Juju Charms Collection
heat package

Merge lp:~macgreagoir/charms/trusty/heat/instance_user into lp:~openstack-charmers-archive/charms/trusty/heat/next

  1. Trusty Tahr (14.04)
  2. instance_user
  3. Merge into next
Proposed by Mick Gregg
Status: Merged
Merged at revision: 64
Proposed branch: lp:~macgreagoir/charms/trusty/heat/instance_user
Merge into: lp:~openstack-charmers-archive/charms/trusty/heat/next
Diff against target: 182 lines (+109/-2)
6 files modified
config.yaml (+7/-0)
hooks/heat_context.py (+12/-0)
hooks/heat_utils.py (+2/-0)
templates/icehouse/heat.conf (+79/-0)
templates/kilo/heat.conf (+1/-1)
unit_tests/test_heat_context.py (+8/-1)
To merge this branch: bzr merge lp:~macgreagoir/charms/trusty/heat/instance_user
Reviewer Review Type Date Requested Status
Liam Young (community) Approve
Ryan Beisner Pending
Review via email: mp+276499@code.launchpad.net

This proposal supersedes a proposal from 2015-05-06.

Commit message

[macgreagoir] Make heat.conf instance_user item configurable.

Description of the change

Made heat.conf instance_user configurable, as required for Icehouse

To post a comment you must log in.
Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote : Posted in a previous version of this proposal

charm_lint_check #4410 heat-next for macgreagoir mp258385
    LINT OK: passed

Build: http://10.245.162.77:8080/job/charm_lint_check/4410/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote : Posted in a previous version of this proposal

charm_unit_test #4135 heat-next for macgreagoir mp258385
    UNIT OK: passed

Build: http://10.245.162.77:8080/job/charm_unit_test/4135/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote : Posted in a previous version of this proposal

charm_amulet_test #4009 heat-next for macgreagoir mp258385
    AMULET FAIL: amulet-test missing

AMULET Results (max last 2 lines):
INFO:root:Search string not found in makefile target commands.
ERROR:root:No make target was executed.

Full amulet test output: http://paste.ubuntu.com/10997560/
Build: http://10.245.162.77:8080/job/charm_amulet_test/4009/

Revision history for this message
Ryan Beisner (1chb1n) wrote : Posted in a previous version of this proposal

Please see this example and adjust the proposed Makefile accordingly:
http://bazaar.launchpad.net/~openstack-charmers/charms/trusty/keystone/next/view/head:/Makefile#L12

You can take that section verbatim.

Thanks again!

review: Needs Fixing
Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote : Posted in a previous version of this proposal

charm_lint_check #4411 heat-next for macgreagoir mp258385
    LINT OK: passed

Build: http://10.245.162.77:8080/job/charm_lint_check/4411/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote : Posted in a previous version of this proposal

charm_unit_test #4136 heat-next for macgreagoir mp258385
    UNIT OK: passed

Build: http://10.245.162.77:8080/job/charm_unit_test/4136/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote : Posted in a previous version of this proposal

charm_amulet_test #4010 heat-next for macgreagoir mp258385
    AMULET OK: passed

Build: http://10.245.162.77:8080/job/charm_amulet_test/4010/

Revision history for this message
Ryan Beisner (1chb1n) wrote : Posted in a previous version of this proposal

Woot! FYI, full amulet output @ http://paste.ubuntu.com/10997892/

Revision history for this message
Ryan Beisner (1chb1n) wrote : Posted in a previous version of this proposal

I have work in progress about to land for heat amulet coverage, but if this MP lands first, that is ok. I'm happy to rebase and resolve any conflicts on my side.

However, if my stuff lands first, then this MP will likely have conflicts and the contributor will have to rework this MP a bit.

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote : Posted in a previous version of this proposal

charm_lint_check #7870 heat-next for macgreagoir mp258385
    LINT OK: passed

Build: http://10.245.162.77:8080/job/charm_lint_check/7870/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote : Posted in a previous version of this proposal

charm_unit_test #7291 heat-next for macgreagoir mp258385
    UNIT OK: passed

Build: http://10.245.162.77:8080/job/charm_unit_test/7291/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote : Posted in a previous version of this proposal

charm_amulet_test #5760 heat-next for macgreagoir mp258385
    AMULET FAIL: amulet-test failed

AMULET Results (max last 2 lines):
make: *** [functional_test] Error 1
ERROR:root:Make target returned non-zero.

Full amulet test output: http://paste.ubuntu.com/12057843/
Build: http://10.245.162.77:8080/job/charm_amulet_test/5760/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote :

charm_lint_check #13105 heat-next for macgreagoir mp276499
    LINT OK: passed

Build: http://10.245.162.77:8080/job/charm_lint_check/13105/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote :

charm_unit_test #12217 heat-next for macgreagoir mp276499
    UNIT OK: passed

Build: http://10.245.162.77:8080/job/charm_unit_test/12217/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote :

charm_amulet_test #7721 heat-next for macgreagoir mp276499
    AMULET OK: passed

Build: http://10.245.162.77:8080/job/charm_amulet_test/7721/

Revision history for this message
Ryan Beisner (1chb1n) wrote :

Thank you for your work on this.

I wonder if the heat.conf template file will need to be split by OpenStack release, so that instance_user is not rendered after Juno? I see that the option is still present as of the Kilo Heat docs, and that it has been dropped as of the Liberty Heat docs.

The amulet test for heat doesn't yet exercise Liberty, so we don't know the impact of using or not using this option at that version. I imagine it will handle it gracefully, but we should confirm.

Otherwise, these look like sound changes to me.

For reference:
http://docs.openstack.org/juno/config-reference/content/ch_configuring-openstack-orchestration.html

http://docs.openstack.org/kilo/config-reference/content/ch_configuring-openstack-orchestration.html

http://docs.openstack.org/liberty/config-reference/content/ch_configuring-openstack-orchestration.html

Revision history for this message
Liam Young (gnuoy) wrote :

Hi, thanks for the MP! I agree with Ryan, if the setting is not used for Juno and above can we either split the templates up into Openstack series specific folders as we have with the other openstack charms or change the context so that the instance_user is only added to the context if Openstack release < Juno and update the template to only add an instance_user setting if instance user variable is set

review: Needs Fixing
lp:~macgreagoir/charms/trusty/heat/instance_user updated
47. By Mick Gregg

Merged with next

48. By Mick Gregg

[macgreagoir] Moved instance_user heat.conf change to icehouse/ template; updated kilo/ template

Revision history for this message
Mick Gregg (macgreagoir) wrote :

The setting is still used up to Juno, and requires the 'instance_user=' option in heat.conf. I've added a template for icehouse and updated the kilo one, with both using the new config option.

Revision history for this message
Mick Gregg (macgreagoir) wrote :

> The setting is still used up to Juno, and requires the 'instance_user=' option
> in heat.conf. I've added a template for icehouse and updated the kilo one,
> with both using the new config option.

Correction: "still used up to Kilo", hence the kilo template update

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote :

charm_unit_test #13758 heat-next for macgreagoir mp276499
    UNIT OK: passed

Build: http://10.245.162.77:8080/job/charm_unit_test/13758/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote :

charm_lint_check #14755 heat-next for macgreagoir mp276499
    LINT OK: passed

Build: http://10.245.162.77:8080/job/charm_lint_check/14755/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote :

charm_amulet_test #8076 heat-next for macgreagoir mp276499
    AMULET FAIL: amulet-test failed

AMULET Results (max last 2 lines):
make: *** [functional_test] Error 1
ERROR:root:Make target returned non-zero.

Full amulet test output: http://paste.ubuntu.com/13629060/
Build: http://10.245.162.77:8080/job/charm_amulet_test/8076/

lp:~macgreagoir/charms/trusty/heat/instance_user updated
49. By Mick Gregg

Merge with next

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote :

charm_lint_check #16599 heat-next for macgreagoir mp276499
    LINT OK: passed

Build: http://10.245.162.77:8080/job/charm_lint_check/16599/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote :

charm_unit_test #15502 heat-next for macgreagoir mp276499
    UNIT OK: passed

Build: http://10.245.162.77:8080/job/charm_unit_test/15502/

Revision history for this message
uosci-testing-bot (uosci-testing-bot) wrote :

charm_amulet_test #8521 heat-next for macgreagoir mp276499
    AMULET OK: passed

Build: http://10.245.162.77:8080/job/charm_amulet_test/8521/

Revision history for this message
Liam Young (gnuoy) wrote :

Hi Mick,

Thanks for your work on this. approved

Liam

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'config.yaml'
2--- config.yaml 2015-11-16 09:14:33 +0000
3+++ config.yaml 2016-01-05 15:04:28 +0000
4@@ -40,6 +40,13 @@
5 default: heat
6 type: string
7 description: Database name
8+ instance-user:
9+ default:
10+ type: string
11+ description: |
12+ The default user for new instances. This option is deprecated as of Juno.
13+ If left empty, Heat will use the default user set up with your cloud
14+ image (for OS::Nova::Server) or 'ec2-user' (for AWS::EC2::Instance).
15 region:
16 default: RegionOne
17 type: string
18
19=== modified file 'hooks/heat_context.py'
20--- hooks/heat_context.py 2015-04-02 12:25:23 +0000
21+++ hooks/heat_context.py 2016-01-05 15:04:28 +0000
22@@ -96,3 +96,15 @@
23
24 external_ports = API_PORTS.values()
25 service_namespace = 'heat'
26+
27+
28+class InstanceUserContext(context.OSContextGenerator):
29+
30+ def __call__(self):
31+ ctxt = {}
32+
33+ instance_user = ''
34+ if config('instance-user'):
35+ instance_user = config('instance-user')
36+ ctxt['instance_user'] = instance_user
37+ return ctxt
38
39=== modified file 'hooks/heat_utils.py'
40--- hooks/heat_utils.py 2015-11-16 09:14:33 +0000
41+++ hooks/heat_utils.py 2016-01-05 15:04:28 +0000
42@@ -38,6 +38,7 @@
43 API_PORTS,
44 HeatIdentityServiceContext,
45 EncryptionContext,
46+ InstanceUserContext,
47 HeatApacheSSLContext,
48 HeatHAProxyContext,
49 )
50@@ -86,6 +87,7 @@
51 HeatIdentityServiceContext(service=SVC, service_user=SVC),
52 HeatHAProxyContext(),
53 EncryptionContext(),
54+ InstanceUserContext(),
55 context.SyslogContext(),
56 context.LogLevelContext(),
57 context.BindHostContext()]
58
59=== added directory 'templates/icehouse'
60=== added file 'templates/icehouse/heat.conf'
61--- templates/icehouse/heat.conf 1970-01-01 00:00:00 +0000
62+++ templates/icehouse/heat.conf 2016-01-05 15:04:28 +0000
63@@ -0,0 +1,79 @@
64+[DEFAULT]
65+use_syslog = {{ use_syslog }}
66+verbose = {{ verbose }}
67+debug = {{ debug }}
68+log_dir = /var/log/heat
69+# Icehouse expects 'instance_user=' to allow the image's default user
70+# Not including instance_user at all results in 'ec2-user' being used
71+instance_user={{ instance_user }}
72+instance_driver=heat.engine.nova
73+plugin_dirs=/usr/lib64/heat,/usr/lib/heat
74+environment_dir=/etc/heat/environment.d
75+deferred_auth_method=password
76+host=heat
77+auth_encryption_key={{ encryption_key }}
78+
79+{% if database_host -%}
80+# < Icehouse db config
81+sql_connection = {{ database_type }}://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
82+{% endif %}
83+
84+{% if rabbitmq_host or rabbitmq_hosts -%}
85+rabbit_userid = {{ rabbitmq_user }}
86+rabbit_virtual_host = {{ rabbitmq_virtual_host }}
87+rabbit_password = {{ rabbitmq_password }}
88+{% if rabbitmq_hosts -%}
89+rabbit_hosts = {{ rabbitmq_hosts }}
90+{% if rabbitmq_ha_queues -%}
91+rabbit_ha_queues = True
92+rabbit_durable_queues = False
93+{% endif -%}
94+{% else -%}
95+rabbit_host = {{ rabbitmq_host }}
96+{% endif -%}
97+{% if rabbit_ssl_port -%}
98+rabbit_use_ssl = True
99+rabbit_port = {{ rabbit_ssl_port }}
100+{% if rabbit_ssl_ca -%}
101+kombu_ssl_ca_certs = {{ rabbit_ssl_ca }}
102+{% endif -%}
103+{% endif -%}
104+{% endif %}
105+
106+{% if auth_host -%}
107+[keystone_authtoken]
108+auth_uri = {{ service_protocol }}://{{ service_host }}:{{ service_port }}/v2.0
109+auth_host = {{ auth_host }}
110+auth_port = {{ auth_port }}
111+auth_protocol = {{ auth_protocol }}
112+admin_tenant_name = {{ admin_tenant_name }}
113+admin_user = {{ admin_user }}
114+admin_password = {{ admin_password }}
115+signing_dir = {{ signing_dir }}
116+{% endif %}
117+
118+[ec2_authtoken]
119+auth_uri = {{service_protocol }}://{{ service_host }}:{{ service_port }}/v2.0
120+keystone_ec2_uri = {{service_protocol }}://{{ service_host }}:{{ service_port }}/v2.0/ec2tokens
121+
122+{% if database_host -%}
123+[database]
124+connection = {{ database_type }}://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
125+{% endif -%}
126+
127+[paste_deploy]
128+api_paste_config=/etc/heat/api-paste.ini
129+
130+[heat_api]
131+{% if api_listen_port -%}
132+bind_port={{ api_listen_port }}
133+{% else -%}
134+bind_port=8004
135+{% endif %}
136+
137+[heat_api_cfn]
138+{% if api_cfn_listen_port -%}
139+bind_port={{ api_cfn_listen_port }}
140+{% else -%}
141+bind_port=8000
142+{% endif %}
143
144=== modified file 'templates/kilo/heat.conf'
145--- templates/kilo/heat.conf 2015-10-30 10:53:01 +0000
146+++ templates/kilo/heat.conf 2016-01-05 15:04:28 +0000
147@@ -3,7 +3,7 @@
148 debug = False
149 verbose = False
150 log_dir = /var/log/heat
151-instance_user=ec2-user
152+instance_user={{ instance_user }}
153 instance_driver=heat.engine.nova
154 plugin_dirs=/usr/lib64/heat,/usr/lib/heat
155 environment_dir=/etc/heat/environment.d
156
157=== modified file 'unit_tests/test_heat_context.py'
158--- unit_tests/test_heat_context.py 2014-04-16 08:19:26 +0000
159+++ unit_tests/test_heat_context.py 2016-01-05 15:04:28 +0000
160@@ -4,7 +4,8 @@
161
162 TO_PATCH = [
163 'get_encryption_key',
164- 'generate_ec2_tokens'
165+ 'generate_ec2_tokens',
166+ 'config'
167 ]
168
169
170@@ -19,6 +20,12 @@
171 heat_context.EncryptionContext()(),
172 {'encryption_key': 'key'})
173
174+ def test_instance_user_empty_configuration(self):
175+ self.config.return_value = None
176+ self.assertEquals(
177+ heat_context.InstanceUserContext()(),
178+ {'instance_user': ''})
179+
180 @patch('charmhelpers.contrib.openstack.'
181 'context.IdentityServiceContext.__call__')
182 def test_identity_configuration(self, __call__):

Subscribers

People subscribed via source and target branches