Juju Charms Collection
glance-simplestreams-sync package

Merge lp:~lathiat/charms/trusty/glance-simplestreams-sync/trunk into lp:charms/trusty/glance-simplestreams-sync

  1. Trusty Tahr (14.04)
  2. trunk
  3. Merge into trunk
Proposed by Trent Lloyd
Status: Merged
Merged at revision: 70
Proposed branch: lp:~lathiat/charms/trusty/glance-simplestreams-sync/trunk
Merge into: lp:charms/trusty/glance-simplestreams-sync
Diff against target: 84 lines (+13/-46)
1 file modified
scripts/glance-simplestreams-sync.py (+13/-46)
To merge this branch: bzr merge lp:~lathiat/charms/trusty/glance-simplestreams-sync/trunk
Reviewer Review Type Date Requested Status
Данило Шеган (community) Approve
charmers Pending
Review via email: mp+290950@code.launchpad.net

Description of the change

Base the product-streams endpoint on swift's endpoint using service_catalog.url_for() instead of generating it manually (LP #1552986)

ceph-radosgw uses a different URL scheme to swift-proxy without the AUTH_$(tenant_id)s part,
this fix will now base the URL on the configured endpoint so that it will work with either
object store and service_catalog.url_for() will replace the dynamic $(tenant_id) part for us

Once working, juju can now find images and tools in a private cloud automatically instead of needing to generate metadata manually.

To post a comment you must log in.
Revision history for this message
Данило Шеган (danilo) wrote :

In my tests, this has worked with ceph/ceph deployment of Landscape Autopilot, but failed when swift/iscsi and swift/ceph were used due to Authorization errors.

A glance-simplestreams-sync.log is at http://paste.ubuntu.com/15806629/.

Btw, please respect the PEP-8 as well (80-character line length limit).

review: Needs Fixing
Revision history for this message
Данило Шеган (danilo) wrote :

To expand on the above, the problem seems to be that the keystone catalog has an "admin" tenant ID in the object_store URL (/v1/AUTH_<admin-tenant-id>), whereas the old code had the "services" tenant ID.

However, if I use the more recent API ("openstack endpoint list") and then "openstack endpoint show <object-store-service-id>", I get:

+--------------+-------------------------------------------------+
| Field | Value |
 +--------------+-------------------------------------------------+
| adminurl | http://10.44.199.170:8080 |
| enabled | True |
| id | 69ff557520f24f27bf8d04761b5bf350 |
| internalurl | http://10.44.199.170:8080/v1/AUTH_$(tenant_id)s |
| publicurl | http://10.44.199.170:8080/v1/AUTH_$(tenant_id)s |
| region | region1 |
| service_id | e0d9101e28f24bb09cc101e8575c2df7 |
| service_name | swift |
| service_type | object-store |
 +--------------+-------------------------------------------------+

What we need to do is to get those internalurl and publicurl values and replace $(tenant_id)s with "services" tenant ID in there. I am looking at how I get at this right now.

Revision history for this message
Trent Lloyd (lathiat) wrote :

According to your log that was the services tenant_id:

"tenant": {"description": "Created by Juju", "enabled": true, "id": "a953d9d28c0d4e9cb014c50d425b7671", "name": "services"}

INFO * 04-13 08:56:17 [PID:9560] * swiftclient * REQ: curl -i http://10.44.199.160:8080/v1/AUTH_a953d9d28c0d4e9cb014c50d425b7671/simplestreams -X PUT -H "Content-Length: 0" -H "X-Auth-Token: b2b261223cc349328a01403b27a2b3c4" -H "X-Container-Read: .r:*,.rlistings"

INFO * 04-13 08:56:17 [PID:9560] * swiftclient * RESP STATUS: 401 Unauthorized

The auth token in use was also for services. Suspect something else is at play. Will test.

Revision history for this message
Данило Шеган (danilo) wrote :

Ok, I was wrong above (too many things going on at once). This branch does work, but might hit a bit of a race with swift setup and thus hit the ClientException as above.

I've worked around that using https://pastebin.canonical.com/154167/ (mostly whitespace fixes, but also adding exception handling to keep the per-minute cronjob if swiftclient.ClientException is caught). In my last run, I haven't hit it, but as I said, it will sometimes happen with automated installs and sometimes not.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'scripts/glance-simplestreams-sync.py'
--- scripts/glance-simplestreams-sync.py 2015-11-05 11:28:15 +0000
+++ scripts/glance-simplestreams-sync.py 2016-04-05 06:18:42 +0000
@@ -216,28 +216,16 @@
216 Updates URLs of product-streams endpoint to point to swift URLs.216 Updates URLs of product-streams endpoint to point to swift URLs.
217 """217 """
218218
219 swift_services = [s for s in services219 try:
220 if s['name'] == 'swift']220 catalog = {endpoint_type: ksc.service_catalog.url_for(service_type='object-store', endpoint_type=endpoint_type) for endpoint_type in ['publicURL', 'internalURL', 'adminURL']}
221 if len(swift_services) != 1:221 except keystoneclient.exceptions.EndpointNotFound as e:
222 log.error("found {} swift services. expecting one."222 log.warning("could not retrieve swift endpoint, not updating product-streams endpoint: {}".format(e))
223 " - not updating endpoint.".format(len(swift_services)))223
224 return224 for endpoint_type in ['publicURL', 'internalURL']:
225225 catalog[endpoint_type] += "/{}".format(SWIFT_DATA_DIR)
226 swift_service_id = swift_services[0]['id']
227226
228 endpoints = [e._info for e in ksc.endpoints.list()227 endpoints = [e._info for e in ksc.endpoints.list()
229 if e._info['region'] == region]228 if e._info['region'] == region]
230
231 swift_endpoints = [e for e in endpoints
232 if e['service_id'] == swift_service_id]
233 if len(swift_endpoints) != 1:
234 log.warning("found {} swift endpoints, expecting one - not"
235 " updating product-streams"
236 " endpoint.".format(len(swift_endpoints)))
237 return
238
239 swift_endpoint = swift_endpoints[0]
240
241 ps_services = [s for s in services229 ps_services = [s for s in services
242 if s['name'] == PRODUCT_STREAMS_SERVICE_NAME]230 if s['name'] == PRODUCT_STREAMS_SERVICE_NAME]
243 if len(ps_services) != 1:231 if len(ps_services) != 1:
@@ -260,38 +248,17 @@
260 log.info("Deleting existing product-streams endpoint: ")248 log.info("Deleting existing product-streams endpoint: ")
261 ksc.endpoints.delete(ps_endpoints[0]['id'])249 ksc.endpoints.delete(ps_endpoints[0]['id'])
262250
263 services_tenant_ids = [t.id for t in ksc.tenants.list()
264 if t.name == 'services']
265
266 if len(services_tenant_ids) != 1:
267 log.warning("found {} tenants named 'services',"
268 " expecting one. Not updating"
269 " endpoint".format(len(services_tenant_ids)))
270
271 services_tenant_id = services_tenant_ids[0]
272
273 path = "/v1/AUTH_{}/{}".format(services_tenant_id,
274 SWIFT_DATA_DIR)
275
276 swift_public_url = swift_endpoint['publicurl']
277 sr_p = urlsplit(swift_public_url)
278 ps_public_url = sr_p._replace(path=path).geturl()
279
280 swift_internal_url = swift_endpoint['internalurl']
281 sr_i = urlsplit(swift_internal_url)
282 ps_internal_url = sr_i._replace(path=path).geturl()
283
284 create_args = dict(region=region,251 create_args = dict(region=region,
285 service_id=ps_service_id,252 service_id=ps_service_id,
286 publicurl=ps_public_url,253 publicurl=catalog['publicURL'],
287 adminurl=swift_endpoint['adminurl'],254 adminurl=catalog['adminURL'],
288 internalurl=ps_internal_url)255 internalurl=catalog['internalURL'])
289 status_set('maintenance', 'Updating product-streams endpoint')256 status_set('maintenance', 'Updating product-streams endpoint')
290 log.info("creating product-streams endpoint: {}".format(create_args))257 log.info("creating product-streams endpoint: {}".format(create_args))
291 ksc.endpoints.create(**create_args)258 ksc.endpoints.create(**create_args)
292 update_endpoint_urls(region, ps_public_url,259 update_endpoint_urls(region, catalog['publicURL'],
293 swift_endpoint['adminurl'],260 catalog['adminURL'],
294 ps_internal_url)261 catalog['internalURL'])
295262
296263
297def juju_run_cmd(cmd):264def juju_run_cmd(cmd):

Subscribers

People subscribed via source and target branches