | ||
3993 | 613 | rids = relation_ids('image-service') | ||
3994 | 614 | if not rids: | ||
3995 | 615 | return {} | ||
3996 | 616 | |||
3997 | 617 | for rid in rids: | ||
3998 | 618 | for unit in related_units(rid): | ||
3999 | 619 | api_server = relation_get('glance-api-server', | ||
4000 | 620 | rid=rid, unit=unit) | ||
4001 | 621 | if api_server: | ||
4002 | 622 | return {'glance_api_servers': api_server} | ||
4003 | 623 | |||
4004 | 624 | log("ImageService context is incomplete. Missing required relation " | ||
4005 | 625 | "data.", level=INFO) | ||
4006 | 626 | return {} | ||
4007 | 627 | |||
4008 | 628 | |||
4009 | 629 | class ApacheSSLContext(OSContextGenerator): | ||
4010 | 630 | """Generates a context for an apache vhost configuration that configures | ||
4011 | 631 | HTTPS reverse proxying for one or many endpoints. Generated context | ||
4012 | 632 | looks something like:: | ||
4013 | 633 | |||
4014 | 634 | { | ||
4015 | 635 | 'namespace': 'cinder', | ||
4016 | 636 | 'private_address': 'iscsi.mycinderhost.com', | ||
4017 | 637 | 'endpoints': [(8776, 8766), (8777, 8767)] | ||
4018 | 638 | } | ||
4019 | 639 | |||
4020 | 640 | The endpoints list consists of a tuples mapping external ports | ||
4021 | 641 | to internal ports. | ||
4022 | 642 | """ | ||
4023 | 643 | interfaces = ['https'] | ||
4024 | 644 | |||
4025 | 645 | # charms should inherit this context and set external ports | ||
4026 | 646 | # and service namespace accordingly. | ||
4027 | 647 | external_ports = [] | ||
4028 | 648 | service_namespace = None | ||
4029 | 649 | |||
4030 | 650 | def enable_modules(self): | ||
4031 | 651 | cmd = ['a2enmod', 'ssl', 'proxy', 'proxy_http'] | ||
4032 | 652 | check_call(cmd) | ||
4033 | 653 | |||
4034 | 654 | def configure_cert(self, cn=None): | ||
4035 | 655 | ssl_dir = os.path.join('/etc/apache2/ssl/', self.service_namespace) | ||
4036 | 656 | mkdir(path=ssl_dir) | ||
4037 | 657 | cert, key = get_cert(cn) | ||
4038 | 658 | if cn: | ||
4039 | 659 | cert_filename = 'cert_{}'.format(cn) | ||
4040 | 660 | key_filename = 'key_{}'.format(cn) | ||
4041 | 661 | else: | ||
4042 | 662 | cert_filename = 'cert' | ||
4043 | 663 | key_filename = 'key' | ||
4044 | 664 | |||
4045 | 665 | write_file(path=os.path.join(ssl_dir, cert_filename), | ||
4046 | 666 | content=b64decode(cert)) | ||
4047 | 667 | write_file(path=os.path.join(ssl_dir, key_filename), | ||
4048 | 668 | content=b64decode(key)) | ||
4049 | 669 | |||
4050 | 670 | def configure_ca(self): | ||
4051 | 671 | ca_cert = get_ca_cert() | ||
4052 | 672 | if ca_cert: | ||
4053 | 673 | install_ca_cert(b64decode(ca_cert)) | ||
4054 | 674 | |||
4055 | 675 | def canonical_names(self): | ||
4056 | 676 | """Figure out which canonical names clients will access this service. | ||
4057 | 677 | """ | ||
4058 | 678 | cns = [] | ||
4059 | 679 | for r_id in relation_ids('identity-service'): | ||
4060 | 680 | for unit in related_units(r_id): | ||
4061 | 681 | rdata = relation_get(rid=r_id, unit=unit) | ||
4062 | 682 | for k in rdata: | ||
4063 | 683 | if k.startswith('ssl_key_'): | ||
4064 | 684 | cns.append(k.lstrip('ssl_key_')) | ||
4065 | 685 | |||
4066 | 686 | return sorted(list(set(cns))) | ||
4067 | 687 | |||
4068 | 688 | def get_network_addresses(self): | ||
4069 | 689 | """For each network configured, return corresponding address and vip | ||
4070 | 690 | (if available). | ||
4071 | 691 | |||
4072 | 692 | Returns a list of tuples of the form: | ||
4073 | 693 | |||
4074 | 694 | [(address_in_net_a, vip_in_net_a), | ||
4075 | 695 | (address_in_net_b, vip_in_net_b), | ||
4076 | 696 | ...] | ||
4077 | 697 | |||
4078 | 698 | or, if no vip(s) available: | ||
4079 | 699 | |||
4080 | 700 | [(address_in_net_a, address_in_net_a), | ||
4081 | 701 | (address_in_net_b, address_in_net_b), | ||
4082 | 702 | ...] | ||
4083 | 703 | """ | ||
4084 | 704 | addresses = [] | ||
4085 | 705 | if config('vip'): | ||
4086 | 706 | vips = config('vip').split() | ||
4087 | 707 | else: | ||
4088 | 708 | vips = [] | ||
4089 | 709 | |||
4090 | 710 | for net_type in ['os-internal-network', 'os-admin-network', | ||
4091 | 711 | 'os-public-network']: | ||
4092 | 712 | addr = get_address_in_network(config(net_type), | ||
4093 | 713 | unit_get('private-address')) | ||
4094 | 714 | if len(vips) > 1 and is_clustered(): | ||
4095 | 715 | if not config(net_type): | ||
4096 | 716 | log("Multiple networks configured but net_type " | ||
4097 | 717 | "is None (%s)." % net_type, level=WARNING) | ||
4098 | 718 | continue | ||
4099 | 719 | |||
4100 | 720 | for vip in vips: | ||
4101 | 721 | if is_address_in_network(config(net_type), vip): | ||
4102 | 722 | addresses.append((addr, vip)) | ||
4103 | 723 | break | ||
4104 | 724 | |||
4105 | 725 | elif is_clustered() and config('vip'): | ||
4106 | 726 | addresses.append((addr, config('vip'))) | ||
4107 | 727 | else: | ||
4108 | 728 | addresses.append((addr, addr)) | ||
4109 | 729 | |||
4110 | 730 | return sorted(addresses) | ||
4111 | 731 | |||
4112 | 732 | def __call__(self): | ||
4113 | 733 | if isinstance(self.external_ports, six.string_types): | ||
4114 | 734 | self.external_ports = [self.external_ports] | ||
4115 | 735 | |||
4116 | 736 | if not self.external_ports or not https(): | ||
4117 | 737 | return {} | ||
4118 | 738 | |||
4119 | 739 | self.configure_ca() | ||
4120 | 740 | self.enable_modules() | ||
4121 | 741 | |||
4122 | 742 | ctxt = {'namespace': self.service_namespace, | ||
4123 | 743 | 'endpoints': [], | ||
4124 | 744 | 'ext_ports': []} | ||
4125 | 745 | |||
4126 | 746 | cns = self.canonical_names() | ||
4127 | 747 | if cns: | ||
4128 | 748 | for cn in cns: | ||
4129 | 749 | self.configure_cert(cn) | ||
4130 | 750 | else: | ||
4131 | 751 | # Expect cert/key provided in config (currently assumed that ca | ||
4132 | 752 | # uses ip for cn) | ||
4133 | 753 | cn = resolve_address(endpoint_type=INTERNAL) | ||
4134 | 754 | self.configure_cert(cn) | ||
4135 | 755 | |||
4136 | 756 | addresses = self.get_network_addresses() | ||
4137 | 757 | for address, endpoint in sorted(set(addresses)): | ||
4138 | 758 | for api_port in self.external_ports: | ||
4139 | 759 | ext_port = determine_apache_port(api_port, | ||
4140 | 760 | singlenode_mode=True) | ||
4141 | 761 | int_port = determine_api_port(api_port, singlenode_mode=True) | ||
4142 | 762 | portmap = (address, endpoint, int(ext_port), int(int_port)) | ||
4143 | 763 | ctxt['endpoints'].append(portmap) | ||
4144 | 764 | ctxt['ext_ports'].append(int(ext_port)) | ||
4145 | 765 | |||
4146 | 766 | ctxt['ext_ports'] = sorted(list(set(ctxt['ext_ports']))) | ||
4147 | 767 | return ctxt | ||
4148 | 768 | |||
4149 | 769 | |||
4150 | 770 | class NeutronContext(OSContextGenerator): | ||
4151 | 771 | interfaces = [] | ||
4152 | 772 | |||
4153 | 773 | @property | ||
4154 | 774 | def plugin(self): | ||
4155 | 775 | return None | ||
4156 | 776 | |||
4157 | 777 | @property | ||
4158 | 778 | def network_manager(self): | ||
4159 | 779 | return None | ||
4160 | 780 | |||
4161 | 781 | @property | ||
4162 | 782 | def packages(self): | ||
4163 | 783 | return neutron_plugin_attribute(self.plugin, 'packages', | ||
4164 | 784 | self.network_manager) | ||
4165 | 785 | |||
4166 | 786 | @property | ||
4167 | 787 | def neutron_security_groups(self): | ||
4168 | 788 | return None | ||
4169 | 789 | |||
4170 | 790 | def _ensure_packages(self): | ||
4171 | 791 | for pkgs in self.packages: | ||
4172 | 792 | ensure_packages(pkgs) | ||
4173 | 793 | |||
4174 | 794 | def _save_flag_file(self): | ||
4175 | 795 | if self.network_manager == 'quantum': | ||
4176 | 796 | _file = '/etc/nova/quantum_plugin.conf' | ||
4177 | 797 | else: | ||
4178 | 798 | _file = '/etc/nova/neutron_plugin.conf' | ||
4179 | 799 | |||
4180 | 800 | with open(_file, 'wb') as out: | ||
4181 | 801 | out.write(self.plugin + '\n') | ||
4182 | 802 | |||
4183 | 803 | def ovs_ctxt(self): | ||
4184 | 804 | driver = neutron_plugin_attribute(self.plugin, 'driver', | ||
4185 | 805 | self.network_manager) | ||
4186 | 806 | config = neutron_plugin_attribute(self.plugin, 'config', | ||
4187 | 807 | self.network_manager) | ||
4188 | 808 | ovs_ctxt = {'core_plugin': driver, | ||
4189 | 809 | 'neutron_plugin': 'ovs', | ||
4190 | 810 | 'neutron_security_groups': self.neutron_security_groups, | ||
4191 | 811 | 'local_ip': unit_private_ip(), | ||
4192 | 812 | 'config': config} | ||
4193 | 813 | |||
4194 | 814 | return ovs_ctxt | ||
4195 | 815 | |||
4196 | 816 | def nuage_ctxt(self): | ||
4197 | 817 | driver = neutron_plugin_attribute(self.plugin, 'driver', | ||
4198 | 818 | self.network_manager) | ||
4199 | 819 | config = neutron_plugin_attribute(self.plugin, 'config', | ||
4200 | 820 | self.network_manager) | ||
4201 | 821 | nuage_ctxt = {'core_plugin': driver, | ||
4202 | 822 | 'neutron_plugin': 'vsp', | ||
4203 | 823 | 'neutron_security_groups': self.neutron_security_groups, | ||
4204 | 824 | 'local_ip': unit_private_ip(), | ||
4205 | 825 | 'config': config} | ||
4206 | 826 | |||
4207 | 827 | return nuage_ctxt | ||
4208 | 828 | |||
4209 | 829 | def nvp_ctxt(self): | ||
4210 | 830 | driver = neutron_plugin_attribute(self.plugin, 'driver', | ||
4211 | 831 | self.network_manager) | ||
4212 | 832 | config = neutron_plugin_attribute(self.plugin, 'config', | ||
4213 | 833 | self.network_manager) | ||
4214 | 834 | nvp_ctxt = {'core_plugin': driver, | ||
4215 | 835 | 'neutron_plugin': 'nvp', | ||
4216 | 836 | 'neutron_security_groups': self.neutron_security_groups, | ||
4217 | 837 | 'local_ip': unit_private_ip(), | ||
4218 | 838 | 'config': config} | ||
4219 | 839 | |||
4220 | 840 | return nvp_ctxt | ||
4221 | 841 | |||
4222 | 842 | def n1kv_ctxt(self): | ||
4223 | 843 | driver = neutron_plugin_attribute(self.plugin, 'driver', | ||
4224 | 844 | self.network_manager) | ||
4225 | 845 | n1kv_config = neutron_plugin_attribute(self.plugin, 'config', | ||
4226 | 846 | self.network_manager) | ||
4227 | 847 | n1kv_user_config_flags = config('n1kv-config-flags') | ||
4228 | 848 | restrict_policy_profiles = config('n1kv-restrict-policy-profiles') | ||
4229 | 849 | n1kv_ctxt = {'core_plugin': driver, | ||
4230 | 850 | 'neutron_plugin': 'n1kv', | ||
4231 | 851 | 'neutron_security_groups': self.neutron_security_groups, | ||
4232 | 852 | 'local_ip': unit_private_ip(), | ||
4233 | 853 | 'config': n1kv_config, | ||
4234 | 854 | 'vsm_ip': config('n1kv-vsm-ip'), | ||
4235 | 855 | 'vsm_username': config('n1kv-vsm-username'), | ||
4236 | 856 | 'vsm_password': config('n1kv-vsm-password'), | ||
4237 | 857 | 'restrict_policy_profiles': restrict_policy_profiles} | ||
4238 | 858 | |||
4239 | 859 | if n1kv_user_config_flags: | ||
4240 | 860 | flags = config_flags_parser(n1kv_user_config_flags) | ||
4241 | 861 | n1kv_ctxt['user_config_flags'] = flags | ||
4242 | 862 | |||
4243 | 863 | return n1kv_ctxt | ||
4244 | 864 | |||
4245 | 865 | def calico_ctxt(self): | ||
4246 | 866 | driver = neutron_plugin_attribute(self.plugin, 'driver', | ||
4247 | 867 | self.network_manager) | ||
4248 | 868 | config = neutron_plugin_attribute(self.plugin, 'config', | ||
4249 | 869 | self.network_manager) | ||
4250 | 870 | calico_ctxt = {'core_plugin': driver, | ||
4251 | 871 | 'neutron_plugin': 'Calico', | ||
4252 | 872 | 'neutron_security_groups': self.neutron_security_groups, | ||
4253 | 873 | 'local_ip': unit_private_ip(), | ||
4254 | 874 | 'config': config} | ||
4255 | 875 | |||
4256 | 876 | return calico_ctxt | ||
4257 | 877 | |||
4258 | 878 | def neutron_ctxt(self): | ||
4259 | 879 | if https(): | ||
4260 | 880 | proto = 'https' | ||
4261 | 881 | else: | ||
4262 | 882 | proto = 'http' | ||
4263 | 883 | |||
4264 | 884 | if is_clustered(): | ||
4265 | 885 | host = config('vip') | ||
4266 | 886 | else: | ||
4267 | 887 | host = unit_get('private-address') | ||
4268 | 888 | |||
4269 | 889 | ctxt = {'network_manager': self.network_manager, | ||
4270 | 890 | 'neutron_url': '%s://%s:%s' % (proto, host, '9696')} | ||
4271 | 891 | return ctxt | ||
4272 | 892 | |||
4273 | 893 | def __call__(self): | ||
4274 | 894 | self._ensure_packages() | ||
4275 | 895 | |||
4276 | 896 | if self.network_manager not in ['quantum', 'neutron']: | ||
4277 | 897 | return {} | ||
4278 | 898 | |||
4279 | 899 | if not self.plugin: | ||
4280 | 900 | return {} | ||
4281 | 901 | |||
4282 | 902 | ctxt = self.neutron_ctxt() | ||
4283 | 903 | |||
4284 | 904 | if self.plugin == 'ovs': | ||
4285 | 905 | ctxt.update(self.ovs_ctxt()) | ||
4286 | 906 | elif self.plugin in ['nvp', 'nsx']: | ||
4287 | 907 | ctxt.update(self.nvp_ctxt()) | ||
4288 | 908 | elif self.plugin == 'n1kv': | ||
4289 | 909 | ctxt.update(self.n1kv_ctxt()) | ||
4290 | 910 | elif self.plugin == 'Calico': | ||
4291 | 911 | ctxt.update(self.calico_ctxt()) | ||
4292 | 912 | elif self.plugin == 'vsp': | ||
4293 | 913 | ctxt.update(self.nuage_ctxt()) | ||
4294 | 914 | |||
4295 | 915 | alchemy_flags = config('neutron-alchemy-flags') | ||
4296 | 916 | if alchemy_flags: | ||
4297 | 917 | flags = config_flags_parser(alchemy_flags) | ||
4298 | 918 | ctxt['neutron_alchemy_flags'] = flags | ||
4299 | 919 | |||
4300 | 920 | self._save_flag_file() | ||
4301 | 921 | return ctxt | ||
4302 | 922 | |||
4303 | 923 | |||
4304 | 924 | class NeutronPortContext(OSContextGenerator): | ||
4305 | 925 | NIC_PREFIXES = ['eth', 'bond'] | ||
4306 | 926 | |||
4307 | 927 | def resolve_ports(self, ports): | ||
4308 | 928 | """Resolve NICs not yet bound to bridge(s) | ||
4309 | 929 | |||
4310 | 930 | If hwaddress provided then returns resolved hwaddress otherwise NIC. | ||
4311 | 931 | """ | ||
4312 | 932 | if not ports: | ||
4313 | 933 | return None | ||
4314 | 934 | |||
4315 | 935 | hwaddr_to_nic = {} | ||
4316 | 936 | hwaddr_to_ip = {} | ||
4317 | 937 | for nic in list_nics(self.NIC_PREFIXES): | ||
4318 | 938 | hwaddr = get_nic_hwaddr(nic) | ||
4319 | 939 | hwaddr_to_nic[hwaddr] = nic | ||
4320 | 940 | addresses = get_ipv4_addr(nic, fatal=False) | ||
4321 | 941 | addresses += get_ipv6_addr(iface=nic, fatal=False) | ||
4322 | 942 | hwaddr_to_ip[hwaddr] = addresses | ||
4323 | 943 | |||
4324 | 944 | resolved = [] | ||
4325 | 945 | mac_regex = re.compile(r'([0-9A-F]{2}[:-]){5}([0-9A-F]{2})', re.I) | ||
4326 | 946 | for entry in ports: | ||
4327 | 947 | if re.match(mac_regex, entry): | ||
4328 | 948 | # NIC is in known NICs and does NOT hace an IP address | ||
4329 | 949 | if entry in hwaddr_to_nic and not hwaddr_to_ip[entry]: | ||
4330 | 950 | # If the nic is part of a bridge then don't use it | ||
4331 | 951 | if is_bridge_member(hwaddr_to_nic[entry]): | ||
4332 | 952 | continue | ||
4333 | 953 | |||
4334 | 954 | # Entry is a MAC address for a valid interface that doesn't | ||
4335 | 955 | # have an IP address assigned yet. | ||
4336 | 956 | resolved.append(hwaddr_to_nic[entry]) | ||
4337 | 957 | else: | ||
4338 | 958 | # If the passed entry is not a MAC address, assume it's a valid | ||
4339 | 959 | # interface, and that the user put it there on purpose (we can | ||
4340 | 960 | # trust it to be the real external network). | ||
4341 | 961 | resolved.append(entry) | ||
4342 | 962 | |||
4343 | 963 | return resolved | ||
4344 | 964 | |||
4345 | 965 | |||
4346 | 966 | class OSConfigFlagContext(OSContextGenerator): | ||
4347 | 967 | """Provides support for user-defined config flags. | ||
4348 | 968 | |||
4349 | 969 | Users can define a comma-seperated list of key=value pairs | ||
4350 | 970 | in the charm configuration and apply them at any point in | ||
4351 | 971 | any file by using a template flag. | ||
4352 | 972 | |||
4353 | 973 | Sometimes users might want config flags inserted within a | ||
4354 | 974 | specific section so this class allows users to specify the | ||
4355 | 975 | template flag name, allowing for multiple template flags | ||
4356 | 976 | (sections) within the same context. | ||
4357 | 977 | |||
4358 | 978 | NOTE: the value of config-flags may be a comma-separated list of | ||
4359 | 979 | key=value pairs and some Openstack config files support | ||
4360 | 980 | comma-separated lists as values. | ||
4361 | 981 | """ | ||
4362 | 982 | |||
4363 | 983 | def __init__(self, charm_flag='config-flags', | ||
4364 | 984 | template_flag='user_config_flags'): | ||
4365 | 985 | """ | ||
4366 | 986 | :param charm_flag: config flags in charm configuration. | ||
4367 | 987 | :param template_flag: insert point for user-defined flags in template | ||
4368 | 988 | file. | ||
4369 | 989 | """ | ||
4370 | 990 | super(OSConfigFlagContext, self).__init__() | ||
4371 | 991 | self._charm_flag = charm_flag | ||
4372 | 992 | self._template_flag = template_flag | ||
4373 | 993 | |||
4374 | 994 | def __call__(self): | ||
4375 | 995 | config_flags = config(self._charm_flag) | ||
4376 | 996 | if not config_flags: | ||
4377 | 997 | return {} | ||
4378 | 998 | |||
4379 | 999 | return {self._template_flag: | ||
4380 | 1000 | config_flags_parser(config_flags)} | ||
4381 | 1001 | |||
4382 | 1002 | |||
4383 | 1003 | class SubordinateConfigContext(OSContextGenerator): | ||
4384 | 1004 | |||
4385 | 1005 | """ | ||
4386 | 1006 | Responsible for inspecting relations to subordinates that | ||
4387 | 1007 | may be exporting required config via a json blob. | ||
4388 | 1008 | |||
4389 | 1009 | The subordinate interface allows subordinates to export their | ||
4390 | 1010 | configuration requirements to the principle for multiple config | ||
4391 | 1011 | files and multiple serivces. Ie, a subordinate that has interfaces | ||
4392 | 1012 | to both glance and nova may export to following yaml blob as json:: | ||
4393 | 1013 | |||
4394 | 1014 | glance: | ||
4395 | 1015 | /etc/glance/glance-api.conf: | ||
4396 | 1016 | sections: | ||
4397 | 1017 | DEFAULT: | ||
4398 | 1018 | - [key1, value1] | ||
4399 | 1019 | /etc/glance/glance-registry.conf: | ||
4400 | 1020 | MYSECTION: | ||
4401 | 1021 | - [key2, value2] | ||
4402 | 1022 | nova: | ||
4403 | 1023 | /etc/nova/nova.conf: | ||
4404 | 1024 | sections: | ||
4405 | 1025 | DEFAULT: | ||
4406 | 1026 | - [key3, value3] | ||
4407 | 1027 | |||
4408 | 1028 | |||
4409 | 1029 | It is then up to the principle charms to subscribe this context to | ||
4410 | 1030 | the service+config file it is interestd in. Configuration data will | ||
4411 | 1031 | be available in the template context, in glance's case, as:: | ||
4412 | 1032 | |||
4413 | 1033 | ctxt = { | ||
4414 | 1034 | ... other context ... | ||
4415 | 1035 | 'subordinate_config': { | ||
4416 | 1036 | 'DEFAULT': { | ||
4417 | 1037 | 'key1': 'value1', | ||
4418 | 1038 | }, | ||
4419 | 1039 | 'MYSECTION': { | ||
4420 | 1040 | 'key2': 'value2', | ||
4421 | 1041 | }, | ||
4422 | 1042 | } | ||
4423 | 1043 | } | ||
4424 | 1044 | """ | ||
4425 | 1045 | |||
4426 | 1046 | def __init__(self, service, config_file, interface): | ||
4427 | 1047 | """ | ||
4428 | 1048 | :param service : Service name key to query in any subordinate | ||
4429 | 1049 | data found | ||
4430 | 1050 | :param config_file : Service's config file to query sections | ||
4431 | 1051 | :param interface : Subordinate interface to inspect | ||
4432 | 1052 | """ | ||
4433 | 1053 | self.service = service | ||
4434 | 1054 | self.config_file = config_file | ||
4435 | 1055 | self.interface = interface | ||
4436 | 1056 | |||
4437 | 1057 | def __call__(self): | ||
4438 | 1058 | ctxt = {'sections': {}} | ||
4439 | 1059 | for rid in relation_ids(self.interface): | ||
4440 | 1060 | for unit in related_units(rid): | ||
4441 | 1061 | sub_config = relation_get('subordinate_configuration', | ||
4442 | 1062 | rid=rid, unit=unit) | ||
4443 | 1063 | if sub_config and sub_config != '': | ||
4444 | 1064 | try: | ||
4445 | 1065 | sub_config = json.loads(sub_config) | ||
4446 | 1066 | except: | ||
4447 | 1067 | log('Could not parse JSON from subordinate_config ' | ||
4448 | 1068 | 'setting from %s' % rid, level=ERROR) | ||
4449 | 1069 | continue | ||
4450 | 1070 | |||
4451 | 1071 | if self.service not in sub_config: | ||
4452 | 1072 | log('Found subordinate_config on %s but it contained' | ||
4453 | 1073 | 'nothing for %s service' % (rid, self.service), | ||
4454 | 1074 | level=INFO) | ||
4455 | 1075 | continue | ||
4456 | 1076 | |||
4457 | 1077 | sub_config = sub_config[self.service] | ||
4458 | 1078 | if self.config_file not in sub_config: | ||
4459 | 1079 | log('Found subordinate_config on %s but it contained' | ||
4460 | 1080 | 'nothing for %s' % (rid, self.config_file), | ||
4461 | 1081 | level=INFO) | ||
4462 | 1082 | continue | ||
4463 | 1083 | |||
4464 | 1084 | sub_config = sub_config[self.config_file] | ||
4465 | 1085 | for k, v in six.iteritems(sub_config): | ||
4466 | 1086 | if k == 'sections': | ||
4467 | 1087 | for section, config_dict in six.iteritems(v): | ||
4468 | 1088 | log("adding section '%s'" % (section), | ||
4469 | 1089 | level=DEBUG) | ||
4470 | 1090 | ctxt[k][section] = config_dict | ||
4471 | 1091 | else: | ||
4472 | 1092 | ctxt[k] = v | ||
4473 | 1093 | |||
4474 | 1094 | log("%d section(s) found" % (len(ctxt['sections'])), level=DEBUG) | ||
4475 | 1095 | return ctxt | ||
4476 | 1096 | |||
4477 | 1097 | |||
4478 | 1098 | class LogLevelContext(OSContextGenerator): | ||
4479 | 1099 | |||
4480 | 1100 | def __call__(self): | ||
4481 | 1101 | ctxt = {} | ||
4482 | 1102 | ctxt['debug'] = \ | ||
4483 | 1103 | False if config('debug') is None else config('debug') | ||
4484 | 1104 | ctxt['verbose'] = \ | ||
4485 | 1105 | False if config('verbose') is None else config('verbose') | ||
4486 | 1106 | |||
4487 | 1107 | return ctxt | ||
4488 | 1108 | |||
4489 | 1109 | |||
4490 | 1110 | class SyslogContext(OSContextGenerator): | ||
4491 | 1111 | |||
4492 | 1112 | def __call__(self): | ||
4493 | 1113 | ctxt = {'use_syslog': config('use-syslog')} | ||
4494 | 1114 | return ctxt | ||
4495 | 1115 | |||
4496 | 1116 | |||
4497 | 1117 | class BindHostContext(OSContextGenerator): | ||
4498 | 1118 | |||
4499 | 1119 | def __call__(self): | ||
4500 | 1120 | if config('prefer-ipv6'): | ||
4501 | 1121 | return {'bind_host': '::'} | ||
4502 | 1122 | else: | ||
4503 | 1123 | return {'bind_host': '0.0.0.0'} | ||
4504 | 1124 | |||
4505 | 1125 | |||
4506 | 1126 | class WorkerConfigContext(OSContextGenerator): | ||
4507 | 1127 | |||
4508 | 1128 | @property | ||
4509 | 1129 | def num_cpus(self): | ||
4510 | 1130 | try: | ||
4511 | 1131 | from psutil import NUM_CPUS | ||
4512 | 1132 | except ImportError: | ||
4513 | 1133 | apt_install('python-psutil', fatal=True) | ||
4514 | 1134 | from psutil import NUM_CPUS | ||
4515 | 1135 | |||
4516 | 1136 | return NUM_CPUS | ||
4517 | 1137 | |||
4518 | 1138 | def __call__(self): | ||
4519 | 1139 | multiplier = config('worker-multiplier') or 0 | ||
4520 | 1140 | ctxt = {"workers": self.num_cpus * multiplier} | ||
4521 | 1141 | return ctxt | ||
4522 | 1142 | |||
4523 | 1143 | |||
4524 | 1144 | class ZeroMQContext(OSContextGenerator): | ||
4525 | 1145 | interfaces = ['zeromq-configuration'] | ||
4526 | 1146 | |||
4527 | 1147 | def __call__(self): | ||
4528 | 1148 | ctxt = {} | ||
4529 | 1149 | if is_relation_made('zeromq-configuration', 'host'): | ||
4530 | 1150 | for rid in relation_ids('zeromq-configuration'): | ||
4531 | 1151 | for unit in related_units(rid): | ||
4532 | 1152 | ctxt['zmq_nonce'] = relation_get('nonce', unit, rid) | ||
4533 | 1153 | ctxt['zmq_host'] = relation_get('host', unit, rid) | ||
4534 | 1154 | ctxt['zmq_redis_address'] = relation_get( | ||
4535 | 1155 | 'zmq_redis_address', unit, rid) | ||
4536 | 1156 | |||
4537 | 1157 | return ctxt | ||
4538 | 1158 | |||
4539 | 1159 | |||
4540 | 1160 | class NotificationDriverContext(OSContextGenerator): | ||
4541 | 1161 | |||
4542 | 1162 | def __init__(self, zmq_relation='zeromq-configuration', | ||
4543 | 1163 | amqp_relation='amqp'): | ||
4544 | 1164 | """ | ||
4545 | 1165 | :param zmq_relation: Name of Zeromq relation to check | ||
4546 | 1166 | """ | ||
4547 | 1167 | self.zmq_relation = zmq_relation | ||
4548 | 1168 | self.amqp_relation = amqp_relation | ||
4549 | 1169 | |||
4550 | 1170 | def __call__(self): | ||
4551 | 1171 | ctxt = {'notifications': 'False'} | ||
4552 | 1172 | if is_relation_made(self.amqp_relation): | ||
4553 | 1173 | ctxt['notifications'] = "True" | ||
4554 | 1174 | |||
4555 | 1175 | return ctxt | ||
4556 | 1176 | |||
4557 | 1177 | |||
4558 | 1178 | class SysctlContext(OSContextGenerator): | ||
4559 | 1179 | """This context check if the 'sysctl' option exists on configuration | ||
4560 | 1180 | then creates a file with the loaded contents""" | ||
4561 | 1181 | def __call__(self): | ||
4562 | 1182 | sysctl_dict = config('sysctl') | ||
4563 | 1183 | if sysctl_dict: | ||
4564 | 1184 | sysctl_create(sysctl_dict, | ||
4565 | 1185 | '/etc/sysctl.d/50-{0}.conf'.format(charm_name())) | ||
4566 | 1186 | return {'sysctl': sysctl_dict} | ||
4567 | 1187 | |||
4568 | 1188 | |||
4569 | 1189 | class NeutronAPIContext(OSContextGenerator): | ||
4570 | 1190 | ''' | ||
4571 | 1191 | Inspects current neutron-plugin-api relation for neutron settings. Return | ||
4572 | 1192 | defaults if it is not present. | ||
4573 | 1193 | ''' | ||
4574 | 1194 | interfaces = ['neutron-plugin-api'] | ||
4575 | 1195 | |||
4576 | 1196 | def __call__(self): | ||
4577 | 1197 | self.neutron_defaults = { | ||
4578 | 1198 | 'l2_population': { | ||
4579 | 1199 | 'rel_key': 'l2-population', | ||
4580 | 1200 | 'default': False, | ||
4581 | 1201 | }, | ||
4582 | 1202 | 'overlay_network_type': { | ||
4583 | 1203 | 'rel_key': 'overlay-network-type', | ||
4584 | 1204 | 'default': 'gre', | ||
4585 | 1205 | }, | ||
4586 | 1206 | 'neutron_security_groups': { | ||
4587 | 1207 | 'rel_key': 'neutron-security-groups', | ||
4588 | 1208 | 'default': False, | ||
4589 | 1209 | }, | ||
4590 | 1210 | 'network_device_mtu': { | ||
4591 | 1211 | 'rel_key': 'network-device-mtu', | ||
4592 | 1212 | 'default': None, | ||
4593 | 1213 | }, | ||
4594 | 1214 | 'enable_dvr': { | ||
4595 | 1215 | 'rel_key': 'enable-dvr', | ||
4596 | 1216 | 'default': False, | ||
4597 | 1217 | }, | ||
4598 | 1218 | 'enable_l3ha': { | ||
4599 | 1219 | 'rel_key': 'enable-l3ha', | ||
4600 | 1220 | 'default': False, | ||
4601 | 1221 | }, | ||
4602 | 1222 | } | ||
4603 | 1223 | ctxt = self.get_neutron_options({}) | ||
4604 | 1224 | for rid in relation_ids('neutron-plugin-api'): | ||
4605 | 1225 | for unit in related_units(rid): | ||
4606 | 1226 | rdata = relation_get(rid=rid, unit=unit) | ||
4607 | 1227 | if 'l2-population' in rdata: | ||
4608 | 1228 | ctxt.update(self.get_neutron_options(rdata)) | ||
4609 | 1229 | |||
4610 | 1230 | return ctxt | ||
4611 | 1231 | |||
4612 | 1232 | def get_neutron_options(self, rdata): | ||
4613 | 1233 | settings = {} | ||
4614 | 1234 | for nkey in self.neutron_defaults.keys(): | ||
4615 | 1235 | defv = self.neutron_defaults[nkey]['default'] | ||
4616 | 1236 | rkey = self.neutron_defaults[nkey]['rel_key'] | ||
4617 | 1237 | if rkey in rdata.keys(): | ||
4618 | 1238 | if type(defv) is bool: | ||
4619 | 1239 | settings[nkey] = bool_from_string(rdata[rkey]) | ||
4620 | 1240 | else: | ||
4621 | 1241 | settings[nkey] = rdata[rkey] | ||
4622 | 1242 | else: | ||
4623 | 1243 | settings[nkey] = defv | ||
4624 | 1244 | return settings | ||
4625 | 1245 | |||
4626 | 1246 | |||
4627 | 1247 | class ExternalPortContext(NeutronPortContext): | ||
4628 | 1248 | |||
4629 | 1249 | def __call__(self): | ||
4630 | 1250 | ctxt = {} | ||
4631 | 1251 | ports = config('ext-port') | ||
4632 | 1252 | if ports: | ||
4633 | 1253 | ports = [p.strip() for p in ports.split()] | ||
4634 | 1254 | ports = self.resolve_ports(ports) | ||
4635 | 1255 | if ports: | ||
4636 | 1256 | ctxt = {"ext_port": ports[0]} | ||
4637 | 1257 | napi_settings = NeutronAPIContext()() | ||
4638 | 1258 | mtu = napi_settings.get('network_device_mtu') | ||
4639 | 1259 | if mtu: | ||
4640 | 1260 | ctxt['ext_port_mtu'] = mtu | ||
4641 | 1261 | |||
4642 | 1262 | return ctxt | ||
4643 | 1263 | |||
4644 | 1264 | |||
4645 | 1265 | class DataPortContext(NeutronPortContext): | ||
4646 | 1266 | |||
4647 | 1267 | def __call__(self): | ||
4648 | 1268 | ports = config('data-port') | ||
4649 | 1269 | if ports: | ||
4650 | 1270 | portmap = parse_data_port_mappings(ports) | ||
4651 | 1271 | ports = portmap.values() | ||
4652 | 1272 | resolved = self.resolve_ports(ports) | ||
4653 | 1273 | normalized = {get_nic_hwaddr(port): port for port in resolved | ||
4654 | 1274 | if port not in ports} | ||
4655 | 1275 | normalized.update({port: port for port in resolved | ||
4656 | 1276 | if port in ports}) | ||
4657 | 1277 | if resolved: | ||
4658 | 1278 | return {bridge: normalized[port] for bridge, port in | ||
4659 | 1279 | six.iteritems(portmap) if port in normalized.keys()} | ||
4660 | 1280 | |||
4661 | 1281 | return None | ||
4662 | 1282 | |||
4663 | 1283 | |||
4664 | 1284 | class PhyNICMTUContext(DataPortContext): | ||
4665 | 1285 | |||
4666 | 1286 | def __call__(self): | ||
4667 | 1287 | ctxt = {} | ||
4668 | 1288 | mappings = super(PhyNICMTUContext, self).__call__() | ||
4669 | 1289 | if mappings and mappings.values(): | ||
4670 | 1290 | ports = mappings.values() | ||
4671 | 1291 | napi_settings = NeutronAPIContext()() | ||
4672 | 1292 | mtu = napi_settings.get('network_device_mtu') | ||
4673 | 1293 | if mtu: | ||
4674 | 1294 | ctxt["devs"] = '\\n'.join(ports) | ||
4675 | 1295 | ctxt['mtu'] = mtu | ||
4676 | 1296 | |||
4677 | 1297 | return ctxt | ||
4678 | 1298 | |||
4679 | 1299 | |||
4680 | 1300 | class NetworkServiceContext(OSContextGenerator): | ||
4681 | 1301 | |||
4682 | 1302 | def __init__(self, rel_name='quantum-network-service'): | ||
4683 | 1303 | self.rel_name = rel_name | ||
4684 | 1304 | self.interfaces = [rel_name] | ||
4685 | 1305 | |||
4686 | 1306 | def __call__(self): | ||
4687 | 1307 | for rid in relation_ids(self.rel_name): | ||
4688 | 1308 | for unit in related_units(rid): | ||
4689 | 1309 | rdata = relation_get(rid=rid, unit=unit) | ||
4690 | 1310 | ctxt = { | ||
4691 | 1311 | 'keystone_host': rdata.get('keystone_host'), | ||
4692 | 1312 | 'service_port': rdata.get('service_port'), | ||
4693 | 1313 | 'auth_port': rdata.get('auth_port'), | ||
4694 | 1314 | 'service_tenant': rdata.get('service_tenant'), | ||
4695 | 1315 | 'service_username': rdata.get('service_username'), | ||
4696 | 1316 | 'service_password': rdata.get('service_password'), | ||
4697 | 1317 | 'quantum_host': rdata.get('quantum_host'), | ||
4698 | 1318 | 'quantum_port': rdata.get('quantum_port'), | ||
4699 | 1319 | 'quantum_url': rdata.get('quantum_url'), | ||
4700 | 1320 | 'region': rdata.get('region'), | ||
4701 | 1321 | 'service_protocol': | ||
4702 | 1322 | rdata.get('service_protocol') or 'http', | ||
4703 | 1323 | 'auth_protocol': | ||
4704 | 1324 | rdata.get('auth_protocol') or 'http', | ||
4705 | 1325 | } | ||
4706 | 1326 | if context_complete(ctxt): | ||
4707 | 1327 | return ctxt | ||
4708 | 1328 | return {} | ||
4709 | 1329 | 0 | ||
4710 | === removed directory 'hooks/charmhelpers/contrib/openstack/files' | |||
4711 | === removed file 'hooks/charmhelpers/contrib/openstack/files/__init__.py' | |||
4712 | --- hooks/charmhelpers/contrib/openstack/files/__init__.py 2015-02-19 05:17:57 +0000 | |||
4713 | +++ hooks/charmhelpers/contrib/openstack/files/__init__.py 1970-01-01 00:00:00 +0000 | |||
4714 | @@ -1,18 +0,0 @@ | |||
4715 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
4716 | 2 | # | ||
4717 | 3 | # This file is part of charm-helpers. | ||
4718 | 4 | # | ||
4719 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
4720 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
4721 | 7 | # published by the Free Software Foundation. | ||
4722 | 8 | # | ||
4723 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
4724 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
4725 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
4726 | 12 | # GNU Lesser General Public License for more details. | ||
4727 | 13 | # | ||
4728 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
4729 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
4730 | 16 | |||
4731 | 17 | # dummy __init__.py to fool syncer into thinking this is a syncable python | ||
4732 | 18 | # module | ||
4733 | 19 | 0 | ||
4734 | === removed file 'hooks/charmhelpers/contrib/openstack/files/check_haproxy.sh' | |||
4735 | --- hooks/charmhelpers/contrib/openstack/files/check_haproxy.sh 2015-02-25 23:34:09 +0000 | |||
4736 | +++ hooks/charmhelpers/contrib/openstack/files/check_haproxy.sh 1970-01-01 00:00:00 +0000 | |||
4737 | @@ -1,32 +0,0 @@ | |||
4738 | 1 | #!/bin/bash | ||
4739 | 2 | #-------------------------------------------- | ||
4740 | 3 | # This file is managed by Juju | ||
4741 | 4 | #-------------------------------------------- | ||
4742 | 5 | # | ||
4743 | 6 | # Copyright 2009,2012 Canonical Ltd. | ||
4744 | 7 | # Author: Tom Haddon | ||
4745 | 8 | |||
4746 | 9 | CRITICAL=0 | ||
4747 | 10 | NOTACTIVE='' | ||
4748 | 11 | LOGFILE=/var/log/nagios/check_haproxy.log | ||
4749 | 12 | AUTH=$(grep -r "stats auth" /etc/haproxy | head -1 | awk '{print $4}') | ||
4750 | 13 | |||
4751 | 14 | for appserver in $(grep ' server' /etc/haproxy/haproxy.cfg | awk '{print $2'}); | ||
4752 | 15 | do | ||
4753 | 16 | output=$(/usr/lib/nagios/plugins/check_http -a ${AUTH} -I 127.0.0.1 -p 8888 --regex="class=\"(active|backup)(2|3).*${appserver}" -e ' 200 OK') | ||
4754 | 17 | if [ $? != 0 ]; then | ||
4755 | 18 | date >> $LOGFILE | ||
4756 | 19 | echo $output >> $LOGFILE | ||
4757 | 20 | /usr/lib/nagios/plugins/check_http -a ${AUTH} -I 127.0.0.1 -p 8888 -v | grep $appserver >> $LOGFILE 2>&1 | ||
4758 | 21 | CRITICAL=1 | ||
4759 | 22 | NOTACTIVE="${NOTACTIVE} $appserver" | ||
4760 | 23 | fi | ||
4761 | 24 | done | ||
4762 | 25 | |||
4763 | 26 | if [ $CRITICAL = 1 ]; then | ||
4764 | 27 | echo "CRITICAL:${NOTACTIVE}" | ||
4765 | 28 | exit 2 | ||
4766 | 29 | fi | ||
4767 | 30 | |||
4768 | 31 | echo "OK: All haproxy instances looking good" | ||
4769 | 32 | exit 0 | ||
4770 | 33 | 0 | ||
4771 | === removed file 'hooks/charmhelpers/contrib/openstack/files/check_haproxy_queue_depth.sh' | |||
4772 | --- hooks/charmhelpers/contrib/openstack/files/check_haproxy_queue_depth.sh 2015-02-25 23:34:09 +0000 | |||
4773 | +++ hooks/charmhelpers/contrib/openstack/files/check_haproxy_queue_depth.sh 1970-01-01 00:00:00 +0000 | |||
4774 | @@ -1,30 +0,0 @@ | |||
4775 | 1 | #!/bin/bash | ||
4776 | 2 | #-------------------------------------------- | ||
4777 | 3 | # This file is managed by Juju | ||
4778 | 4 | #-------------------------------------------- | ||
4779 | 5 | # | ||
4780 | 6 | # Copyright 2009,2012 Canonical Ltd. | ||
4781 | 7 | # Author: Tom Haddon | ||
4782 | 8 | |||
4783 | 9 | # These should be config options at some stage | ||
4784 | 10 | CURRQthrsh=0 | ||
4785 | 11 | MAXQthrsh=100 | ||
4786 | 12 | |||
4787 | 13 | AUTH=$(grep -r "stats auth" /etc/haproxy | head -1 | awk '{print $4}') | ||
4788 | 14 | |||
4789 | 15 | HAPROXYSTATS=$(/usr/lib/nagios/plugins/check_http -a ${AUTH} -I 127.0.0.1 -p 8888 -u '/;csv' -v) | ||
4790 | 16 | |||
4791 | 17 | for BACKEND in $(echo $HAPROXYSTATS| xargs -n1 | grep BACKEND | awk -F , '{print $1}') | ||
4792 | 18 | do | ||
4793 | 19 | CURRQ=$(echo "$HAPROXYSTATS" | grep $BACKEND | grep BACKEND | cut -d , -f 3) | ||
4794 | 20 | MAXQ=$(echo "$HAPROXYSTATS" | grep $BACKEND | grep BACKEND | cut -d , -f 4) | ||
4795 | 21 | |||
4796 | 22 | if [[ $CURRQ -gt $CURRQthrsh || $MAXQ -gt $MAXQthrsh ]] ; then | ||
4797 | 23 | echo "CRITICAL: queue depth for $BACKEND - CURRENT:$CURRQ MAX:$MAXQ" | ||
4798 | 24 | exit 2 | ||
4799 | 25 | fi | ||
4800 | 26 | done | ||
4801 | 27 | |||
4802 | 28 | echo "OK: All haproxy queue depths looking good" | ||
4803 | 29 | exit 0 | ||
4804 | 30 | |||
4805 | 31 | 0 | ||
4806 | === removed file 'hooks/charmhelpers/contrib/openstack/ip.py' | |||
4807 | --- hooks/charmhelpers/contrib/openstack/ip.py 2015-03-31 15:13:53 +0000 | |||
4808 | +++ hooks/charmhelpers/contrib/openstack/ip.py 1970-01-01 00:00:00 +0000 | |||
4809 | @@ -1,146 +0,0 @@ | |||
4810 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
4811 | 2 | # | ||
4812 | 3 | # This file is part of charm-helpers. | ||
4813 | 4 | # | ||
4814 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
4815 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
4816 | 7 | # published by the Free Software Foundation. | ||
4817 | 8 | # | ||
4818 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
4819 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
4820 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
4821 | 12 | # GNU Lesser General Public License for more details. | ||
4822 | 13 | # | ||
4823 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
4824 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
4825 | 16 | |||
4826 | 17 | from charmhelpers.core.hookenv import ( | ||
4827 | 18 | config, | ||
4828 | 19 | unit_get, | ||
4829 | 20 | ) | ||
4830 | 21 | from charmhelpers.contrib.network.ip import ( | ||
4831 | 22 | get_address_in_network, | ||
4832 | 23 | is_address_in_network, | ||
4833 | 24 | is_ipv6, | ||
4834 | 25 | get_ipv6_addr, | ||
4835 | 26 | ) | ||
4836 | 27 | from charmhelpers.contrib.hahelpers.cluster import is_clustered | ||
4837 | 28 | |||
4838 | 29 | from functools import partial | ||
4839 | 30 | |||
4840 | 31 | PUBLIC = 'public' | ||
4841 | 32 | INTERNAL = 'int' | ||
4842 | 33 | ADMIN = 'admin' | ||
4843 | 34 | |||
4844 | 35 | ADDRESS_MAP = { | ||
4845 | 36 | PUBLIC: { | ||
4846 | 37 | 'config': 'os-public-network', | ||
4847 | 38 | 'fallback': 'public-address' | ||
4848 | 39 | }, | ||
4849 | 40 | INTERNAL: { | ||
4850 | 41 | 'config': 'os-internal-network', | ||
4851 | 42 | 'fallback': 'private-address' | ||
4852 | 43 | }, | ||
4853 | 44 | ADMIN: { | ||
4854 | 45 | 'config': 'os-admin-network', | ||
4855 | 46 | 'fallback': 'private-address' | ||
4856 | 47 | } | ||
4857 | 48 | } | ||
4858 | 49 | |||
4859 | 50 | |||
4860 | 51 | def canonical_url(configs, endpoint_type=PUBLIC): | ||
4861 | 52 | """Returns the correct HTTP URL to this host given the state of HTTPS | ||
4862 | 53 | configuration, hacluster and charm configuration. | ||
4863 | 54 | |||
4864 | 55 | :param configs: OSTemplateRenderer config templating object to inspect | ||
4865 | 56 | for a complete https context. | ||
4866 | 57 | :param endpoint_type: str endpoint type to resolve. | ||
4867 | 58 | :param returns: str base URL for services on the current service unit. | ||
4868 | 59 | """ | ||
4869 | 60 | scheme = 'http' | ||
4870 | 61 | if 'https' in configs.complete_contexts(): | ||
4871 | 62 | scheme = 'https' | ||
4872 | 63 | address = resolve_address(endpoint_type) | ||
4873 | 64 | if is_ipv6(address): | ||
4874 | 65 | address = "[{}]".format(address) | ||
4875 | 66 | return '%s://%s' % (scheme, address) | ||
4876 | 67 | |||
4877 | 68 | |||
4878 | 69 | def resolve_address(endpoint_type=PUBLIC): | ||
4879 | 70 | """Return unit address depending on net config. | ||
4880 | 71 | |||
4881 | 72 | If unit is clustered with vip(s) and has net splits defined, return vip on | ||
4882 | 73 | correct network. If clustered with no nets defined, return primary vip. | ||
4883 | 74 | |||
4884 | 75 | If not clustered, return unit address ensuring address is on configured net | ||
4885 | 76 | split if one is configured. | ||
4886 | 77 | |||
4887 | 78 | :param endpoint_type: Network endpoing type | ||
4888 | 79 | """ | ||
4889 | 80 | resolved_address = None | ||
4890 | 81 | vips = config('vip') | ||
4891 | 82 | if vips: | ||
4892 | 83 | vips = vips.split() | ||
4893 | 84 | |||
4894 | 85 | net_type = ADDRESS_MAP[endpoint_type]['config'] | ||
4895 | 86 | net_addr = config(net_type) | ||
4896 | 87 | net_fallback = ADDRESS_MAP[endpoint_type]['fallback'] | ||
4897 | 88 | clustered = is_clustered() | ||
4898 | 89 | if clustered: | ||
4899 | 90 | if not net_addr: | ||
4900 | 91 | # If no net-splits defined, we expect a single vip | ||
4901 | 92 | resolved_address = vips[0] | ||
4902 | 93 | else: | ||
4903 | 94 | for vip in vips: | ||
4904 | 95 | if is_address_in_network(net_addr, vip): | ||
4905 | 96 | resolved_address = vip | ||
4906 | 97 | break | ||
4907 | 98 | else: | ||
4908 | 99 | if config('prefer-ipv6'): | ||
4909 | 100 | fallback_addr = get_ipv6_addr(exc_list=vips)[0] | ||
4910 | 101 | else: | ||
4911 | 102 | fallback_addr = unit_get(net_fallback) | ||
4912 | 103 | |||
4913 | 104 | resolved_address = get_address_in_network(net_addr, fallback_addr) | ||
4914 | 105 | |||
4915 | 106 | if resolved_address is None: | ||
4916 | 107 | raise ValueError("Unable to resolve a suitable IP address based on " | ||
4917 | 108 | "charm state and configuration. (net_type=%s, " | ||
4918 | 109 | "clustered=%s)" % (net_type, clustered)) | ||
4919 | 110 | |||
4920 | 111 | return resolved_address | ||
4921 | 112 | |||
4922 | 113 | |||
4923 | 114 | def endpoint_url(configs, url_template, port, endpoint_type=PUBLIC, | ||
4924 | 115 | override=None): | ||
4925 | 116 | """Returns the correct endpoint URL to advertise to Keystone. | ||
4926 | 117 | |||
4927 | 118 | This method provides the correct endpoint URL which should be advertised to | ||
4928 | 119 | the keystone charm for endpoint creation. This method allows for the url to | ||
4929 | 120 | be overridden to force a keystone endpoint to have specific URL for any of | ||
4930 | 121 | the defined scopes (admin, internal, public). | ||
4931 | 122 | |||
4932 | 123 | :param configs: OSTemplateRenderer config templating object to inspect | ||
4933 | 124 | for a complete https context. | ||
4934 | 125 | :param url_template: str format string for creating the url template. Only | ||
4935 | 126 | two values will be passed - the scheme+hostname | ||
4936 | 127 | returned by the canonical_url and the port. | ||
4937 | 128 | :param endpoint_type: str endpoint type to resolve. | ||
4938 | 129 | :param override: str the name of the config option which overrides the | ||
4939 | 130 | endpoint URL defined by the charm itself. None will | ||
4940 | 131 | disable any overrides (default). | ||
4941 | 132 | """ | ||
4942 | 133 | if override: | ||
4943 | 134 | # Return any user-defined overrides for the keystone endpoint URL. | ||
4944 | 135 | user_value = config(override) | ||
4945 | 136 | if user_value: | ||
4946 | 137 | return user_value.strip() | ||
4947 | 138 | |||
4948 | 139 | return url_template % (canonical_url(configs, endpoint_type), port) | ||
4949 | 140 | |||
4950 | 141 | |||
4951 | 142 | public_endpoint = partial(endpoint_url, endpoint_type=PUBLIC) | ||
4952 | 143 | |||
4953 | 144 | internal_endpoint = partial(endpoint_url, endpoint_type=INTERNAL) | ||
4954 | 145 | |||
4955 | 146 | admin_endpoint = partial(endpoint_url, endpoint_type=ADMIN) | ||
4956 | 147 | 0 | ||
4957 | === removed file 'hooks/charmhelpers/contrib/openstack/neutron.py' | |||
4958 | --- hooks/charmhelpers/contrib/openstack/neutron.py 2015-04-16 20:07:38 +0000 | |||
4959 | +++ hooks/charmhelpers/contrib/openstack/neutron.py 1970-01-01 00:00:00 +0000 | |||
4960 | @@ -1,322 +0,0 @@ | |||
4961 | 1 | # Copyright 2014-2015 Canonical Limited. | ||
4962 | 2 | # | ||
4963 | 3 | # This file is part of charm-helpers. | ||
4964 | 4 | # | ||
4965 | 5 | # charm-helpers is free software: you can redistribute it and/or modify | ||
4966 | 6 | # it under the terms of the GNU Lesser General Public License version 3 as | ||
4967 | 7 | # published by the Free Software Foundation. | ||
4968 | 8 | # | ||
4969 | 9 | # charm-helpers is distributed in the hope that it will be useful, | ||
4970 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
4971 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
4972 | 12 | # GNU Lesser General Public License for more details. | ||
4973 | 13 | # | ||
4974 | 14 | # You should have received a copy of the GNU Lesser General Public License | ||
4975 | 15 | # along with charm-helpers. If not, see <http://www.gnu.org/licenses/>. | ||
4976 | 16 | |||
4977 | 17 | # Various utilies for dealing with Neutron and the renaming from Quantum. | ||
4978 | 18 | |||
4979 | 19 | import six | ||
4980 | 20 | from subprocess import check_output | ||
4981 | 21 | |||
4982 | 22 | from charmhelpers.core.hookenv import ( | ||
4983 | 23 | config, | ||
4984 | 24 | log, | ||
4985 | 25 | ERROR, | ||
4986 | 26 | ) | ||
4987 | 27 | |||
4988 | 28 | from charmhelpers.contrib.openstack.utils import os_release | ||
4989 | 29 | |||
4990 | 30 | |||
4991 | 31 | def headers_package(): | ||
4992 | 32 | """Ensures correct linux-headers for running kernel are installed, | ||
4993 | 33 | for building DKMS package""" | ||
4994 | 34 | kver = check_output(['uname', '-r']).decode('UTF-8').strip() | ||
4995 | 35 | return 'linux-headers-%s' % kver | ||
4996 | 36 | |||
4997 | 37 | QUANTUM_CONF_DIR = '/etc/quantum' | ||
4998 | 38 | |||
4999 | 39 | |||
5000 | 40 | def kernel_version(): |
The diff has been truncated for viewing.
We need to let users know they shouldn't use the quantum-gateway charm. This patch uses status-set to let users know it's EOL and they should use the neutron-gateway charm instead.
The two options I debated were:
1) sys.exit(1) in install hook (doesn't allow you to set a status message; could set log message but user has to look in log)
2) set status to 'blocked' with corresponding message* (doesn't fail the deployment but displays a clear message to 'juju status')
* status-set can only set the state to 'maintenance', 'blocked', 'waiting', or 'active'.
I went with option 2 in this patch, so deployment will look successful and 'juju status' will show the following:
'status-get' quantum- gateway- 64 plugin- api: network- service: controller gateway/ 0:
workload- status:
agent- status:
agent- state: started
agent- version: 1.24.2
public- address: 10.5.3.37
valid_states = ['maintenance', 'blocked', 'waiting', 'active']
neutron-gateway:
charm: local:trusty/
exposed: false
service-status:
current: blocked
message: Charm has reached end-of-life. Please use neutron-gateway charm.
since: 16 Jul 2015 18:11:14Z
relations:
amqp:
- rabbitmq-server
cluster:
- neutron-gateway
neutron-
- neutron-api
quantum-
- nova-cloud-
shared-db:
- mysql
units:
neutron-
current: blocked
message: Charm has reached end-of-life. Please use neutron-gateway charm.
since: 16 Jul 2015 18:11:14Z
current: idle
since: 16 Jul 2015 18:17:59Z
version: 1.24.2
machine: "12"