Juju Charms Collection
glance-simplestreams-sync package

Merge lp:~lathiat/charms/trusty/glance-simplestreams-sync/trunk into lp:charms/trusty/glance-simplestreams-sync

  1. Trusty Tahr (14.04)
  2. trunk
  3. Merge into trunk
Proposed by Trent Lloyd
Status: Merged
Merged at revision: 70
Proposed branch: lp:~lathiat/charms/trusty/glance-simplestreams-sync/trunk
Merge into: lp:charms/trusty/glance-simplestreams-sync
Diff against target: 84 lines (+13/-46)
1 file modified
scripts/glance-simplestreams-sync.py (+13/-46)
To merge this branch: bzr merge lp:~lathiat/charms/trusty/glance-simplestreams-sync/trunk
Reviewer Review Type Date Requested Status
Данило Шеган (community) Approve
charmers Pending
Review via email: mp+290950@code.launchpad.net

Description of the change

Base the product-streams endpoint on swift's endpoint using service_catalog.url_for() instead of generating it manually (LP #1552986)

ceph-radosgw uses a different URL scheme to swift-proxy without the AUTH_$(tenant_id)s part,
this fix will now base the URL on the configured endpoint so that it will work with either
object store and service_catalog.url_for() will replace the dynamic $(tenant_id) part for us

Once working, juju can now find images and tools in a private cloud automatically instead of needing to generate metadata manually.

To post a comment you must log in.
Revision history for this message
Данило Шеган (danilo) wrote :

In my tests, this has worked with ceph/ceph deployment of Landscape Autopilot, but failed when swift/iscsi and swift/ceph were used due to Authorization errors.

A glance-simplestreams-sync.log is at http://paste.ubuntu.com/15806629/.

Btw, please respect the PEP-8 as well (80-character line length limit).

review: Needs Fixing
Revision history for this message
Данило Шеган (danilo) wrote :

To expand on the above, the problem seems to be that the keystone catalog has an "admin" tenant ID in the object_store URL (/v1/AUTH_<admin-tenant-id>), whereas the old code had the "services" tenant ID.

However, if I use the more recent API ("openstack endpoint list") and then "openstack endpoint show <object-store-service-id>", I get:

+--------------+-------------------------------------------------+
| Field | Value |
 +--------------+-------------------------------------------------+
| adminurl | http://10.44.199.170:8080 |
| enabled | True |
| id | 69ff557520f24f27bf8d04761b5bf350 |
| internalurl | http://10.44.199.170:8080/v1/AUTH_$(tenant_id)s |
| publicurl | http://10.44.199.170:8080/v1/AUTH_$(tenant_id)s |
| region | region1 |
| service_id | e0d9101e28f24bb09cc101e8575c2df7 |
| service_name | swift |
| service_type | object-store |
 +--------------+-------------------------------------------------+

What we need to do is to get those internalurl and publicurl values and replace $(tenant_id)s with "services" tenant ID in there. I am looking at how I get at this right now.

Revision history for this message
Trent Lloyd (lathiat) wrote :

According to your log that was the services tenant_id:

"tenant": {"description": "Created by Juju", "enabled": true, "id": "a953d9d28c0d4e9cb014c50d425b7671", "name": "services"}

INFO * 04-13 08:56:17 [PID:9560] * swiftclient * REQ: curl -i http://10.44.199.160:8080/v1/AUTH_a953d9d28c0d4e9cb014c50d425b7671/simplestreams -X PUT -H "Content-Length: 0" -H "X-Auth-Token: b2b261223cc349328a01403b27a2b3c4" -H "X-Container-Read: .r:*,.rlistings"

INFO * 04-13 08:56:17 [PID:9560] * swiftclient * RESP STATUS: 401 Unauthorized

The auth token in use was also for services. Suspect something else is at play. Will test.

Revision history for this message
Данило Шеган (danilo) wrote :

Ok, I was wrong above (too many things going on at once). This branch does work, but might hit a bit of a race with swift setup and thus hit the ClientException as above.

I've worked around that using https://pastebin.canonical.com/154167/ (mostly whitespace fixes, but also adding exception handling to keep the per-minute cronjob if swiftclient.ClientException is caught). In my last run, I haven't hit it, but as I said, it will sometimes happen with automated installs and sometimes not.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'scripts/glance-simplestreams-sync.py'
2--- scripts/glance-simplestreams-sync.py 2015-11-05 11:28:15 +0000
3+++ scripts/glance-simplestreams-sync.py 2016-04-05 06:18:42 +0000
4@@ -216,28 +216,16 @@
5 Updates URLs of product-streams endpoint to point to swift URLs.
6 """
7
8- swift_services = [s for s in services
9- if s['name'] == 'swift']
10- if len(swift_services) != 1:
11- log.error("found {} swift services. expecting one."
12- " - not updating endpoint.".format(len(swift_services)))
13- return
14-
15- swift_service_id = swift_services[0]['id']
16+ try:
17+ catalog = {endpoint_type: ksc.service_catalog.url_for(service_type='object-store', endpoint_type=endpoint_type) for endpoint_type in ['publicURL', 'internalURL', 'adminURL']}
18+ except keystoneclient.exceptions.EndpointNotFound as e:
19+ log.warning("could not retrieve swift endpoint, not updating product-streams endpoint: {}".format(e))
20+
21+ for endpoint_type in ['publicURL', 'internalURL']:
22+ catalog[endpoint_type] += "/{}".format(SWIFT_DATA_DIR)
23
24 endpoints = [e._info for e in ksc.endpoints.list()
25 if e._info['region'] == region]
26-
27- swift_endpoints = [e for e in endpoints
28- if e['service_id'] == swift_service_id]
29- if len(swift_endpoints) != 1:
30- log.warning("found {} swift endpoints, expecting one - not"
31- " updating product-streams"
32- " endpoint.".format(len(swift_endpoints)))
33- return
34-
35- swift_endpoint = swift_endpoints[0]
36-
37 ps_services = [s for s in services
38 if s['name'] == PRODUCT_STREAMS_SERVICE_NAME]
39 if len(ps_services) != 1:
40@@ -260,38 +248,17 @@
41 log.info("Deleting existing product-streams endpoint: ")
42 ksc.endpoints.delete(ps_endpoints[0]['id'])
43
44- services_tenant_ids = [t.id for t in ksc.tenants.list()
45- if t.name == 'services']
46-
47- if len(services_tenant_ids) != 1:
48- log.warning("found {} tenants named 'services',"
49- " expecting one. Not updating"
50- " endpoint".format(len(services_tenant_ids)))
51-
52- services_tenant_id = services_tenant_ids[0]
53-
54- path = "/v1/AUTH_{}/{}".format(services_tenant_id,
55- SWIFT_DATA_DIR)
56-
57- swift_public_url = swift_endpoint['publicurl']
58- sr_p = urlsplit(swift_public_url)
59- ps_public_url = sr_p._replace(path=path).geturl()
60-
61- swift_internal_url = swift_endpoint['internalurl']
62- sr_i = urlsplit(swift_internal_url)
63- ps_internal_url = sr_i._replace(path=path).geturl()
64-
65 create_args = dict(region=region,
66 service_id=ps_service_id,
67- publicurl=ps_public_url,
68- adminurl=swift_endpoint['adminurl'],
69- internalurl=ps_internal_url)
70+ publicurl=catalog['publicURL'],
71+ adminurl=catalog['adminURL'],
72+ internalurl=catalog['internalURL'])
73 status_set('maintenance', 'Updating product-streams endpoint')
74 log.info("creating product-streams endpoint: {}".format(create_args))
75 ksc.endpoints.create(**create_args)
76- update_endpoint_urls(region, ps_public_url,
77- swift_endpoint['adminurl'],
78- ps_internal_url)
79+ update_endpoint_urls(region, catalog['publicURL'],
80+ catalog['adminURL'],
81+ catalog['internalURL'])
82
83
84 def juju_run_cmd(cmd):

Subscribers

People subscribed via source and target branches