Juju Charms Collection
glance package

Merge lp:~hopem/charms/trusty/glance/fix-ssl-inject into lp:~openstack-charmers-archive/charms/trusty/glance/next

Proposed by Edward Hope-Morley on 2015-03-18

Status:

Merged

Merged at revision:

102

Proposed branch:

lp:~hopem/charms/trusty/glance/fix-ssl-inject

Merge into:

lp:~openstack-charmers-archive/charms/trusty/glance/next

Diff against target:

243 lines (+160/-2)

4 files modified

hooks/charmhelpers/contrib/openstack/context.py (+59/-1)
hooks/charmhelpers/contrib/openstack/neutron.py (+70/-0)
hooks/charmhelpers/core/hookenv.py (+26/-0)
hooks/charmhelpers/core/host.py (+5/-1)

To merge this branch:

bzr merge lp:~hopem/charms/trusty/glance/fix-ssl-inject

High

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Billy Olsen		2015-03-18	Approve on 2015-03-19
Review via email: mp+253404@code.launchpad.net

lp:~hopem/charms/trusty/glance/fix-ssl-inject updated on 2015-03-18

103. By Edward Hope-Morley on 2015-03-18: cleanup

Revision history for this message

Billy Olsen (billy-olsen) wrote on 2015-03-19:

LGTM. Deployments work fine with ssl inject for ha and non-ha.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Edward Hope-Morley

Nobuto Murata

OpenStack Charmers

Yoshi Kadokawa

Juju Charms Collection
glance package

Merge lp:~hopem/charms/trusty/glance/fix-ssl-inject into lp:~openstack-charmers-archive/charms/trusty/glance/next

Commit message

Description of the change

Preview Diff

Subscribers

 === modified file 'hooks/charmhelpers/contrib/openstack/context.py'
 --- hooks/charmhelpers/contrib/openstack/context.py	2015-03-13 12:58:26 +0000
 +++ hooks/charmhelpers/contrib/openstack/context.py	2015-03-18 18:35:49 +0000
@@ -16,6 +16,7 @@
  import json
  import os
++import re
  import time
  from base64 import b64decode
  from subprocess import check_call
@@ -48,6 +49,8 @@
  from charmhelpers.core.sysctl import create as sysctl_create
  from charmhelpers.core.host import (
++    list_nics,
++    get_nic_hwaddr,
      mkdir,
      write_file,
+ )
@@ -65,12 +68,18 @@
  from charmhelpers.contrib.openstack.neutron import (
      neutron_plugin_attribute,
+ )
++from charmhelpers.contrib.openstack.ip import (
++    resolve_address,
++    INTERNAL,
++)
  from charmhelpers.contrib.network.ip import (
      get_address_in_network,
++    get_ipv4_addr,
      get_ipv6_addr,
      get_netmask_for_address,
      format_ipv6_addr,
      is_address_in_network,
++    is_bridge_member,
+ )
  from charmhelpers.contrib.openstack.utils import get_host_ip
@@ -727,7 +736,14 @@
                  'endpoints': [],
                  'ext_ports': []}
--        for cn in self.canonical_names():
++        cns = self.canonical_names()
++        if cns:
++            for cn in cns:
++                self.configure_cert(cn)
++        else:
++            # Expect cert/key provided in config (currently assumed that ca
++            # uses ip for cn)
++            cn = resolve_address(endpoint_type=INTERNAL)
              self.configure_cert(cn)
          addresses = self.get_network_addresses()
@@ -883,6 +899,48 @@
          return ctxt
++class NeutronPortContext(OSContextGenerator):
++    NIC_PREFIXES = ['eth', 'bond']
++
++    def resolve_ports(self, ports):
++        """Resolve NICs not yet bound to bridge(s)
++
++        If hwaddress provided then returns resolved hwaddress otherwise NIC.
++        """
++        if not ports:
++            return None
++
++        hwaddr_to_nic = {}
++        hwaddr_to_ip = {}
++        for nic in list_nics(self.NIC_PREFIXES):
++            hwaddr = get_nic_hwaddr(nic)
++            hwaddr_to_nic[hwaddr] = nic
++            addresses = get_ipv4_addr(nic, fatal=False)
++            addresses += get_ipv6_addr(iface=nic, fatal=False)
++            hwaddr_to_ip[hwaddr] = addresses
++
++        resolved = []
++        mac_regex = re.compile(r'([0-9A-F]{2}[:-]){5}([0-9A-F]{2})', re.I)
++        for entry in ports:
++            if re.match(mac_regex, entry):
++                # NIC is in known NICs and does NOT hace an IP address
++                if entry in hwaddr_to_nic and not hwaddr_to_ip[entry]:
++                    # If the nic is part of a bridge then don't use it
++                    if is_bridge_member(hwaddr_to_nic[entry]):
++                        continue
++
++                    # Entry is a MAC address for a valid interface that doesn't
++                    # have an IP address assigned yet.
++                    resolved.append(hwaddr_to_nic[entry])
++            else:
++                # If the passed entry is not a MAC address, assume it's a valid
++                # interface, and that the user put it there on purpose (we can
++                # trust it to be the real external network).
++                resolved.append(entry)
++
++        return resolved
++
++
  class OSConfigFlagContext(OSContextGenerator):
      """Provides support for user-defined config flags.
 === modified file 'hooks/charmhelpers/contrib/openstack/neutron.py'
 --- hooks/charmhelpers/contrib/openstack/neutron.py	2015-01-26 09:45:23 +0000
 +++ hooks/charmhelpers/contrib/openstack/neutron.py	2015-03-18 18:35:49 +0000
@@ -16,6 +16,7 @@
  # Various utilies for dealing with Neutron and the renaming from Quantum.
++import six
  from subprocess import check_output
  from charmhelpers.core.hookenv import (
@@ -237,3 +238,72 @@
      else:
          # ensure accurate naming for all releases post-H
          return 'neutron'
++
++
++def parse_mappings(mappings):
++    parsed = {}
++    if mappings:
++        mappings = mappings.split(' ')
++        for m in mappings:
++            p = m.partition(':')
++            if p[1] == ':':
++                parsed[p[0].strip()] = p[2].strip()
++
++    return parsed
++
++
++def parse_bridge_mappings(mappings):
++    """Parse bridge mappings.
++
++    Mappings must be a space-delimited list of provider:bridge mappings.
++
++    Returns dict of the form {provider:bridge}.
++    """
++    return parse_mappings(mappings)
++
++
++def parse_data_port_mappings(mappings, default_bridge='br-data'):
++    """Parse data port mappings.
++
++    Mappings must be a space-delimited list of bridge:port mappings.
++
++    Returns dict of the form {bridge:port}.
++    """
++    _mappings = parse_mappings(mappings)
++    if not _mappings:
++        if not mappings:
++            return {}
++
++        # For backwards-compatibility we need to support port-only provided in
++        # config.
++        _mappings = {default_bridge: mappings.split(' ')[0]}
++
++    bridges = _mappings.keys()
++    ports = _mappings.values()
++    if len(set(bridges)) != len(bridges):
++        raise Exception("It is not allowed to have more than one port "
++                        "configured on the same bridge")
++
++    if len(set(ports)) != len(ports):
++        raise Exception("It is not allowed to have the same port configured "
++                        "on more than one bridge")
++
++    return _mappings
++
++
++def parse_vlan_range_mappings(mappings):
++    """Parse vlan range mappings.
++
++    Mappings must be a space-delimited list of provider:start:end mappings.
++
++    Returns dict of the form {provider: (start, end)}.
++    """
++    _mappings = parse_mappings(mappings)
++    if not _mappings:
++        return {}
++
++    mappings = {}
++    for p, r in six.iteritems(_mappings):
++        mappings[p] = tuple(r.split(':'))
++
++    return mappings
 === modified file 'hooks/charmhelpers/core/hookenv.py'
 --- hooks/charmhelpers/core/hookenv.py	2015-01-26 09:45:23 +0000
 +++ hooks/charmhelpers/core/hookenv.py	2015-03-18 18:35:49 +0000
@@ -566,3 +566,29 @@
  def charm_dir():
      """Return the root directory of the current charm"""
      return os.environ.get('CHARM_DIR')
++
++
++@cached
++def action_get(key=None):
++    """Gets the value of an action parameter, or all key/value param pairs"""
++    cmd = ['action-get']
++    if key is not None:
++        cmd.append(key)
++    cmd.append('--format=json')
++    action_data = json.loads(subprocess.check_output(cmd).decode('UTF-8'))
++    return action_data
++
++
++def action_set(values):
++    """Sets the values to be returned after the action finishes"""
++    cmd = ['action-set']
++    for k, v in list(values.items()):
++        cmd.append('{}={}'.format(k, v))
++    subprocess.check_call(cmd)
++
++
++def action_fail(message):
++    """Sets the action status to failed and sets the error message.
++
++    The results set by action_set are preserved."""
++    subprocess.check_call(['action-fail', message])
 === modified file 'hooks/charmhelpers/core/host.py'
 --- hooks/charmhelpers/core/host.py	2015-03-13 12:58:26 +0000
 +++ hooks/charmhelpers/core/host.py	2015-03-18 18:35:49 +0000
@@ -339,12 +339,16 @@
  def pwgen(length=None):
      """Generate a random pasword."""
      if length is None:
++        # A random length is ok to use a weak PRNG
          length = random.choice(range(35, 45))
      alphanumeric_chars = [
          l for l in (string.ascii_letters + string.digits)
          if l not in 'l0QD1vAEIOUaeiou']
++    # Use a crypto-friendly PRNG (e.g. /dev/urandom) for making the
++    # actual password
++    random_generator = random.SystemRandom()
      random_chars = [
--        random.choice(alphanumeric_chars) for _ in range(length)]
++        random_generator.choice(alphanumeric_chars) for _ in range(length)]
      return(''.join(random_chars))

Juju Charms Collectionglance package

Merge lp:~hopem/charms/trusty/glance/fix-ssl-inject into lp:~openstack-charmers-archive/charms/trusty/glance/next

Commit message

Description of the change

Preview Diff

Subscribers

Juju Charms Collection
glance package