Merge lp:~openstack-charmers/charms/precise/cinder/active-active into lp:~openstack-charmers-archive/charms/precise/cinder/trunk

Proposed by Edward Hope-Morley
Status: Work in progress
Proposed branch: lp:~openstack-charmers/charms/precise/cinder/active-active
Merge into: lp:~openstack-charmers-archive/charms/precise/cinder/trunk
Diff against target: 356 lines (+159/-33)
5 files modified
hooks/charmhelpers/contrib/hahelpers/apache.py (+9/-8)
hooks/charmhelpers/contrib/openstack/context.py (+68/-21)
hooks/charmhelpers/contrib/openstack/neutron.py (+14/-4)
hooks/cinder_hooks.py (+8/-0)
templates/grizzly/cinder.conf (+60/-0)
To merge this branch: bzr merge lp:~openstack-charmers/charms/precise/cinder/active-active
Reviewer Review Type Date Requested Status
OpenStack Charmers Pending
Review via email: mp+213043@code.launchpad.net
To post a comment you must log in.
48. By Edward Hope-Morley

[hopem] set charm-helpers.yaml to point to trunk and synced charm-helpers

Unmerged revisions

48. By Edward Hope-Morley

[hopem] set charm-helpers.yaml to point to trunk and synced charm-helpers

47. By Edward Hope-Morley

[hopem] synced charm-helpers

46. By Edward Hope-Morley

[hopem] updated from trunk

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== added symlink 'hooks/amqp-relation-departed'
2=== target is u'cinder_hooks.py'
3=== modified file 'hooks/charmhelpers/contrib/hahelpers/apache.py'
4--- hooks/charmhelpers/contrib/hahelpers/apache.py 2013-10-17 21:48:08 +0000
5+++ hooks/charmhelpers/contrib/hahelpers/apache.py 2014-03-28 10:00:55 +0000
6@@ -39,14 +39,15 @@
7
8
9 def get_ca_cert():
10- ca_cert = None
11- log("Inspecting identity-service relations for CA SSL certificate.",
12- level=INFO)
13- for r_id in relation_ids('identity-service'):
14- for unit in relation_list(r_id):
15- if not ca_cert:
16- ca_cert = relation_get('ca_cert',
17- rid=r_id, unit=unit)
18+ ca_cert = config_get('ssl_ca')
19+ if ca_cert is None:
20+ log("Inspecting identity-service relations for CA SSL certificate.",
21+ level=INFO)
22+ for r_id in relation_ids('identity-service'):
23+ for unit in relation_list(r_id):
24+ if ca_cert is None:
25+ ca_cert = relation_get('ca_cert',
26+ rid=r_id, unit=unit)
27 return ca_cert
28
29
30
31=== modified file 'hooks/charmhelpers/contrib/openstack/context.py'
32--- hooks/charmhelpers/contrib/openstack/context.py 2014-03-25 12:26:41 +0000
33+++ hooks/charmhelpers/contrib/openstack/context.py 2014-03-28 10:00:55 +0000
34@@ -1,5 +1,6 @@
35 import json
36 import os
37+import time
38
39 from base64 import b64decode
40
41@@ -113,7 +114,8 @@
42 class SharedDBContext(OSContextGenerator):
43 interfaces = ['shared-db']
44
45- def __init__(self, database=None, user=None, relation_prefix=None):
46+ def __init__(self,
47+ database=None, user=None, relation_prefix=None, ssl_dir=None):
48 '''
49 Allows inspecting relation for settings prefixed with relation_prefix.
50 This is useful for parsing access for multiple databases returned via
51@@ -122,6 +124,7 @@
52 self.relation_prefix = relation_prefix
53 self.database = database
54 self.user = user
55+ self.ssl_dir = ssl_dir
56
57 def __call__(self):
58 self.database = self.database or config('database')
59@@ -139,19 +142,44 @@
60
61 for rid in relation_ids('shared-db'):
62 for unit in related_units(rid):
63- passwd = relation_get(password_setting, rid=rid, unit=unit)
64+ rdata = relation_get(rid=rid, unit=unit)
65 ctxt = {
66- 'database_host': relation_get('db_host', rid=rid,
67- unit=unit),
68+ 'database_host': rdata.get('db_host'),
69 'database': self.database,
70 'database_user': self.user,
71- 'database_password': passwd,
72+ 'database_password': rdata.get(password_setting)
73 }
74 if context_complete(ctxt):
75+ db_ssl(rdata, ctxt, self.ssl_dir)
76 return ctxt
77 return {}
78
79
80+def db_ssl(rdata, ctxt, ssl_dir):
81+ if 'ssl_ca' in rdata and ssl_dir:
82+ ca_path = os.path.join(ssl_dir, 'db-client.ca')
83+ with open(ca_path, 'w') as fh:
84+ fh.write(b64decode(rdata['ssl_ca']))
85+ ctxt['database_ssl_ca'] = ca_path
86+ elif 'ssl_ca' in rdata:
87+ log("Charm not setup for ssl support but ssl ca found")
88+ return ctxt
89+ if 'ssl_cert' in rdata:
90+ cert_path = os.path.join(
91+ ssl_dir, 'db-client.cert')
92+ if not os.path.exists(cert_path):
93+ log("Waiting 1m for ssl client cert validity")
94+ time.sleep(60)
95+ with open(cert_path, 'w') as fh:
96+ fh.write(b64decode(rdata['ssl_cert']))
97+ ctxt['database_ssl_cert'] = cert_path
98+ key_path = os.path.join(ssl_dir, 'db-client.key')
99+ with open(key_path, 'w') as fh:
100+ fh.write(b64decode(rdata['ssl_key']))
101+ ctxt['database_ssl_key'] = key_path
102+ return ctxt
103+
104+
105 class IdentityServiceContext(OSContextGenerator):
106 interfaces = ['identity-service']
107
108@@ -161,22 +189,19 @@
109
110 for rid in relation_ids('identity-service'):
111 for unit in related_units(rid):
112+ rdata = relation_get(rid=rid, unit=unit)
113 ctxt = {
114- 'service_port': relation_get('service_port', rid=rid,
115- unit=unit),
116- 'service_host': relation_get('service_host', rid=rid,
117- unit=unit),
118- 'auth_host': relation_get('auth_host', rid=rid, unit=unit),
119- 'auth_port': relation_get('auth_port', rid=rid, unit=unit),
120- 'admin_tenant_name': relation_get('service_tenant',
121- rid=rid, unit=unit),
122- 'admin_user': relation_get('service_username', rid=rid,
123- unit=unit),
124- 'admin_password': relation_get('service_password', rid=rid,
125- unit=unit),
126- # XXX: Hard-coded http.
127- 'service_protocol': 'http',
128- 'auth_protocol': 'http',
129+ 'service_port': rdata.get('service_port'),
130+ 'service_host': rdata.get('service_host'),
131+ 'auth_host': rdata.get('auth_host'),
132+ 'auth_port': rdata.get('auth_port'),
133+ 'admin_tenant_name': rdata.get('service_tenant'),
134+ 'admin_user': rdata.get('service_username'),
135+ 'admin_password': rdata.get('service_password'),
136+ 'service_protocol':
137+ rdata.get('service_protocol') or 'http',
138+ 'auth_protocol':
139+ rdata.get('auth_protocol') or 'http',
140 }
141 if context_complete(ctxt):
142 return ctxt
143@@ -186,6 +211,9 @@
144 class AMQPContext(OSContextGenerator):
145 interfaces = ['amqp']
146
147+ def __init__(self, ssl_dir=None):
148+ self.ssl_dir = ssl_dir
149+
150 def __call__(self):
151 log('Generating template context for amqp')
152 conf = config()
153@@ -196,7 +224,6 @@
154 log('Could not generate shared_db context. '
155 'Missing required charm config options: %s.' % e)
156 raise OSContextError
157-
158 ctxt = {}
159 for rid in relation_ids('amqp'):
160 ha_vip_only = False
161@@ -214,6 +241,14 @@
162 unit=unit),
163 'rabbitmq_virtual_host': vhost,
164 })
165+
166+ ssl_port = relation_get('ssl_port', rid=rid, unit=unit)
167+ if ssl_port:
168+ ctxt['rabbit_ssl_port'] = ssl_port
169+ ssl_ca = relation_get('ssl_ca', rid=rid, unit=unit)
170+ if ssl_ca:
171+ ctxt['rabbit_ssl_ca'] = ssl_ca
172+
173 if relation_get('ha_queues', rid=rid, unit=unit) is not None:
174 ctxt['rabbitmq_ha_queues'] = True
175
176@@ -221,6 +256,16 @@
177 rid=rid, unit=unit) is not None
178
179 if context_complete(ctxt):
180+ if 'rabbit_ssl_ca' in ctxt:
181+ if not self.ssl_dir:
182+ log(("Charm not setup for ssl support "
183+ "but ssl ca found"))
184+ break
185+ ca_path = os.path.join(
186+ self.ssl_dir, 'rabbit-client-ca.pem')
187+ with open(ca_path, 'w') as fh:
188+ fh.write(b64decode(ctxt['rabbit_ssl_ca']))
189+ ctxt['rabbit_ssl_ca'] = ca_path
190 # Sufficient information found = break out!
191 break
192 # Used for active/active rabbitmq >= grizzly
193@@ -391,6 +436,8 @@
194 'private_address': unit_get('private-address'),
195 'endpoints': []
196 }
197+ if is_clustered():
198+ ctxt['private_address'] = config('vip')
199 for api_port in self.external_ports:
200 ext_port = determine_apache_port(api_port)
201 int_port = determine_api_port(api_port)
202
203=== modified file 'hooks/charmhelpers/contrib/openstack/neutron.py'
204--- hooks/charmhelpers/contrib/openstack/neutron.py 2014-03-25 12:26:41 +0000
205+++ hooks/charmhelpers/contrib/openstack/neutron.py 2014-03-28 10:00:55 +0000
206@@ -17,6 +17,8 @@
207 kver = check_output(['uname', '-r']).strip()
208 return 'linux-headers-%s' % kver
209
210+QUANTUM_CONF_DIR = '/etc/quantum'
211+
212
213 def kernel_version():
214 """ Retrieve the current major kernel version as a tuple e.g. (3, 13) """
215@@ -35,6 +37,8 @@
216
217
218 # legacy
219+
220+
221 def quantum_plugins():
222 from charmhelpers.contrib.openstack import context
223 return {
224@@ -46,7 +50,8 @@
225 'contexts': [
226 context.SharedDBContext(user=config('neutron-database-user'),
227 database=config('neutron-database'),
228- relation_prefix='neutron')],
229+ relation_prefix='neutron',
230+ ssl_dir=QUANTUM_CONF_DIR)],
231 'services': ['quantum-plugin-openvswitch-agent'],
232 'packages': [[headers_package()] + determine_dkms_package(),
233 ['quantum-plugin-openvswitch-agent']],
234@@ -61,7 +66,8 @@
235 'contexts': [
236 context.SharedDBContext(user=config('neutron-database-user'),
237 database=config('neutron-database'),
238- relation_prefix='neutron')],
239+ relation_prefix='neutron',
240+ ssl_dir=QUANTUM_CONF_DIR)],
241 'services': [],
242 'packages': [],
243 'server_packages': ['quantum-server',
244@@ -70,6 +76,8 @@
245 }
246 }
247
248+NEUTRON_CONF_DIR = '/etc/neutron'
249+
250
251 def neutron_plugins():
252 from charmhelpers.contrib.openstack import context
253@@ -83,7 +91,8 @@
254 'contexts': [
255 context.SharedDBContext(user=config('neutron-database-user'),
256 database=config('neutron-database'),
257- relation_prefix='neutron')],
258+ relation_prefix='neutron',
259+ ssl_dir=NEUTRON_CONF_DIR)],
260 'services': ['neutron-plugin-openvswitch-agent'],
261 'packages': [[headers_package()] + determine_dkms_package(),
262 ['neutron-plugin-openvswitch-agent']],
263@@ -98,7 +107,8 @@
264 'contexts': [
265 context.SharedDBContext(user=config('neutron-database-user'),
266 database=config('neutron-database'),
267- relation_prefix='neutron')],
268+ relation_prefix='neutron',
269+ ssl_dir=NEUTRON_CONF_DIR)],
270 'services': [],
271 'packages': [],
272 'server_packages': ['neutron-server',
273
274=== modified file 'hooks/cinder_hooks.py'
275--- hooks/cinder_hooks.py 2014-03-13 15:50:49 +0000
276+++ hooks/cinder_hooks.py 2014-03-28 10:00:55 +0000
277@@ -122,6 +122,14 @@
278 return
279 CONFIGS.write(CINDER_CONF)
280
281+@hooks.hook('amqp-relation-departed')
282+@restart_on_change(restart_map())
283+def amqp_departed():
284+ if 'amqp' not in CONFIGS.complete_contexts():
285+ juju_log('amqp relation incomplete. Peer not ready?')
286+ return
287+ CONFIGS.write(CINDER_CONF)
288+
289
290 @hooks.hook('identity-service-relation-joined')
291 def identity_joined(rid=None):
292
293=== added file 'templates/grizzly/cinder.conf'
294--- templates/grizzly/cinder.conf 1970-01-01 00:00:00 +0000
295+++ templates/grizzly/cinder.conf 2014-03-28 10:00:55 +0000
296@@ -0,0 +1,60 @@
297+###############################################################################
298+# [ WARNING ]
299+# cinder configuration file maintained by Juju
300+# local changes may be overwritten.
301+###############################################################################
302+[DEFAULT]
303+rootwrap_config = /etc/cinder/rootwrap.conf
304+api_paste_confg = /etc/cinder/api-paste.ini
305+iscsi_helper = tgtadm
306+volume_name_template = volume-%s
307+volume_group = cinder-volumes
308+verbose = True
309+use_syslog = {{ use_syslog }}
310+auth_strategy = keystone
311+state_path = /var/lib/cinder
312+lock_path = /var/lock/cinder
313+volumes_dir = /var/lib/cinder/volumes
314+{% if database_host -%}
315+sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}
316+{% endif -%}
317+{% if rabbitmq_host or rabbitmq_hosts -%}
318+notification_driver = cinder.openstack.common.notifier.rabbit_notifier
319+control_exchange = cinder
320+rabbit_userid = {{ rabbitmq_user }}
321+rabbit_password = {{ rabbitmq_password }}
322+rabbit_virtual_host = {{ rabbitmq_virtual_host }}
323+{% if rabbitmq_hosts -%}
324+rabbit_hosts = {{ rabbitmq_hosts }}
325+{% if rabbitmq_ha_queues -%}
326+rabbit_ha_queues = true
327+rabbit_durable_queues = false
328+{% endif %}
329+{% else %}
330+rabbit_host = {{ rabbitmq_host }}
331+{% endif -%}
332+{% endif -%}
333+{% if volume_driver -%}
334+volume_driver = {{ volume_driver }}
335+{% endif -%}
336+{% if rbd_pool -%}
337+rbd_pool = {{ rbd_pool }}
338+host = {{ host }}
339+rbd_user = {{ rbd_user }}
340+{% endif -%}
341+{% if osapi_volume_listen_port -%}
342+osapi_volume_listen_port = {{ osapi_volume_listen_port }}
343+{% endif -%}
344+{% if glance_api_servers -%}
345+glance_api_servers = {{ glance_api_servers }}
346+{% endif -%}
347+{% if glance_api_version -%}
348+glance_api_version = {{ glance_api_version }}
349+{% endif -%}
350+
351+{% if user_config_flags -%}
352+{% for key, value in user_config_flags.iteritems() -%}
353+{{ key }} = {{ value }}
354+{% endfor -%}
355+{% endif -%}
356+

Subscribers

People subscribed via source and target branches

to all changes: