Juju Charms Collection
swift-storage package

Merge lp:~james-page/charms/trusty/swift-storage/xenial into lp:~openstack-charmers-archive/charms/trusty/swift-storage/trunk

Trusty Tahr (14.04)
xenial
Merge into trunk

Proposed by James Page on 2016-01-30

Status:	Superseded
Proposed branch:	lp:~james-page/charms/trusty/swift-storage/xenial
Merge into:	lp:~openstack-charmers-archive/charms/trusty/swift-storage/trunk
Diff against target:	13142 lines (+12701/-18) (has conflicts) 59 files modified .testr.conf (+8/-0) actions.yaml (+6/-0) actions/actions.py (+108/-0) actions/openstack_upgrade.py (+34/-0) charm-helpers-hooks.yaml (+5/-0) charmhelpers.new/cli/__init__.py (+191/-0) charmhelpers.new/cli/benchmark.py (+36/-0) charmhelpers.new/cli/commands.py (+32/-0) charmhelpers.new/cli/hookenv.py (+23/-0) charmhelpers.new/cli/host.py (+31/-0) charmhelpers.new/cli/unitdata.py (+39/-0) charmhelpers.new/contrib/charmsupport/nrpe.py (+398/-0) charmhelpers.new/contrib/hahelpers/cluster.py (+316/-0) charmhelpers.new/contrib/network/ip.py (+458/-0) charmhelpers.new/contrib/openstack/amulet/deployment.py (+302/-0) charmhelpers.new/contrib/openstack/amulet/utils.py (+985/-0) charmhelpers.new/contrib/openstack/context.py (+1477/-0) charmhelpers.new/contrib/openstack/files/check_haproxy.sh (+34/-0) charmhelpers.new/contrib/openstack/ip.py (+151/-0) charmhelpers.new/contrib/openstack/neutron.py (+378/-0) charmhelpers.new/contrib/openstack/templates/ceph.conf (+21/-0) charmhelpers.new/contrib/openstack/templates/haproxy.cfg (+66/-0) charmhelpers.new/contrib/openstack/templating.py (+323/-0) charmhelpers.new/contrib/openstack/utils.py (+1044/-0) charmhelpers.new/contrib/python/packages.py (+130/-0) charmhelpers.new/contrib/storage/linux/ceph.py (+1039/-0) charmhelpers.new/contrib/storage/linux/loopback.py (+88/-0) charmhelpers.new/contrib/storage/linux/utils.py (+71/-0) charmhelpers.new/core/files.py (+45/-0) charmhelpers.new/core/hookenv.py (+978/-0) charmhelpers.new/core/host.py (+673/-0) charmhelpers.new/core/hugepage.py (+71/-0) charmhelpers.new/core/kernel.py (+68/-0) charmhelpers.new/core/services/base.py (+353/-0) charmhelpers.new/core/services/helpers.py (+292/-0) charmhelpers.new/core/strutils.py (+72/-0) charmhelpers.new/core/templating.py (+81/-0) charmhelpers.new/core/unitdata.py (+521/-0) charmhelpers.new/fetch/__init__.py (+464/-0) charmhelpers.new/fetch/archiveurl.py (+167/-0) charmhelpers.new/fetch/bzrurl.py (+68/-0) charmhelpers.new/fetch/giturl.py (+70/-0) lib/misc_utils.py (+110/-0) lib/swift_storage_context.py (+96/-0) lib/swift_storage_utils.py (+372/-0) requirements.txt (+11/-0) test-requirements.txt (+8/-0) tests/018-basic-trusty-liberty (+11/-0) tests/019-basic-trusty-mitaka (+11/-0) tests/019-basic-vivid-kilo (+0/-9) tests/020-basic-wily-liberty (+9/-0) tests/021-basic-xenial-mitaka (+9/-0) tests/charmhelpers/contrib/openstack/amulet/deployment.py (+9/-0) tests/tests.yaml (+21/-0) tox.ini (+29/-0) unit_tests/test_actions.py (+220/-0) unit_tests/test_actions_openstack_upgrade.py (+58/-0) unit_tests/test_swift_storage_context.py (+1/-5) unit_tests/test_swift_storage_utils.py (+9/-4) Conflict adding file .testr.conf. Moved existing file to .testr.conf.moved. Path conflict: <deleted> / lib/misc_utils.py Path conflict: <deleted> / lib/swift_storage_context.py Path conflict: <deleted> / lib/swift_storage_utils.py Conflict adding file actions. Moved existing file to actions.moved. Conflict adding file actions.yaml. Moved existing file to actions.yaml.moved. Text conflict in charm-helpers-hooks.yaml Conflict adding file charmhelpers. Moved existing file to charmhelpers.moved. Conflict: charmhelpers.new is not a directory, but has files in it. Created directory. Conflict adding files to charmhelpers.new/contrib. Created directory. Conflict because charmhelpers.new/contrib is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/contrib/charmsupport. Created directory. Conflict because charmhelpers.new/contrib/charmsupport is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/contrib/hahelpers. Created directory. Conflict because charmhelpers.new/contrib/hahelpers is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/contrib/network. Created directory. Conflict because charmhelpers.new/contrib/network is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/contrib/openstack. Created directory. Conflict because charmhelpers.new/contrib/openstack is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/contrib/openstack/amulet. Created directory. Conflict because charmhelpers.new/contrib/openstack/amulet is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/contrib/openstack/files. Created directory. Conflict because charmhelpers.new/contrib/openstack/files is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/contrib/openstack/templates. Created directory. Conflict because charmhelpers.new/contrib/openstack/templates is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/contrib/python. Created directory. Conflict because charmhelpers.new/contrib/python is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/contrib/storage. Created directory. Conflict because charmhelpers.new/contrib/storage is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/contrib/storage/linux. Created directory. Conflict because charmhelpers.new/contrib/storage/linux is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/core. Created directory. Conflict because charmhelpers.new/core is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/core/services. Created directory. Conflict because charmhelpers.new/core/services is not versioned, but has versioned children. Versioned directory. Conflict adding files to charmhelpers.new/fetch. Created directory. Conflict because charmhelpers.new/fetch is not versioned, but has versioned children. Versioned directory. Conflict adding file hooks/install.real. Moved existing file to hooks/install.real.moved. Conflict adding file hooks/lib. Moved existing file to hooks/lib.moved. Conflict adding file lib. Moved existing file to lib.moved. Conflict adding file requirements.txt. Moved existing file to requirements.txt.moved. Conflict adding file test-requirements.txt. Moved existing file to test-requirements.txt.moved. Conflict adding file tests/018-basic-trusty-liberty. Moved existing file to tests/018-basic-trusty-liberty.moved. Conflict adding file tests/019-basic-trusty-mitaka. Moved existing file to tests/019-basic-trusty-mitaka.moved. Conflict adding file tests/020-basic-wily-liberty. Moved existing file to tests/020-basic-wily-liberty.moved. Conflict adding file tests/021-basic-xenial-mitaka. Moved existing file to tests/021-basic-xenial-mitaka.moved. Text conflict in tests/charmhelpers/contrib/openstack/amulet/deployment.py Conflict adding file tests/setup. Moved existing file to tests/setup.moved. Conflict adding file tests/tests.yaml. Moved existing file to tests/tests.yaml.moved. Conflict adding file tox.ini. Moved existing file to tox.ini.moved. Conflict adding file unit_tests/test_actions.py. Moved existing file to unit_tests/test_actions.py.moved. Conflict adding file unit_tests/test_actions_openstack_upgrade.py. Moved existing file to unit_tests/test_actions_openstack_upgrade.py.moved.
To merge this branch:	bzr merge lp:~james-page/charms/trusty/swift-storage/xenial
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
OpenStack Charmers		2016-01-30	Pending
Review via email: mp+284514@code.launchpad.net

This proposal has been superseded by a proposal from 2016-01-30.

Description of the change

Resync helpers, fixup xenial support.

lp:~james-page/charms/trusty/swift-storage/xenial updated on 2016-02-11

104. By James Page on 2016-02-09: Tidy lint
105. By James Page on 2016-02-11: Baseline
106. By James Page on 2016-02-11: Enable xenial mitaka tests

Unmerged revisions

106. By James Page on 2016-02-11: Enable xenial mitaka tests
105. By James Page on 2016-02-11: Baseline
104. By James Page on 2016-02-09: Tidy lint
103. By James Page on 2016-01-30: Resync helpers, refactor code to use cpu calcs from charmhelpers
102. By James Page on 2016-01-19: Fix liberty/mitaka typo from previous test definition update batch.
101. By Corey Bryant on 2016-01-14: [corey.bryant, r=jamespage] Sync charm-helpers.
100. By Liam Young on 2016-01-12: Update test combo definitions, remove Vivid deprecated release tests, update bundletester testplan yaml, update tests README.
99. By Liam Young on 2016-01-08: [corey.bryant, r=gnuoy] Charmhelper sync
98. By James Page on 2016-01-07: Resync helpers
97. By Corey Bryant on 2016-01-04: [corey.bryant,r=trivial] Sync charm-helpers.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches

to all changes:

Csaba TOTH

James Page

Nobuto Murata

OpenStack Charmers

 === added file '.testr.conf'
 --- .testr.conf	1970-01-01 00:00:00 +0000
 +++ .testr.conf	2016-01-30 12:38:43 +0000
@@ -0,0 +1,8 @@
++[DEFAULT]
++test_command=OS_STDOUT_CAPTURE=${OS_STDOUT_CAPTURE:-1} \
++             OS_STDERR_CAPTURE=${OS_STDERR_CAPTURE:-1} \
++             OS_TEST_TIMEOUT=${OS_TEST_TIMEOUT:-60} \
++             ${PYTHON:-python} -m subunit.run discover -t ./ ./unit_tests $LISTOPT $IDOPTION
++
++test_id_option=--load-list $IDFILE
++test_list_option=--list
 === renamed file '.testr.conf' => '.testr.conf.moved'
 === added directory 'actions'
 === renamed directory 'actions' => 'actions.moved'
 === added file 'actions.yaml'
 --- actions.yaml	1970-01-01 00:00:00 +0000
 +++ actions.yaml	2016-01-30 12:38:43 +0000
@@ -0,0 +1,6 @@
++pause:
++  description: Pause the swift-storage unit. This action will stop Swift services.
++resume:
++  description: Resume the swift-storage unit. This action will start Swift services.
++openstack-upgrade:
++  description: Perform openstack upgrades. Config option action-managed-upgrade must be set to True.
 === renamed file 'actions.yaml' => 'actions.yaml.moved'
 === added file 'actions/__init__.py'
 === added file 'actions/actions.py'
 --- actions/actions.py	1970-01-01 00:00:00 +0000
 +++ actions/actions.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,108 @@
++#!/usr/bin/python
++
++import argparse
++import os
++import sys
++import yaml
++
++from charmhelpers.core.host import service_pause, service_resume
++from charmhelpers.core.hookenv import action_fail
++from charmhelpers.core.unitdata import HookData, kv
++from charmhelpers.contrib.openstack.utils import (
++    get_os_codename_package,
++    set_os_workload_status,
++)
++from lib.swift_storage_utils import (
++    assess_status,
++    REQUIRED_INTERFACES,
++    SWIFT_SVCS,
++)
++from hooks.swift_storage_hooks import (
++    CONFIGS,
++)
++
++
++def _get_services():
++    """Return a list of services that need to be (un)paused."""
++    services = SWIFT_SVCS[:]
++    # Before Icehouse there was no swift-container-sync
++    if get_os_codename_package("swift-container") < "icehouse":
++        services.remove("swift-container-sync")
++    return services
++
++
++def get_action_parser(actions_yaml_path, action_name,
++                      get_services=_get_services):
++    """Make an argparse.ArgumentParser seeded from actions.yaml definitions."""
++    with open(actions_yaml_path) as fh:
++        doc = yaml.load(fh)[action_name]["description"]
++    parser = argparse.ArgumentParser(description=doc)
++    parser.add_argument("--services", default=get_services())
++    # TODO: Add arguments for params defined in the actions.yaml
++    return parser
++
++
++def pause(args):
++    """Pause all the swift services.
++
++    @raises Exception if any services fail to stop
++    """
++    for service in args.services:
++        stopped = service_pause(service)
++        if not stopped:
++            raise Exception("{} didn't stop cleanly.".format(service))
++    with HookData()():
++        kv().set('unit-paused', True)
++    set_os_workload_status(CONFIGS, REQUIRED_INTERFACES,
++                           charm_func=assess_status)
++
++
++def resume(args):
++    """Resume all the swift services.
++
++    @raises Exception if any services fail to start
++    """
++    for service in args.services:
++        started = service_resume(service)
++        if not started:
++            raise Exception("{} didn't start cleanly.".format(service))
++    with HookData()():
++        kv().set('unit-paused', False)
++    set_os_workload_status(CONFIGS, REQUIRED_INTERFACES,
++                           charm_func=assess_status)
++
++
++# A dictionary of all the defined actions to callables (which take
++# parsed arguments).
++ACTIONS = {"pause": pause, "resume": resume}
++
++
++def main(argv):
++    action_name = _get_action_name()
++    actions_yaml_path = _get_actions_yaml_path()
++    parser = get_action_parser(actions_yaml_path, action_name)
++    args = parser.parse_args(argv)
++    try:
++        action = ACTIONS[action_name]
++    except KeyError:
++        return "Action %s undefined" % action_name
++    else:
++        try:
++            action(args)
++        except Exception as e:
++            action_fail(str(e))
++
++
++def _get_action_name():
++    """Return the name of the action."""
++    return os.path.basename(__file__)
++
++
++def _get_actions_yaml_path():
++    """Return the path to actions.yaml"""
++    cwd = os.path.dirname(__file__)
++    return os.path.join(cwd, "..", "actions.yaml")
++
++
++if __name__ == "__main__":
++    sys.exit(main(sys.argv[1:]))
 === added symlink 'actions/charmhelpers'
 === target is u'../charmhelpers/'
 === added symlink 'actions/hooks'
 === target is u'../hooks'
 === added symlink 'actions/lib'
 === target is u'../lib'
 === added symlink 'actions/openstack-upgrade'
 === target is u'openstack_upgrade.py'
 === added file 'actions/openstack_upgrade.py'
 --- actions/openstack_upgrade.py	1970-01-01 00:00:00 +0000
 +++ actions/openstack_upgrade.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,34 @@
++#!/usr/bin/python
++import sys
++
++sys.path.append('hooks/')
++
++from charmhelpers.contrib.openstack.utils import (
++    do_action_openstack_upgrade,
++)
++
++from swift_storage_hooks import (
++    config_changed,
++    CONFIGS,
++)
++
++from lib.swift_storage_utils import (
++    do_openstack_upgrade,
++)
++
++
++def openstack_upgrade():
++    """Upgrade packages to config-set Openstack version.
++
++    If the charm was installed from source we cannot upgrade it.
++    For backwards compatibility a config flag must be set for this
++    code to run, otherwise a full service level upgrade will fire
++    on config-changed."""
++
++    if (do_action_openstack_upgrade('swift',
++                                    do_openstack_upgrade,
++                                    CONFIGS)):
++        config_changed()
++
++if __name__ == '__main__':
++    openstack_upgrade()
 === added symlink 'actions/pause'
 === target is u'actions.py'
 === added symlink 'actions/resume'
 === target is u'actions.py'
 === modified file 'charm-helpers-hooks.yaml'
 --- charm-helpers-hooks.yaml	2015-10-22 16:09:29 +0000
 +++ charm-helpers-hooks.yaml	2016-01-30 12:38:43 +0000
@@ -1,5 +1,10 @@
++<<<<<<< TREE
  branch: lp:~openstack-charmers/charm-helpers/stable
  destination: charmhelpers
++=======
++branch: lp:charm-helpers
++destination: charmhelpers
++>>>>>>> MERGE-SOURCE
  include:
      - core
      - cli
 === renamed directory 'charmhelpers' => 'charmhelpers.moved'
 === renamed symlink 'hooks/charmhelpers' => 'charmhelpers.new'
 === target was u'../charmhelpers/'
 === added directory 'charmhelpers.new/cli'
 === added file 'charmhelpers.new/cli/__init__.py'
 --- charmhelpers.new/cli/__init__.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/cli/__init__.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,191 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++import inspect
++import argparse
++import sys
++
++from six.moves import zip
++
++import charmhelpers.core.unitdata
++
++
++class OutputFormatter(object):
++    def __init__(self, outfile=sys.stdout):
++        self.formats = (
++            "raw",
++            "json",
++            "py",
++            "yaml",
++            "csv",
++            "tab",
++        )
++        self.outfile = outfile
++
++    def add_arguments(self, argument_parser):
++        formatgroup = argument_parser.add_mutually_exclusive_group()
++        choices = self.supported_formats
++        formatgroup.add_argument("--format", metavar='FMT',
++                                 help="Select output format for returned data, "
++                                      "where FMT is one of: {}".format(choices),
++                                 choices=choices, default='raw')
++        for fmt in self.formats:
++            fmtfunc = getattr(self, fmt)
++            formatgroup.add_argument("-{}".format(fmt[0]),
++                                     "--{}".format(fmt), action='store_const',
++                                     const=fmt, dest='format',
++                                     help=fmtfunc.__doc__)
++
++    @property
++    def supported_formats(self):
++        return self.formats
++
++    def raw(self, output):
++        """Output data as raw string (default)"""
++        if isinstance(output, (list, tuple)):
++            output = '\n'.join(map(str, output))
++        self.outfile.write(str(output))
++
++    def py(self, output):
++        """Output data as a nicely-formatted python data structure"""
++        import pprint
++        pprint.pprint(output, stream=self.outfile)
++
++    def json(self, output):
++        """Output data in JSON format"""
++        import json
++        json.dump(output, self.outfile)
++
++    def yaml(self, output):
++        """Output data in YAML format"""
++        import yaml
++        yaml.safe_dump(output, self.outfile)
++
++    def csv(self, output):
++        """Output data as excel-compatible CSV"""
++        import csv
++        csvwriter = csv.writer(self.outfile)
++        csvwriter.writerows(output)
++
++    def tab(self, output):
++        """Output data in excel-compatible tab-delimited format"""
++        import csv
++        csvwriter = csv.writer(self.outfile, dialect=csv.excel_tab)
++        csvwriter.writerows(output)
++
++    def format_output(self, output, fmt='raw'):
++        fmtfunc = getattr(self, fmt)
++        fmtfunc(output)
++
++
++class CommandLine(object):
++    argument_parser = None
++    subparsers = None
++    formatter = None
++    exit_code = 0
++
++    def __init__(self):
++        if not self.argument_parser:
++            self.argument_parser = argparse.ArgumentParser(description='Perform common charm tasks')
++        if not self.formatter:
++            self.formatter = OutputFormatter()
++            self.formatter.add_arguments(self.argument_parser)
++        if not self.subparsers:
++            self.subparsers = self.argument_parser.add_subparsers(help='Commands')
++
++    def subcommand(self, command_name=None):
++        """
++        Decorate a function as a subcommand. Use its arguments as the
++        command-line arguments"""
++        def wrapper(decorated):
++            cmd_name = command_name or decorated.__name__
++            subparser = self.subparsers.add_parser(cmd_name,
++                                                   description=decorated.__doc__)
++            for args, kwargs in describe_arguments(decorated):
++                subparser.add_argument(*args, **kwargs)
++            subparser.set_defaults(func=decorated)
++            return decorated
++        return wrapper
++
++    def test_command(self, decorated):
++        """
++        Subcommand is a boolean test function, so bool return values should be
++        converted to a 0/1 exit code.
++        """
++        decorated._cli_test_command = True
++        return decorated
++
++    def no_output(self, decorated):
++        """
++        Subcommand is not expected to return a value, so don't print a spurious None.
++        """
++        decorated._cli_no_output = True
++        return decorated
++
++    def subcommand_builder(self, command_name, description=None):
++        """
++        Decorate a function that builds a subcommand. Builders should accept a
++        single argument (the subparser instance) and return the function to be
++        run as the command."""
++        def wrapper(decorated):
++            subparser = self.subparsers.add_parser(command_name)
++            func = decorated(subparser)
++            subparser.set_defaults(func=func)
++            subparser.description = description or func.__doc__
++        return wrapper
++
++    def run(self):
++        "Run cli, processing arguments and executing subcommands."
++        arguments = self.argument_parser.parse_args()
++        argspec = inspect.getargspec(arguments.func)
++        vargs = []
++        for arg in argspec.args:
++            vargs.append(getattr(arguments, arg))
++        if argspec.varargs:
++            vargs.extend(getattr(arguments, argspec.varargs))
++        output = arguments.func(*vargs)
++        if getattr(arguments.func, '_cli_test_command', False):
++            self.exit_code = 0 if output else 1
++            output = ''
++        if getattr(arguments.func, '_cli_no_output', False):
++            output = ''
++        self.formatter.format_output(output, arguments.format)
++        if charmhelpers.core.unitdata._KV:
++            charmhelpers.core.unitdata._KV.flush()
++
++
++cmdline = CommandLine()
++
++
++def describe_arguments(func):
++    """
++    Analyze a function's signature and return a data structure suitable for
++    passing in as arguments to an argparse parser's add_argument() method."""
++
++    argspec = inspect.getargspec(func)
++    # we should probably raise an exception somewhere if func includes **kwargs
++    if argspec.defaults:
++        positional_args = argspec.args[:-len(argspec.defaults)]
++        keyword_names = argspec.args[-len(argspec.defaults):]
++        for arg, default in zip(keyword_names, argspec.defaults):
++            yield ('--{}'.format(arg),), {'default': default}
++    else:
++        positional_args = argspec.args
++
++    for arg in positional_args:
++        yield (arg,), {}
++    if argspec.varargs:
++        yield (argspec.varargs,), {'nargs': '*'}
 === added file 'charmhelpers.new/cli/benchmark.py'
 --- charmhelpers.new/cli/benchmark.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/cli/benchmark.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,36 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++from . import cmdline
++from charmhelpers.contrib.benchmark import Benchmark
++
++
++@cmdline.subcommand(command_name='benchmark-start')
++def start():
++    Benchmark.start()
++
++
++@cmdline.subcommand(command_name='benchmark-finish')
++def finish():
++    Benchmark.finish()
++
++
++@cmdline.subcommand_builder('benchmark-composite', description="Set the benchmark composite score")
++def service(subparser):
++    subparser.add_argument("value", help="The composite score.")
++    subparser.add_argument("units", help="The units the composite score represents, i.e., 'reads/sec'.")
++    subparser.add_argument("direction", help="'asc' if a lower score is better, 'desc' if a higher score is better.")
++    return Benchmark.set_composite_score
 === added file 'charmhelpers.new/cli/commands.py'
 --- charmhelpers.new/cli/commands.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/cli/commands.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,32 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++"""
++This module loads sub-modules into the python runtime so they can be
++discovered via the inspect module. In order to prevent flake8 from (rightfully)
++telling us these are unused modules, throw a ' # noqa' at the end of each import
++so that the warning is suppressed.
++"""
++
++from . import CommandLine  # noqa
++
++"""
++Import the sub-modules which have decorated subcommands to register with chlp.
++"""
++from . import host  # noqa
++from . import benchmark  # noqa
++from . import unitdata  # noqa
++from . import hookenv  # noqa
 === added file 'charmhelpers.new/cli/hookenv.py'
 --- charmhelpers.new/cli/hookenv.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/cli/hookenv.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,23 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++from . import cmdline
++from charmhelpers.core import hookenv
++
++
++cmdline.subcommand('relation-id')(hookenv.relation_id._wrapped)
++cmdline.subcommand('service-name')(hookenv.service_name)
++cmdline.subcommand('remote-service-name')(hookenv.remote_service_name._wrapped)
 === added file 'charmhelpers.new/cli/host.py'
 --- charmhelpers.new/cli/host.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/cli/host.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,31 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++from . import cmdline
++from charmhelpers.core import host
++
++
++@cmdline.subcommand()
++def mounts():
++    "List mounts"
++    return host.mounts()
++
++
++@cmdline.subcommand_builder('service', description="Control system services")
++def service(subparser):
++    subparser.add_argument("action", help="The action to perform (start, stop, etc...)")
++    subparser.add_argument("service_name", help="Name of the service to control")
++    return host.service
 === added file 'charmhelpers.new/cli/unitdata.py'
 --- charmhelpers.new/cli/unitdata.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/cli/unitdata.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,39 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++from . import cmdline
++from charmhelpers.core import unitdata
++
++
++@cmdline.subcommand_builder('unitdata', description="Store and retrieve data")
++def unitdata_cmd(subparser):
++    nested = subparser.add_subparsers()
++    get_cmd = nested.add_parser('get', help='Retrieve data')
++    get_cmd.add_argument('key', help='Key to retrieve the value of')
++    get_cmd.set_defaults(action='get', value=None)
++    set_cmd = nested.add_parser('set', help='Store data')
++    set_cmd.add_argument('key', help='Key to set')
++    set_cmd.add_argument('value', help='Value to store')
++    set_cmd.set_defaults(action='set')
++
++    def _unitdata_cmd(action, key, value):
++        if action == 'get':
++            return unitdata.kv().get(key)
++        elif action == 'set':
++            unitdata.kv().set(key, value)
++            unitdata.kv().flush()
++            return ''
++    return _unitdata_cmd
 === added directory 'charmhelpers.new/contrib'
 === added directory 'charmhelpers.new/contrib/charmsupport'
 === added file 'charmhelpers.new/contrib/charmsupport/nrpe.py'
 --- charmhelpers.new/contrib/charmsupport/nrpe.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/contrib/charmsupport/nrpe.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,398 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++"""Compatibility with the nrpe-external-master charm"""
++# Copyright 2012 Canonical Ltd.
++#
++# Authors:
++#  Matthew Wedgwood <matthew.wedgwood@canonical.com>
++
++import subprocess
++import pwd
++import grp
++import os
++import glob
++import shutil
++import re
++import shlex
++import yaml
++
++from charmhelpers.core.hookenv import (
++    config,
++    local_unit,
++    log,
++    relation_ids,
++    relation_set,
++    relations_of_type,
++)
++
++from charmhelpers.core.host import service
++
++# This module adds compatibility with the nrpe-external-master and plain nrpe
++# subordinate charms. To use it in your charm:
++#
++# 1. Update metadata.yaml
++#
++#   provides:
++#     (...)
++#     nrpe-external-master:
++#       interface: nrpe-external-master
++#       scope: container
++#
++#   and/or
++#
++#   provides:
++#     (...)
++#     local-monitors:
++#       interface: local-monitors
++#       scope: container
++
++#
++# 2. Add the following to config.yaml
++#
++#    nagios_context:
++#      default: "juju"
++#      type: string
++#      description: |
++#        Used by the nrpe subordinate charms.
++#        A string that will be prepended to instance name to set the host name
++#        in nagios. So for instance the hostname would be something like:
++#            juju-myservice-0
++#        If you're running multiple environments with the same services in them
++#        this allows you to differentiate between them.
++#    nagios_servicegroups:
++#      default: ""
++#      type: string
++#      description: |
++#        A comma-separated list of nagios servicegroups.
++#        If left empty, the nagios_context will be used as the servicegroup
++#
++# 3. Add custom checks (Nagios plugins) to files/nrpe-external-master
++#
++# 4. Update your hooks.py with something like this:
++#
++#    from charmsupport.nrpe import NRPE
++#    (...)
++#    def update_nrpe_config():
++#        nrpe_compat = NRPE()
++#        nrpe_compat.add_check(
++#            shortname = "myservice",
++#            description = "Check MyService",
++#            check_cmd = "check_http -w 2 -c 10 http://localhost"
++#            )
++#        nrpe_compat.add_check(
++#            "myservice_other",
++#            "Check for widget failures",
++#            check_cmd = "/srv/myapp/scripts/widget_check"
++#            )
++#        nrpe_compat.write()
++#
++#    def config_changed():
++#        (...)
++#        update_nrpe_config()
++#
++#    def nrpe_external_master_relation_changed():
++#        update_nrpe_config()
++#
++#    def local_monitors_relation_changed():
++#        update_nrpe_config()
++#
++# 5. ln -s hooks.py nrpe-external-master-relation-changed
++#    ln -s hooks.py local-monitors-relation-changed
++
++
++class CheckException(Exception):
++    pass
++
++
++class Check(object):
++    shortname_re = '[A-Za-z0-9-_]+$'
++    service_template = ("""
++#---------------------------------------------------
++# This file is Juju managed
++#---------------------------------------------------
++define service {{
++    use                             active-service
++    host_name                       {nagios_hostname}
++    service_description             {nagios_hostname}[{shortname}] """
++                        """{description}
++    check_command                   check_nrpe!{command}
++    servicegroups                   {nagios_servicegroup}
++}}
++""")
++
++    def __init__(self, shortname, description, check_cmd):
++        super(Check, self).__init__()
++        # XXX: could be better to calculate this from the service name
++        if not re.match(self.shortname_re, shortname):
++            raise CheckException("shortname must match {}".format(
++                Check.shortname_re))
++        self.shortname = shortname
++        self.command = "check_{}".format(shortname)
++        # Note: a set of invalid characters is defined by the
++        # Nagios server config
++        # The default is: illegal_object_name_chars=`~!$%^&*"|'<>?,()=
++        self.description = description
++        self.check_cmd = self._locate_cmd(check_cmd)
++
++    def _get_check_filename(self):
++        return os.path.join(NRPE.nrpe_confdir, '{}.cfg'.format(self.command))
++
++    def _get_service_filename(self, hostname):
++        return os.path.join(NRPE.nagios_exportdir,
++                            'service__{}_{}.cfg'.format(hostname, self.command))
++
++    def _locate_cmd(self, check_cmd):
++        search_path = (
++            '/usr/lib/nagios/plugins',
++            '/usr/local/lib/nagios/plugins',
++        )
++        parts = shlex.split(check_cmd)
++        for path in search_path:
++            if os.path.exists(os.path.join(path, parts[0])):
++                command = os.path.join(path, parts[0])
++                if len(parts) > 1:
++                    command += " " + " ".join(parts[1:])
++                return command
++        log('Check command not found: {}'.format(parts[0]))
++        return ''
++
++    def _remove_service_files(self):
++        if not os.path.exists(NRPE.nagios_exportdir):
++            return
++        for f in os.listdir(NRPE.nagios_exportdir):
++            if f.endswith('_{}.cfg'.format(self.command)):
++                os.remove(os.path.join(NRPE.nagios_exportdir, f))
++
++    def remove(self, hostname):
++        nrpe_check_file = self._get_check_filename()
++        if os.path.exists(nrpe_check_file):
++            os.remove(nrpe_check_file)
++        self._remove_service_files()
++
++    def write(self, nagios_context, hostname, nagios_servicegroups):
++        nrpe_check_file = self._get_check_filename()
++        with open(nrpe_check_file, 'w') as nrpe_check_config:
++            nrpe_check_config.write("# check {}\n".format(self.shortname))
++            nrpe_check_config.write("command[{}]={}\n".format(
++                self.command, self.check_cmd))
++
++        if not os.path.exists(NRPE.nagios_exportdir):
++            log('Not writing service config as {} is not accessible'.format(
++                NRPE.nagios_exportdir))
++        else:
++            self.write_service_config(nagios_context, hostname,
++                                      nagios_servicegroups)
++
++    def write_service_config(self, nagios_context, hostname,
++                             nagios_servicegroups):
++        self._remove_service_files()
++
++        templ_vars = {
++            'nagios_hostname': hostname,
++            'nagios_servicegroup': nagios_servicegroups,
++            'description': self.description,
++            'shortname': self.shortname,
++            'command': self.command,
++        }
++        nrpe_service_text = Check.service_template.format(**templ_vars)
++        nrpe_service_file = self._get_service_filename(hostname)
++        with open(nrpe_service_file, 'w') as nrpe_service_config:
++            nrpe_service_config.write(str(nrpe_service_text))
++
++    def run(self):
++        subprocess.call(self.check_cmd)
++
++
++class NRPE(object):
++    nagios_logdir = '/var/log/nagios'
++    nagios_exportdir = '/var/lib/nagios/export'
++    nrpe_confdir = '/etc/nagios/nrpe.d'
++
++    def __init__(self, hostname=None):
++        super(NRPE, self).__init__()
++        self.config = config()
++        self.nagios_context = self.config['nagios_context']
++        if 'nagios_servicegroups' in self.config and self.config['nagios_servicegroups']:
++            self.nagios_servicegroups = self.config['nagios_servicegroups']
++        else:
++            self.nagios_servicegroups = self.nagios_context
++        self.unit_name = local_unit().replace('/', '-')
++        if hostname:
++            self.hostname = hostname
++        else:
++            nagios_hostname = get_nagios_hostname()
++            if nagios_hostname:
++                self.hostname = nagios_hostname
++            else:
++                self.hostname = "{}-{}".format(self.nagios_context, self.unit_name)
++        self.checks = []
++
++    def add_check(self, *args, **kwargs):
++        self.checks.append(Check(*args, **kwargs))
++
++    def remove_check(self, *args, **kwargs):
++        if kwargs.get('shortname') is None:
++            raise ValueError('shortname of check must be specified')
++
++        # Use sensible defaults if they're not specified - these are not
++        # actually used during removal, but they're required for constructing
++        # the Check object; check_disk is chosen because it's part of the
++        # nagios-plugins-basic package.
++        if kwargs.get('check_cmd') is None:
++            kwargs['check_cmd'] = 'check_disk'
++        if kwargs.get('description') is None:
++            kwargs['description'] = ''
++
++        check = Check(*args, **kwargs)
++        check.remove(self.hostname)
++
++    def write(self):
++        try:
++            nagios_uid = pwd.getpwnam('nagios').pw_uid
++            nagios_gid = grp.getgrnam('nagios').gr_gid
++        except:
++            log("Nagios user not set up, nrpe checks not updated")
++            return
++
++        if not os.path.exists(NRPE.nagios_logdir):
++            os.mkdir(NRPE.nagios_logdir)
++            os.chown(NRPE.nagios_logdir, nagios_uid, nagios_gid)
++
++        nrpe_monitors = {}
++        monitors = {"monitors": {"remote": {"nrpe": nrpe_monitors}}}
++        for nrpecheck in self.checks:
++            nrpecheck.write(self.nagios_context, self.hostname,
++                            self.nagios_servicegroups)
++            nrpe_monitors[nrpecheck.shortname] = {
++                "command": nrpecheck.command,
++            }
++
++        service('restart', 'nagios-nrpe-server')
++
++        monitor_ids = relation_ids("local-monitors") + \
++            relation_ids("nrpe-external-master")
++        for rid in monitor_ids:
++            relation_set(relation_id=rid, monitors=yaml.dump(monitors))
++
++
++def get_nagios_hostcontext(relation_name='nrpe-external-master'):
++    """
++    Query relation with nrpe subordinate, return the nagios_host_context
++
++    :param str relation_name: Name of relation nrpe sub joined to
++    """
++    for rel in relations_of_type(relation_name):
++        if 'nagios_host_context' in rel:
++            return rel['nagios_host_context']
++
++
++def get_nagios_hostname(relation_name='nrpe-external-master'):
++    """
++    Query relation with nrpe subordinate, return the nagios_hostname
++
++    :param str relation_name: Name of relation nrpe sub joined to
++    """
++    for rel in relations_of_type(relation_name):
++        if 'nagios_hostname' in rel:
++            return rel['nagios_hostname']
++
++
++def get_nagios_unit_name(relation_name='nrpe-external-master'):
++    """
++    Return the nagios unit name prepended with host_context if needed
++
++    :param str relation_name: Name of relation nrpe sub joined to
++    """
++    host_context = get_nagios_hostcontext(relation_name)
++    if host_context:
++        unit = "%s:%s" % (host_context, local_unit())
++    else:
++        unit = local_unit()
++    return unit
++
++
++def add_init_service_checks(nrpe, services, unit_name):
++    """
++    Add checks for each service in list
++
++    :param NRPE nrpe: NRPE object to add check to
++    :param list services: List of services to check
++    :param str unit_name: Unit name to use in check description
++    """
++    for svc in services:
++        upstart_init = '/etc/init/%s.conf' % svc
++        sysv_init = '/etc/init.d/%s' % svc
++        if os.path.exists(upstart_init):
++            # Don't add a check for these services from neutron-gateway
++            if svc not in ['ext-port', 'os-charm-phy-nic-mtu']:
++                nrpe.add_check(
++                    shortname=svc,
++                    description='process check {%s}' % unit_name,
++                    check_cmd='check_upstart_job %s' % svc
++                )
++        elif os.path.exists(sysv_init):
++            cronpath = '/etc/cron.d/nagios-service-check-%s' % svc
++            cron_file = ('*/5 * * * * root '
++                         '/usr/local/lib/nagios/plugins/check_exit_status.pl '
++                         '-s /etc/init.d/%s status > '
++                         '/var/lib/nagios/service-check-%s.txt\n' % (svc,
++                                                                     svc)
++                         )
++            f = open(cronpath, 'w')
++            f.write(cron_file)
++            f.close()
++            nrpe.add_check(
++                shortname=svc,
++                description='process check {%s}' % unit_name,
++                check_cmd='check_status_file.py -f '
++                          '/var/lib/nagios/service-check-%s.txt' % svc,
++            )
++
++
++def copy_nrpe_checks():
++    """
++    Copy the nrpe checks into place
++
++    """
++    NAGIOS_PLUGINS = '/usr/local/lib/nagios/plugins'
++    nrpe_files_dir = os.path.join(os.getenv('CHARM_DIR'), 'hooks',
++                                  'charmhelpers', 'contrib', 'openstack',
++                                  'files')
++
++    if not os.path.exists(NAGIOS_PLUGINS):
++        os.makedirs(NAGIOS_PLUGINS)
++    for fname in glob.glob(os.path.join(nrpe_files_dir, "check_*")):
++        if os.path.isfile(fname):
++            shutil.copy2(fname,
++                         os.path.join(NAGIOS_PLUGINS, os.path.basename(fname)))
++
++
++def add_haproxy_checks(nrpe, unit_name):
++    """
++    Add checks for each service in list
++
++    :param NRPE nrpe: NRPE object to add check to
++    :param str unit_name: Unit name to use in check description
++    """
++    nrpe.add_check(
++        shortname='haproxy_servers',
++        description='Check HAProxy {%s}' % unit_name,
++        check_cmd='check_haproxy.sh')
++    nrpe.add_check(
++        shortname='haproxy_queue',
++        description='Check HAProxy queue depth {%s}' % unit_name,
++        check_cmd='check_haproxy_queue_depth.sh')
 === added directory 'charmhelpers.new/contrib/hahelpers'
 === added file 'charmhelpers.new/contrib/hahelpers/cluster.py'
 --- charmhelpers.new/contrib/hahelpers/cluster.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/contrib/hahelpers/cluster.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,316 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++#
++# Copyright 2012 Canonical Ltd.
++#
++# Authors:
++#  James Page <james.page@ubuntu.com>
++#  Adam Gandelman <adamg@ubuntu.com>
++#
++
++"""
++Helpers for clustering and determining "cluster leadership" and other
++clustering-related helpers.
++"""
++
++import subprocess
++import os
++
++from socket import gethostname as get_unit_hostname
++
++import six
++
++from charmhelpers.core.hookenv import (
++    log,
++    relation_ids,
++    related_units as relation_list,
++    relation_get,
++    config as config_get,
++    INFO,
++    ERROR,
++    WARNING,
++    unit_get,
++    is_leader as juju_is_leader
++)
++from charmhelpers.core.decorators import (
++    retry_on_exception,
++)
++from charmhelpers.core.strutils import (
++    bool_from_string,
++)
++
++DC_RESOURCE_NAME = 'DC'
++
++
++class HAIncompleteConfig(Exception):
++    pass
++
++
++class CRMResourceNotFound(Exception):
++    pass
++
++
++class CRMDCNotFound(Exception):
++    pass
++
++
++def is_elected_leader(resource):
++    """
++    Returns True if the charm executing this is the elected cluster leader.
++
++    It relies on two mechanisms to determine leadership:
++        1. If juju is sufficiently new and leadership election is supported,
++        the is_leader command will be used.
++        2. If the charm is part of a corosync cluster, call corosync to
++        determine leadership.
++        3. If the charm is not part of a corosync cluster, the leader is
++        determined as being "the alive unit with the lowest unit numer". In
++        other words, the oldest surviving unit.
++    """
++    try:
++        return juju_is_leader()
++    except NotImplementedError:
++        log('Juju leadership election feature not enabled'
++            ', using fallback support',
++            level=WARNING)
++
++    if is_clustered():
++        if not is_crm_leader(resource):
++            log('Deferring action to CRM leader.', level=INFO)
++            return False
++    else:
++        peers = peer_units()
++        if peers and not oldest_peer(peers):
++            log('Deferring action to oldest service unit.', level=INFO)
++            return False
++    return True
++
++
++def is_clustered():
++    for r_id in (relation_ids('ha') or []):
++        for unit in (relation_list(r_id) or []):
++            clustered = relation_get('clustered',
++                                     rid=r_id,
++                                     unit=unit)
++            if clustered:
++                return True
++    return False
++
++
++def is_crm_dc():
++    """
++    Determine leadership by querying the pacemaker Designated Controller
++    """
++    cmd = ['crm', 'status']
++    try:
++        status = subprocess.check_output(cmd, stderr=subprocess.STDOUT)
++        if not isinstance(status, six.text_type):
++            status = six.text_type(status, "utf-8")
++    except subprocess.CalledProcessError as ex:
++        raise CRMDCNotFound(str(ex))
++
++    current_dc = ''
++    for line in status.split('\n'):
++        if line.startswith('Current DC'):
++            # Current DC: juju-lytrusty-machine-2 (168108163) - partition with quorum
++            current_dc = line.split(':')[1].split()[0]
++    if current_dc == get_unit_hostname():
++        return True
++    elif current_dc == 'NONE':
++        raise CRMDCNotFound('Current DC: NONE')
++
++    return False
++
++
++@retry_on_exception(5, base_delay=2,
++                    exc_type=(CRMResourceNotFound, CRMDCNotFound))
++def is_crm_leader(resource, retry=False):
++    """
++    Returns True if the charm calling this is the elected corosync leader,
++    as returned by calling the external "crm" command.
++
++    We allow this operation to be retried to avoid the possibility of getting a
++    false negative. See LP #1396246 for more info.
++    """
++    if resource == DC_RESOURCE_NAME:
++        return is_crm_dc()
++    cmd = ['crm', 'resource', 'show', resource]
++    try:
++        status = subprocess.check_output(cmd, stderr=subprocess.STDOUT)
++        if not isinstance(status, six.text_type):
++            status = six.text_type(status, "utf-8")
++    except subprocess.CalledProcessError:
++        status = None
++
++    if status and get_unit_hostname() in status:
++        return True
++
++    if status and "resource %s is NOT running" % (resource) in status:
++        raise CRMResourceNotFound("CRM resource %s not found" % (resource))
++
++    return False
++
++
++def is_leader(resource):
++    log("is_leader is deprecated. Please consider using is_crm_leader "
++        "instead.", level=WARNING)
++    return is_crm_leader(resource)
++
++
++def peer_units(peer_relation="cluster"):
++    peers = []
++    for r_id in (relation_ids(peer_relation) or []):
++        for unit in (relation_list(r_id) or []):
++            peers.append(unit)
++    return peers
++
++
++def peer_ips(peer_relation='cluster', addr_key='private-address'):
++    '''Return a dict of peers and their private-address'''
++    peers = {}
++    for r_id in relation_ids(peer_relation):
++        for unit in relation_list(r_id):
++            peers[unit] = relation_get(addr_key, rid=r_id, unit=unit)
++    return peers
++
++
++def oldest_peer(peers):
++    """Determines who the oldest peer is by comparing unit numbers."""
++    local_unit_no = int(os.getenv('JUJU_UNIT_NAME').split('/')[1])
++    for peer in peers:
++        remote_unit_no = int(peer.split('/')[1])
++        if remote_unit_no < local_unit_no:
++            return False
++    return True
++
++
++def eligible_leader(resource):
++    log("eligible_leader is deprecated. Please consider using "
++        "is_elected_leader instead.", level=WARNING)
++    return is_elected_leader(resource)
++
++
++def https():
++    '''
++    Determines whether enough data has been provided in configuration
++    or relation data to configure HTTPS
++    .
++    returns: boolean
++    '''
++    use_https = config_get('use-https')
++    if use_https and bool_from_string(use_https):
++        return True
++    if config_get('ssl_cert') and config_get('ssl_key'):
++        return True
++    for r_id in relation_ids('identity-service'):
++        for unit in relation_list(r_id):
++            # TODO - needs fixing for new helper as ssl_cert/key suffixes with CN
++            rel_state = [
++                relation_get('https_keystone', rid=r_id, unit=unit),
++                relation_get('ca_cert', rid=r_id, unit=unit),
++            ]
++            # NOTE: works around (LP: #1203241)
++            if (None not in rel_state) and ('' not in rel_state):
++                return True
++    return False
++
++
++def determine_api_port(public_port, singlenode_mode=False):
++    '''
++    Determine correct API server listening port based on
++    existence of HTTPS reverse proxy and/or haproxy.
++
++    public_port: int: standard public port for given service
++
++    singlenode_mode: boolean: Shuffle ports when only a single unit is present
++
++    returns: int: the correct listening port for the API service
++    '''
++    i = 0
++    if singlenode_mode:
++        i += 1
++    elif len(peer_units()) > 0 or is_clustered():
++        i += 1
++    if https():
++        i += 1
++    return public_port - (i * 10)
++
++
++def determine_apache_port(public_port, singlenode_mode=False):
++    '''
++    Description: Determine correct apache listening port based on public IP +
++    state of the cluster.
++
++    public_port: int: standard public port for given service
++
++    singlenode_mode: boolean: Shuffle ports when only a single unit is present
++
++    returns: int: the correct listening port for the HAProxy service
++    '''
++    i = 0
++    if singlenode_mode:
++        i += 1
++    elif len(peer_units()) > 0 or is_clustered():
++        i += 1
++    return public_port - (i * 10)
++
++
++def get_hacluster_config(exclude_keys=None):
++    '''
++    Obtains all relevant configuration from charm configuration required
++    for initiating a relation to hacluster:
++
++        ha-bindiface, ha-mcastport, vip
++
++    param: exclude_keys: list of setting key(s) to be excluded.
++    returns: dict: A dict containing settings keyed by setting name.
++    raises: HAIncompleteConfig if settings are missing.
++    '''
++    settings = ['ha-bindiface', 'ha-mcastport', 'vip']
++    conf = {}
++    for setting in settings:
++        if exclude_keys and setting in exclude_keys:
++            continue
++
++        conf[setting] = config_get(setting)
++    missing = []
++    [missing.append(s) for s, v in six.iteritems(conf) if v is None]
++    if missing:
++        log('Insufficient config data to configure hacluster.', level=ERROR)
++        raise HAIncompleteConfig
++    return conf
++
++
++def canonical_url(configs, vip_setting='vip'):
++    '''
++    Returns the correct HTTP URL to this host given the state of HTTPS
++    configuration and hacluster.
++
++    :configs    : OSTemplateRenderer: A config tempating object to inspect for
++                                      a complete https context.
++
++    :vip_setting:                str: Setting in charm config that specifies
++                                      VIP address.
++    '''
++    scheme = 'http'
++    if 'https' in configs.complete_contexts():
++        scheme = 'https'
++    if is_clustered():
++        addr = config_get(vip_setting)
++    else:
++        addr = unit_get('private-address')
++    return '%s://%s' % (scheme, addr)
 === added directory 'charmhelpers.new/contrib/network'
 === added file 'charmhelpers.new/contrib/network/ip.py'
 --- charmhelpers.new/contrib/network/ip.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/contrib/network/ip.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,458 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++import glob
++import re
++import subprocess
++import six
++import socket
++
++from functools import partial
++
++from charmhelpers.core.hookenv import unit_get
++from charmhelpers.fetch import apt_install, apt_update
++from charmhelpers.core.hookenv import (
++    log,
++    WARNING,
++)
++
++try:
++    import netifaces
++except ImportError:
++    apt_update(fatal=True)
++    apt_install('python-netifaces', fatal=True)
++    import netifaces
++
++try:
++    import netaddr
++except ImportError:
++    apt_update(fatal=True)
++    apt_install('python-netaddr', fatal=True)
++    import netaddr
++
++
++def _validate_cidr(network):
++    try:
++        netaddr.IPNetwork(network)
++    except (netaddr.core.AddrFormatError, ValueError):
++        raise ValueError("Network (%s) is not in CIDR presentation format" %
++                         network)
++
++
++def no_ip_found_error_out(network):
++    errmsg = ("No IP address found in network(s): %s" % network)
++    raise ValueError(errmsg)
++
++
++def get_address_in_network(network, fallback=None, fatal=False):
++    """Get an IPv4 or IPv6 address within the network from the host.
++
++    :param network (str): CIDR presentation format. For example,
++        '192.168.1.0/24'. Supports multiple networks as a space-delimited list.
++    :param fallback (str): If no address is found, return fallback.
++    :param fatal (boolean): If no address is found, fallback is not
++        set and fatal is True then exit(1).
++    """
++    if network is None:
++        if fallback is not None:
++            return fallback
++
++        if fatal:
++            no_ip_found_error_out(network)
++        else:
++            return None
++
++    networks = network.split() or [network]
++    for network in networks:
++        _validate_cidr(network)
++        network = netaddr.IPNetwork(network)
++        for iface in netifaces.interfaces():
++            addresses = netifaces.ifaddresses(iface)
++            if network.version == 4 and netifaces.AF_INET in addresses:
++                addr = addresses[netifaces.AF_INET][0]['addr']
++                netmask = addresses[netifaces.AF_INET][0]['netmask']
++                cidr = netaddr.IPNetwork("%s/%s" % (addr, netmask))
++                if cidr in network:
++                    return str(cidr.ip)
++
++            if network.version == 6 and netifaces.AF_INET6 in addresses:
++                for addr in addresses[netifaces.AF_INET6]:
++                    if not addr['addr'].startswith('fe80'):
++                        cidr = netaddr.IPNetwork("%s/%s" % (addr['addr'],
++                                                            addr['netmask']))
++                        if cidr in network:
++                            return str(cidr.ip)
++
++    if fallback is not None:
++        return fallback
++
++    if fatal:
++        no_ip_found_error_out(network)
++
++    return None
++
++
++def is_ipv6(address):
++    """Determine whether provided address is IPv6 or not."""
++    try:
++        address = netaddr.IPAddress(address)
++    except netaddr.AddrFormatError:
++        # probably a hostname - so not an address at all!
++        return False
++
++    return address.version == 6
++
++
++def is_address_in_network(network, address):
++    """
++    Determine whether the provided address is within a network range.
++
++    :param network (str): CIDR presentation format. For example,
++        '192.168.1.0/24'.
++    :param address: An individual IPv4 or IPv6 address without a net
++        mask or subnet prefix. For example, '192.168.1.1'.
++    :returns boolean: Flag indicating whether address is in network.
++    """
++    try:
++        network = netaddr.IPNetwork(network)
++    except (netaddr.core.AddrFormatError, ValueError):
++        raise ValueError("Network (%s) is not in CIDR presentation format" %
++                         network)
++
++    try:
++        address = netaddr.IPAddress(address)
++    except (netaddr.core.AddrFormatError, ValueError):
++        raise ValueError("Address (%s) is not in correct presentation format" %
++                         address)
++
++    if address in network:
++        return True
++    else:
++        return False
++
++
++def _get_for_address(address, key):
++    """Retrieve an attribute of or the physical interface that
++    the IP address provided could be bound to.
++
++    :param address (str): An individual IPv4 or IPv6 address without a net
++        mask or subnet prefix. For example, '192.168.1.1'.
++    :param key: 'iface' for the physical interface name or an attribute
++        of the configured interface, for example 'netmask'.
++    :returns str: Requested attribute or None if address is not bindable.
++    """
++    address = netaddr.IPAddress(address)
++    for iface in netifaces.interfaces():
++        addresses = netifaces.ifaddresses(iface)
++        if address.version == 4 and netifaces.AF_INET in addresses:
++            addr = addresses[netifaces.AF_INET][0]['addr']
++            netmask = addresses[netifaces.AF_INET][0]['netmask']
++            network = netaddr.IPNetwork("%s/%s" % (addr, netmask))
++            cidr = network.cidr
++            if address in cidr:
++                if key == 'iface':
++                    return iface
++                else:
++                    return addresses[netifaces.AF_INET][0][key]
++
++        if address.version == 6 and netifaces.AF_INET6 in addresses:
++            for addr in addresses[netifaces.AF_INET6]:
++                if not addr['addr'].startswith('fe80'):
++                    network = netaddr.IPNetwork("%s/%s" % (addr['addr'],
++                                                           addr['netmask']))
++                    cidr = network.cidr
++                    if address in cidr:
++                        if key == 'iface':
++                            return iface
++                        elif key == 'netmask' and cidr:
++                            return str(cidr).split('/')[1]
++                        else:
++                            return addr[key]
++
++    return None
++
++
++get_iface_for_address = partial(_get_for_address, key='iface')
++
++
++get_netmask_for_address = partial(_get_for_address, key='netmask')
++
++
++def format_ipv6_addr(address):
++    """If address is IPv6, wrap it in '[]' otherwise return None.
++
++    This is required by most configuration files when specifying IPv6
++    addresses.
++    """
++    if is_ipv6(address):
++        return "[%s]" % address
++
++    return None
++
++
++def get_iface_addr(iface='eth0', inet_type='AF_INET', inc_aliases=False,
++                   fatal=True, exc_list=None):
++    """Return the assigned IP address for a given interface, if any."""
++    # Extract nic if passed /dev/ethX
++    if '/' in iface:
++        iface = iface.split('/')[-1]
++
++    if not exc_list:
++        exc_list = []
++
++    try:
++        inet_num = getattr(netifaces, inet_type)
++    except AttributeError:
++        raise Exception("Unknown inet type '%s'" % str(inet_type))
++
++    interfaces = netifaces.interfaces()
++    if inc_aliases:
++        ifaces = []
++        for _iface in interfaces:
++            if iface == _iface or _iface.split(':')[0] == iface:
++                ifaces.append(_iface)
++
++        if fatal and not ifaces:
++            raise Exception("Invalid interface '%s'" % iface)
++
++        ifaces.sort()
++    else:
++        if iface not in interfaces:
++            if fatal:
++                raise Exception("Interface '%s' not found " % (iface))
++            else:
++                return []
++
++        else:
++            ifaces = [iface]
++
++    addresses = []
++    for netiface in ifaces:
++        net_info = netifaces.ifaddresses(netiface)
++        if inet_num in net_info:
++            for entry in net_info[inet_num]:
++                if 'addr' in entry and entry['addr'] not in exc_list:
++                    addresses.append(entry['addr'])
++
++    if fatal and not addresses:
++        raise Exception("Interface '%s' doesn't have any %s addresses." %
++                        (iface, inet_type))
++
++    return sorted(addresses)
++
++
++get_ipv4_addr = partial(get_iface_addr, inet_type='AF_INET')
++
++
++def get_iface_from_addr(addr):
++    """Work out on which interface the provided address is configured."""
++    for iface in netifaces.interfaces():
++        addresses = netifaces.ifaddresses(iface)
++        for inet_type in addresses:
++            for _addr in addresses[inet_type]:
++                _addr = _addr['addr']
++                # link local
++                ll_key = re.compile("(.+)%.*")
++                raw = re.match(ll_key, _addr)
++                if raw:
++                    _addr = raw.group(1)
++
++                if _addr == addr:
++                    log("Address '%s' is configured on iface '%s'" %
++                        (addr, iface))
++                    return iface
++
++    msg = "Unable to infer net iface on which '%s' is configured" % (addr)
++    raise Exception(msg)
++
++
++def sniff_iface(f):
++    """Ensure decorated function is called with a value for iface.
++
++    If no iface provided, inject net iface inferred from unit private address.
++    """
++    def iface_sniffer(*args, **kwargs):
++        if not kwargs.get('iface', None):
++            kwargs['iface'] = get_iface_from_addr(unit_get('private-address'))
++
++        return f(*args, **kwargs)
++
++    return iface_sniffer
++
++
++@sniff_iface
++def get_ipv6_addr(iface=None, inc_aliases=False, fatal=True, exc_list=None,
++                  dynamic_only=True):
++    """Get assigned IPv6 address for a given interface.
++
++    Returns list of addresses found. If no address found, returns empty list.
++
++    If iface is None, we infer the current primary interface by doing a reverse
++    lookup on the unit private-address.
++
++    We currently only support scope global IPv6 addresses i.e. non-temporary
++    addresses. If no global IPv6 address is found, return the first one found
++    in the ipv6 address list.
++    """
++    addresses = get_iface_addr(iface=iface, inet_type='AF_INET6',
++                               inc_aliases=inc_aliases, fatal=fatal,
++                               exc_list=exc_list)
++
++    if addresses:
++        global_addrs = []
++        for addr in addresses:
++            key_scope_link_local = re.compile("^fe80::..(.+)%(.+)")
++            m = re.match(key_scope_link_local, addr)
++            if m:
++                eui_64_mac = m.group(1)
++                iface = m.group(2)
++            else:
++                global_addrs.append(addr)
++
++        if global_addrs:
++            # Make sure any found global addresses are not temporary
++            cmd = ['ip', 'addr', 'show', iface]
++            out = subprocess.check_output(cmd).decode('UTF-8')
++            if dynamic_only:
++                key = re.compile("inet6 (.+)/[0-9]+ scope global dynamic.*")
++            else:
++                key = re.compile("inet6 (.+)/[0-9]+ scope global.*")
++
++            addrs = []
++            for line in out.split('\n'):
++                line = line.strip()
++                m = re.match(key, line)
++                if m and 'temporary' not in line:
++                    # Return the first valid address we find
++                    for addr in global_addrs:
++                        if m.group(1) == addr:
++                            if not dynamic_only or \
++                                    m.group(1).endswith(eui_64_mac):
++                                addrs.append(addr)
++
++            if addrs:
++                return addrs
++
++    if fatal:
++        raise Exception("Interface '%s' does not have a scope global "
++                        "non-temporary ipv6 address." % iface)
++
++    return []
++
++
++def get_bridges(vnic_dir='/sys/devices/virtual/net'):
++    """Return a list of bridges on the system."""
++    b_regex = "%s/*/bridge" % vnic_dir
++    return [x.replace(vnic_dir, '').split('/')[1] for x in glob.glob(b_regex)]
++
++
++def get_bridge_nics(bridge, vnic_dir='/sys/devices/virtual/net'):
++    """Return a list of nics comprising a given bridge on the system."""
++    brif_regex = "%s/%s/brif/*" % (vnic_dir, bridge)
++    return [x.split('/')[-1] for x in glob.glob(brif_regex)]
++
++
++def is_bridge_member(nic):
++    """Check if a given nic is a member of a bridge."""
++    for bridge in get_bridges():
++        if nic in get_bridge_nics(bridge):
++            return True
++
++    return False
++
++
++def is_ip(address):
++    """
++    Returns True if address is a valid IP address.
++    """
++    try:
++        # Test to see if already an IPv4 address
++        socket.inet_aton(address)
++        return True
++    except socket.error:
++        return False
++
++
++def ns_query(address):
++    try:
++        import dns.resolver
++    except ImportError:
++        apt_install('python-dnspython')
++        import dns.resolver
++
++    if isinstance(address, dns.name.Name):
++        rtype = 'PTR'
++    elif isinstance(address, six.string_types):
++        rtype = 'A'
++    else:
++        return None
++
++    answers = dns.resolver.query(address, rtype)
++    if answers:
++        return str(answers[0])
++    return None
++
++
++def get_host_ip(hostname, fallback=None):
++    """
++    Resolves the IP for a given hostname, or returns
++    the input if it is already an IP.
++    """
++    if is_ip(hostname):
++        return hostname
++
++    ip_addr = ns_query(hostname)
++    if not ip_addr:
++        try:
++            ip_addr = socket.gethostbyname(hostname)
++        except:
++            log("Failed to resolve hostname '%s'" % (hostname),
++                level=WARNING)
++            return fallback
++    return ip_addr
++
++
++def get_hostname(address, fqdn=True):
++    """
++    Resolves hostname for given IP, or returns the input
++    if it is already a hostname.
++    """
++    if is_ip(address):
++        try:
++            import dns.reversename
++        except ImportError:
++            apt_install("python-dnspython")
++            import dns.reversename
++
++        rev = dns.reversename.from_address(address)
++        result = ns_query(rev)
++
++        if not result:
++            try:
++                result = socket.gethostbyaddr(address)[0]
++            except:
++                return None
++    else:
++        result = address
++
++    if fqdn:
++        # strip trailing .
++        if result.endswith('.'):
++            return result[:-1]
++        else:
++            return result
++    else:
++        return result.split('.')[0]
 === added directory 'charmhelpers.new/contrib/openstack'
 === added directory 'charmhelpers.new/contrib/openstack/amulet'
 === added file 'charmhelpers.new/contrib/openstack/amulet/deployment.py'
 --- charmhelpers.new/contrib/openstack/amulet/deployment.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/contrib/openstack/amulet/deployment.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,302 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++import logging
++import re
++import sys
++import six
++from collections import OrderedDict
++from charmhelpers.contrib.amulet.deployment import (
++    AmuletDeployment
++)
++
++DEBUG = logging.DEBUG
++ERROR = logging.ERROR
++
++
++class OpenStackAmuletDeployment(AmuletDeployment):
++    """OpenStack amulet deployment.
++
++       This class inherits from AmuletDeployment and has additional support
++       that is specifically for use by OpenStack charms.
++       """
++
++    def __init__(self, series=None, openstack=None, source=None,
++                 stable=True, log_level=DEBUG):
++        """Initialize the deployment environment."""
++        super(OpenStackAmuletDeployment, self).__init__(series)
++        self.log = self.get_logger(level=log_level)
++        self.log.info('OpenStackAmuletDeployment:  init')
++        self.openstack = openstack
++        self.source = source
++        self.stable = stable
++        # Note(coreycb): this needs to be changed when new next branches come
++        # out.
++        self.current_next = "trusty"
++
++    def get_logger(self, name="deployment-logger", level=logging.DEBUG):
++        """Get a logger object that will log to stdout."""
++        log = logging
++        logger = log.getLogger(name)
++        fmt = log.Formatter("%(asctime)s %(funcName)s "
++                            "%(levelname)s: %(message)s")
++
++        handler = log.StreamHandler(stream=sys.stdout)
++        handler.setLevel(level)
++        handler.setFormatter(fmt)
++
++        logger.addHandler(handler)
++        logger.setLevel(level)
++
++        return logger
++
++    def _determine_branch_locations(self, other_services):
++        """Determine the branch locations for the other services.
++
++           Determine if the local branch being tested is derived from its
++           stable or next (dev) branch, and based on this, use the corresonding
++           stable or next branches for the other_services."""
++
++        self.log.info('OpenStackAmuletDeployment:  determine branch locations')
++
++        # Charms outside the lp:~openstack-charmers namespace
++        base_charms = ['mysql', 'mongodb', 'nrpe']
++
++        # Force these charms to current series even when using an older series.
++        # ie. Use trusty/nrpe even when series is precise, as the P charm
++        # does not possess the necessary external master config and hooks.
++        force_series_current = ['nrpe']
++
++        if self.series in ['precise', 'trusty']:
++            base_series = self.series
++        else:
++            base_series = self.current_next
++
++        for svc in other_services:
++            if svc['name'] in force_series_current:
++                base_series = self.current_next
++            # If a location has been explicitly set, use it
++            if svc.get('location'):
++                continue
++            if self.stable:
++                temp = 'lp:charms/{}/{}'
++                svc['location'] = temp.format(base_series,
++                                              svc['name'])
++            else:
++                if svc['name'] in base_charms:
++                    temp = 'lp:charms/{}/{}'
++                    svc['location'] = temp.format(base_series,
++                                                  svc['name'])
++                else:
++                    temp = 'lp:~openstack-charmers/charms/{}/{}/next'
++                    svc['location'] = temp.format(self.current_next,
++                                                  svc['name'])
++
++        return other_services
++
++    def _add_services(self, this_service, other_services):
++        """Add services to the deployment and set openstack-origin/source."""
++        self.log.info('OpenStackAmuletDeployment:  adding services')
++
++        other_services = self._determine_branch_locations(other_services)
++
++        super(OpenStackAmuletDeployment, self)._add_services(this_service,
++                                                             other_services)
++
++        services = other_services
++        services.append(this_service)
++
++        # Charms which should use the source config option
++        use_source = ['mysql', 'mongodb', 'rabbitmq-server', 'ceph',
++                      'ceph-osd', 'ceph-radosgw', 'ceph-mon']
++
++        # Charms which can not use openstack-origin, ie. many subordinates
++        no_origin = ['cinder-ceph', 'hacluster', 'neutron-openvswitch', 'nrpe',
++                     'openvswitch-odl', 'neutron-api-odl', 'odl-controller',
++                     'cinder-backup']
++
++        if self.openstack:
++            for svc in services:
++                if svc['name'] not in use_source + no_origin:
++                    config = {'openstack-origin': self.openstack}
++                    self.d.configure(svc['name'], config)
++
++        if self.source:
++            for svc in services:
++                if svc['name'] in use_source and svc['name'] not in no_origin:
++                    config = {'source': self.source}
++                    self.d.configure(svc['name'], config)
++
++    def _configure_services(self, configs):
++        """Configure all of the services."""
++        self.log.info('OpenStackAmuletDeployment:  configure services')
++        for service, config in six.iteritems(configs):
++            self.d.configure(service, config)
++
++    def _auto_wait_for_status(self, message=None, exclude_services=None,
++                              include_only=None, timeout=1800):
++        """Wait for all units to have a specific extended status, except
++        for any defined as excluded.  Unless specified via message, any
++        status containing any case of 'ready' will be considered a match.
++
++        Examples of message usage:
++
++          Wait for all unit status to CONTAIN any case of 'ready' or 'ok':
++              message = re.compile('.*ready.*|.*ok.*', re.IGNORECASE)
++
++          Wait for all units to reach this status (exact match):
++              message = re.compile('^Unit is ready and clustered$')
++
++          Wait for all units to reach any one of these (exact match):
++              message = re.compile('Unit is ready|OK|Ready')
++
++          Wait for at least one unit to reach this status (exact match):
++              message = {'ready'}
++
++        See Amulet's sentry.wait_for_messages() for message usage detail.
++        https://github.com/juju/amulet/blob/master/amulet/sentry.py
++
++        :param message: Expected status match
++        :param exclude_services: List of juju service names to ignore,
++            not to be used in conjuction with include_only.
++        :param include_only: List of juju service names to exclusively check,
++            not to be used in conjuction with exclude_services.
++        :param timeout: Maximum time in seconds to wait for status match
++        :returns: None.  Raises if timeout is hit.
++        """
++        self.log.info('Waiting for extended status on units...')
++
++        all_services = self.d.services.keys()
++
++        if exclude_services and include_only:
++            raise ValueError('exclude_services can not be used '
++                             'with include_only')
++
++        if message:
++            if isinstance(message, re._pattern_type):
++                match = message.pattern
++            else:
++                match = message
++
++            self.log.debug('Custom extended status wait match: '
++                           '{}'.format(match))
++        else:
++            self.log.debug('Default extended status wait match:  contains '
++                           'READY (case-insensitive)')
++            message = re.compile('.*ready.*', re.IGNORECASE)
++
++        if exclude_services:
++            self.log.debug('Excluding services from extended status match: '
++                           '{}'.format(exclude_services))
++        else:
++            exclude_services = []
++
++        if include_only:
++            services = include_only
++        else:
++            services = list(set(all_services) - set(exclude_services))
++
++        self.log.debug('Waiting up to {}s for extended status on services: '
++                       '{}'.format(timeout, services))
++        service_messages = {service: message for service in services}
++        self.d.sentry.wait_for_messages(service_messages, timeout=timeout)
++        self.log.info('OK')
++
++    def _get_openstack_release(self):
++        """Get openstack release.
++
++           Return an integer representing the enum value of the openstack
++           release.
++           """
++        # Must be ordered by OpenStack release (not by Ubuntu release):
++        (self.precise_essex, self.precise_folsom, self.precise_grizzly,
++         self.precise_havana, self.precise_icehouse,
++         self.trusty_icehouse, self.trusty_juno, self.utopic_juno,
++         self.trusty_kilo, self.vivid_kilo, self.trusty_liberty,
++         self.wily_liberty, self.trusty_mitaka,
++         self.xenial_mitaka) = range(14)
++
++        releases = {
++            ('precise', None): self.precise_essex,
++            ('precise', 'cloud:precise-folsom'): self.precise_folsom,
++            ('precise', 'cloud:precise-grizzly'): self.precise_grizzly,
++            ('precise', 'cloud:precise-havana'): self.precise_havana,
++            ('precise', 'cloud:precise-icehouse'): self.precise_icehouse,
++            ('trusty', None): self.trusty_icehouse,
++            ('trusty', 'cloud:trusty-juno'): self.trusty_juno,
++            ('trusty', 'cloud:trusty-kilo'): self.trusty_kilo,
++            ('trusty', 'cloud:trusty-liberty'): self.trusty_liberty,
++            ('trusty', 'cloud:trusty-mitaka'): self.trusty_mitaka,
++            ('utopic', None): self.utopic_juno,
++            ('vivid', None): self.vivid_kilo,
++            ('wily', None): self.wily_liberty,
++            ('xenial', None): self.xenial_mitaka}
++        return releases[(self.series, self.openstack)]
++
++    def _get_openstack_release_string(self):
++        """Get openstack release string.
++
++           Return a string representing the openstack release.
++           """
++        releases = OrderedDict([
++            ('precise', 'essex'),
++            ('quantal', 'folsom'),
++            ('raring', 'grizzly'),
++            ('saucy', 'havana'),
++            ('trusty', 'icehouse'),
++            ('utopic', 'juno'),
++            ('vivid', 'kilo'),
++            ('wily', 'liberty'),
++            ('xenial', 'mitaka'),
++        ])
++        if self.openstack:
++            os_origin = self.openstack.split(':')[1]
++            return os_origin.split('%s-' % self.series)[1].split('/')[0]
++        else:
++            return releases[self.series]
++
++    def get_ceph_expected_pools(self, radosgw=False):
++        """Return a list of expected ceph pools in a ceph + cinder + glance
++        test scenario, based on OpenStack release and whether ceph radosgw
++        is flagged as present or not."""
++
++        if self._get_openstack_release() >= self.trusty_kilo:
++            # Kilo or later
++            pools = [
++                'rbd',
++                'cinder',
++                'glance'
++            ]
++        else:
++            # Juno or earlier
++            pools = [
++                'data',
++                'metadata',
++                'rbd',
++                'cinder',
++                'glance'
++            ]
++
++        if radosgw:
++            pools.extend([
++                '.rgw.root',
++                '.rgw.control',
++                '.rgw',
++                '.rgw.gc',
++                '.users.uid'
++            ])
++
++        return pools
 === added file 'charmhelpers.new/contrib/openstack/amulet/utils.py'
 --- charmhelpers.new/contrib/openstack/amulet/utils.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/contrib/openstack/amulet/utils.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,985 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++import amulet
++import json
++import logging
++import os
++import re
++import six
++import time
++import urllib
++
++import cinderclient.v1.client as cinder_client
++import glanceclient.v1.client as glance_client
++import heatclient.v1.client as heat_client
++import keystoneclient.v2_0 as keystone_client
++import novaclient.v1_1.client as nova_client
++import pika
++import swiftclient
++
++from charmhelpers.contrib.amulet.utils import (
++    AmuletUtils
++)
++
++DEBUG = logging.DEBUG
++ERROR = logging.ERROR
++
++
++class OpenStackAmuletUtils(AmuletUtils):
++    """OpenStack amulet utilities.
++
++       This class inherits from AmuletUtils and has additional support
++       that is specifically for use by OpenStack charm tests.
++       """
++
++    def __init__(self, log_level=ERROR):
++        """Initialize the deployment environment."""
++        super(OpenStackAmuletUtils, self).__init__(log_level)
++
++    def validate_endpoint_data(self, endpoints, admin_port, internal_port,
++                               public_port, expected):
++        """Validate endpoint data.
++
++           Validate actual endpoint data vs expected endpoint data. The ports
++           are used to find the matching endpoint.
++           """
++        self.log.debug('Validating endpoint data...')
++        self.log.debug('actual: {}'.format(repr(endpoints)))
++        found = False
++        for ep in endpoints:
++            self.log.debug('endpoint: {}'.format(repr(ep)))
++            if (admin_port in ep.adminurl and
++                    internal_port in ep.internalurl and
++                    public_port in ep.publicurl):
++                found = True
++                actual = {'id': ep.id,
++                          'region': ep.region,
++                          'adminurl': ep.adminurl,
++                          'internalurl': ep.internalurl,
++                          'publicurl': ep.publicurl,
++                          'service_id': ep.service_id}
++                ret = self._validate_dict_data(expected, actual)
++                if ret:
++                    return 'unexpected endpoint data - {}'.format(ret)
++
++        if not found:
++            return 'endpoint not found'
++
++    def validate_svc_catalog_endpoint_data(self, expected, actual):
++        """Validate service catalog endpoint data.
++
++           Validate a list of actual service catalog endpoints vs a list of
++           expected service catalog endpoints.
++           """
++        self.log.debug('Validating service catalog endpoint data...')
++        self.log.debug('actual: {}'.format(repr(actual)))
++        for k, v in six.iteritems(expected):
++            if k in actual:
++                ret = self._validate_dict_data(expected[k][0], actual[k][0])
++                if ret:
++                    return self.endpoint_error(k, ret)
++            else:
++                return "endpoint {} does not exist".format(k)
++        return ret
++
++    def validate_tenant_data(self, expected, actual):
++        """Validate tenant data.
++
++           Validate a list of actual tenant data vs list of expected tenant
++           data.
++           """
++        self.log.debug('Validating tenant data...')
++        self.log.debug('actual: {}'.format(repr(actual)))
++        for e in expected:
++            found = False
++            for act in actual:
++                a = {'enabled': act.enabled, 'description': act.description,
++                     'name': act.name, 'id': act.id}
++                if e['name'] == a['name']:
++                    found = True
++                    ret = self._validate_dict_data(e, a)
++                    if ret:
++                        return "unexpected tenant data - {}".format(ret)
++            if not found:
++                return "tenant {} does not exist".format(e['name'])
++        return ret
++
++    def validate_role_data(self, expected, actual):
++        """Validate role data.
++
++           Validate a list of actual role data vs a list of expected role
++           data.
++           """
++        self.log.debug('Validating role data...')
++        self.log.debug('actual: {}'.format(repr(actual)))
++        for e in expected:
++            found = False
++            for act in actual:
++                a = {'name': act.name, 'id': act.id}
++                if e['name'] == a['name']:
++                    found = True
++                    ret = self._validate_dict_data(e, a)
++                    if ret:
++                        return "unexpected role data - {}".format(ret)
++            if not found:
++                return "role {} does not exist".format(e['name'])
++        return ret
++
++    def validate_user_data(self, expected, actual):
++        """Validate user data.
++
++           Validate a list of actual user data vs a list of expected user
++           data.
++           """
++        self.log.debug('Validating user data...')
++        self.log.debug('actual: {}'.format(repr(actual)))
++        for e in expected:
++            found = False
++            for act in actual:
++                a = {'enabled': act.enabled, 'name': act.name,
++                     'email': act.email, 'tenantId': act.tenantId,
++                     'id': act.id}
++                if e['name'] == a['name']:
++                    found = True
++                    ret = self._validate_dict_data(e, a)
++                    if ret:
++                        return "unexpected user data - {}".format(ret)
++            if not found:
++                return "user {} does not exist".format(e['name'])
++        return ret
++
++    def validate_flavor_data(self, expected, actual):
++        """Validate flavor data.
++
++           Validate a list of actual flavors vs a list of expected flavors.
++           """
++        self.log.debug('Validating flavor data...')
++        self.log.debug('actual: {}'.format(repr(actual)))
++        act = [a.name for a in actual]
++        return self._validate_list_data(expected, act)
++
++    def tenant_exists(self, keystone, tenant):
++        """Return True if tenant exists."""
++        self.log.debug('Checking if tenant exists ({})...'.format(tenant))
++        return tenant in [t.name for t in keystone.tenants.list()]
++
++    def authenticate_cinder_admin(self, keystone_sentry, username,
++                                  password, tenant):
++        """Authenticates admin user with cinder."""
++        # NOTE(beisner): cinder python client doesn't accept tokens.
++        service_ip = \
++            keystone_sentry.relation('shared-db',
++                                     'mysql:shared-db')['private-address']
++        ept = "http://{}:5000/v2.0".format(service_ip.strip().decode('utf-8'))
++        return cinder_client.Client(username, password, tenant, ept)
++
++    def authenticate_keystone_admin(self, keystone_sentry, user, password,
++                                    tenant):
++        """Authenticates admin user with the keystone admin endpoint."""
++        self.log.debug('Authenticating keystone admin...')
++        unit = keystone_sentry
++        service_ip = unit.relation('shared-db',
++                                   'mysql:shared-db')['private-address']
++        ep = "http://{}:35357/v2.0".format(service_ip.strip().decode('utf-8'))
++        return keystone_client.Client(username=user, password=password,
++                                      tenant_name=tenant, auth_url=ep)
++
++    def authenticate_keystone_user(self, keystone, user, password, tenant):
++        """Authenticates a regular user with the keystone public endpoint."""
++        self.log.debug('Authenticating keystone user ({})...'.format(user))
++        ep = keystone.service_catalog.url_for(service_type='identity',
++                                              endpoint_type='publicURL')
++        return keystone_client.Client(username=user, password=password,
++                                      tenant_name=tenant, auth_url=ep)
++
++    def authenticate_glance_admin(self, keystone):
++        """Authenticates admin user with glance."""
++        self.log.debug('Authenticating glance admin...')
++        ep = keystone.service_catalog.url_for(service_type='image',
++                                              endpoint_type='adminURL')
++        return glance_client.Client(ep, token=keystone.auth_token)
++
++    def authenticate_heat_admin(self, keystone):
++        """Authenticates the admin user with heat."""
++        self.log.debug('Authenticating heat admin...')
++        ep = keystone.service_catalog.url_for(service_type='orchestration',
++                                              endpoint_type='publicURL')
++        return heat_client.Client(endpoint=ep, token=keystone.auth_token)
++
++    def authenticate_nova_user(self, keystone, user, password, tenant):
++        """Authenticates a regular user with nova-api."""
++        self.log.debug('Authenticating nova user ({})...'.format(user))
++        ep = keystone.service_catalog.url_for(service_type='identity',
++                                              endpoint_type='publicURL')
++        return nova_client.Client(username=user, api_key=password,
++                                  project_id=tenant, auth_url=ep)
++
++    def authenticate_swift_user(self, keystone, user, password, tenant):
++        """Authenticates a regular user with swift api."""
++        self.log.debug('Authenticating swift user ({})...'.format(user))
++        ep = keystone.service_catalog.url_for(service_type='identity',
++                                              endpoint_type='publicURL')
++        return swiftclient.Connection(authurl=ep,
++                                      user=user,
++                                      key=password,
++                                      tenant_name=tenant,
++                                      auth_version='2.0')
++
++    def create_cirros_image(self, glance, image_name):
++        """Download the latest cirros image and upload it to glance,
++        validate and return a resource pointer.
++
++        :param glance: pointer to authenticated glance connection
++        :param image_name: display name for new image
++        :returns: glance image pointer
++        """
++        self.log.debug('Creating glance cirros image '
++                       '({})...'.format(image_name))
++
++        # Download cirros image
++        http_proxy = os.getenv('AMULET_HTTP_PROXY')
++        self.log.debug('AMULET_HTTP_PROXY: {}'.format(http_proxy))
++        if http_proxy:
++            proxies = {'http': http_proxy}
++            opener = urllib.FancyURLopener(proxies)
++        else:
++            opener = urllib.FancyURLopener()
++
++        f = opener.open('http://download.cirros-cloud.net/version/released')
++        version = f.read().strip()
++        cirros_img = 'cirros-{}-x86_64-disk.img'.format(version)
++        local_path = os.path.join('tests', cirros_img)
++
++        if not os.path.exists(local_path):
++            cirros_url = 'http://{}/{}/{}'.format('download.cirros-cloud.net',
++                                                  version, cirros_img)
++            opener.retrieve(cirros_url, local_path)
++        f.close()
++
++        # Create glance image
++        with open(local_path) as f:
++            image = glance.images.create(name=image_name, is_public=True,
++                                         disk_format='qcow2',
++                                         container_format='bare', data=f)
++
++        # Wait for image to reach active status
++        img_id = image.id
++        ret = self.resource_reaches_status(glance.images, img_id,
++                                           expected_stat='active',
++                                           msg='Image status wait')
++        if not ret:
++            msg = 'Glance image failed to reach expected state.'
++            amulet.raise_status(amulet.FAIL, msg=msg)
++
++        # Re-validate new image
++        self.log.debug('Validating image attributes...')
++        val_img_name = glance.images.get(img_id).name
++        val_img_stat = glance.images.get(img_id).status
++        val_img_pub = glance.images.get(img_id).is_public
++        val_img_cfmt = glance.images.get(img_id).container_format
++        val_img_dfmt = glance.images.get(img_id).disk_format
++        msg_attr = ('Image attributes - name:{} public:{} id:{} stat:{} '
++                    'container fmt:{} disk fmt:{}'.format(
++                        val_img_name, val_img_pub, img_id,
++                        val_img_stat, val_img_cfmt, val_img_dfmt))
++
++        if val_img_name == image_name and val_img_stat == 'active' \
++                and val_img_pub is True and val_img_cfmt == 'bare' \
++                and val_img_dfmt == 'qcow2':
++            self.log.debug(msg_attr)
++        else:
++            msg = ('Volume validation failed, {}'.format(msg_attr))
++            amulet.raise_status(amulet.FAIL, msg=msg)
++
++        return image
++
++    def delete_image(self, glance, image):
++        """Delete the specified image."""
++
++        # /!\ DEPRECATION WARNING
++        self.log.warn('/!\\ DEPRECATION WARNING:  use '
++                      'delete_resource instead of delete_image.')
++        self.log.debug('Deleting glance image ({})...'.format(image))
++        return self.delete_resource(glance.images, image, msg='glance image')
++
++    def create_instance(self, nova, image_name, instance_name, flavor):
++        """Create the specified instance."""
++        self.log.debug('Creating instance '
++                       '({}|{}|{})'.format(instance_name, image_name, flavor))
++        image = nova.images.find(name=image_name)
++        flavor = nova.flavors.find(name=flavor)
++        instance = nova.servers.create(name=instance_name, image=image,
++                                       flavor=flavor)
++
++        count = 1
++        status = instance.status
++        while status != 'ACTIVE' and count < 60:
++            time.sleep(3)
++            instance = nova.servers.get(instance.id)
++            status = instance.status
++            self.log.debug('instance status: {}'.format(status))
++            count += 1
++
++        if status != 'ACTIVE':
++            self.log.error('instance creation timed out')
++            return None
++
++        return instance
++
++    def delete_instance(self, nova, instance):
++        """Delete the specified instance."""
++
++        # /!\ DEPRECATION WARNING
++        self.log.warn('/!\\ DEPRECATION WARNING:  use '
++                      'delete_resource instead of delete_instance.')
++        self.log.debug('Deleting instance ({})...'.format(instance))
++        return self.delete_resource(nova.servers, instance,
++                                    msg='nova instance')
++
++    def create_or_get_keypair(self, nova, keypair_name="testkey"):
++        """Create a new keypair, or return pointer if it already exists."""
++        try:
++            _keypair = nova.keypairs.get(keypair_name)
++            self.log.debug('Keypair ({}) already exists, '
++                           'using it.'.format(keypair_name))
++            return _keypair
++        except:
++            self.log.debug('Keypair ({}) does not exist, '
++                           'creating it.'.format(keypair_name))
++
++        _keypair = nova.keypairs.create(name=keypair_name)
++        return _keypair
++
++    def create_cinder_volume(self, cinder, vol_name="demo-vol", vol_size=1,
++                             img_id=None, src_vol_id=None, snap_id=None):
++        """Create cinder volume, optionally from a glance image, OR
++        optionally as a clone of an existing volume, OR optionally
++        from a snapshot.  Wait for the new volume status to reach
++        the expected status, validate and return a resource pointer.
++
++        :param vol_name: cinder volume display name
++        :param vol_size: size in gigabytes
++        :param img_id: optional glance image id
++        :param src_vol_id: optional source volume id to clone
++        :param snap_id: optional snapshot id to use
++        :returns: cinder volume pointer
++        """
++        # Handle parameter input and avoid impossible combinations
++        if img_id and not src_vol_id and not snap_id:
++            # Create volume from image
++            self.log.debug('Creating cinder volume from glance image...')
++            bootable = 'true'
++        elif src_vol_id and not img_id and not snap_id:
++            # Clone an existing volume
++            self.log.debug('Cloning cinder volume...')
++            bootable = cinder.volumes.get(src_vol_id).bootable
++        elif snap_id and not src_vol_id and not img_id:
++            # Create volume from snapshot
++            self.log.debug('Creating cinder volume from snapshot...')
++            snap = cinder.volume_snapshots.find(id=snap_id)
++            vol_size = snap.size
++            snap_vol_id = cinder.volume_snapshots.get(snap_id).volume_id
++            bootable = cinder.volumes.get(snap_vol_id).bootable
++        elif not img_id and not src_vol_id and not snap_id:
++            # Create volume
++            self.log.debug('Creating cinder volume...')
++            bootable = 'false'
++        else:
++            # Impossible combination of parameters
++            msg = ('Invalid method use - name:{} size:{} img_id:{} '
++                   'src_vol_id:{} snap_id:{}'.format(vol_name, vol_size,
++                                                     img_id, src_vol_id,
++                                                     snap_id))
++            amulet.raise_status(amulet.FAIL, msg=msg)
++
++        # Create new volume
++        try:
++            vol_new = cinder.volumes.create(display_name=vol_name,
++                                            imageRef=img_id,
++                                            size=vol_size,
++                                            source_volid=src_vol_id,
++                                            snapshot_id=snap_id)
++            vol_id = vol_new.id
++        except Exception as e:
++            msg = 'Failed to create volume: {}'.format(e)
++            amulet.raise_status(amulet.FAIL, msg=msg)
++
++        # Wait for volume to reach available status
++        ret = self.resource_reaches_status(cinder.volumes, vol_id,
++                                           expected_stat="available",
++                                           msg="Volume status wait")
++        if not ret:
++            msg = 'Cinder volume failed to reach expected state.'
++            amulet.raise_status(amulet.FAIL, msg=msg)
++
++        # Re-validate new volume
++        self.log.debug('Validating volume attributes...')
++        val_vol_name = cinder.volumes.get(vol_id).display_name
++        val_vol_boot = cinder.volumes.get(vol_id).bootable
++        val_vol_stat = cinder.volumes.get(vol_id).status
++        val_vol_size = cinder.volumes.get(vol_id).size
++        msg_attr = ('Volume attributes - name:{} id:{} stat:{} boot:'
++                    '{} size:{}'.format(val_vol_name, vol_id,
++                                        val_vol_stat, val_vol_boot,
++                                        val_vol_size))
++
++        if val_vol_boot == bootable and val_vol_stat == 'available' \
++                and val_vol_name == vol_name and val_vol_size == vol_size:
++            self.log.debug(msg_attr)
++        else:
++            msg = ('Volume validation failed, {}'.format(msg_attr))
++            amulet.raise_status(amulet.FAIL, msg=msg)
++
++        return vol_new
++
++    def delete_resource(self, resource, resource_id,
++                        msg="resource", max_wait=120):
++        """Delete one openstack resource, such as one instance, keypair,
++        image, volume, stack, etc., and confirm deletion within max wait time.
++
++        :param resource: pointer to os resource type, ex:glance_client.images
++        :param resource_id: unique name or id for the openstack resource
++        :param msg: text to identify purpose in logging
++        :param max_wait: maximum wait time in seconds
++        :returns: True if successful, otherwise False
++        """
++        self.log.debug('Deleting OpenStack resource '
++                       '{} ({})'.format(resource_id, msg))
++        num_before = len(list(resource.list()))
++        resource.delete(resource_id)
++
++        tries = 0
++        num_after = len(list(resource.list()))
++        while num_after != (num_before - 1) and tries < (max_wait / 4):
++            self.log.debug('{} delete check: '
++                           '{} [{}:{}] {}'.format(msg, tries,
++                                                  num_before,
++                                                  num_after,
++                                                  resource_id))
++            time.sleep(4)
++            num_after = len(list(resource.list()))
++            tries += 1
++
++        self.log.debug('{}:  expected, actual count = {}, '
++                       '{}'.format(msg, num_before - 1, num_after))
++
++        if num_after == (num_before - 1):
++            return True
++        else:
++            self.log.error('{} delete timed out'.format(msg))
++            return False
++
++    def resource_reaches_status(self, resource, resource_id,
++                                expected_stat='available',
++                                msg='resource', max_wait=120):
++        """Wait for an openstack resources status to reach an
++           expected status within a specified time.  Useful to confirm that
++           nova instances, cinder vols, snapshots, glance images, heat stacks
++           and other resources eventually reach the expected status.
++
++        :param resource: pointer to os resource type, ex: heat_client.stacks
++        :param resource_id: unique id for the openstack resource
++        :param expected_stat: status to expect resource to reach
++        :param msg: text to identify purpose in logging
++        :param max_wait: maximum wait time in seconds
++        :returns: True if successful, False if status is not reached
++        """
++
++        tries = 0
++        resource_stat = resource.get(resource_id).status
++        while resource_stat != expected_stat and tries < (max_wait / 4):
++            self.log.debug('{} status check: '
++                           '{} [{}:{}] {}'.format(msg, tries,
++                                                  resource_stat,
++                                                  expected_stat,
++                                                  resource_id))
++            time.sleep(4)
++            resource_stat = resource.get(resource_id).status
++            tries += 1
++
++        self.log.debug('{}:  expected, actual status = {}, '
++                       '{}'.format(msg, resource_stat, expected_stat))
++
++        if resource_stat == expected_stat:
++            return True
++        else:
++            self.log.debug('{} never reached expected status: '
++                           '{}'.format(resource_id, expected_stat))
++            return False
++
++    def get_ceph_osd_id_cmd(self, index):
++        """Produce a shell command that will return a ceph-osd id."""
++        return ("`initctl list | grep 'ceph-osd ' | "
++                "awk 'NR=={} {{ print $2 }}' | "
++                "grep -o '[0-9]*'`".format(index + 1))
++
++    def get_ceph_pools(self, sentry_unit):
++        """Return a dict of ceph pools from a single ceph unit, with
++        pool name as keys, pool id as vals."""
++        pools = {}
++        cmd = 'sudo ceph osd lspools'
++        output, code = sentry_unit.run(cmd)
++        if code != 0:
++            msg = ('{} `{}` returned {} '
++                   '{}'.format(sentry_unit.info['unit_name'],
++                               cmd, code, output))
++            amulet.raise_status(amulet.FAIL, msg=msg)
++
++        # Example output: 0 data,1 metadata,2 rbd,3 cinder,4 glance,
++        for pool in str(output).split(','):
++            pool_id_name = pool.split(' ')
++            if len(pool_id_name) == 2:
++                pool_id = pool_id_name[0]
++                pool_name = pool_id_name[1]
++                pools[pool_name] = int(pool_id)
++
++        self.log.debug('Pools on {}: {}'.format(sentry_unit.info['unit_name'],
++                                                pools))
++        return pools
++
++    def get_ceph_df(self, sentry_unit):
++        """Return dict of ceph df json output, including ceph pool state.
++
++        :param sentry_unit: Pointer to amulet sentry instance (juju unit)
++        :returns: Dict of ceph df output
++        """
++        cmd = 'sudo ceph df --format=json'
++        output, code = sentry_unit.run(cmd)
++        if code != 0:
++            msg = ('{} `{}` returned {} '
++                   '{}'.format(sentry_unit.info['unit_name'],
++                               cmd, code, output))
++            amulet.raise_status(amulet.FAIL, msg=msg)
++        return json.loads(output)
++
++    def get_ceph_pool_sample(self, sentry_unit, pool_id=0):
++        """Take a sample of attributes of a ceph pool, returning ceph
++        pool name, object count and disk space used for the specified
++        pool ID number.
++
++        :param sentry_unit: Pointer to amulet sentry instance (juju unit)
++        :param pool_id: Ceph pool ID
++        :returns: List of pool name, object count, kb disk space used
++        """
++        df = self.get_ceph_df(sentry_unit)
++        pool_name = df['pools'][pool_id]['name']
++        obj_count = df['pools'][pool_id]['stats']['objects']
++        kb_used = df['pools'][pool_id]['stats']['kb_used']
++        self.log.debug('Ceph {} pool (ID {}): {} objects, '
++                       '{} kb used'.format(pool_name, pool_id,
++                                           obj_count, kb_used))
++        return pool_name, obj_count, kb_used
++
++    def validate_ceph_pool_samples(self, samples, sample_type="resource pool"):
++        """Validate ceph pool samples taken over time, such as pool
++        object counts or pool kb used, before adding, after adding, and
++        after deleting items which affect those pool attributes.  The
++        2nd element is expected to be greater than the 1st; 3rd is expected
++        to be less than the 2nd.
++
++        :param samples: List containing 3 data samples
++        :param sample_type: String for logging and usage context
++        :returns: None if successful, Failure message otherwise
++        """
++        original, created, deleted = range(3)
++        if samples[created] <= samples[original] or \
++                samples[deleted] >= samples[created]:
++            return ('Ceph {} samples ({}) '
++                    'unexpected.'.format(sample_type, samples))
++        else:
++            self.log.debug('Ceph {} samples (OK): '
++                           '{}'.format(sample_type, samples))
++            return None
++
++    # rabbitmq/amqp specific helpers:
++
++    def rmq_wait_for_cluster(self, deployment, init_sleep=15, timeout=1200):
++        """Wait for rmq units extended status to show cluster readiness,
++        after an optional initial sleep period.  Initial sleep is likely
++        necessary to be effective following a config change, as status
++        message may not instantly update to non-ready."""
++
++        if init_sleep:
++            time.sleep(init_sleep)
++
++        message = re.compile('^Unit is ready and clustered$')
++        deployment._auto_wait_for_status(message=message,
++                                         timeout=timeout,
++                                         include_only=['rabbitmq-server'])
++
++    def add_rmq_test_user(self, sentry_units,
++                          username="testuser1", password="changeme"):
++        """Add a test user via the first rmq juju unit, check connection as
++        the new user against all sentry units.
++
++        :param sentry_units: list of sentry unit pointers
++        :param username: amqp user name, default to testuser1
++        :param password: amqp user password
++        :returns: None if successful.  Raise on error.
++        """
++        self.log.debug('Adding rmq user ({})...'.format(username))
++
++        # Check that user does not already exist
++        cmd_user_list = 'rabbitmqctl list_users'
++        output, _ = self.run_cmd_unit(sentry_units[0], cmd_user_list)
++        if username in output:
++            self.log.warning('User ({}) already exists, returning '
++                             'gracefully.'.format(username))
++            return
++
++        perms = '".*" ".*" ".*"'
++        cmds = ['rabbitmqctl add_user {} {}'.format(username, password),
++                'rabbitmqctl set_permissions {} {}'.format(username, perms)]
++
++        # Add user via first unit
++        for cmd in cmds:
++            output, _ = self.run_cmd_unit(sentry_units[0], cmd)
++
++        # Check connection against the other sentry_units
++        self.log.debug('Checking user connect against units...')
++        for sentry_unit in sentry_units:
++            connection = self.connect_amqp_by_unit(sentry_unit, ssl=False,
++                                                   username=username,
++                                                   password=password)
++            connection.close()
++
++    def delete_rmq_test_user(self, sentry_units, username="testuser1"):
++        """Delete a rabbitmq user via the first rmq juju unit.
++
++        :param sentry_units: list of sentry unit pointers
++        :param username: amqp user name, default to testuser1
++        :param password: amqp user password
++        :returns: None if successful or no such user.
++        """
++        self.log.debug('Deleting rmq user ({})...'.format(username))
++
++        # Check that the user exists
++        cmd_user_list = 'rabbitmqctl list_users'
++        output, _ = self.run_cmd_unit(sentry_units[0], cmd_user_list)
++
++        if username not in output:
++            self.log.warning('User ({}) does not exist, returning '
++                             'gracefully.'.format(username))
++            return
++
++        # Delete the user
++        cmd_user_del = 'rabbitmqctl delete_user {}'.format(username)
++        output, _ = self.run_cmd_unit(sentry_units[0], cmd_user_del)
++
++    def get_rmq_cluster_status(self, sentry_unit):
++        """Execute rabbitmq cluster status command on a unit and return
++        the full output.
++
++        :param unit: sentry unit
++        :returns: String containing console output of cluster status command
++        """
++        cmd = 'rabbitmqctl cluster_status'
++        output, _ = self.run_cmd_unit(sentry_unit, cmd)
++        self.log.debug('{} cluster_status:\n{}'.format(
++            sentry_unit.info['unit_name'], output))
++        return str(output)
++
++    def get_rmq_cluster_running_nodes(self, sentry_unit):
++        """Parse rabbitmqctl cluster_status output string, return list of
++        running rabbitmq cluster nodes.
++
++        :param unit: sentry unit
++        :returns: List containing node names of running nodes
++        """
++        # NOTE(beisner): rabbitmqctl cluster_status output is not
++        # json-parsable, do string chop foo, then json.loads that.
++        str_stat = self.get_rmq_cluster_status(sentry_unit)
++        if 'running_nodes' in str_stat:
++            pos_start = str_stat.find("{running_nodes,") + 15
++            pos_end = str_stat.find("]},", pos_start) + 1
++            str_run_nodes = str_stat[pos_start:pos_end].replace("'", '"')
++            run_nodes = json.loads(str_run_nodes)
++            return run_nodes
++        else:
++            return []
++
++    def validate_rmq_cluster_running_nodes(self, sentry_units):
++        """Check that all rmq unit hostnames are represented in the
++        cluster_status output of all units.
++
++        :param host_names: dict of juju unit names to host names
++        :param units: list of sentry unit pointers (all rmq units)
++        :returns: None if successful, otherwise return error message
++        """
++        host_names = self.get_unit_hostnames(sentry_units)
++        errors = []
++
++        # Query every unit for cluster_status running nodes
++        for query_unit in sentry_units:
++            query_unit_name = query_unit.info['unit_name']
++            running_nodes = self.get_rmq_cluster_running_nodes(query_unit)
++
++            # Confirm that every unit is represented in the queried unit's
++            # cluster_status running nodes output.
++            for validate_unit in sentry_units:
++                val_host_name = host_names[validate_unit.info['unit_name']]
++                val_node_name = 'rabbit@{}'.format(val_host_name)
++
++                if val_node_name not in running_nodes:
++                    errors.append('Cluster member check failed on {}: {} not '
++                                  'in {}\n'.format(query_unit_name,
++                                                   val_node_name,
++                                                   running_nodes))
++        if errors:
++            return ''.join(errors)
++
++    def rmq_ssl_is_enabled_on_unit(self, sentry_unit, port=None):
++        """Check a single juju rmq unit for ssl and port in the config file."""
++        host = sentry_unit.info['public-address']
++        unit_name = sentry_unit.info['unit_name']
++
++        conf_file = '/etc/rabbitmq/rabbitmq.config'
++        conf_contents = str(self.file_contents_safe(sentry_unit,
++                                                    conf_file, max_wait=16))
++        # Checks
++        conf_ssl = 'ssl' in conf_contents
++        conf_port = str(port) in conf_contents
++
++        # Port explicitly checked in config
++        if port and conf_port and conf_ssl:
++            self.log.debug('SSL is enabled  @{}:{} '
++                           '({})'.format(host, port, unit_name))
++            return True
++        elif port and not conf_port and conf_ssl:
++            self.log.debug('SSL is enabled @{} but not on port {} '
++                           '({})'.format(host, port, unit_name))
++            return False
++        # Port not checked (useful when checking that ssl is disabled)
++        elif not port and conf_ssl:
++            self.log.debug('SSL is enabled  @{}:{} '
++                           '({})'.format(host, port, unit_name))
++            return True
++        elif not conf_ssl:
++            self.log.debug('SSL not enabled @{}:{} '
++                           '({})'.format(host, port, unit_name))
++            return False
++        else:
++            msg = ('Unknown condition when checking SSL status @{}:{} '
++                   '({})'.format(host, port, unit_name))
++            amulet.raise_status(amulet.FAIL, msg)
++
++    def validate_rmq_ssl_enabled_units(self, sentry_units, port=None):
++        """Check that ssl is enabled on rmq juju sentry units.
++
++        :param sentry_units: list of all rmq sentry units
++        :param port: optional ssl port override to validate
++        :returns: None if successful, otherwise return error message
++        """
++        for sentry_unit in sentry_units:
++            if not self.rmq_ssl_is_enabled_on_unit(sentry_unit, port=port):
++                return ('Unexpected condition:  ssl is disabled on unit '
++                        '({})'.format(sentry_unit.info['unit_name']))
++        return None
++
++    def validate_rmq_ssl_disabled_units(self, sentry_units):
++        """Check that ssl is enabled on listed rmq juju sentry units.
++
++        :param sentry_units: list of all rmq sentry units
++        :returns: True if successful.  Raise on error.
++        """
++        for sentry_unit in sentry_units:
++            if self.rmq_ssl_is_enabled_on_unit(sentry_unit):
++                return ('Unexpected condition:  ssl is enabled on unit '
++                        '({})'.format(sentry_unit.info['unit_name']))
++        return None
++
++    def configure_rmq_ssl_on(self, sentry_units, deployment,
++                             port=None, max_wait=60):
++        """Turn ssl charm config option on, with optional non-default
++        ssl port specification.  Confirm that it is enabled on every
++        unit.
++
++        :param sentry_units: list of sentry units
++        :param deployment: amulet deployment object pointer
++        :param port: amqp port, use defaults if None
++        :param max_wait: maximum time to wait in seconds to confirm
++        :returns: None if successful.  Raise on error.
++        """
++        self.log.debug('Setting ssl charm config option:  on')
++
++        # Enable RMQ SSL
++        config = {'ssl': 'on'}
++        if port:
++            config['ssl_port'] = port
++
++        deployment.d.configure('rabbitmq-server', config)
++
++        # Wait for unit status
++        self.rmq_wait_for_cluster(deployment)
++
++        # Confirm
++        tries = 0
++        ret = self.validate_rmq_ssl_enabled_units(sentry_units, port=port)
++        while ret and tries < (max_wait / 4):
++            time.sleep(4)
++            self.log.debug('Attempt {}: {}'.format(tries, ret))
++            ret = self.validate_rmq_ssl_enabled_units(sentry_units, port=port)
++            tries += 1
++
++        if ret:
++            amulet.raise_status(amulet.FAIL, ret)
++
++    def configure_rmq_ssl_off(self, sentry_units, deployment, max_wait=60):
++        """Turn ssl charm config option off, confirm that it is disabled
++        on every unit.
++
++        :param sentry_units: list of sentry units
++        :param deployment: amulet deployment object pointer
++        :param max_wait: maximum time to wait in seconds to confirm
++        :returns: None if successful.  Raise on error.
++        """
++        self.log.debug('Setting ssl charm config option:  off')
++
++        # Disable RMQ SSL
++        config = {'ssl': 'off'}
++        deployment.d.configure('rabbitmq-server', config)
++
++        # Wait for unit status
++        self.rmq_wait_for_cluster(deployment)
++
++        # Confirm
++        tries = 0
++        ret = self.validate_rmq_ssl_disabled_units(sentry_units)
++        while ret and tries < (max_wait / 4):
++            time.sleep(4)
++            self.log.debug('Attempt {}: {}'.format(tries, ret))
++            ret = self.validate_rmq_ssl_disabled_units(sentry_units)
++            tries += 1
++
++        if ret:
++            amulet.raise_status(amulet.FAIL, ret)
++
++    def connect_amqp_by_unit(self, sentry_unit, ssl=False,
++                             port=None, fatal=True,
++                             username="testuser1", password="changeme"):
++        """Establish and return a pika amqp connection to the rabbitmq service
++        running on a rmq juju unit.
++
++        :param sentry_unit: sentry unit pointer
++        :param ssl: boolean, default to False
++        :param port: amqp port, use defaults if None
++        :param fatal: boolean, default to True (raises on connect error)
++        :param username: amqp user name, default to testuser1
++        :param password: amqp user password
++        :returns: pika amqp connection pointer or None if failed and non-fatal
++        """
++        host = sentry_unit.info['public-address']
++        unit_name = sentry_unit.info['unit_name']
++
++        # Default port logic if port is not specified
++        if ssl and not port:
++            port = 5671
++        elif not ssl and not port:
++            port = 5672
++
++        self.log.debug('Connecting to amqp on {}:{} ({}) as '
++                       '{}...'.format(host, port, unit_name, username))
++
++        try:
++            credentials = pika.PlainCredentials(username, password)
++            parameters = pika.ConnectionParameters(host=host, port=port,
++                                                   credentials=credentials,
++                                                   ssl=ssl,
++                                                   connection_attempts=3,
++                                                   retry_delay=5,
++                                                   socket_timeout=1)
++            connection = pika.BlockingConnection(parameters)
++            assert connection.server_properties['product'] == 'RabbitMQ'
++            self.log.debug('Connect OK')
++            return connection
++        except Exception as e:
++            msg = ('amqp connection failed to {}:{} as '
++                   '{} ({})'.format(host, port, username, str(e)))
++            if fatal:
++                amulet.raise_status(amulet.FAIL, msg)
++            else:
++                self.log.warn(msg)
++                return None
++
++    def publish_amqp_message_by_unit(self, sentry_unit, message,
++                                     queue="test", ssl=False,
++                                     username="testuser1",
++                                     password="changeme",
++                                     port=None):
++        """Publish an amqp message to a rmq juju unit.
++
++        :param sentry_unit: sentry unit pointer
++        :param message: amqp message string
++        :param queue: message queue, default to test
++        :param username: amqp user name, default to testuser1
++        :param password: amqp user password
++        :param ssl: boolean, default to False
++        :param port: amqp port, use defaults if None
++        :returns: None.  Raises exception if publish failed.
++        """
++        self.log.debug('Publishing message to {} queue:\n{}'.format(queue,
++                                                                    message))
++        connection = self.connect_amqp_by_unit(sentry_unit, ssl=ssl,
++                                               port=port,
++                                               username=username,
++                                               password=password)
++
++        # NOTE(beisner): extra debug here re: pika hang potential:
++        #   https://github.com/pika/pika/issues/297
++        #   https://groups.google.com/forum/#!topic/rabbitmq-users/Ja0iyfF0Szw
++        self.log.debug('Defining channel...')
++        channel = connection.channel()
++        self.log.debug('Declaring queue...')
++        channel.queue_declare(queue=queue, auto_delete=False, durable=True)
++        self.log.debug('Publishing message...')
++        channel.basic_publish(exchange='', routing_key=queue, body=message)
++        self.log.debug('Closing channel...')
++        channel.close()
++        self.log.debug('Closing connection...')
++        connection.close()
++
++    def get_amqp_message_by_unit(self, sentry_unit, queue="test",
++                                 username="testuser1",
++                                 password="changeme",
++                                 ssl=False, port=None):
++        """Get an amqp message from a rmq juju unit.
++
++        :param sentry_unit: sentry unit pointer
++        :param queue: message queue, default to test
++        :param username: amqp user name, default to testuser1
++        :param password: amqp user password
++        :param ssl: boolean, default to False
++        :param port: amqp port, use defaults if None
++        :returns: amqp message body as string.  Raise if get fails.
++        """
++        connection = self.connect_amqp_by_unit(sentry_unit, ssl=ssl,
++                                               port=port,
++                                               username=username,
++                                               password=password)
++        channel = connection.channel()
++        method_frame, _, body = channel.basic_get(queue)
++
++        if method_frame:
++            self.log.debug('Retreived message from {} queue:\n{}'.format(queue,
++                                                                         body))
++            channel.basic_ack(method_frame.delivery_tag)
++            channel.close()
++            connection.close()
++            return body
++        else:
++            msg = 'No message retrieved.'
++            amulet.raise_status(amulet.FAIL, msg)
 === added file 'charmhelpers.new/contrib/openstack/context.py'
 --- charmhelpers.new/contrib/openstack/context.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/contrib/openstack/context.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,1477 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++import glob
++import json
++import os
++import re
++import time
++from base64 import b64decode
++from subprocess import check_call
++
++import six
++import yaml
++
++from charmhelpers.fetch import (
++    apt_install,
++    filter_installed_packages,
++)
++from charmhelpers.core.hookenv import (
++    config,
++    is_relation_made,
++    local_unit,
++    log,
++    relation_get,
++    relation_ids,
++    related_units,
++    relation_set,
++    unit_get,
++    unit_private_ip,
++    charm_name,
++    DEBUG,
++    INFO,
++    WARNING,
++    ERROR,
++)
++
++from charmhelpers.core.sysctl import create as sysctl_create
++from charmhelpers.core.strutils import bool_from_string
++
++from charmhelpers.core.host import (
++    get_bond_master,
++    is_phy_iface,
++    list_nics,
++    get_nic_hwaddr,
++    mkdir,
++    write_file,
++    pwgen,
++)
++from charmhelpers.contrib.hahelpers.cluster import (
++    determine_apache_port,
++    determine_api_port,
++    https,
++    is_clustered,
++)
++from charmhelpers.contrib.hahelpers.apache import (
++    get_cert,
++    get_ca_cert,
++    install_ca_cert,
++)
++from charmhelpers.contrib.openstack.neutron import (
++    neutron_plugin_attribute,
++    parse_data_port_mappings,
++)
++from charmhelpers.contrib.openstack.ip import (
++    resolve_address,
++    INTERNAL,
++)
++from charmhelpers.contrib.network.ip import (
++    get_address_in_network,
++    get_ipv4_addr,
++    get_ipv6_addr,
++    get_netmask_for_address,
++    format_ipv6_addr,
++    is_address_in_network,
++    is_bridge_member,
++)
++from charmhelpers.contrib.openstack.utils import get_host_ip
++from charmhelpers.core.unitdata import kv
++
++try:
++    import psutil
++except ImportError:
++    apt_install('python-psutil', fatal=True)
++    import psutil
++
++CA_CERT_PATH = '/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt'
++ADDRESS_TYPES = ['admin', 'internal', 'public']
++
++
++class OSContextError(Exception):
++    pass
++
++
++def ensure_packages(packages):
++    """Install but do not upgrade required plugin packages."""
++    required = filter_installed_packages(packages)
++    if required:
++        apt_install(required, fatal=True)
++
++
++def context_complete(ctxt):
++    _missing = []
++    for k, v in six.iteritems(ctxt):
++        if v is None or v == '':
++            _missing.append(k)
++
++    if _missing:
++        log('Missing required data: %s' % ' '.join(_missing), level=INFO)
++        return False
++
++    return True
++
++
++def config_flags_parser(config_flags):
++    """Parses config flags string into dict.
++
++    This parsing method supports a few different formats for the config
++    flag values to be parsed:
++
++      1. A string in the simple format of key=value pairs, with the possibility
++         of specifying multiple key value pairs within the same string. For
++         example, a string in the format of 'key1=value1, key2=value2' will
++         return a dict of:
++
++             {'key1': 'value1',
++              'key2': 'value2'}.
++
++      2. A string in the above format, but supporting a comma-delimited list
++         of values for the same key. For example, a string in the format of
++         'key1=value1, key2=value3,value4,value5' will return a dict of:
++
++             {'key1', 'value1',
++              'key2', 'value2,value3,value4'}
++
++      3. A string containing a colon character (:) prior to an equal
++         character (=) will be treated as yaml and parsed as such. This can be
++         used to specify more complex key value pairs. For example,
++         a string in the format of 'key1: subkey1=value1, subkey2=value2' will
++         return a dict of:
++
++             {'key1', 'subkey1=value1, subkey2=value2'}
++
++    The provided config_flags string may be a list of comma-separated values
++    which themselves may be comma-separated list of values.
++    """
++    # If we find a colon before an equals sign then treat it as yaml.
++    # Note: limit it to finding the colon first since this indicates assignment
++    # for inline yaml.
++    colon = config_flags.find(':')
++    equals = config_flags.find('=')
++    if colon > 0:
++        if colon < equals or equals < 0:
++            return yaml.safe_load(config_flags)
++
++    if config_flags.find('==') >= 0:
++        log("config_flags is not in expected format (key=value)", level=ERROR)
++        raise OSContextError
++
++    # strip the following from each value.
++    post_strippers = ' ,'
++    # we strip any leading/trailing '=' or ' ' from the string then
++    # split on '='.
++    split = config_flags.strip(' =').split('=')
++    limit = len(split)
++    flags = {}
++    for i in range(0, limit - 1):
++        current = split[i]
++        next = split[i + 1]
++        vindex = next.rfind(',')
++        if (i == limit - 2) or (vindex < 0):
++            value = next
++        else:
++            value = next[:vindex]
++
++        if i == 0:
++            key = current
++        else:
++            # if this not the first entry, expect an embedded key.
++            index = current.rfind(',')
++            if index < 0:
++                log("Invalid config value(s) at index %s" % (i), level=ERROR)
++                raise OSContextError
++            key = current[index + 1:]
++
++        # Add to collection.
++        flags[key.strip(post_strippers)] = value.rstrip(post_strippers)
++
++    return flags
++
++
++class OSContextGenerator(object):
++    """Base class for all context generators."""
++    interfaces = []
++    related = False
++    complete = False
++    missing_data = []
++
++    def __call__(self):
++        raise NotImplementedError
++
++    def context_complete(self, ctxt):
++        """Check for missing data for the required context data.
++        Set self.missing_data if it exists and return False.
++        Set self.complete if no missing data and return True.
++        """
++        # Fresh start
++        self.complete = False
++        self.missing_data = []
++        for k, v in six.iteritems(ctxt):
++            if v is None or v == '':
++                if k not in self.missing_data:
++                    self.missing_data.append(k)
++
++        if self.missing_data:
++            self.complete = False
++            log('Missing required data: %s' % ' '.join(self.missing_data), level=INFO)
++        else:
++            self.complete = True
++        return self.complete
++
++    def get_related(self):
++        """Check if any of the context interfaces have relation ids.
++        Set self.related and return True if one of the interfaces
++        has relation ids.
++        """
++        # Fresh start
++        self.related = False
++        try:
++            for interface in self.interfaces:
++                if relation_ids(interface):
++                    self.related = True
++            return self.related
++        except AttributeError as e:
++            log("{} {}"
++                "".format(self, e), 'INFO')
++            return self.related
++
++
++class SharedDBContext(OSContextGenerator):
++    interfaces = ['shared-db']
++
++    def __init__(self,
++                 database=None, user=None, relation_prefix=None, ssl_dir=None):
++        """Allows inspecting relation for settings prefixed with
++        relation_prefix. This is useful for parsing access for multiple
++        databases returned via the shared-db interface (eg, nova_password,
++        quantum_password)
++        """
++        self.relation_prefix = relation_prefix
++        self.database = database
++        self.user = user
++        self.ssl_dir = ssl_dir
++        self.rel_name = self.interfaces[0]
++
++    def __call__(self):
++        self.database = self.database or config('database')
++        self.user = self.user or config('database-user')
++        if None in [self.database, self.user]:
++            log("Could not generate shared_db context. Missing required charm "
++                "config options. (database name and user)", level=ERROR)
++            raise OSContextError
++
++        ctxt = {}
++
++        # NOTE(jamespage) if mysql charm provides a network upon which
++        # access to the database should be made, reconfigure relation
++        # with the service units local address and defer execution
++        access_network = relation_get('access-network')
++        if access_network is not None:
++            if self.relation_prefix is not None:
++                hostname_key = "{}_hostname".format(self.relation_prefix)
++            else:
++                hostname_key = "hostname"
++            access_hostname = get_address_in_network(access_network,
++                                                     unit_get('private-address'))
++            set_hostname = relation_get(attribute=hostname_key,
++                                        unit=local_unit())
++            if set_hostname != access_hostname:
++                relation_set(relation_settings={hostname_key: access_hostname})
++                return None  # Defer any further hook execution for now....
++
++        password_setting = 'password'
++        if self.relation_prefix:
++            password_setting = self.relation_prefix + '_password'
++
++        for rid in relation_ids(self.interfaces[0]):
++            self.related = True
++            for unit in related_units(rid):
++                rdata = relation_get(rid=rid, unit=unit)
++                host = rdata.get('db_host')
++                host = format_ipv6_addr(host) or host
++                ctxt = {
++                    'database_host': host,
++                    'database': self.database,
++                    'database_user': self.user,
++                    'database_password': rdata.get(password_setting),
++                    'database_type': 'mysql'
++                }
++                if self.context_complete(ctxt):
++                    db_ssl(rdata, ctxt, self.ssl_dir)
++                    return ctxt
++        return {}
++
++
++class PostgresqlDBContext(OSContextGenerator):
++    interfaces = ['pgsql-db']
++
++    def __init__(self, database=None):
++        self.database = database
++
++    def __call__(self):
++        self.database = self.database or config('database')
++        if self.database is None:
++            log('Could not generate postgresql_db context. Missing required '
++                'charm config options. (database name)', level=ERROR)
++            raise OSContextError
++
++        ctxt = {}
++        for rid in relation_ids(self.interfaces[0]):
++            self.related = True
++            for unit in related_units(rid):
++                rel_host = relation_get('host', rid=rid, unit=unit)
++                rel_user = relation_get('user', rid=rid, unit=unit)
++                rel_passwd = relation_get('password', rid=rid, unit=unit)
++                ctxt = {'database_host': rel_host,
++                        'database': self.database,
++                        'database_user': rel_user,
++                        'database_password': rel_passwd,
++                        'database_type': 'postgresql'}
++                if self.context_complete(ctxt):
++                    return ctxt
++
++        return {}
++
++
++def db_ssl(rdata, ctxt, ssl_dir):
++    if 'ssl_ca' in rdata and ssl_dir:
++        ca_path = os.path.join(ssl_dir, 'db-client.ca')
++        with open(ca_path, 'w') as fh:
++            fh.write(b64decode(rdata['ssl_ca']))
++
++        ctxt['database_ssl_ca'] = ca_path
++    elif 'ssl_ca' in rdata:
++        log("Charm not setup for ssl support but ssl ca found", level=INFO)
++        return ctxt
++
++    if 'ssl_cert' in rdata:
++        cert_path = os.path.join(
++            ssl_dir, 'db-client.cert')
++        if not os.path.exists(cert_path):
++            log("Waiting 1m for ssl client cert validity", level=INFO)
++            time.sleep(60)
++
++        with open(cert_path, 'w') as fh:
++            fh.write(b64decode(rdata['ssl_cert']))
++
++        ctxt['database_ssl_cert'] = cert_path
++        key_path = os.path.join(ssl_dir, 'db-client.key')
++        with open(key_path, 'w') as fh:
++            fh.write(b64decode(rdata['ssl_key']))
++
++        ctxt['database_ssl_key'] = key_path
++
++    return ctxt
++
++
++class IdentityServiceContext(OSContextGenerator):
++
++    def __init__(self, service=None, service_user=None, rel_name='identity-service'):
++        self.service = service
++        self.service_user = service_user
++        self.rel_name = rel_name
++        self.interfaces = [self.rel_name]
++
++    def __call__(self):
++        log('Generating template context for ' + self.rel_name, level=DEBUG)
++        ctxt = {}
++
++        if self.service and self.service_user:
++            # This is required for pki token signing if we don't want /tmp to
++            # be used.
++            cachedir = '/var/cache/%s' % (self.service)
++            if not os.path.isdir(cachedir):
++                log("Creating service cache dir %s" % (cachedir), level=DEBUG)
++                mkdir(path=cachedir, owner=self.service_user,
++                      group=self.service_user, perms=0o700)
++
++            ctxt['signing_dir'] = cachedir
++
++        for rid in relation_ids(self.rel_name):
++            self.related = True
++            for unit in related_units(rid):
++                rdata = relation_get(rid=rid, unit=unit)
++                serv_host = rdata.get('service_host')
++                serv_host = format_ipv6_addr(serv_host) or serv_host
++                auth_host = rdata.get('auth_host')
++                auth_host = format_ipv6_addr(auth_host) or auth_host
++                svc_protocol = rdata.get('service_protocol') or 'http'
++                auth_protocol = rdata.get('auth_protocol') or 'http'
++                ctxt.update({'service_port': rdata.get('service_port'),
++                             'service_host': serv_host,
++                             'auth_host': auth_host,
++                             'auth_port': rdata.get('auth_port'),
++                             'admin_tenant_name': rdata.get('service_tenant'),
++                             'admin_user': rdata.get('service_username'),
++                             'admin_password': rdata.get('service_password'),
++                             'service_protocol': svc_protocol,
++                             'auth_protocol': auth_protocol})
++
++                if self.context_complete(ctxt):
++                    # NOTE(jamespage) this is required for >= icehouse
++                    # so a missing value just indicates keystone needs
++                    # upgrading
++                    ctxt['admin_tenant_id'] = rdata.get('service_tenant_id')
++                    return ctxt
++
++        return {}
++
++
++class AMQPContext(OSContextGenerator):
++
++    def __init__(self, ssl_dir=None, rel_name='amqp', relation_prefix=None):
++        self.ssl_dir = ssl_dir
++        self.rel_name = rel_name
++        self.relation_prefix = relation_prefix
++        self.interfaces = [rel_name]
++
++    def __call__(self):
++        log('Generating template context for amqp', level=DEBUG)
++        conf = config()
++        if self.relation_prefix:
++            user_setting = '%s-rabbit-user' % (self.relation_prefix)
++            vhost_setting = '%s-rabbit-vhost' % (self.relation_prefix)
++        else:
++            user_setting = 'rabbit-user'
++            vhost_setting = 'rabbit-vhost'
++
++        try:
++            username = conf[user_setting]
++            vhost = conf[vhost_setting]
++        except KeyError as e:
++            log('Could not generate shared_db context. Missing required charm '
++                'config options: %s.' % e, level=ERROR)
++            raise OSContextError
++
++        ctxt = {}
++        for rid in relation_ids(self.rel_name):
++            ha_vip_only = False
++            self.related = True
++            for unit in related_units(rid):
++                if relation_get('clustered', rid=rid, unit=unit):
++                    ctxt['clustered'] = True
++                    vip = relation_get('vip', rid=rid, unit=unit)
++                    vip = format_ipv6_addr(vip) or vip
++                    ctxt['rabbitmq_host'] = vip
++                else:
++                    host = relation_get('private-address', rid=rid, unit=unit)
++                    host = format_ipv6_addr(host) or host
++                    ctxt['rabbitmq_host'] = host
++
++                ctxt.update({
++                    'rabbitmq_user': username,
++                    'rabbitmq_password': relation_get('password', rid=rid,
++                                                      unit=unit),
++                    'rabbitmq_virtual_host': vhost,
++                })
++
++                ssl_port = relation_get('ssl_port', rid=rid, unit=unit)
++                if ssl_port:
++                    ctxt['rabbit_ssl_port'] = ssl_port
++
++                ssl_ca = relation_get('ssl_ca', rid=rid, unit=unit)
++                if ssl_ca:
++                    ctxt['rabbit_ssl_ca'] = ssl_ca
++
++                if relation_get('ha_queues', rid=rid, unit=unit) is not None:
++                    ctxt['rabbitmq_ha_queues'] = True
++
++                ha_vip_only = relation_get('ha-vip-only',
++                                           rid=rid, unit=unit) is not None
++
++                if self.context_complete(ctxt):
++                    if 'rabbit_ssl_ca' in ctxt:
++                        if not self.ssl_dir:
++                            log("Charm not setup for ssl support but ssl ca "
++                                "found", level=INFO)
++                            break
++
++                        ca_path = os.path.join(
++                            self.ssl_dir, 'rabbit-client-ca.pem')
++                        with open(ca_path, 'w') as fh:
++                            fh.write(b64decode(ctxt['rabbit_ssl_ca']))
++                            ctxt['rabbit_ssl_ca'] = ca_path
++
++                    # Sufficient information found = break out!
++                    break
++
++            # Used for active/active rabbitmq >= grizzly
++            if (('clustered' not in ctxt or ha_vip_only) and
++                    len(related_units(rid)) > 1):
++                rabbitmq_hosts = []
++                for unit in related_units(rid):
++                    host = relation_get('private-address', rid=rid, unit=unit)
++                    host = format_ipv6_addr(host) or host
++                    rabbitmq_hosts.append(host)
++
++                ctxt['rabbitmq_hosts'] = ','.join(sorted(rabbitmq_hosts))
++
++        oslo_messaging_flags = conf.get('oslo-messaging-flags', None)
++        if oslo_messaging_flags:
++            ctxt['oslo_messaging_flags'] = config_flags_parser(
++                oslo_messaging_flags)
++
++        if not self.complete:
++            return {}
++
++        return ctxt
++
++
++class CephContext(OSContextGenerator):
++    """Generates context for /etc/ceph/ceph.conf templates."""
++    interfaces = ['ceph']
++
++    def __call__(self):
++        if not relation_ids('ceph'):
++            return {}
++
++        log('Generating template context for ceph', level=DEBUG)
++        mon_hosts = []
++        ctxt = {
++            'use_syslog': str(config('use-syslog')).lower()
++        }
++        for rid in relation_ids('ceph'):
++            for unit in related_units(rid):
++                if not ctxt.get('auth'):
++                    ctxt['auth'] = relation_get('auth', rid=rid, unit=unit)
++                if not ctxt.get('key'):
++                    ctxt['key'] = relation_get('key', rid=rid, unit=unit)
++                ceph_pub_addr = relation_get('ceph-public-address', rid=rid,
++                                             unit=unit)
++                unit_priv_addr = relation_get('private-address', rid=rid,
++                                              unit=unit)
++                ceph_addr = ceph_pub_addr or unit_priv_addr
++                ceph_addr = format_ipv6_addr(ceph_addr) or ceph_addr
++                mon_hosts.append(ceph_addr)
++
++        ctxt['mon_hosts'] = ' '.join(sorted(mon_hosts))
++
++        if not os.path.isdir('/etc/ceph'):
++            os.mkdir('/etc/ceph')
++
++        if not self.context_complete(ctxt):
++            return {}
++
++        ensure_packages(['ceph-common'])
++        return ctxt
++
++
++class HAProxyContext(OSContextGenerator):
++    """Provides half a context for the haproxy template, which describes
++    all peers to be included in the cluster.  Each charm needs to include
++    its own context generator that describes the port mapping.
++    """
++    interfaces = ['cluster']
++
++    def __init__(self, singlenode_mode=False):
++        self.singlenode_mode = singlenode_mode
++
++    def __call__(self):
++        if not relation_ids('cluster') and not self.singlenode_mode:
++            return {}
++
++        if config('prefer-ipv6'):
++            addr = get_ipv6_addr(exc_list=[config('vip')])[0]
++        else:
++            addr = get_host_ip(unit_get('private-address'))
++
++        l_unit = local_unit().replace('/', '-')
++        cluster_hosts = {}
++
++        # NOTE(jamespage): build out map of configured network endpoints
++        # and associated backends
++        for addr_type in ADDRESS_TYPES:
++            cfg_opt = 'os-{}-network'.format(addr_type)
++            laddr = get_address_in_network(config(cfg_opt))
++            if laddr:
++                netmask = get_netmask_for_address(laddr)
++                cluster_hosts[laddr] = {'network': "{}/{}".format(laddr,
++                                                                  netmask),
++                                        'backends': {l_unit: laddr}}
++                for rid in relation_ids('cluster'):
++                    for unit in related_units(rid):
++                        _laddr = relation_get('{}-address'.format(addr_type),
++                                              rid=rid, unit=unit)
++                        if _laddr:
++                            _unit = unit.replace('/', '-')
++                            cluster_hosts[laddr]['backends'][_unit] = _laddr
++
++        # NOTE(jamespage) add backend based on private address - this
++        # with either be the only backend or the fallback if no acls
++        # match in the frontend
++        cluster_hosts[addr] = {}
++        netmask = get_netmask_for_address(addr)
++        cluster_hosts[addr] = {'network': "{}/{}".format(addr, netmask),
++                               'backends': {l_unit: addr}}
++        for rid in relation_ids('cluster'):
++            for unit in related_units(rid):
++                _laddr = relation_get('private-address',
++                                      rid=rid, unit=unit)
++                if _laddr:
++                    _unit = unit.replace('/', '-')
++                    cluster_hosts[addr]['backends'][_unit] = _laddr
++
++        ctxt = {
++            'frontends': cluster_hosts,
++            'default_backend': addr
++        }
++
++        if config('haproxy-server-timeout'):
++            ctxt['haproxy_server_timeout'] = config('haproxy-server-timeout')
++
++        if config('haproxy-client-timeout'):
++            ctxt['haproxy_client_timeout'] = config('haproxy-client-timeout')
++
++        if config('haproxy-queue-timeout'):
++            ctxt['haproxy_queue_timeout'] = config('haproxy-queue-timeout')
++
++        if config('haproxy-connect-timeout'):
++            ctxt['haproxy_connect_timeout'] = config('haproxy-connect-timeout')
++
++        if config('prefer-ipv6'):
++            ctxt['ipv6'] = True
++            ctxt['local_host'] = 'ip6-localhost'
++            ctxt['haproxy_host'] = '::'
++        else:
++            ctxt['local_host'] = '127.0.0.1'
++            ctxt['haproxy_host'] = '0.0.0.0'
++
++        ctxt['stat_port'] = '8888'
++
++        db = kv()
++        ctxt['stat_password'] = db.get('stat-password')
++        if not ctxt['stat_password']:
++            ctxt['stat_password'] = db.set('stat-password',
++                                           pwgen(32))
++            db.flush()
++
++        for frontend in cluster_hosts:
++            if (len(cluster_hosts[frontend]['backends']) > 1 or
++                    self.singlenode_mode):
++                # Enable haproxy when we have enough peers.
++                log('Ensuring haproxy enabled in /etc/default/haproxy.',
++                    level=DEBUG)
++                with open('/etc/default/haproxy', 'w') as out:
++                    out.write('ENABLED=1\n')
++
++                return ctxt
++
++        log('HAProxy context is incomplete, this unit has no peers.',
++            level=INFO)
++        return {}
++
++
++class ImageServiceContext(OSContextGenerator):
++    interfaces = ['image-service']
++
++    def __call__(self):
++        """Obtains the glance API server from the image-service relation.
++        Useful in nova and cinder (currently).
++        """
++        log('Generating template context for image-service.', level=DEBUG)
++        rids = relation_ids('image-service')
++        if not rids:
++            return {}
++
++        for rid in rids:
++            for unit in related_units(rid):
++                api_server = relation_get('glance-api-server',
++                                          rid=rid, unit=unit)
++                if api_server:
++                    return {'glance_api_servers': api_server}
++
++        log("ImageService context is incomplete. Missing required relation "
++            "data.", level=INFO)
++        return {}
++
++
++class ApacheSSLContext(OSContextGenerator):
++    """Generates a context for an apache vhost configuration that configures
++    HTTPS reverse proxying for one or many endpoints.  Generated context
++    looks something like::
++
++        {
++            'namespace': 'cinder',
++            'private_address': 'iscsi.mycinderhost.com',
++            'endpoints': [(8776, 8766), (8777, 8767)]
++        }
++
++    The endpoints list consists of a tuples mapping external ports
++    to internal ports.
++    """
++    interfaces = ['https']
++
++    # charms should inherit this context and set external ports
++    # and service namespace accordingly.
++    external_ports = []
++    service_namespace = None
++
++    def enable_modules(self):
++        cmd = ['a2enmod', 'ssl', 'proxy', 'proxy_http']
++        check_call(cmd)
++
++    def configure_cert(self, cn=None):
++        ssl_dir = os.path.join('/etc/apache2/ssl/', self.service_namespace)
++        mkdir(path=ssl_dir)
++        cert, key = get_cert(cn)
++        if cn:
++            cert_filename = 'cert_{}'.format(cn)
++            key_filename = 'key_{}'.format(cn)
++        else:
++            cert_filename = 'cert'
++            key_filename = 'key'
++
++        write_file(path=os.path.join(ssl_dir, cert_filename),
++                   content=b64decode(cert))
++        write_file(path=os.path.join(ssl_dir, key_filename),
++                   content=b64decode(key))
++
++    def configure_ca(self):
++        ca_cert = get_ca_cert()
++        if ca_cert:
++            install_ca_cert(b64decode(ca_cert))
++
++    def canonical_names(self):
++        """Figure out which canonical names clients will access this service.
++        """
++        cns = []
++        for r_id in relation_ids('identity-service'):
++            for unit in related_units(r_id):
++                rdata = relation_get(rid=r_id, unit=unit)
++                for k in rdata:
++                    if k.startswith('ssl_key_'):
++                        cns.append(k.lstrip('ssl_key_'))
++
++        return sorted(list(set(cns)))
++
++    def get_network_addresses(self):
++        """For each network configured, return corresponding address and vip
++           (if available).
++
++        Returns a list of tuples of the form:
++
++            [(address_in_net_a, vip_in_net_a),
++             (address_in_net_b, vip_in_net_b),
++             ...]
++
++            or, if no vip(s) available:
++
++            [(address_in_net_a, address_in_net_a),
++             (address_in_net_b, address_in_net_b),
++             ...]
++        """
++        addresses = []
++        if config('vip'):
++            vips = config('vip').split()
++        else:
++            vips = []
++
++        for net_type in ['os-internal-network', 'os-admin-network',
++                         'os-public-network']:
++            addr = get_address_in_network(config(net_type),
++                                          unit_get('private-address'))
++            if len(vips) > 1 and is_clustered():
++                if not config(net_type):
++                    log("Multiple networks configured but net_type "
++                        "is None (%s)." % net_type, level=WARNING)
++                    continue
++
++                for vip in vips:
++                    if is_address_in_network(config(net_type), vip):
++                        addresses.append((addr, vip))
++                        break
++
++            elif is_clustered() and config('vip'):
++                addresses.append((addr, config('vip')))
++            else:
++                addresses.append((addr, addr))
++
++        return sorted(addresses)
++
++    def __call__(self):
++        if isinstance(self.external_ports, six.string_types):
++            self.external_ports = [self.external_ports]
++
++        if not self.external_ports or not https():
++            return {}
++
++        self.configure_ca()
++        self.enable_modules()
++
++        ctxt = {'namespace': self.service_namespace,
++                'endpoints': [],
++                'ext_ports': []}
++
++        cns = self.canonical_names()
++        if cns:
++            for cn in cns:
++                self.configure_cert(cn)
++        else:
++            # Expect cert/key provided in config (currently assumed that ca
++            # uses ip for cn)
++            cn = resolve_address(endpoint_type=INTERNAL)
++            self.configure_cert(cn)
++
++        addresses = self.get_network_addresses()
++        for address, endpoint in sorted(set(addresses)):
++            for api_port in self.external_ports:
++                ext_port = determine_apache_port(api_port,
++                                                 singlenode_mode=True)
++                int_port = determine_api_port(api_port, singlenode_mode=True)
++                portmap = (address, endpoint, int(ext_port), int(int_port))
++                ctxt['endpoints'].append(portmap)
++                ctxt['ext_ports'].append(int(ext_port))
++
++        ctxt['ext_ports'] = sorted(list(set(ctxt['ext_ports'])))
++        return ctxt
++
++
++class NeutronContext(OSContextGenerator):
++    interfaces = []
++
++    @property
++    def plugin(self):
++        return None
++
++    @property
++    def network_manager(self):
++        return None
++
++    @property
++    def packages(self):
++        return neutron_plugin_attribute(self.plugin, 'packages',
++                                        self.network_manager)
++
++    @property
++    def neutron_security_groups(self):
++        return None
++
++    def _ensure_packages(self):
++        for pkgs in self.packages:
++            ensure_packages(pkgs)
++
++    def _save_flag_file(self):
++        if self.network_manager == 'quantum':
++            _file = '/etc/nova/quantum_plugin.conf'
++        else:
++            _file = '/etc/nova/neutron_plugin.conf'
++
++        with open(_file, 'wb') as out:
++            out.write(self.plugin + '\n')
++
++    def ovs_ctxt(self):
++        driver = neutron_plugin_attribute(self.plugin, 'driver',
++                                          self.network_manager)
++        config = neutron_plugin_attribute(self.plugin, 'config',
++                                          self.network_manager)
++        ovs_ctxt = {'core_plugin': driver,
++                    'neutron_plugin': 'ovs',
++                    'neutron_security_groups': self.neutron_security_groups,
++                    'local_ip': unit_private_ip(),
++                    'config': config}
++
++        return ovs_ctxt
++
++    def nuage_ctxt(self):
++        driver = neutron_plugin_attribute(self.plugin, 'driver',
++                                          self.network_manager)
++        config = neutron_plugin_attribute(self.plugin, 'config',
++                                          self.network_manager)
++        nuage_ctxt = {'core_plugin': driver,
++                      'neutron_plugin': 'vsp',
++                      'neutron_security_groups': self.neutron_security_groups,
++                      'local_ip': unit_private_ip(),
++                      'config': config}
++
++        return nuage_ctxt
++
++    def nvp_ctxt(self):
++        driver = neutron_plugin_attribute(self.plugin, 'driver',
++                                          self.network_manager)
++        config = neutron_plugin_attribute(self.plugin, 'config',
++                                          self.network_manager)
++        nvp_ctxt = {'core_plugin': driver,
++                    'neutron_plugin': 'nvp',
++                    'neutron_security_groups': self.neutron_security_groups,
++                    'local_ip': unit_private_ip(),
++                    'config': config}
++
++        return nvp_ctxt
++
++    def n1kv_ctxt(self):
++        driver = neutron_plugin_attribute(self.plugin, 'driver',
++                                          self.network_manager)
++        n1kv_config = neutron_plugin_attribute(self.plugin, 'config',
++                                               self.network_manager)
++        n1kv_user_config_flags = config('n1kv-config-flags')
++        restrict_policy_profiles = config('n1kv-restrict-policy-profiles')
++        n1kv_ctxt = {'core_plugin': driver,
++                     'neutron_plugin': 'n1kv',
++                     'neutron_security_groups': self.neutron_security_groups,
++                     'local_ip': unit_private_ip(),
++                     'config': n1kv_config,
++                     'vsm_ip': config('n1kv-vsm-ip'),
++                     'vsm_username': config('n1kv-vsm-username'),
++                     'vsm_password': config('n1kv-vsm-password'),
++                     'restrict_policy_profiles': restrict_policy_profiles}
++
++        if n1kv_user_config_flags:
++            flags = config_flags_parser(n1kv_user_config_flags)
++            n1kv_ctxt['user_config_flags'] = flags
++
++        return n1kv_ctxt
++
++    def calico_ctxt(self):
++        driver = neutron_plugin_attribute(self.plugin, 'driver',
++                                          self.network_manager)
++        config = neutron_plugin_attribute(self.plugin, 'config',
++                                          self.network_manager)
++        calico_ctxt = {'core_plugin': driver,
++                       'neutron_plugin': 'Calico',
++                       'neutron_security_groups': self.neutron_security_groups,
++                       'local_ip': unit_private_ip(),
++                       'config': config}
++
++        return calico_ctxt
++
++    def neutron_ctxt(self):
++        if https():
++            proto = 'https'
++        else:
++            proto = 'http'
++
++        if is_clustered():
++            host = config('vip')
++        else:
++            host = unit_get('private-address')
++
++        ctxt = {'network_manager': self.network_manager,
++                'neutron_url': '%s://%s:%s' % (proto, host, '9696')}
++        return ctxt
++
++    def pg_ctxt(self):
++        driver = neutron_plugin_attribute(self.plugin, 'driver',
++                                          self.network_manager)
++        config = neutron_plugin_attribute(self.plugin, 'config',
++                                          self.network_manager)
++        ovs_ctxt = {'core_plugin': driver,
++                    'neutron_plugin': 'plumgrid',
++                    'neutron_security_groups': self.neutron_security_groups,
++                    'local_ip': unit_private_ip(),
++                    'config': config}
++        return ovs_ctxt
++
++    def midonet_ctxt(self):
++        driver = neutron_plugin_attribute(self.plugin, 'driver',
++                                          self.network_manager)
++        midonet_config = neutron_plugin_attribute(self.plugin, 'config',
++                                                  self.network_manager)
++        mido_ctxt = {'core_plugin': driver,
++                     'neutron_plugin': 'midonet',
++                     'neutron_security_groups': self.neutron_security_groups,
++                     'local_ip': unit_private_ip(),
++                     'config': midonet_config}
++
++        return mido_ctxt
++
++    def __call__(self):
++        if self.network_manager not in ['quantum', 'neutron']:
++            return {}
++
++        if not self.plugin:
++            return {}
++
++        ctxt = self.neutron_ctxt()
++
++        if self.plugin == 'ovs':
++            ctxt.update(self.ovs_ctxt())
++        elif self.plugin in ['nvp', 'nsx']:
++            ctxt.update(self.nvp_ctxt())
++        elif self.plugin == 'n1kv':
++            ctxt.update(self.n1kv_ctxt())
++        elif self.plugin == 'Calico':
++            ctxt.update(self.calico_ctxt())
++        elif self.plugin == 'vsp':
++            ctxt.update(self.nuage_ctxt())
++        elif self.plugin == 'plumgrid':
++            ctxt.update(self.pg_ctxt())
++        elif self.plugin == 'midonet':
++            ctxt.update(self.midonet_ctxt())
++
++        alchemy_flags = config('neutron-alchemy-flags')
++        if alchemy_flags:
++            flags = config_flags_parser(alchemy_flags)
++            ctxt['neutron_alchemy_flags'] = flags
++
++        self._save_flag_file()
++        return ctxt
++
++
++class NeutronPortContext(OSContextGenerator):
++
++    def resolve_ports(self, ports):
++        """Resolve NICs not yet bound to bridge(s)
++
++        If hwaddress provided then returns resolved hwaddress otherwise NIC.
++        """
++        if not ports:
++            return None
++
++        hwaddr_to_nic = {}
++        hwaddr_to_ip = {}
++        for nic in list_nics():
++            # Ignore virtual interfaces (bond masters will be identified from
++            # their slaves)
++            if not is_phy_iface(nic):
++                continue
++
++            _nic = get_bond_master(nic)
++            if _nic:
++                log("Replacing iface '%s' with bond master '%s'" % (nic, _nic),
++                    level=DEBUG)
++                nic = _nic
++
++            hwaddr = get_nic_hwaddr(nic)
++            hwaddr_to_nic[hwaddr] = nic
++            addresses = get_ipv4_addr(nic, fatal=False)
++            addresses += get_ipv6_addr(iface=nic, fatal=False)
++            hwaddr_to_ip[hwaddr] = addresses
++
++        resolved = []
++        mac_regex = re.compile(r'([0-9A-F]{2}[:-]){5}([0-9A-F]{2})', re.I)
++        for entry in ports:
++            if re.match(mac_regex, entry):
++                # NIC is in known NICs and does NOT hace an IP address
++                if entry in hwaddr_to_nic and not hwaddr_to_ip[entry]:
++                    # If the nic is part of a bridge then don't use it
++                    if is_bridge_member(hwaddr_to_nic[entry]):
++                        continue
++
++                    # Entry is a MAC address for a valid interface that doesn't
++                    # have an IP address assigned yet.
++                    resolved.append(hwaddr_to_nic[entry])
++            else:
++                # If the passed entry is not a MAC address, assume it's a valid
++                # interface, and that the user put it there on purpose (we can
++                # trust it to be the real external network).
++                resolved.append(entry)
++
++        # Ensure no duplicates
++        return list(set(resolved))
++
++
++class OSConfigFlagContext(OSContextGenerator):
++    """Provides support for user-defined config flags.
++
++    Users can define a comma-seperated list of key=value pairs
++    in the charm configuration and apply them at any point in
++    any file by using a template flag.
++
++    Sometimes users might want config flags inserted within a
++    specific section so this class allows users to specify the
++    template flag name, allowing for multiple template flags
++    (sections) within the same context.
++
++    NOTE: the value of config-flags may be a comma-separated list of
++          key=value pairs and some Openstack config files support
++          comma-separated lists as values.
++    """
++
++    def __init__(self, charm_flag='config-flags',
++                 template_flag='user_config_flags'):
++        """
++        :param charm_flag: config flags in charm configuration.
++        :param template_flag: insert point for user-defined flags in template
++                              file.
++        """
++        super(OSConfigFlagContext, self).__init__()
++        self._charm_flag = charm_flag
++        self._template_flag = template_flag
++
++    def __call__(self):
++        config_flags = config(self._charm_flag)
++        if not config_flags:
++            return {}
++
++        return {self._template_flag:
++                config_flags_parser(config_flags)}
++
++
++class LibvirtConfigFlagsContext(OSContextGenerator):
++    """
++    This context provides support for extending
++    the libvirt section through user-defined flags.
++    """
++    def __call__(self):
++        ctxt = {}
++        libvirt_flags = config('libvirt-flags')
++        if libvirt_flags:
++            ctxt['libvirt_flags'] = config_flags_parser(
++                libvirt_flags)
++        return ctxt
++
++
++class SubordinateConfigContext(OSContextGenerator):
++
++    """
++    Responsible for inspecting relations to subordinates that
++    may be exporting required config via a json blob.
++
++    The subordinate interface allows subordinates to export their
++    configuration requirements to the principle for multiple config
++    files and multiple serivces.  Ie, a subordinate that has interfaces
++    to both glance and nova may export to following yaml blob as json::
++
++        glance:
++            /etc/glance/glance-api.conf:
++                sections:
++                    DEFAULT:
++                        - [key1, value1]
++            /etc/glance/glance-registry.conf:
++                    MYSECTION:
++                        - [key2, value2]
++        nova:
++            /etc/nova/nova.conf:
++                sections:
++                    DEFAULT:
++                        - [key3, value3]
++
++
++    It is then up to the principle charms to subscribe this context to
++    the service+config file it is interestd in.  Configuration data will
++    be available in the template context, in glance's case, as::
++
++        ctxt = {
++            ... other context ...
++            'subordinate_configuration': {
++                'DEFAULT': {
++                    'key1': 'value1',
++                },
++                'MYSECTION': {
++                    'key2': 'value2',
++                },
++            }
++        }
++    """
++
++    def __init__(self, service, config_file, interface):
++        """
++        :param service     : Service name key to query in any subordinate
++                             data found
++        :param config_file : Service's config file to query sections
++        :param interface   : Subordinate interface to inspect
++        """
++        self.config_file = config_file
++        if isinstance(service, list):
++            self.services = service
++        else:
++            self.services = [service]
++        if isinstance(interface, list):
++            self.interfaces = interface
++        else:
++            self.interfaces = [interface]
++
++    def __call__(self):
++        ctxt = {'sections': {}}
++        rids = []
++        for interface in self.interfaces:
++            rids.extend(relation_ids(interface))
++        for rid in rids:
++            for unit in related_units(rid):
++                sub_config = relation_get('subordinate_configuration',
++                                          rid=rid, unit=unit)
++                if sub_config and sub_config != '':
++                    try:
++                        sub_config = json.loads(sub_config)
++                    except:
++                        log('Could not parse JSON from '
++                            'subordinate_configuration setting from %s'
++                            % rid, level=ERROR)
++                        continue
++
++                    for service in self.services:
++                        if service not in sub_config:
++                            log('Found subordinate_configuration on %s but it '
++                                'contained nothing for %s service'
++                                % (rid, service), level=INFO)
++                            continue
++
++                        sub_config = sub_config[service]
++                        if self.config_file not in sub_config:
++                            log('Found subordinate_configuration on %s but it '
++                                'contained nothing for %s'
++                                % (rid, self.config_file), level=INFO)
++                            continue
++
++                        sub_config = sub_config[self.config_file]
++                        for k, v in six.iteritems(sub_config):
++                            if k == 'sections':
++                                for section, config_list in six.iteritems(v):
++                                    log("adding section '%s'" % (section),
++                                        level=DEBUG)
++                                    if ctxt[k].get(section):
++                                        ctxt[k][section].extend(config_list)
++                                    else:
++                                        ctxt[k][section] = config_list
++                            else:
++                                ctxt[k] = v
++        log("%d section(s) found" % (len(ctxt['sections'])), level=DEBUG)
++        return ctxt
++
++
++class LogLevelContext(OSContextGenerator):
++
++    def __call__(self):
++        ctxt = {}
++        ctxt['debug'] = \
++            False if config('debug') is None else config('debug')
++        ctxt['verbose'] = \
++            False if config('verbose') is None else config('verbose')
++
++        return ctxt
++
++
++class SyslogContext(OSContextGenerator):
++
++    def __call__(self):
++        ctxt = {'use_syslog': config('use-syslog')}
++        return ctxt
++
++
++class BindHostContext(OSContextGenerator):
++
++    def __call__(self):
++        if config('prefer-ipv6'):
++            return {'bind_host': '::'}
++        else:
++            return {'bind_host': '0.0.0.0'}
++
++
++class WorkerConfigContext(OSContextGenerator):
++
++    @property
++    def num_cpus(self):
++        # NOTE: use cpu_count if present (16.04 support)
++        if hasattr(psutil, 'cpu_count'):
++            return psutil.cpu_count()
++        else:
++            return psutil.NUM_CPUS
++
++    def __call__(self):
++        multiplier = config('worker-multiplier') or 0
++        ctxt = {"workers": self.num_cpus * multiplier}
++        return ctxt
++
++
++class ZeroMQContext(OSContextGenerator):
++    interfaces = ['zeromq-configuration']
++
++    def __call__(self):
++        ctxt = {}
++        if is_relation_made('zeromq-configuration', 'host'):
++            for rid in relation_ids('zeromq-configuration'):
++                    for unit in related_units(rid):
++                        ctxt['zmq_nonce'] = relation_get('nonce', unit, rid)
++                        ctxt['zmq_host'] = relation_get('host', unit, rid)
++                        ctxt['zmq_redis_address'] = relation_get(
++                            'zmq_redis_address', unit, rid)
++
++        return ctxt
++
++
++class NotificationDriverContext(OSContextGenerator):
++
++    def __init__(self, zmq_relation='zeromq-configuration',
++                 amqp_relation='amqp'):
++        """
++        :param zmq_relation: Name of Zeromq relation to check
++        """
++        self.zmq_relation = zmq_relation
++        self.amqp_relation = amqp_relation
++
++    def __call__(self):
++        ctxt = {'notifications': 'False'}
++        if is_relation_made(self.amqp_relation):
++            ctxt['notifications'] = "True"
++
++        return ctxt
++
++
++class SysctlContext(OSContextGenerator):
++    """This context check if the 'sysctl' option exists on configuration
++    then creates a file with the loaded contents"""
++    def __call__(self):
++        sysctl_dict = config('sysctl')
++        if sysctl_dict:
++            sysctl_create(sysctl_dict,
++                          '/etc/sysctl.d/50-{0}.conf'.format(charm_name()))
++        return {'sysctl': sysctl_dict}
++
++
++class NeutronAPIContext(OSContextGenerator):
++    '''
++    Inspects current neutron-plugin-api relation for neutron settings. Return
++    defaults if it is not present.
++    '''
++    interfaces = ['neutron-plugin-api']
++
++    def __call__(self):
++        self.neutron_defaults = {
++            'l2_population': {
++                'rel_key': 'l2-population',
++                'default': False,
++            },
++            'overlay_network_type': {
++                'rel_key': 'overlay-network-type',
++                'default': 'gre',
++            },
++            'neutron_security_groups': {
++                'rel_key': 'neutron-security-groups',
++                'default': False,
++            },
++            'network_device_mtu': {
++                'rel_key': 'network-device-mtu',
++                'default': None,
++            },
++            'enable_dvr': {
++                'rel_key': 'enable-dvr',
++                'default': False,
++            },
++            'enable_l3ha': {
++                'rel_key': 'enable-l3ha',
++                'default': False,
++            },
++        }
++        ctxt = self.get_neutron_options({})
++        for rid in relation_ids('neutron-plugin-api'):
++            for unit in related_units(rid):
++                rdata = relation_get(rid=rid, unit=unit)
++                if 'l2-population' in rdata:
++                    ctxt.update(self.get_neutron_options(rdata))
++
++        return ctxt
++
++    def get_neutron_options(self, rdata):
++        settings = {}
++        for nkey in self.neutron_defaults.keys():
++            defv = self.neutron_defaults[nkey]['default']
++            rkey = self.neutron_defaults[nkey]['rel_key']
++            if rkey in rdata.keys():
++                if type(defv) is bool:
++                    settings[nkey] = bool_from_string(rdata[rkey])
++                else:
++                    settings[nkey] = rdata[rkey]
++            else:
++                settings[nkey] = defv
++        return settings
++
++
++class ExternalPortContext(NeutronPortContext):
++
++    def __call__(self):
++        ctxt = {}
++        ports = config('ext-port')
++        if ports:
++            ports = [p.strip() for p in ports.split()]
++            ports = self.resolve_ports(ports)
++            if ports:
++                ctxt = {"ext_port": ports[0]}
++                napi_settings = NeutronAPIContext()()
++                mtu = napi_settings.get('network_device_mtu')
++                if mtu:
++                    ctxt['ext_port_mtu'] = mtu
++
++        return ctxt
++
++
++class DataPortContext(NeutronPortContext):
++
++    def __call__(self):
++        ports = config('data-port')
++        if ports:
++            # Map of {port/mac:bridge}
++            portmap = parse_data_port_mappings(ports)
++            ports = portmap.keys()
++            # Resolve provided ports or mac addresses and filter out those
++            # already attached to a bridge.
++            resolved = self.resolve_ports(ports)
++            # FIXME: is this necessary?
++            normalized = {get_nic_hwaddr(port): port for port in resolved
++                          if port not in ports}
++            normalized.update({port: port for port in resolved
++                               if port in ports})
++            if resolved:
++                return {normalized[port]: bridge for port, bridge in
++                        six.iteritems(portmap) if port in normalized.keys()}
++
++        return None
++
++
++class PhyNICMTUContext(DataPortContext):
++
++    def __call__(self):
++        ctxt = {}
++        mappings = super(PhyNICMTUContext, self).__call__()
++        if mappings and mappings.keys():
++            ports = sorted(mappings.keys())
++            napi_settings = NeutronAPIContext()()
++            mtu = napi_settings.get('network_device_mtu')
++            all_ports = set()
++            # If any of ports is a vlan device, its underlying device must have
++            # mtu applied first.
++            for port in ports:
++                for lport in glob.glob("/sys/class/net/%s/lower_*" % port):
++                    lport = os.path.basename(lport)
++                    all_ports.add(lport.split('_')[1])
++
++            all_ports = list(all_ports)
++            all_ports.extend(ports)
++            if mtu:
++                ctxt["devs"] = '\\n'.join(all_ports)
++                ctxt['mtu'] = mtu
++
++        return ctxt
++
++
++class NetworkServiceContext(OSContextGenerator):
++
++    def __init__(self, rel_name='quantum-network-service'):
++        self.rel_name = rel_name
++        self.interfaces = [rel_name]
++
++    def __call__(self):
++        for rid in relation_ids(self.rel_name):
++            for unit in related_units(rid):
++                rdata = relation_get(rid=rid, unit=unit)
++                ctxt = {
++                    'keystone_host': rdata.get('keystone_host'),
++                    'service_port': rdata.get('service_port'),
++                    'auth_port': rdata.get('auth_port'),
++                    'service_tenant': rdata.get('service_tenant'),
++                    'service_username': rdata.get('service_username'),
++                    'service_password': rdata.get('service_password'),
++                    'quantum_host': rdata.get('quantum_host'),
++                    'quantum_port': rdata.get('quantum_port'),
++                    'quantum_url': rdata.get('quantum_url'),
++                    'region': rdata.get('region'),
++                    'service_protocol':
++                    rdata.get('service_protocol') or 'http',
++                    'auth_protocol':
++                    rdata.get('auth_protocol') or 'http',
++                }
++                if self.context_complete(ctxt):
++                    return ctxt
++        return {}
 === added directory 'charmhelpers.new/contrib/openstack/files'
 === added file 'charmhelpers.new/contrib/openstack/files/check_haproxy.sh'
 --- charmhelpers.new/contrib/openstack/files/check_haproxy.sh	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/contrib/openstack/files/check_haproxy.sh	2016-01-30 12:38:43 +0000
@@ -0,0 +1,34 @@
++#!/bin/bash
++#--------------------------------------------
++# This file is managed by Juju
++#--------------------------------------------
++#
++# Copyright 2009,2012 Canonical Ltd.
++# Author: Tom Haddon
++
++CRITICAL=0
++NOTACTIVE=''
++LOGFILE=/var/log/nagios/check_haproxy.log
++AUTH=$(grep -r "stats auth" /etc/haproxy | awk 'NR=1{print $4}')
++
++typeset -i N_INSTANCES=0
++for appserver in $(awk '/^\s+server/{print $2}' /etc/haproxy/haproxy.cfg)
++do
++    N_INSTANCES=N_INSTANCES+1
++    output=$(/usr/lib/nagios/plugins/check_http -a ${AUTH} -I 127.0.0.1 -p 8888 -u '/;csv' --regex=",${appserver},.*,UP.*" -e ' 200 OK')
++    if [ $? != 0 ]; then
++        date >> $LOGFILE
++        echo $output >> $LOGFILE
++        /usr/lib/nagios/plugins/check_http -a ${AUTH} -I 127.0.0.1 -p 8888 -u '/;csv' -v | grep ",${appserver}," >> $LOGFILE 2>&1
++        CRITICAL=1
++        NOTACTIVE="${NOTACTIVE} $appserver"
++    fi
++done
++
++if [ $CRITICAL = 1 ]; then
++    echo "CRITICAL:${NOTACTIVE}"
++    exit 2
++fi
++
++echo "OK: All haproxy instances ($N_INSTANCES) looking good"
++exit 0
 === added file 'charmhelpers.new/contrib/openstack/ip.py'
 --- charmhelpers.new/contrib/openstack/ip.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/contrib/openstack/ip.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,151 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++from charmhelpers.core.hookenv import (
++    config,
++    unit_get,
++    service_name,
++)
++from charmhelpers.contrib.network.ip import (
++    get_address_in_network,
++    is_address_in_network,
++    is_ipv6,
++    get_ipv6_addr,
++)
++from charmhelpers.contrib.hahelpers.cluster import is_clustered
++
++PUBLIC = 'public'
++INTERNAL = 'int'
++ADMIN = 'admin'
++
++ADDRESS_MAP = {
++    PUBLIC: {
++        'config': 'os-public-network',
++        'fallback': 'public-address',
++        'override': 'os-public-hostname',
++    },
++    INTERNAL: {
++        'config': 'os-internal-network',
++        'fallback': 'private-address',
++        'override': 'os-internal-hostname',
++    },
++    ADMIN: {
++        'config': 'os-admin-network',
++        'fallback': 'private-address',
++        'override': 'os-admin-hostname',
++    }
++}
++
++
++def canonical_url(configs, endpoint_type=PUBLIC):
++    """Returns the correct HTTP URL to this host given the state of HTTPS
++    configuration, hacluster and charm configuration.
++
++    :param configs: OSTemplateRenderer config templating object to inspect
++                    for a complete https context.
++    :param endpoint_type: str endpoint type to resolve.
++    :param returns: str base URL for services on the current service unit.
++    """
++    scheme = _get_scheme(configs)
++
++    address = resolve_address(endpoint_type)
++    if is_ipv6(address):
++        address = "[{}]".format(address)
++
++    return '%s://%s' % (scheme, address)
++
++
++def _get_scheme(configs):
++    """Returns the scheme to use for the url (either http or https)
++    depending upon whether https is in the configs value.
++
++    :param configs: OSTemplateRenderer config templating object to inspect
++                    for a complete https context.
++    :returns: either 'http' or 'https' depending on whether https is
++              configured within the configs context.
++    """
++    scheme = 'http'
++    if configs and 'https' in configs.complete_contexts():
++        scheme = 'https'
++    return scheme
++
++
++def _get_address_override(endpoint_type=PUBLIC):
++    """Returns any address overrides that the user has defined based on the
++    endpoint type.
++
++    Note: this function allows for the service name to be inserted into the
++    address if the user specifies {service_name}.somehost.org.
++
++    :param endpoint_type: the type of endpoint to retrieve the override
++                          value for.
++    :returns: any endpoint address or hostname that the user has overridden
++              or None if an override is not present.
++    """
++    override_key = ADDRESS_MAP[endpoint_type]['override']
++    addr_override = config(override_key)
++    if not addr_override:
++        return None
++    else:
++        return addr_override.format(service_name=service_name())
++
++
++def resolve_address(endpoint_type=PUBLIC):
++    """Return unit address depending on net config.
++
++    If unit is clustered with vip(s) and has net splits defined, return vip on
++    correct network. If clustered with no nets defined, return primary vip.
++
++    If not clustered, return unit address ensuring address is on configured net
++    split if one is configured.
++
++    :param endpoint_type: Network endpoing type
++    """
++    resolved_address = _get_address_override(endpoint_type)
++    if resolved_address:
++        return resolved_address
++
++    vips = config('vip')
++    if vips:
++        vips = vips.split()
++
++    net_type = ADDRESS_MAP[endpoint_type]['config']
++    net_addr = config(net_type)
++    net_fallback = ADDRESS_MAP[endpoint_type]['fallback']
++    clustered = is_clustered()
++    if clustered:
++        if not net_addr:
++            # If no net-splits defined, we expect a single vip
++            resolved_address = vips[0]
++        else:
++            for vip in vips:
++                if is_address_in_network(net_addr, vip):
++                    resolved_address = vip
++                    break
++    else:
++        if config('prefer-ipv6'):
++            fallback_addr = get_ipv6_addr(exc_list=vips)[0]
++        else:
++            fallback_addr = unit_get(net_fallback)
++
++        resolved_address = get_address_in_network(net_addr, fallback_addr)
++
++    if resolved_address is None:
++        raise ValueError("Unable to resolve a suitable IP address based on "
++                         "charm state and configuration. (net_type=%s, "
++                         "clustered=%s)" % (net_type, clustered))
++
++    return resolved_address
 === added file 'charmhelpers.new/contrib/openstack/neutron.py'
 --- charmhelpers.new/contrib/openstack/neutron.py	1970-01-01 00:00:00 +0000
 +++ charmhelpers.new/contrib/openstack/neutron.py	2016-01-30 12:38:43 +0000
@@ -0,0 +1,378 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# This file is part of charm-helpers.
++#
++# charm-helpers is free software: you can redistribute it and/or modify
++# it under the terms of the GNU Lesser General Public License version 3 as
++# published by the Free Software Foundation.
++#
++# charm-helpers is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public License
++# along with charm-helpers.  If not, see <http://www.gnu.org/licenses/>.
++
++# Various utilies for dealing with Neutron and the renaming from Quantum.
++
++import six
++from subprocess import check_output
++
++from charmhelpers.core.hookenv import (
++    config,
++    log,
++    ERROR,
++)
++
++from charmhelpers.contrib.openstack.utils import os_release
++
++
++def headers_package():
++    """Ensures correct linux-headers for running kernel are installed,
++    for building DKMS package"""
++    kver = check_output(['uname', '-r']).decode('UTF-8').strip()
++    return 'linux-headers-%s' % kver
++
++QUANTUM_CONF_DIR = '/etc/quantum'
++
++
++def kernel_version():
++    """ Retrieve the current major kernel version as a tuple e.g. (3, 13) """
++    kver = check_output(['uname', '-r']).decode('UTF-8').strip()
++    kver = kver.split('.')
++    return (int(kver[0]), int(kver[1]))
++
++
++def determine_dkms_package():
++    """ Determine which DKMS package should be used based on kernel version """
++    # NOTE: 3.13 kernels have support for GRE and VXLAN native
++    if kernel_version() >= (3, 13):
++        return []
++    else:
++        return [headers_package(), 'openvswitch-datapath-dkms']
++
++
++# legacy
++
++
++def quantum_plugins():
++    from charmhelpers.contrib.openstack import context
++    return {
++        'ovs': {
++            'config': '/etc/quantum/plugins/openvswitch/'
++                      'ovs_quantum_plugin.ini',
++            'driver': 'quantum.plugins.openvswitch.ovs_quantum_plugin.'
++                      'OVSQuantumPluginV2',
++            'contexts': [
++                context.SharedDBContext(user=config('neutron-database-user'),
++                                        database=config('neutron-database'),
++                                        relation_prefix='neutron',
++                                        ssl_dir=QUANTUM_CONF_DIR)],
++            'services': ['quantum-plugin-openvswitch-agent'],
++            'packages': [determine_dkms_package(),
++                         ['quantum-plugin-openvswitch-agent']],
++            'server_packages': ['quantum-server',
++                                'quantum-plugin-openvswitch'],
++            'server_services': ['quantum-server']
++        },
++        'nvp': {
++            'config': '/etc/quantum/plugins/nicira/nvp.ini',
++            'driver': 'quantum.plugins.nicira.nicira_nvp_plugin.'
++                      'QuantumPlugin.NvpPluginV2',
++            'contexts': [
++                context.SharedDBContext(user=config('neutron-database-user'),
++                                        database=config('neutron-database'),
++                                        relation_prefix='neutron',
++                                        ssl_dir=QUANTUM_CONF_DIR)],
++            'services': [],
++            'packages': [],
++            'server_packages': ['quantum-server',
++                                'quantum-plugin-nicira'],
++            'server_services': ['quantum-server']
++        }
++    }
++
++NEUTRON_CONF_DIR = '/etc/neutron'
++
++
++def neutron_plugins():
++    from charmhelpers.contrib.openstack import context
++    release = os_release('nova-common')
++    plugins = {
++        'ovs': {
++            'config': '/etc/neutron/plugins/openvswitch/'
++                      'ovs_neutron_plugin.ini',
++            'driver': 'neutron.plugins.openvswitch.ovs_neutron_plugin.'
++                      'OVSNeutronPluginV2',
++            'contexts': [
++                context.SharedDBContext(user=config('neutron-database-user'),
++                                        database=config('neutron-database'),
++                                        relation_prefix='neutron',
++                                        ssl_dir=NEUTRON_CONF_DIR)],
++            'services': ['neutron-plugin-openvswitch-agent'],
++            'packages': [determine_dkms_package(),
++                         ['neutron-plugin-openvswitch-agent']],
++            'server_packages': ['neutron-server',
++                                'neutron-plugin-openvswitch'],
++            'server_services': ['neutron-server']
++        },
++        'nvp': {
++            'config': '/etc/neutron/plugins/nicira/nvp.ini',
++            'driver': 'neutron.plugins.nicira.nicira_nvp_plugin.'
++                      'NeutronPlugin.NvpPluginV2',
++            'contexts': [
++                context.SharedDBContext(user=config('neutron-database-user'),
++                                        database=config('neutron-database'),
++                                        relation_prefix='neutron',
++                                        ssl_dir=NEUTRON_CONF_DIR)],
++            'services': [],
++            'packages': [],
++            'server_packages': ['neutron-server',
++                                'neutron-plugin-nicira'],
++            'server_services': ['neutron-server']
++        },
++        'nsx': {
++            'config': '/etc/neutron/plugins/vmware/nsx.ini',
++            'driver': 'vmware',
++            'contexts': [
++                context.SharedDBContext(user=config('neutron-database-user'),
++                                        database=config('neutron-database'),
++                                        relation_prefix='neutron',
++                                        ssl_dir=NEUTRON_CONF_DIR)],
++            'services': [],
++            'packages': [],
++            'server_packages': ['neutron-server',
++                                'neutron-plugin-vmware'],
++            'server_services': ['neutron-server']
++        },
++        'n1kv': {
++            'config': '/etc/neutron/plugins/cisco/cisco_plugins.ini',
++            'driver': 'neutron.plugins.cisco.network_plugin.PluginV2',
++            'contexts': [
++                context.SharedDBContext(user=config('neutron-database-user'),
++                                        database=config('neutron-database'),
++                                        relation_prefix='neutron',
++                                        ssl_dir=NEUTRON_CONF_DIR)],
++            'services': [],
++            'packages': [determine_dkms_package(),
++                         ['neutron-plugin-cisco']],
++            'server_packages': ['neutron-server',
++                                'neutron-plugin-cisco'],
++            'server_services': ['neutron-server']
++        },
++        'Calico': {
++            'config': '/etc/neutron/plugins/ml2/ml2_conf.ini',
++            'driver': 'neutron.plugins.ml2.plugin.Ml2Plugin',
++            'contexts': [
++                context.SharedDBContext(user=config('neutron-database-user'),
++                                        database=config('neutron-database'),
++                                        relation_prefix='neutron',
++                                        ssl_dir=NEUTRON_CONF_DIR)],
++            'services': ['calico-felix',
++                         'bird',
++                         'neutron-dhcp-agent',
++                         'nova-api-metadata',
++                         'etcd'],
++            'packages': [determine_dkms_package(),
++                         ['calico-compute',
++                          'bird',
++                          'neutron-dhcp-agent',
++                          'nova-api-metadata',
++                          'etcd']],
++            'server_packages': ['neutron-server', 'calico-control', 'etcd'],
++            'server_services': ['neutron-server', 'etcd']
++        },
++        'vsp': {
++            'config': '/etc/neutron/plugins/nuage/nuage_plugin.ini',
++            'driver': 'neutron.plugins.nuage.plugin.NuagePlugin',
++            'contexts': [
++                context.SharedDBContext(user=config('neutron-database-user'),
++                                        database=config('neutron-database'),
++                                        relation_prefix='neutron',
++                                        ssl_dir=NEUTRON_CONF_DIR)],
++            'services': [],
++            'packages': [],
++            'server_packages': ['neutron-server', 'neutron-plugin-nuage'],
++            'server_services': ['neutron-server']
++        },
++        'plumgrid': {
++            'config': '/etc/neutron/plugins/plumgrid/plumgrid.ini',
++            'driver': 'neutron.plugins.plumgrid.plumgrid_plugin.plumgrid_plugin.NeutronPluginPLUMgridV2',
++            'contexts': [
++                context.SharedDBContext(user=config('database-user'),
++                                        database=config('database'),
++                                        ssl_dir=NEUTRON_CONF_DIR)],
++            'services': [],
++            'packages': ['plumgrid-lxc',
++                         'iovisor-dkms'],
++            'server_packages': ['neutron-server',
++                                'neutron-plugin-plumgrid'],
++            'server_services': ['neutron-server']
++        },
++        'midonet': {
++            'config': '/etc/neutron/plugins/midonet/midonet.ini',
++            'driver': 'midonet.neutron.plugin.MidonetPluginV2',
++            'contexts': [
++                context.SharedDBContext(user=config('neutron-database-user'),
++                                        database=config('neutron-database'),
++                                        relation_prefix='neutron',
++                                        ssl_dir=NEUTRON_CONF_DIR)],
++            'services': [],
++            'packages': [determine_dkms_package()],
++            'server_packages': ['neutron-server',
++                                'python-neutron-plugin-midonet'],
++            'server_services': ['neutron-server']
++        }
++    }
++    if release >= 'icehouse':
++        # NOTE: patch in ml2 plugin for icehouse onwards
++        plugins['ovs']['config'] = '/etc/neutron/plugins/ml2/ml2_conf.ini'
++        plugins['ovs']['driver'] = 'neutron.plugins.ml2.plugin.Ml2Plugin'
++        plugins['ovs']['server_packages'] = ['neutron-server',
++                                             'neutron-plugin-ml2']
++        # NOTE: patch in vmware renames nvp->nsx for icehouse onwards

Juju Charms Collectionswift-storage package