Juju Charms Collection
nova-cloud-controller package

Merge lp:~hopem/charms/trusty/nova-cloud-controller/fix-ssl-inject into lp:~openstack-charmers-archive/charms/trusty/nova-cloud-controller/next

  1. Trusty Tahr (14.04)
  2. fix-ssl-inject
  3. Merge into next
Proposed by Edward Hope-Morley
Status: Merged
Merged at revision: 145
Proposed branch: lp:~hopem/charms/trusty/nova-cloud-controller/fix-ssl-inject
Merge into: lp:~openstack-charmers-archive/charms/trusty/nova-cloud-controller/next
Diff against target: 243 lines (+160/-2)
4 files modified
hooks/charmhelpers/contrib/openstack/context.py (+59/-1)
hooks/charmhelpers/contrib/openstack/neutron.py (+70/-0)
hooks/charmhelpers/core/hookenv.py (+26/-0)
hooks/charmhelpers/core/host.py (+5/-1)
To merge this branch: bzr merge lp:~hopem/charms/trusty/nova-cloud-controller/fix-ssl-inject
Reviewer Review Type Date Requested Status
Billy Olsen Approve
Review via email: mp+253403@code.launchpad.net
To post a comment you must log in.
lp:~hopem/charms/trusty/nova-cloud-controller/fix-ssl-inject updated
146. By Edward Hope-Morley

cleanup

Revision history for this message
Billy Olsen (billy-olsen) wrote :

LGTM. Deployments work fine with ssl inject for ha and non-ha.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'hooks/charmhelpers/contrib/openstack/context.py'
--- hooks/charmhelpers/contrib/openstack/context.py 2015-03-13 13:01:00 +0000
+++ hooks/charmhelpers/contrib/openstack/context.py 2015-03-18 18:37:57 +0000
@@ -16,6 +16,7 @@
1616
17import json17import json
18import os18import os
19import re
19import time20import time
20from base64 import b64decode21from base64 import b64decode
21from subprocess import check_call22from subprocess import check_call
@@ -48,6 +49,8 @@
48from charmhelpers.core.sysctl import create as sysctl_create49from charmhelpers.core.sysctl import create as sysctl_create
4950
50from charmhelpers.core.host import (51from charmhelpers.core.host import (
52 list_nics,
53 get_nic_hwaddr,
51 mkdir,54 mkdir,
52 write_file,55 write_file,
53)56)
@@ -65,12 +68,18 @@
65from charmhelpers.contrib.openstack.neutron import (68from charmhelpers.contrib.openstack.neutron import (
66 neutron_plugin_attribute,69 neutron_plugin_attribute,
67)70)
71from charmhelpers.contrib.openstack.ip import (
72 resolve_address,
73 INTERNAL,
74)
68from charmhelpers.contrib.network.ip import (75from charmhelpers.contrib.network.ip import (
69 get_address_in_network,76 get_address_in_network,
77 get_ipv4_addr,
70 get_ipv6_addr,78 get_ipv6_addr,
71 get_netmask_for_address,79 get_netmask_for_address,
72 format_ipv6_addr,80 format_ipv6_addr,
73 is_address_in_network,81 is_address_in_network,
82 is_bridge_member,
74)83)
75from charmhelpers.contrib.openstack.utils import get_host_ip84from charmhelpers.contrib.openstack.utils import get_host_ip
7685
@@ -727,7 +736,14 @@
727 'endpoints': [],736 'endpoints': [],
728 'ext_ports': []}737 'ext_ports': []}
729738
730 for cn in self.canonical_names():739 cns = self.canonical_names()
740 if cns:
741 for cn in cns:
742 self.configure_cert(cn)
743 else:
744 # Expect cert/key provided in config (currently assumed that ca
745 # uses ip for cn)
746 cn = resolve_address(endpoint_type=INTERNAL)
731 self.configure_cert(cn)747 self.configure_cert(cn)
732748
733 addresses = self.get_network_addresses()749 addresses = self.get_network_addresses()
@@ -883,6 +899,48 @@
883 return ctxt899 return ctxt
884900
885901
902class NeutronPortContext(OSContextGenerator):
903 NIC_PREFIXES = ['eth', 'bond']
904
905 def resolve_ports(self, ports):
906 """Resolve NICs not yet bound to bridge(s)
907
908 If hwaddress provided then returns resolved hwaddress otherwise NIC.
909 """
910 if not ports:
911 return None
912
913 hwaddr_to_nic = {}
914 hwaddr_to_ip = {}
915 for nic in list_nics(self.NIC_PREFIXES):
916 hwaddr = get_nic_hwaddr(nic)
917 hwaddr_to_nic[hwaddr] = nic
918 addresses = get_ipv4_addr(nic, fatal=False)
919 addresses += get_ipv6_addr(iface=nic, fatal=False)
920 hwaddr_to_ip[hwaddr] = addresses
921
922 resolved = []
923 mac_regex = re.compile(r'([0-9A-F]{2}[:-]){5}([0-9A-F]{2})', re.I)
924 for entry in ports:
925 if re.match(mac_regex, entry):
926 # NIC is in known NICs and does NOT hace an IP address
927 if entry in hwaddr_to_nic and not hwaddr_to_ip[entry]:
928 # If the nic is part of a bridge then don't use it
929 if is_bridge_member(hwaddr_to_nic[entry]):
930 continue
931
932 # Entry is a MAC address for a valid interface that doesn't
933 # have an IP address assigned yet.
934 resolved.append(hwaddr_to_nic[entry])
935 else:
936 # If the passed entry is not a MAC address, assume it's a valid
937 # interface, and that the user put it there on purpose (we can
938 # trust it to be the real external network).
939 resolved.append(entry)
940
941 return resolved
942
943
886class OSConfigFlagContext(OSContextGenerator):944class OSConfigFlagContext(OSContextGenerator):
887 """Provides support for user-defined config flags.945 """Provides support for user-defined config flags.
888946
889947
=== modified file 'hooks/charmhelpers/contrib/openstack/neutron.py'
--- hooks/charmhelpers/contrib/openstack/neutron.py 2015-01-26 09:44:11 +0000
+++ hooks/charmhelpers/contrib/openstack/neutron.py 2015-03-18 18:37:57 +0000
@@ -16,6 +16,7 @@
1616
17# Various utilies for dealing with Neutron and the renaming from Quantum.17# Various utilies for dealing with Neutron and the renaming from Quantum.
1818
19import six
19from subprocess import check_output20from subprocess import check_output
2021
21from charmhelpers.core.hookenv import (22from charmhelpers.core.hookenv import (
@@ -237,3 +238,72 @@
237 else:238 else:
238 # ensure accurate naming for all releases post-H239 # ensure accurate naming for all releases post-H
239 return 'neutron'240 return 'neutron'
241
242
243def parse_mappings(mappings):
244 parsed = {}
245 if mappings:
246 mappings = mappings.split(' ')
247 for m in mappings:
248 p = m.partition(':')
249 if p[1] == ':':
250 parsed[p[0].strip()] = p[2].strip()
251
252 return parsed
253
254
255def parse_bridge_mappings(mappings):
256 """Parse bridge mappings.
257
258 Mappings must be a space-delimited list of provider:bridge mappings.
259
260 Returns dict of the form {provider:bridge}.
261 """
262 return parse_mappings(mappings)
263
264
265def parse_data_port_mappings(mappings, default_bridge='br-data'):
266 """Parse data port mappings.
267
268 Mappings must be a space-delimited list of bridge:port mappings.
269
270 Returns dict of the form {bridge:port}.
271 """
272 _mappings = parse_mappings(mappings)
273 if not _mappings:
274 if not mappings:
275 return {}
276
277 # For backwards-compatibility we need to support port-only provided in
278 # config.
279 _mappings = {default_bridge: mappings.split(' ')[0]}
280
281 bridges = _mappings.keys()
282 ports = _mappings.values()
283 if len(set(bridges)) != len(bridges):
284 raise Exception("It is not allowed to have more than one port "
285 "configured on the same bridge")
286
287 if len(set(ports)) != len(ports):
288 raise Exception("It is not allowed to have the same port configured "
289 "on more than one bridge")
290
291 return _mappings
292
293
294def parse_vlan_range_mappings(mappings):
295 """Parse vlan range mappings.
296
297 Mappings must be a space-delimited list of provider:start:end mappings.
298
299 Returns dict of the form {provider: (start, end)}.
300 """
301 _mappings = parse_mappings(mappings)
302 if not _mappings:
303 return {}
304
305 mappings = {}
306 for p, r in six.iteritems(_mappings):
307 mappings[p] = tuple(r.split(':'))
308
309 return mappings
240310
=== modified file 'hooks/charmhelpers/core/hookenv.py'
--- hooks/charmhelpers/core/hookenv.py 2015-01-26 09:44:11 +0000
+++ hooks/charmhelpers/core/hookenv.py 2015-03-18 18:37:57 +0000
@@ -566,3 +566,29 @@
566def charm_dir():566def charm_dir():
567 """Return the root directory of the current charm"""567 """Return the root directory of the current charm"""
568 return os.environ.get('CHARM_DIR')568 return os.environ.get('CHARM_DIR')
569
570
571@cached
572def action_get(key=None):
573 """Gets the value of an action parameter, or all key/value param pairs"""
574 cmd = ['action-get']
575 if key is not None:
576 cmd.append(key)
577 cmd.append('--format=json')
578 action_data = json.loads(subprocess.check_output(cmd).decode('UTF-8'))
579 return action_data
580
581
582def action_set(values):
583 """Sets the values to be returned after the action finishes"""
584 cmd = ['action-set']
585 for k, v in list(values.items()):
586 cmd.append('{}={}'.format(k, v))
587 subprocess.check_call(cmd)
588
589
590def action_fail(message):
591 """Sets the action status to failed and sets the error message.
592
593 The results set by action_set are preserved."""
594 subprocess.check_call(['action-fail', message])
569595
=== modified file 'hooks/charmhelpers/core/host.py'
--- hooks/charmhelpers/core/host.py 2015-03-13 13:01:00 +0000
+++ hooks/charmhelpers/core/host.py 2015-03-18 18:37:57 +0000
@@ -339,12 +339,16 @@
339def pwgen(length=None):339def pwgen(length=None):
340 """Generate a random pasword."""340 """Generate a random pasword."""
341 if length is None:341 if length is None:
342 # A random length is ok to use a weak PRNG
342 length = random.choice(range(35, 45))343 length = random.choice(range(35, 45))
343 alphanumeric_chars = [344 alphanumeric_chars = [
344 l for l in (string.ascii_letters + string.digits)345 l for l in (string.ascii_letters + string.digits)
345 if l not in 'l0QD1vAEIOUaeiou']346 if l not in 'l0QD1vAEIOUaeiou']
347 # Use a crypto-friendly PRNG (e.g. /dev/urandom) for making the
348 # actual password
349 random_generator = random.SystemRandom()
346 random_chars = [350 random_chars = [
347 random.choice(alphanumeric_chars) for _ in range(length)]351 random_generator.choice(alphanumeric_chars) for _ in range(length)]
348 return(''.join(random_chars))352 return(''.join(random_chars))
349353
350354

Subscribers

People subscribed via source and target branches