Juju Charms Collection
keystone package

Merge lp:~gandelman-a/charms/precise/keystone/db_recreate_services into lp:~charmers/charms/precise/keystone/trunk

  1. Precise Pangolin (12.04)
  2. db_recreate_services
  3. Merge into trunk
Proposed by Adam Gandelman
Status: Merged
Approved by: Clint Byrum
Approved revision: 36
Merged at revision: 35
Proposed branch: lp:~gandelman-a/charms/precise/keystone/db_recreate_services
Merge into: lp:~charmers/charms/precise/keystone/trunk
Diff against target: 126 lines (+43/-23)
3 files modified
hooks/keystone-hooks (+20/-16)
hooks/utils.py (+22/-6)
revision (+1/-1)
To merge this branch: bzr merge lp:~gandelman-a/charms/precise/keystone/db_recreate_services
Reviewer Review Type Date Requested Status
Clint Byrum (community) Approve
Review via email: mp+124825@code.launchpad.net
To post a comment you must log in.
lp:~gandelman-a/charms/precise/keystone/db_recreate_services updated
36. By Adam Gandelman

hooks/utils.py: Avoid another duplicate role assignment in create_role().

Do not add role directly through API in create_role(). Use grant_role()
utility function instead, which checks for duplicate assignments.

Revision history for this message
Clint Byrum (clint-fewbar) wrote :

Adam, this is brilliant. Keep up the good work!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'hooks/keystone-hooks'
2--- hooks/keystone-hooks 2012-08-08 23:17:52 +0000
3+++ hooks/keystone-hooks 2012-09-20 18:19:18 +0000
4@@ -101,18 +101,26 @@
5 time.sleep(5)
6 ensure_initial_admin(config)
7
8+ # If the backend database has been switched to something new and there
9+ # are existing identity-service relations,, service entries need to be
10+ # recreated in the new database. Re-executing identity-service-changed
11+ # will do this.
12+ for id in relation_ids(relation_name='identity-service'):
13+ for unit in relation_list(relation_id=id):
14+ juju_log("Re-exec'ing identity-service-changed for: %s - %s" %
15+ (id, unit))
16+ identity_changed(relation_id=id, remote_unit=unit)
17+
18 def identity_joined():
19 """ Do nothing until we get information about requested service """
20 pass
21
22-def identity_changed():
23- """ A service has advertised its API endpoints, create an entry in the
24- service catalog. """
25- # TODO(adm_g): Need to add this type of logic back
26- #relation_data = relation_get(options)
27- #if len(relation_data) != len(options):
28- # juju_log("Missing relation data. Peer not ready, exit 0")
29- # exit(0)
30+def identity_changed(relation_id=None, remote_unit=None):
31+ """ A service has advertised its API endpoints, create an entry in the
32+ service catalog.
33+ Optionally allow this hook to be re-fired for an existing
34+ relation+unit, for context see see db_changed().
35+ """
36 def ensure_valid_service(service):
37 if service not in valid_services.keys():
38 juju_log("WARN: Invalid service requested: '%s'" % service)
39@@ -128,7 +136,8 @@
40 admin_url=admin_url,
41 internal_url=internal_url)
42
43- settings = relation_get_dict()
44+ settings = relation_get_dict(relation_id=relation_id,
45+ remote_unit=remote_unit)
46
47 # the minimum settings needed per endpoint
48 single = set(['service', 'region', 'public_url', 'admin_url',
49@@ -136,14 +145,9 @@
50 if single.issubset(settings):
51 # other end of relation advertised only one endpoint
52
53- # TODO(adam_g): Remove this hack once the features described
54- # at https://lists.ubuntu.com/archives/juju/2012-March/001342.html
55- # land. In the meantime, allow remote units to pass service=None
56- # and treat it as a noop, so that service can do the reconfiguration
57- # it needs for keystone strategy without the need to register any
58- # services/endpoints in the catalog. This is now required for backend
59- # nova components that dont expose endpoints (compute, specifically)
60 if 'None' in [v for k,v in settings.iteritems()]:
61+ # Some backend services advertise no endpoint but require a
62+ # hook execution to update auth strategy.
63 return
64
65 ensure_valid_service(settings['service'])
66
67=== modified file 'hooks/utils.py'
68--- hooks/utils.py 2012-08-10 01:15:28 +0000
69+++ hooks/utils.py 2012-09-20 18:19:18 +0000
70@@ -93,6 +93,17 @@
71 config["hostname"] = execute("unit-get private-address")[0].strip()
72 return config
73
74+def relation_ids(relation_name=None):
75+ j = execute('relation-ids --format=json %s' % relation_name)[0]
76+ return json.loads(j)
77+
78+def relation_list(relation_id=None):
79+ cmd = 'relation-list --format=json'
80+ if relation_id:
81+ cmd += ' -r %s' % relation_id
82+ j = execute(cmd)[0]
83+ return json.loads(j)
84+
85 def relation_set(relation_data):
86 """ calls relation-set for all key=values in dict """
87 for k in relation_data:
88@@ -114,9 +125,17 @@
89 results[r] = result
90 return results
91
92-def relation_get_dict():
93+def relation_get_dict(relation_id=None, remote_unit=None):
94 """Obtain all relation data as dict by way of JSON"""
95- j = execute('relation-get --format=json', die=True)[0]
96+ cmd = 'relation-get --format=json'
97+ if relation_id:
98+ cmd += ' -r %s' % relation_id
99+ if remote_unit:
100+ remote_unit_orig = os.getenv('JUJU_REMOTE_UNIT', None)
101+ os.environ['JUJU_REMOTE_UNIT'] = remote_unit
102+ j = execute(cmd, die=True)[0]
103+ if remote_unit and remote_unit_orig:
104+ os.environ['JUJU_REMOTE_UNIT'] = remote_unit_orig
105 d = json.loads(j)
106 settings = {}
107 # convert unicode to strings
108@@ -327,10 +346,7 @@
109 error_out("Could not resolve [user_id, role_id, tenant_id]" %
110 [user_id, role_id, tenant_id])
111
112- manager.api.roles.add_user_role(user=user_id,
113- role=role_id,
114- tenant=tenant_id)
115- juju_log("Granted role '%s' to '%s'" % (name, user))
116+ grant_role(user, name, tenant)
117
118 def grant_role(user, role, tenant):
119 """grant user+tenant a specific role"""
120
121=== modified file 'revision'
122--- revision 2012-09-17 18:25:43 +0000
123+++ revision 2012-09-20 18:19:18 +0000
124@@ -1,1 +1,1 @@
125-142
126+145

Subscribers

People subscribed via source and target branches