Juju Charms Collection
nova-compute package

Merge lp:~james-page/charms/precise/nova-compute/fix-nm-config-store into lp:~charmers/charms/precise/nova-compute/trunk

  1. Precise Pangolin (12.04)
  2. fix-nm-config-store
  3. Merge into trunk
Proposed by James Page
Status: Superseded
Proposed branch: lp:~james-page/charms/precise/nova-compute/fix-nm-config-store
Merge into: lp:~charmers/charms/precise/nova-compute/trunk
Diff against target: 1204 lines (+890/-46) (has conflicts)
10 files modified
config.yaml (+14/-0)
hooks/lib/nova/essex (+2/-2)
hooks/lib/nova/folsom (+3/-5)
hooks/lib/nova/grizzly (+80/-0)
hooks/lib/nova/nova-common (+31/-4)
hooks/lib/openstack-common (+587/-25)
hooks/nova-compute-common (+107/-9)
hooks/nova-compute-relations (+59/-1)
metadata.yaml (+3/-0)
revision (+4/-0)
Text conflict in config.yaml
Text conflict in hooks/nova-compute-common
Text conflict in hooks/nova-compute-relations
Text conflict in revision
To merge this branch: bzr merge lp:~james-page/charms/precise/nova-compute/fix-nm-config-store
Reviewer Review Type Date Requested Status
charmers Pending
Review via email: mp+152657@code.launchpad.net

This proposal has been superseded by a proposal from 2013-03-11.

Description of the change

Fixup configure_network_manager to not store the actual network manager until fully configured.

This was causing issues in other hooks when the value was stored but the associated packages had not been installed.

To post a comment you must log in.

Unmerged revisions

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'config.yaml'
2--- config.yaml 2013-03-01 22:10:38 +0000
3+++ config.yaml 2013-03-11 12:12:19 +0000
4@@ -37,11 +37,25 @@
5 virt-type:
6 default: kvm
7 type: string
8+<<<<<<< TREE
9 description: "Virtualization flavor. Supported: kvm, xen, uml, lxc. qemu"
10 multi-host:
11 default: "yes"
12 type: string
13 description: Whether to run nova-api and nova-network on the compute nodes.
14+=======
15+ description: Virtualization flavor (kvm, xen, uml, lxc, qemu)
16+ enable-live-migration:
17+ default: False
18+ type: boolean
19+ description: Configure libvirt for live migration.
20+ migration-auth-type:
21+ default: sasl
22+ type: string
23+ description: |
24+ TCP authentication scheme for libvirt live migration. Available options
25+ include sasl or none.
26+>>>>>>> MERGE-SOURCE
27 # needed if using flatmanager
28 bridge-interface:
29 default: br100
30
31=== modified file 'hooks/lib/nova/essex'
32--- hooks/lib/nova/essex 2012-10-02 23:41:28 +0000
33+++ hooks/lib/nova/essex 2013-03-11 12:12:19 +0000
34@@ -12,7 +12,7 @@
35
36 local nova_conf=${NOVA_CONF:-/etc/nova/nova.conf}
37 local api_conf=${API_CONF:-/etc/nova/api-paste.ini}
38-
39+ local libvirtd_conf=${LIBVIRTD_CONF:-/etc/libvirt/libvirtd.conf}
40 [[ -z $key ]] && juju-log "$CHARM set_or_update: value $value missing key" && exit 1
41 [[ -z $value ]] && juju-log "$CHARM set_or_update: key $key missing value" && exit 1
42 [[ -z "$conf_file" ]] && conf_file=$nova_conf
43@@ -22,7 +22,7 @@
44 pattern="--$key="
45 out=$pattern
46 ;;
47- "$api_conf") match="^$key = "
48+ "$api_conf"|"$libvirtd_conf") match="^$key = "
49 pattern="$match"
50 out="$key = "
51 ;;
52
53=== modified file 'hooks/lib/nova/folsom'
54--- hooks/lib/nova/folsom 2012-12-03 11:18:59 +0000
55+++ hooks/lib/nova/folsom 2013-03-11 12:12:19 +0000
56@@ -15,6 +15,7 @@
57 local quantum_conf=${QUANTUM_CONF:-/etc/quantum/quantum.conf}
58 local quantum_api_conf=${QUANTUM_API_CONF:-/etc/quantum/api-paste.ini}
59 local quantum_plugin_conf=${QUANTUM_PLUGIN_CONF:-/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini}
60+ local libvirtd_conf=${LIBVIRTD_CONF:-/etc/libvirt/libvirtd.conf}
61
62 [[ -z $key ]] && juju-log "$CHARM: set_or_update: value $value missing key" && exit 1
63 [[ -z $value ]] && juju-log "$CHARM: set_or_update: key $key missing value" && exit 1
64@@ -27,11 +28,8 @@
65 pattern="$key="
66 out=$pattern
67 ;;
68- "$api_conf") match="^$key = "
69- pattern="$match"
70- out="$key = "
71- ;;
72- "$quantum_conf"|"$quantum_api_conf"|"$quantum_plugin_conf")
73+ "$api_conf"|"$quantum_conf"|"$quantum_api_conf"|"$quantum_plugin_conf"| \
74+ "$libvirtd_conf")
75 match="^$key = "
76 pattern="$match"
77 out="$key = "
78
79=== added file 'hooks/lib/nova/grizzly'
80--- hooks/lib/nova/grizzly 1970-01-01 00:00:00 +0000
81+++ hooks/lib/nova/grizzly 2013-03-11 12:12:19 +0000
82@@ -0,0 +1,80 @@
83+#!/bin/bash -e
84+
85+# Folsom-specific functions
86+
87+nova_set_or_update() {
88+ # TODO: This needs to be shared among folsom, grizzly and beyond.
89+ # Set a config option in nova.conf or api-paste.ini, depending
90+ # Defaults to updating nova.conf
91+ local key="$1"
92+ local value="$2"
93+ local conf_file="$3"
94+ local section="${4:-DEFAULT}"
95+
96+ local nova_conf=${NOVA_CONF:-/etc/nova/nova.conf}
97+ local api_conf=${API_CONF:-/etc/nova/api-paste.ini}
98+ local quantum_conf=${QUANTUM_CONF:-/etc/quantum/quantum.conf}
99+ local quantum_api_conf=${QUANTUM_API_CONF:-/etc/quantum/api-paste.ini}
100+ local quantum_plugin_conf=${QUANTUM_PLUGIN_CONF:-/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini}
101+ local libvirtd_conf=${LIBVIRTD_CONF:-/etc/libvirt/libvirtd.conf}
102+
103+ [[ -z $key ]] && juju-log "$CHARM: set_or_update: value $value missing key" && exit 1
104+ [[ -z $value ]] && juju-log "$CHARM: set_or_update: key $key missing value" && exit 1
105+
106+ [[ -z "$conf_file" ]] && conf_file=$nova_conf
107+
108+ local pattern=""
109+ case "$conf_file" in
110+ "$nova_conf") match="^$key="
111+ pattern="$key="
112+ out=$pattern
113+ ;;
114+ "$api_conf"|"$quantum_conf"|"$quantum_api_conf"|"$quantum_plugin_conf"| \
115+ "$libvirtd_conf")
116+ match="^$key = "
117+ pattern="$match"
118+ out="$key = "
119+ ;;
120+ *) juju-log "$CHARM ERROR: set_or_update: Invalid conf_file ($conf_file)"
121+ esac
122+
123+ cat $conf_file | grep "$match$value" >/dev/null &&
124+ juju-log "$CHARM: $key=$value already in set in $conf_file" \
125+ && return 0
126+
127+ case $conf_file in
128+ "$quantum_conf"|"$quantum_api_conf"|"$quantum_plugin_conf")
129+ python -c "
130+import ConfigParser
131+config = ConfigParser.RawConfigParser()
132+config.read('$conf_file')
133+config.set('$section','$key','$value')
134+with open('$conf_file', 'wb') as configfile:
135+ config.write(configfile)
136+"
137+ ;;
138+ *)
139+ if cat $conf_file | grep "$match" >/dev/null ; then
140+ juju-log "$CHARM: Updating $conf_file, $key=$value"
141+ sed -i "s|\($pattern\).*|\1$value|" $conf_file
142+ else
143+ juju-log "$CHARM: Setting new option $key=$value in $conf_file"
144+ echo "$out$value" >>$conf_file
145+ fi
146+ ;;
147+ esac
148+}
149+
150+# Upgrade Helpers
151+nova_pre_upgrade() {
152+ # Pre-upgrade helper. Caller should pass the version of OpenStack we are
153+ # upgrading from.
154+ return 0 # Nothing to do here, yet.
155+}
156+
157+nova_post_upgrade() {
158+ # Post-upgrade helper. Caller should pass the version of OpenStack we are
159+ # upgrading from.
160+ juju-log "$CHARM: Running post-upgrade hook: $upgrade_from -> folsom."
161+ # nothing to do here yet.
162+}
163
164=== modified file 'hooks/lib/nova/nova-common'
165--- hooks/lib/nova/nova-common 2012-12-06 10:21:10 +0000
166+++ hooks/lib/nova/nova-common 2013-03-11 12:12:19 +0000
167@@ -32,9 +32,15 @@
168
169 configure_volume_service() {
170 local svc="$1"
171+ local cur_vers="$(get_os_codename_package "nova-common")"
172 case "$svc" in
173- "cinder") set_or_update "volume_api_class" "nova.volume.cinder.API" ;;
174- "nova-volume") set_or_update "volume_api_class" "nova.volume.api.API" ;;
175+ "cinder")
176+ set_or_update "volume_api_class" "nova.volume.cinder.API" ;;
177+ "nova-volume")
178+ # nova-volume only supported before grizzly.
179+ [[ "$cur_vers" == "essex" ]] || [[ "$cur_vers" == "folsom" ]] &&
180+ set_or_update "volume_api_class" "nova.volume.api.API"
181+ ;;
182 *) juju-log "$CHARM ERROR - configure_volume_service: Invalid service $svc"
183 return 1 ;;
184 esac
185@@ -49,11 +55,32 @@
186 ;;
187 "FlatDHCPManager")
188 set_or_update "network_manager" "nova.network.manager.FlatDHCPManager"
189+
190+ if [[ "$CHARM" == "nova-compute" ]] ; then
191+ local flat_interface=$(config-get flat-interface)
192+ local ec2_host=$(relation-get ec2_host)
193+ set_or_update flat_inteface "$flat_interface"
194+ set_or_update ec2_dmz_host "$ec2_host"
195+
196+ # Ensure flat_interface has link.
197+ if ip link show $flat_interface >/dev/null 2>&1 ; then
198+ ip link set $flat_interface up
199+ fi
200+
201+ # work around (LP: #1035172)
202+ if [[ -e /dev/vhost-net ]] ; then
203+ iptables -A POSTROUTING -t mangle -p udp --dport 68 -j CHECKSUM \
204+ --checksum-fill
205+ fi
206+ fi
207+
208 ;;
209 "Quantum")
210 local local_ip=$(get_ip `unit-get private-address`)
211- [[ -n $local_ip ]] || juju-log "Unable to resolve local IP address" \
212- && exit 1
213+ [[ -n $local_ip ]] || {
214+ juju-log "Unable to resolve local IP address"
215+ exit 1
216+ }
217 set_or_update "network_api_class" "nova.network.quantumv2.api.API"
218 set_or_update "quantum_auth_strategy" "keystone"
219 set_or_update "core_plugin" "$QUANTUM_CORE_PLUGIN" "$QUANTUM_CONF"
220
221=== modified file 'hooks/lib/openstack-common'
222--- hooks/lib/openstack-common 2012-12-06 10:17:41 +0000
223+++ hooks/lib/openstack-common 2013-03-11 12:12:19 +0000
224@@ -70,46 +70,62 @@
225 # gpg key id tagged to end of url folloed by a |
226 url=$(echo $src | cut -d'|' -f1)
227 key=$(echo $src | cut -d'|' -f2)
228- if [[ -n "$key" ]] ; then
229- juju-log "$CHARM: Importing repository key: $key"
230- apt-key adv --keyserver keyserver.ubuntu.com --recv-keys "$key" || \
231- juju-log "$CHARM WARN: Could not import key from keyserver: $key"
232- else
233- juju-log "$CHARM No repository key specified"
234- url="$src"
235- fi
236- echo $url > /etc/apt/sources.list.d/juju_deb.list
237+ juju-log "$CHARM: Importing repository key: $key"
238+ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys "$key" || \
239+ juju-log "$CHARM WARN: Could not import key from keyserver: $key"
240+ else
241+ juju-log "$CHARM No repository key specified."
242+ url="$src"
243 fi
244+ echo "$url" > /etc/apt/sources.list.d/juju_deb.list
245 return 0
246 fi
247
248 # Cloud Archive
249 if [[ "${src:0:6}" == "cloud:" ]] ; then
250- local archive_key="5EDB1B62EC4926EA"
251- local rel=$(echo $src | cut -d: -f2)
252- local u_rel=$(echo $rel | cut -d- -f1)
253- local ca_rel=$(echo $rel | cut -d- -f2)
254+
255+ # current os releases supported by the UCA.
256+ local cloud_archive_versions="folsom grizzly"
257+
258+ local ca_rel=$(echo $src | cut -d: -f2)
259+ local u_rel=$(echo $ca_rel | cut -d- -f1)
260+ local os_rel=$(echo $ca_rel | cut -d- -f2 | cut -d/ -f1)
261
262 [[ "$u_rel" != "$DISTRIB_CODENAME" ]] &&
263 error_out "Cannot install from Cloud Archive pocket $src " \
264 "on this Ubuntu version ($DISTRIB_CODENAME)!"
265
266- if [[ "$ca_rel" == "folsom/staging" ]] ; then
267- # cloud archive staging is just a regular PPA.
268- add-apt-repository -y ppa:ubuntu-cloud-archive/folsom-staging
269+ valid_release=""
270+ for rel in $cloud_archive_versions ; do
271+ if [[ "$os_rel" == "$rel" ]] ; then
272+ valid_release=1
273+ juju-log "Installing OpenStack ($os_rel) from the Ubuntu Cloud Archive."
274+ fi
275+ done
276+ if [[ -z "$valid_release" ]] ; then
277+ error_out "OpenStack release ($os_rel) not supported by "\
278+ "the Ubuntu Cloud Archive."
279+ fi
280+
281+ # CA staging repos are standard PPAs.
282+ if echo $ca_rel | grep -q "staging" ; then
283+ add-apt-repository -y ppa:ubuntu-cloud-archive/${os_rel}-staging
284 return 0
285 fi
286
287+ # the others are LP-external deb repos.
288 case "$ca_rel" in
289- "folsom"|"folsom/updates") pocket="precise-updates/folsom" ;;
290- "folsom/proposed") pocket="precise-proposed/folsom" ;;
291+ "$u_rel-$os_rel"|"$u_rel-$os_rel/updates") pocket="$u_rel-updates/$os_rel" ;;
292+ "$u_rel-$os_rel/proposed") pocket="$u_rel-proposed/$os_rel" ;;
293+ "$u_rel-$os_rel"|"$os_rel/updates") pocket="$u_rel-updates/$os_rel" ;;
294+ "$u_rel-$os_rel/proposed") pocket="$u_rel-proposed/$os_rel" ;;
295 *) error_out "Invalid Cloud Archive repo specified: $src"
296 esac
297
298+ apt-get -y install ubuntu-cloud-keyring
299 entry="deb http://ubuntu-cloud.archive.canonical.com/ubuntu $pocket main"
300 echo "$entry" \
301 >/etc/apt/sources.list.d/ubuntu-cloud-archive-$DISTRIB_CODENAME.list
302- apt-key adv --keyserver keyserver.ubuntu.com --recv-keys $archive_key
303 return 0
304 fi
305
306@@ -142,15 +158,16 @@
307 case "$ca_rel" in
308 "folsom"|"folsom/updates"|"folsom/proposed"|"folsom/staging")
309 codename="folsom" ;;
310- "grizzly"|"grizzly/updates"|"grizzly/proposed"|"grizzy/staging")
311- codename="grizly" ;;
312+ "grizzly"|"grizzly/updates"|"grizzly/proposed"|"grizzly/staging")
313+ codename="grizzly" ;;
314 esac
315 fi
316 fi
317
318 # have a guess based on the deb string provided
319- if [[ "${rel:0:3}" == "deb" ]]; then
320- CODENAMES="diablo essex folsom grizzly"
321+ if [[ "${rel:0:3}" == "deb" ]] || \
322+ [[ "${rel:0:3}" == "ppa" ]] ; then
323+ CODENAMES="diablo essex folsom grizzly havana"
324 for cname in $CODENAMES; do
325 if echo $rel | grep -q $cname; then
326 codename=$cname
327@@ -161,12 +178,14 @@
328 }
329
330 get_os_codename_package() {
331- local pkg_vers=$(dpkg -l | grep "$1" | awk '{ print $3 }')
332+ local pkg_vers=$(dpkg -l | grep "$1" | awk '{ print $3 }') || echo "none"
333+ pkg_vers=$(echo $pkg_vers | cut -d: -f2) # epochs
334 case "${pkg_vers:0:6}" in
335 "2011.2") echo "diablo" ;;
336 "2012.1") echo "essex" ;;
337 "2012.2") echo "folsom" ;;
338 "2013.1") echo "grizzly" ;;
339+ "2013.2") echo "havana" ;;
340 esac
341 }
342
343@@ -175,7 +194,8 @@
344 "diablo") echo "2011.2" ;;
345 "essex") echo "2012.1" ;;
346 "folsom") echo "2012.2" ;;
347- "grizzly") echo "2012.3" ;;
348+ "grizzly") echo "2013.1" ;;
349+ "havana") echo "2013.2" ;;
350 esac
351 }
352
353@@ -200,3 +220,545 @@
354 pass
355 "
356 }
357+
358+# Common storage routines used by cinder, nova-volume and swift-storage.
359+clean_storage() {
360+ # if configured to overwrite existing storage, we unmount the block-dev
361+ # if mounted and clear any previous pv signatures
362+ local block_dev="$1"
363+ juju-log "Cleaining storage '$block_dev'"
364+ if grep -q "^$block_dev" /proc/mounts ; then
365+ mp=$(grep "^$block_dev" /proc/mounts | awk '{ print $2 }')
366+ juju-log "Unmounting $block_dev from $mp"
367+ umount "$mp" || error_out "ERROR: Could not unmount storage from $mp"
368+ fi
369+ if pvdisplay "$block_dev" >/dev/null 2>&1 ; then
370+ juju-log "Removing existing LVM PV signatures from $block_dev"
371+
372+ # deactivate any volgroups that may be built on this dev
373+ vg=$(pvdisplay $block_dev | grep "VG Name" | awk '{ print $3 }')
374+ if [[ -n "$vg" ]] ; then
375+ juju-log "Deactivating existing volume group: $vg"
376+ vgchange -an "$vg" ||
377+ error_out "ERROR: Could not deactivate volgroup $vg. Is it in use?"
378+ fi
379+ echo "yes" | pvremove -ff "$block_dev" ||
380+ error_out "Could not pvremove $block_dev"
381+ else
382+ juju-log "Zapping disk of all GPT and MBR structures"
383+ sgdisk --zap-all $block_dev ||
384+ error_out "Unable to zap $block_dev"
385+ fi
386+}
387+
388+function get_block_device() {
389+ # given a string, return full path to the block device for that
390+ # if input is not a block device, find a loopback device
391+ local input="$1"
392+
393+ case "$input" in
394+ /dev/*) [[ ! -b "$input" ]] && error_out "$input does not exist."
395+ echo "$input"; return 0;;
396+ /*) :;;
397+ *) [[ ! -b "/dev/$input" ]] && error_out "/dev/$input does not exist."
398+ echo "/dev/$input"; return 0;;
399+ esac
400+
401+ # this represents a file
402+ # support "/path/to/file|5G"
403+ local fpath size oifs="$IFS"
404+ if [ "${input#*|}" != "${input}" ]; then
405+ size=${input##*|}
406+ fpath=${input%|*}
407+ else
408+ fpath=${input}
409+ size=5G
410+ fi
411+
412+ ## loop devices are not namespaced. This is bad for containers.
413+ ## it means that the output of 'losetup' may have the given $fpath
414+ ## in it, but that may not represent this containers $fpath, but
415+ ## another containers. To address that, we really need to
416+ ## allow some uniq container-id to be expanded within path.
417+ ## TODO: find a unique container-id that will be consistent for
418+ ## this container throughout its lifetime and expand it
419+ ## in the fpath.
420+ # fpath=${fpath//%{id}/$THAT_ID}
421+
422+ local found=""
423+ # parse through 'losetup -a' output, looking for this file
424+ # output is expected to look like:
425+ # /dev/loop0: [0807]:961814 (/tmp/my.img)
426+ found=$(losetup -a |
427+ awk 'BEGIN { found=0; }
428+ $3 == f { sub(/:$/,"",$1); print $1; found=found+1; }
429+ END { if( found == 0 || found == 1 ) { exit(0); }; exit(1); }' \
430+ f="($fpath)")
431+
432+ if [ $? -ne 0 ]; then
433+ echo "multiple devices found for $fpath: $found" 1>&2
434+ return 1;
435+ fi
436+
437+ [ -n "$found" -a -b "$found" ] && { echo "$found"; return 1; }
438+
439+ if [ -n "$found" ]; then
440+ echo "confused, $found is not a block device for $fpath";
441+ return 1;
442+ fi
443+
444+ # no existing device was found, create one
445+ mkdir -p "${fpath%/*}"
446+ truncate --size "$size" "$fpath" ||
447+ { echo "failed to create $fpath of size $size"; return 1; }
448+
449+ found=$(losetup --find --show "$fpath") ||
450+ { echo "failed to setup loop device for $fpath" 1>&2; return 1; }
451+
452+ echo "$found"
453+ return 0
454+}
455+
456+HAPROXY_CFG=/etc/haproxy/haproxy.cfg
457+HAPROXY_DEFAULT=/etc/default/haproxy
458+##########################################################################
459+# Description: Configures HAProxy services for Openstack API's
460+# Parameters:
461+# Space delimited list of service:port combinations for which
462+# haproxy service configuration should be generated for. The function
463+# assumes the name of the peer relation is 'cluster' and that every
464+# service unit in the peer relation is running the same services.
465+#
466+# Example
467+# configure_haproxy cinder_api:8776:8756i nova_api:8774:8764
468+##########################################################################
469+configure_haproxy() {
470+ local address=`unit-get private-address`
471+ local name=${JUJU_UNIT_NAME////-}
472+ cat > $HAPROXY_CFG << EOF
473+global
474+ log 127.0.0.1 local0
475+ log 127.0.0.1 local1 notice
476+ maxconn 20000
477+ user haproxy
478+ group haproxy
479+ spread-checks 0
480+
481+defaults
482+ log global
483+ mode http
484+ option httplog
485+ option dontlognull
486+ retries 3
487+ timeout queue 1000
488+ timeout connect 1000
489+ timeout client 10000
490+ timeout server 10000
491+
492+listen stats :8888
493+ mode http
494+ stats enable
495+ stats hide-version
496+ stats realm Haproxy\ Statistics
497+ stats uri /
498+ stats auth admin:password
499+
500+EOF
501+ for service in $@; do
502+ local service_name=$(echo $service | cut -d : -f 1)
503+ local haproxy_listen_port=$(echo $service | cut -d : -f 2)
504+ local api_listen_port=$(echo $service | cut -d : -f 3)
505+ juju-log "Adding haproxy configuration entry for $service "\
506+ "($haproxy_listen_port -> $api_listen_port)"
507+ cat >> $HAPROXY_CFG << EOF
508+listen $service_name 0.0.0.0:$haproxy_listen_port
509+ balance roundrobin
510+ option tcplog
511+ server $name $address:$api_listen_port check
512+EOF
513+ local r_id=""
514+ local unit=""
515+ for r_id in `relation-ids cluster`; do
516+ for unit in `relation-list -r $r_id`; do
517+ local unit_name=${unit////-}
518+ local unit_address=`relation-get -r $r_id private-address $unit`
519+ if [ -n "$unit_address" ]; then
520+ echo " server $unit_name $unit_address:$api_listen_port check" \
521+ >> $HAPROXY_CFG
522+ fi
523+ done
524+ done
525+ done
526+ echo "ENABLED=1" > $HAPROXY_DEFAULT
527+ service haproxy restart
528+}
529+
530+##########################################################################
531+# Description: Query HA interface to determine is cluster is configured
532+# Returns: 0 if configured, 1 if not configured
533+##########################################################################
534+is_clustered() {
535+ local r_id=""
536+ local unit=""
537+ for r_id in $(relation-ids ha); do
538+ if [ -n "$r_id" ]; then
539+ for unit in $(relation-list -r $r_id); do
540+ clustered=$(relation-get -r $r_id clustered $unit)
541+ if [ -n "$clustered" ]; then
542+ juju-log "Unit is haclustered"
543+ return 0
544+ fi
545+ done
546+ fi
547+ done
548+ juju-log "Unit is not haclustered"
549+ return 1
550+}
551+
552+##########################################################################
553+# Description: Return a list of all peers in cluster relations
554+##########################################################################
555+peer_units() {
556+ local peers=""
557+ local r_id=""
558+ for r_id in $(relation-ids cluster); do
559+ peers="$peers $(relation-list -r $r_id)"
560+ done
561+ echo $peers
562+}
563+
564+##########################################################################
565+# Description: Determines whether the current unit is the oldest of all
566+# its peers - supports partial leader election
567+# Returns: 0 if oldest, 1 if not
568+##########################################################################
569+oldest_peer() {
570+ peers=$1
571+ local l_unit_no=$(echo $JUJU_UNIT_NAME | cut -d / -f 2)
572+ for peer in $peers; do
573+ echo "Comparing $JUJU_UNIT_NAME with peers: $peers"
574+ local r_unit_no=$(echo $peer | cut -d / -f 2)
575+ if (($r_unit_no<$l_unit_no)); then
576+ juju-log "Not oldest peer; deferring"
577+ return 1
578+ fi
579+ done
580+ juju-log "Oldest peer; might take charge?"
581+ return 0
582+}
583+
584+##########################################################################
585+# Description: Determines whether the current service units is the
586+# leader within a) a cluster of its peers or b) across a
587+# set of unclustered peers.
588+# Parameters: CRM resource to check ownership of if clustered
589+# Returns: 0 if leader, 1 if not
590+##########################################################################
591+eligible_leader() {
592+ if is_clustered; then
593+ if ! is_leader $1; then
594+ juju-log 'Deferring action to CRM leader'
595+ return 1
596+ fi
597+ else
598+ peers=$(peer_units)
599+ if [ -n "$peers" ] && ! oldest_peer "$peers"; then
600+ juju-log 'Deferring action to oldest service unit.'
601+ return 1
602+ fi
603+ fi
604+ return 0
605+}
606+
607+##########################################################################
608+# Description: Query Cluster peer interface to see if peered
609+# Returns: 0 if peered, 1 if not peered
610+##########################################################################
611+is_peered() {
612+ local r_id=$(relation-ids cluster)
613+ if [ -n "$r_id" ]; then
614+ if [ -n "$(relation-list -r $r_id)" ]; then
615+ juju-log "Unit peered"
616+ return 0
617+ fi
618+ fi
619+ juju-log "Unit not peered"
620+ return 1
621+}
622+
623+##########################################################################
624+# Description: Determines whether host is owner of clustered services
625+# Parameters: Name of CRM resource to check ownership of
626+# Returns: 0 if leader, 1 if not leader
627+##########################################################################
628+is_leader() {
629+ hostname=`hostname`
630+ if [ -x /usr/sbin/crm ]; then
631+ if crm resource show $1 | grep -q $hostname; then
632+ juju-log "$hostname is cluster leader."
633+ return 0
634+ fi
635+ fi
636+ juju-log "$hostname is not cluster leader."
637+ return 1
638+}
639+
640+##########################################################################
641+# Description: Determines whether enough data has been provided in
642+# configuration or relation data to configure HTTPS.
643+# Parameters: None
644+# Returns: 0 if HTTPS can be configured, 1 if not.
645+##########################################################################
646+https() {
647+ local r_id=""
648+ if [[ -n "$(config-get ssl_cert)" ]] &&
649+ [[ -n "$(config-get ssl_key)" ]] ; then
650+ return 0
651+ fi
652+ for r_id in $(relation-ids identity-service) ; do
653+ for unit in $(relation-list -r $r_id) ; do
654+ if [[ "$(relation-get -r $r_id https_keystone $unit)" == "True" ]] &&
655+ [[ -n "$(relation-get -r $r_id ssl_cert $unit)" ]] &&
656+ [[ -n "$(relation-get -r $r_id ssl_key $unit)" ]] &&
657+ [[ -n "$(relation-get -r $r_id ca_cert $unit)" ]] ; then
658+ return 0
659+ fi
660+ done
661+ done
662+ return 1
663+}
664+
665+##########################################################################
666+# Description: For a given number of port mappings, configures apache2
667+# HTTPs local reverse proxying using certficates and keys provided in
668+# either configuration data (preferred) or relation data. Assumes ports
669+# are not in use (calling charm should ensure that).
670+# Parameters: Variable number of proxy port mappings as
671+# $internal:$external.
672+# Returns: 0 if reverse proxy(s) have been configured, 0 if not.
673+##########################################################################
674+enable_https() {
675+ local port_maps="$@"
676+ local http_restart=""
677+ juju-log "Enabling HTTPS for port mappings: $port_maps."
678+
679+ # allow overriding of keystone provided certs with those set manually
680+ # in config.
681+ local cert=$(config-get ssl_cert)
682+ local key=$(config-get ssl_key)
683+ local ca_cert=""
684+ if [[ -z "$cert" ]] || [[ -z "$key" ]] ; then
685+ juju-log "Inspecting identity-service relations for SSL certificate."
686+ local r_id=""
687+ cert=""
688+ key=""
689+ ca_cert=""
690+ for r_id in $(relation-ids identity-service) ; do
691+ for unit in $(relation-list -r $r_id) ; do
692+ [[ -z "$cert" ]] && cert="$(relation-get -r $r_id ssl_cert $unit)"
693+ [[ -z "$key" ]] && key="$(relation-get -r $r_id ssl_key $unit)"
694+ [[ -z "$ca_cert" ]] && ca_cert="$(relation-get -r $r_id ca_cert $unit)"
695+ done
696+ done
697+ [[ -n "$cert" ]] && cert=$(echo $cert | base64 -di)
698+ [[ -n "$key" ]] && key=$(echo $key | base64 -di)
699+ [[ -n "$ca_cert" ]] && ca_cert=$(echo $ca_cert | base64 -di)
700+ else
701+ juju-log "Using SSL certificate provided in service config."
702+ fi
703+
704+ [[ -z "$cert" ]] || [[ -z "$key" ]] &&
705+ juju-log "Expected but could not find SSL certificate data, not "\
706+ "configuring HTTPS!" && return 1
707+
708+ apt-get -y install apache2
709+ a2enmod ssl proxy proxy_http | grep -v "To activate the new configuration" &&
710+ http_restart=1
711+
712+ mkdir -p /etc/apache2/ssl/$CHARM
713+ echo "$cert" >/etc/apache2/ssl/$CHARM/cert
714+ echo "$key" >/etc/apache2/ssl/$CHARM/key
715+ if [[ -n "$ca_cert" ]] ; then
716+ juju-log "Installing Keystone supplied CA cert."
717+ echo "$ca_cert" >/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt
718+ update-ca-certificates --fresh
719+
720+ # XXX TODO: Find a better way of exporting this?
721+ if [[ "$CHARM" == "nova-cloud-controller" ]] ; then
722+ [[ -e /var/www/keystone_juju_ca_cert.crt ]] &&
723+ rm -rf /var/www/keystone_juju_ca_cert.crt
724+ ln -s /usr/local/share/ca-certificates/keystone_juju_ca_cert.crt \
725+ /var/www/keystone_juju_ca_cert.crt
726+ fi
727+
728+ fi
729+ for port_map in $port_maps ; do
730+ local ext_port=$(echo $port_map | cut -d: -f1)
731+ local int_port=$(echo $port_map | cut -d: -f2)
732+ juju-log "Creating apache2 reverse proxy vhost for $port_map."
733+ cat >/etc/apache2/sites-available/${CHARM}_${ext_port} <<END
734+Listen $ext_port
735+NameVirtualHost *:$ext_port
736+<VirtualHost *:$ext_port>
737+ ServerName $(unit-get private-address)
738+ SSLEngine on
739+ SSLCertificateFile /etc/apache2/ssl/$CHARM/cert
740+ SSLCertificateKeyFile /etc/apache2/ssl/$CHARM/key
741+ ProxyPass / http://localhost:$int_port/
742+ ProxyPassReverse / http://localhost:$int_port/
743+ ProxyPreserveHost on
744+</VirtualHost>
745+<Proxy *>
746+ Order deny,allow
747+ Allow from all
748+</Proxy>
749+<Location />
750+ Order allow,deny
751+ Allow from all
752+</Location>
753+END
754+ a2ensite ${CHARM}_${ext_port} | grep -v "To activate the new configuration" &&
755+ http_restart=1
756+ done
757+ if [[ -n "$http_restart" ]] ; then
758+ service apache2 restart
759+ fi
760+}
761+
762+##########################################################################
763+# Description: Ensure HTTPS reverse proxying is disabled for given port
764+# mappings.
765+# Parameters: Variable number of proxy port mappings as
766+# $internal:$external.
767+# Returns: 0 if reverse proxy is not active for all portmaps, 1 on error.
768+##########################################################################
769+disable_https() {
770+ local port_maps="$@"
771+ local http_restart=""
772+ juju-log "Ensuring HTTPS disabled for $port_maps."
773+ ( [[ ! -d /etc/apache2 ]] || [[ ! -d /etc/apache2/ssl/$CHARM ]] ) && return 0
774+ for port_map in $port_maps ; do
775+ local ext_port=$(echo $port_map | cut -d: -f1)
776+ local int_port=$(echo $port_map | cut -d: -f2)
777+ if [[ -e /etc/apache2/sites-available/${CHARM}_${ext_port} ]] ; then
778+ juju-log "Disabling HTTPS reverse proxy for $CHARM $port_map."
779+ a2dissite ${CHARM}_${ext_port} | grep -v "To activate the new configuration" &&
780+ http_restart=1
781+ fi
782+ done
783+ if [[ -n "$http_restart" ]] ; then
784+ service apache2 restart
785+ fi
786+}
787+
788+
789+##########################################################################
790+# Description: Ensures HTTPS is either enabled or disabled for given port
791+# mapping.
792+# Parameters: Variable number of proxy port mappings as
793+# $internal:$external.
794+# Returns: 0 if HTTPS reverse proxy is in place, 1 if it is not.
795+##########################################################################
796+setup_https() {
797+ # configure https via apache reverse proxying either
798+ # using certs provided by config or keystone.
799+ [[ -z "$CHARM" ]] &&
800+ error_out "setup_https(): CHARM not set."
801+ if ! https ; then
802+ disable_https $@
803+ else
804+ enable_https $@
805+ fi
806+}
807+
808+##########################################################################
809+# Description: Determine correct API server listening port based on
810+# existence of HTTPS reverse proxy and/or haproxy.
811+# Paremeters: The standard public port for given service.
812+# Returns: The correct listening port for API service.
813+##########################################################################
814+determine_api_port() {
815+ local public_port="$1"
816+ local i=0
817+ ( [[ -n "$(peer_units)" ]] || is_clustered >/dev/null 2>&1 ) && i=$[$i + 1]
818+ https >/dev/null 2>&1 && i=$[$i + 1]
819+ echo $[$public_port - $[$i * 10]]
820+}
821+
822+##########################################################################
823+# Description: Determine correct proxy listening port based on public IP +
824+# existence of HTTPS reverse proxy.
825+# Paremeters: The standard public port for given service.
826+# Returns: The correct listening port for haproxy service public address.
827+##########################################################################
828+determine_haproxy_port() {
829+ local public_port="$1"
830+ local i=0
831+ https >/dev/null 2>&1 && i=$[$i + 1]
832+ echo $[$public_port - $[$i * 10]]
833+}
834+
835+##########################################################################
836+# Description: Print the value for a given config option in an OpenStack
837+# .ini style configuration file.
838+# Parameters: File path, option to retrieve, optional
839+# section name (default=DEFAULT)
840+# Returns: Prints value if set, prints nothing otherwise.
841+##########################################################################
842+local_config_get() {
843+ # return config values set in openstack .ini config files.
844+ # default placeholders starting (eg, %AUTH_HOST%) treated as
845+ # unset values.
846+ local file="$1"
847+ local option="$2"
848+ local section="$3"
849+ [[ -z "$section" ]] && section="DEFAULT"
850+ python -c "
851+import ConfigParser
852+config = ConfigParser.RawConfigParser()
853+config.read('$file')
854+try:
855+ value = config.get('$section', '$option')
856+except:
857+ print ''
858+ exit(0)
859+if value.startswith('%'): exit(0)
860+print value
861+"
862+}
863+
864+##########################################################################
865+# Description: Creates an rc file exporting environment variables to a
866+# script_path local to the charm's installed directory.
867+# Any charm scripts run outside the juju hook environment can source this
868+# scriptrc to obtain updated config information necessary to perform health
869+# checks or service changes
870+#
871+# Parameters:
872+# An array of '=' delimited ENV_VAR:value combinations to export.
873+# If optional script_path key is not provided in the array, script_path
874+# defaults to scripts/scriptrc
875+##########################################################################
876+function save_script_rc {
877+ if [ ! -n "$JUJU_UNIT_NAME" ]; then
878+ echo "Error: Missing JUJU_UNIT_NAME environment variable"
879+ exit 1
880+ fi
881+ # our default unit_path
882+ unit_path="/var/lib/juju/units/${JUJU_UNIT_NAME/\//-}/charm/scripts/scriptrc"
883+ echo $unit_path
884+ tmp_rc="/tmp/${JUJU_UNIT_NAME/\//-}rc"
885+
886+ echo "#!/bin/bash" > $tmp_rc
887+ for env_var in "${@}"
888+ do
889+ if `echo $env_var | grep -q script_path`; then
890+ # well then we need to reset the new unit-local script path
891+ unit_path="/var/lib/juju/units/${JUJU_UNIT_NAME/\//-}/charm/${env_var/script_path=/}"
892+ else
893+ echo "export $env_var" >> $tmp_rc
894+ fi
895+ done
896+ chmod 755 $tmp_rc
897+ mv $tmp_rc $unit_path
898+}
899
900=== modified file 'hooks/nova-compute-common'
901--- hooks/nova-compute-common 2013-03-04 19:58:18 +0000
902+++ hooks/nova-compute-common 2013-03-11 12:12:19 +0000
903@@ -7,7 +7,11 @@
904 NOVA_CONF=$(config-get nova-config)
905 API_CONF="/etc/nova/api-paste.ini"
906 QUANTUM_CONF="/etc/quantum/quantum.conf"
907+<<<<<<< TREE
908 MULTI_HOST=$(config-get multi-host)
909+=======
910+LIBVIRTD_CONF="/etc/libvirt/libvirtd.conf"
911+>>>>>>> MERGE-SOURCE
912
913 if [ -f /etc/nova/nm.conf ]; then
914 NET_MANAGER=$(cat /etc/nova/nm.conf)
915@@ -52,7 +56,7 @@
916 "xen") compute_pkg="nova-compute-xen";;
917 "uml") compute_pkg="nova-compute-uml";;
918 "lxc") compute_pkg="nova-compute-lxc";;
919- *) error_out" ERROR: Unsupported virt_type=$virt_type";;
920+ *) error_out "ERROR: Unsupported virt_type=$virt_type";;
921 esac
922 echo "$compute_pkg"
923 }
924@@ -98,17 +102,18 @@
925 exit 1
926 }
927
928- # Store the network manager and quantum plugin
929- # for use in later hook invocations
930- [[ -n $net_manager ]] && echo $net_manager > /etc/nova/nm.conf
931- [[ -n $quantum_plugin ]] && echo $quantum_plugin > /etc/nova/quantum_plugin.conf
932-
933 case $net_manager in
934 "FlatManager"|"FlatDHCPManager")
935+<<<<<<< TREE
936 if [[ "$MULTI_HOST" == "yes" ]] ; then
937 apt-get -y install nova-api nova-network
938 SERVICES="$SERVICES nova-api nova-network"
939 fi
940+=======
941+ apt-get -y install nova-api nova-network
942+ SERVICES="$SERVICES nova-api nova-network"
943+ [[ -n $net_manager ]] && echo $net_manager > /etc/nova/nm.conf
944+>>>>>>> MERGE-SOURCE
945 ;;&
946 "FlatManager")
947 local bridge_ip=$(config-get bridge-ip)
948@@ -134,13 +139,20 @@
949 && exit 0
950 set_or_update "network_api_class" "nova.network.quantumv2.api.API"
951 set_or_update "quantum_auth_strategy" "keystone"
952- set_or_update "quantum_url" "http://$(relation-get quantum_host):9696"
953+ set_or_update "quantum_url" "$(relation-get quantum_url)"
954 set_or_update "quantum_admin_tenant_name" "$(relation-get service_tenant)"
955 set_or_update "quantum_admin_username" "$(relation-get service_username)"
956 set_or_update "quantum_admin_password" "$(relation-get service_password)"
957 set_or_update "quantum_admin_auth_url" \
958 "http://$(relation-get keystone_host):$(relation-get auth_port)/v2.0"
959- set_or_update "force_config_drive" "True"
960+ local cur=$(get_os_codename_package "nova-common")
961+ if dpkg --compare-versions $(get_os_version_codename $cur) gt '2012.2'; then
962+ # Grizzly onwards supports metadata proxy so forcing use of config
963+ # drive is not required.
964+ set_or_update "force_config_drive" "False"
965+ else
966+ set_or_update "force_config_drive" "True"
967+ fi
968 case $quantum_plugin in
969 "ovs")
970 apt-get -y install openvswitch-datapath-dkms
971@@ -157,6 +169,8 @@
972 ;;
973 esac
974 set_or_update "bind_host" "0.0.0.0" "$QUANTUM_CONF"
975+ [[ -n $net_manager ]] && echo $net_manager > /etc/nova/nm.conf
976+ [[ -n $quantum_plugin ]] && echo $quantum_plugin > /etc/nova/quantum_plugin.conf
977 ;;
978 *) echo "ERROR: Invalid network manager $1" && exit 1 ;;
979 esac
980@@ -170,6 +184,83 @@
981 fi
982 }
983
984+function initialize_ssh_keys {
985+ # generate ssh keypair for root if one does not exist or
986+ # the pari is not complete.
987+ local pub="/root/.ssh/id_rsa"
988+ local priv="/root/.ssh/id_rsa.pub"
989+ if [[ -e $pub ]] &&
990+ [[ -e $priv ]] ; then
991+ juju-log "$CHARM: SSH credentials already exist for root."
992+ return 0
993+ fi
994+ juju-log "$CHARM: Initializing new SSH key pair for live migration."
995+ [[ -e $pub ]] && mv $pub $pub.$(date +"%s")
996+ [[ -e $priv ]] && mv $priv $priv.$(date +"%s")
997+ local keyname=$(echo $JUJU_UNIT_NAME | sed -e 's,/,-,g')
998+ echo -e "\n" | ssh-keygen -C "$keyname" -N ""
999+}
1000+
1001+function libvirt_tcp_listening {
1002+ # toggle libvirtd's tcp listening in both /etc/default/libvirt-bin
1003+ # and /etc/libvirt/libvirtd.conf.
1004+ local toggle="$1"
1005+ juju-log "$CHARM: Configuring libvirt tcp listening: $toggle."
1006+ local cur_opts=$(grep "^libvirtd_opts" /etc/default/libvirt-bin |
1007+ cut -d= -f2 | sed -e 's/\"//g')
1008+ local new_opts=""
1009+
1010+ if [[ "$toggle" == "on" ]] ; then
1011+ if [[ -z "$cur_opts" ]] ; then
1012+ echo "libvirtd_opts=\"-d -l\"" >>/etc/default/libvirt-bin
1013+ elif ! echo "$cur_opts" | grep -q "\-l" ; then
1014+ new_opts="$cur_opts -l"
1015+ sed -i "s|\(libvirtd_opts=\).*|\1\"$new_opts\"|" /etc/default/libvirt-bin
1016+ fi
1017+ set_or_update "listen_tcp" 1 $LIBVIRTD_CONF
1018+ elif [[ "$toggle" == "off" ]] ; then
1019+ if echo "$cur_opts" | grep -q "\-l" ; then
1020+ new_opts=$(echo $cur_opts | sed -e 's/\-l//g')
1021+ fi
1022+ set_or_update "listen_tcp" 0 $LIBVIRTD_CONF
1023+ fi
1024+
1025+ [[ -n "$new_opts" ]] &&
1026+ sed -i "s|\(libvirtd_opts=\).*|\1\"$new_opts\"|" /etc/default/libvirt-bin
1027+
1028+ return 0
1029+}
1030+
1031+
1032+function configure_migration {
1033+ local enable_migration=$(config-get enable-live-migration)
1034+
1035+ if [[ "$enable_migration" != "True" ]] &&
1036+ [[ "$enable_migraiton" != "true" ]] ; then
1037+ libvirt_tcp_listening "off"
1038+ return $?
1039+ fi
1040+
1041+ libvirt_tcp_listening "on"
1042+
1043+ case "$(config-get migration-auth-type)" in
1044+ "none"|"None")
1045+ set_or_update "listen_tls" 0 $LIBVIRTD_CONF
1046+ set_or_update "auth_tcp" "\"none\"" $LIBVIRTD_CONF
1047+ ;;
1048+ "ssh")
1049+ set_or_update "listen_tls" 0 $LIBVIRTD_CONF
1050+ set_or_update "live_migration_uri" "qemu+ssh://%s/system" $NOVA_CONF
1051+ initialize_ssh_keys
1052+ # check in with nova-c-c and register our new key.
1053+ for id in $(relation-ids cloud-compute) ; do
1054+ compute_joined $id
1055+ done
1056+ service_ctl nova-compute restart ;;
1057+ "sasl") return 0 ;;
1058+ esac
1059+}
1060+
1061 function configure_libvirt {
1062 cat > /etc/libvirt/qemu.conf << EOF
1063 # File installed by Juju nova-compute charm
1064@@ -180,5 +271,12 @@
1065 "/dev/rtc", "/dev/hpet", "/dev/net/tun",
1066 ]
1067 EOF
1068- service libvirt-bin reload
1069+ configure_migration
1070+ service libvirt-bin restart
1071+}
1072+
1073+function migration_enabled {
1074+ local migration="$(config-get enable-live-migration)"
1075+ [[ "$migration" == "true" ]] || [[ "$migration" == "True" ]] && return 0
1076+ return 1
1077 }
1078
1079=== modified file 'hooks/nova-compute-relations'
1080--- hooks/nova-compute-relations 2013-03-04 19:58:18 +0000
1081+++ hooks/nova-compute-relations 2013-03-11 12:12:19 +0000
1082@@ -40,6 +40,11 @@
1083 do_openstack_upgrade "$install_src" $PACKAGES
1084 fi
1085
1086+ # set this here until its fixed in grizzly packaging. (adam_g)
1087+ [[ "$cur" == "grizzly" ]] &&
1088+ set_or_update "compute_driver" "libvirt.LibvirtDriver"
1089+
1090+ configure_libvirt
1091 set_config_flags
1092 service_ctl all restart
1093 }
1094@@ -67,6 +72,18 @@
1095 exit 0
1096 fi
1097
1098+ # if the rabbitmq service is clustered among nodes with hacluster,
1099+ # point to its vip instead of its private-address.
1100+ local clustered=$(relation-get clustered)
1101+ if [[ -n "$clustered" ]] ; then
1102+ juju-log "$CHARM - ampq_changed: Configuring for "\
1103+ "access to haclustered rabbitmq service."
1104+ local vip=$(relation-get vip)
1105+ [[ -z "$vip" ]] && juju-log "$CHARM - amqp_changed: Clustered but no vip."\
1106+ && exit 0
1107+ rabbit_host="$vip"
1108+ fi
1109+
1110 local rabbit_user=$(config-get rabbit-user)
1111 local rabbit_vhost=$(config-get rabbit-vhost)
1112 juju-log "$CHARM - amqp_changed: Setting rabbit config in nova.conf: " \
1113@@ -134,6 +151,18 @@
1114 service_ctl all restart
1115 }
1116
1117+function compute_joined {
1118+ migration_enabled || return 0
1119+ local relid="$1"
1120+ [[ -n "$relid" ]] && relid="-r $relid"
1121+ migration_auth="$(config-get migration-auth-type)"
1122+ case "$migration_auth" in
1123+ "none"|"None") return 0 ;;
1124+ "ssh") relation-set $relid ssh_public_key="$(cat /root/.ssh/id_rsa.pub)" ;;
1125+ esac
1126+ relation-set $relid migration_auth_type="$migration_auth"
1127+}
1128+
1129 function compute_changed {
1130 # nova-c-c will inform us of the configured network manager. nova-compute
1131 # needs to configure itself accordingly.
1132@@ -178,6 +207,31 @@
1133 volume_service=`relation-get volume_service`
1134 [[ -n "$volume_service" ]] && configure_volume_service "$volume_service"
1135
1136+ if migration_enabled ; then
1137+ case "$(config-get migration-auth-type)" in
1138+ "ssh")
1139+ local known_hosts="$(relation-get known_hosts)"
1140+ local authorized_keys="$(relation-get authorized_keys)"
1141+ if [[ -n "$known_hosts" ]] &&
1142+ [[ -n "$authorized_keys" ]] ; then
1143+ juju-log "$CHARM: Saving new known_hosts+authorized_keys file."
1144+ echo "$known_hosts" | base64 -di >/root/.ssh/known_hosts
1145+ echo "$authorized_keys" | base64 -di >/root/.ssh/authorized_keys
1146+ fi
1147+ ;;
1148+ esac
1149+ fi
1150+
1151+ # If Keytone is configured manage SSL certs, nova-compute needs a copy
1152+ # of its CA installed.
1153+ local ca_cert="$(relation-get ca_cert)"
1154+ if [[ -n "$ca_cert" ]] ; then
1155+ juju-log "Installing Keystone CA certificate."
1156+ ca_cert="$(echo $ca_cert | base64 -di)"
1157+ echo "$ca_cert" >/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt
1158+ update-ca-certificates
1159+ fi
1160+
1161 # restart on all changed events. nova-c-c may send out a uuid to trigger
1162 # remote restarts of services here (after db migrations, for instance)
1163 service_ctl all restart
1164@@ -208,7 +262,11 @@
1165 MONS=`relation-list`
1166 mon_hosts=""
1167 for mon in $MONS; do
1168+<<<<<<< TREE
1169 mon_hosts="$mon_hosts $(get_ip $(relation-get private-address $mon)):6789"
1170+=======
1171+ mon_hosts="$mon_hosts`relation-get private-address $mon`:6789,"
1172+>>>>>>> MERGE-SOURCE
1173 done
1174 cat > /etc/ceph/ceph.conf << EOF
1175 [global]
1176@@ -252,6 +310,6 @@
1177 "identity-service-relation-changed") exit 0 ;;
1178 "ceph-relation-joined") ceph_joined;;
1179 "ceph-relation-changed") ceph_changed;;
1180- "cloud-compute-relation-joined" ) exit 0 ;;
1181+ "cloud-compute-relation-joined" ) compute_joined ;;
1182 "cloud-compute-relation-changed") compute_changed ;;
1183 esac
1184
1185=== modified file 'metadata.yaml'
1186--- metadata.yaml 2013-03-01 22:10:38 +0000
1187+++ metadata.yaml 2013-03-11 12:12:19 +0000
1188@@ -20,3 +20,6 @@
1189 interface: glance
1190 ceph:
1191 interface: ceph-client
1192+peers:
1193+ compute-peer:
1194+ interface: nova
1195
1196=== modified file 'revision'
1197--- revision 2013-03-05 17:34:40 +0000
1198+++ revision 2013-03-11 12:12:19 +0000
1199@@ -1,1 +1,5 @@
1200+<<<<<<< TREE
1201 81
1202+=======
1203+86
1204+>>>>>>> MERGE-SOURCE

Subscribers

People subscribed via source and target branches

to all changes: