Juju Charms Collection
adt-cloud-worker package

Merge lp:~cprov/charms/trusty/adt-cloud-worker/nova-keypair-reset into lp:~canonical-ci-engineering/charms/trusty/adt-cloud-worker/trunk

Proposed by Celso Providelo on 2015-03-06

Status:	Merged
Approved by:	Celso Providelo on 2015-03-06
Approved revision:	7
Merged at revision:	7
Proposed branch:	lp:~cprov/charms/trusty/adt-cloud-worker/nova-keypair-reset
Merge into:	lp:~canonical-ci-engineering/charms/trusty/adt-cloud-worker/trunk
Diff against target:	90 lines (+41/-4) 2 files modified hooks/actions.py (+40/-4) hooks/services.py (+1/-0)
To merge this branch:	bzr merge lp:~cprov/charms/trusty/adt-cloud-worker/nova-keypair-reset
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Para Siva (community)		2015-03-06	Approve on 2015-03-06
Review via email: mp+252095@code.launchpad.net

Commit message

Adding steps to (re-) configure nova keypairs, so worker can access its testbeds.

Description of the change

Adding steps to (re-) configure nova keypairs, so worker can access its testbeds.

On install or every configuration change the charm checks for a existing SSH key (for root), if it exists we assume it was already setup and nothing is done. If it doesn't exist, we create a new default SSH key (RSA-2048, empty-pass, ~/.ssh/id_rsa) and enable (del + add) it in nova using the current app configuration nova credentials and named as the configuration worker name.

It requires us to change the way adt-run is called by additionally passing '-k <worker_name>', I've tested it by abusing nova.extra_args configuration parameter, but ideally we would change a-c-w code for doing that automatically.

The side-effect of this change is that the configuration nova credentials will have as many keys as deployed workers, which might require some future cleanup. Re-deploying units is already nicely supported because before adding a new keypair we delete it, so it's effectively updated.

Revision history for this message

Para Siva (psivaa) wrote on 2015-03-06:

+1, looks good.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Canonical CI Engineering

Celso Providelo

 === modified file 'hooks/actions.py'
 --- hooks/actions.py	2015-03-05 03:37:14 +0000
 +++ hooks/actions.py	2015-03-06 12:07:13 +0000
@@ -1,4 +1,5 @@
  import base64
++import ConfigParser as configparser
  import os
  import shutil
  import subprocess
@@ -8,29 +9,64 @@
  REQUIRED_PACKAGES = [
--    'bzr', 'autopkgtest', 'python-virtualenv', 'python3-dev']
++    'bzr', 'autopkgtest', 'python-novaclient', 'python-virtualenv',
++    'python3-dev']
  SERVICE_DIR = '/srv/adt-cloud-worker'
  config = hookenv.config()
++
  def log_start(service_name):
      hookenv.log('adt-cloud-worker starting')
++
  def install_packages(service_name):
      hookenv.log('Installing dependencies...')
      fetch.add_source('ppa:canonical-ci-engineering/ci-airline-phase-0')
      fetch.configure_sources(update=True)
      fetch.apt_install(REQUIRED_PACKAGES, fatal=True)
++
  def get_cloud_worker_branch(service_name):
      branch = config['branch']
      shutil.rmtree(SERVICE_DIR, ignore_errors=True)
      subprocess.call(['bzr', 'branch', branch, SERVICE_DIR])
++
  def get_config_file(service_name):
--    config_file = config['config-file']
--    with open(os.path.join(SERVICE_DIR, '.adt-service.conf'), 'w') as f:
--        f.write(base64.b64decode(config_file))
++    config_content = base64.b64decode(config['config-file'])
++    config_path = os.path.join(SERVICE_DIR, '.adt-service.conf')
++    with open(config_path, 'w') as f:
++        f.write(config_content)
++
++
++def reset_nova(service_name):
++    hookenv.log('Attempting to reset nova key-pairs ...')
++    pubkey_path = os.path.expanduser('~/.ssh/id_rsa.pub')
++    if os.path.exists(pubkey_path):
++        hookenv.log('SSH key already exists, nothing to do ...')
++        return
++
++    hookenv.log('Generating a new SSH key ...')
++    seckey_path = pubkey_path[:-4]
++    subprocess.call('ssh-keygen -f %s -q -N ""' % seckey_path, shell=True)
++
++    config_path = os.path.join(SERVICE_DIR, '.adt-service.conf')
++    hookenv.log('Using current app configuration from: %s' % config_path)
++    config = configparser.ConfigParser()
++    config.read(config_path)
++    for k, v in config.items('nova'):
++        if not k.startswith('os_'):
++            continue
++        os.environ[k.upper()] = str(v)
++
++    worker_name = config.get('adt', 'name')
++    hookenv.log('Resetting keypair "%s" ...' % worker_name)
++    subprocess.call('nova keypair-delete %s' % worker_name, shell=True)
++    subprocess.call(
++        'nova keypair-add --pub-key %s %s' % (pubkey_path, worker_name),
++        shell=True)
++
  def install_python_packages(service_name):
      hookenv.log('Installing python packages...')
 === modified file 'hooks/services.py'
 --- hooks/services.py	2015-03-05 01:09:53 +0000
 +++ hooks/services.py	2015-03-06 12:07:13 +0000
@@ -18,6 +18,7 @@
                  actions.get_cloud_worker_branch,
                  actions.install_python_packages,
                  actions.get_config_file,
++                actions.reset_nova,
                  helpers.render_template(
                      source='upstart.conf',
                      target='/etc/init/adt-cloud-worker.conf'),

Juju Charms Collectionadt-cloud-worker package