Merge lp:~openstack-charmers/charms/precise/openstack-dashboard/python-redux into lp:~charmers/charms/precise/openstack-dashboard/trunk
- Precise Pangolin (12.04)
- python-redux
- Merge into trunk
Proposed by
Adam Gandelman
Status: | Merged |
---|---|
Merged at revision: | 21 |
Proposed branch: | lp:~openstack-charmers/charms/precise/openstack-dashboard/python-redux |
Merge into: | lp:~charmers/charms/precise/openstack-dashboard/trunk |
Diff against target: |
5962 lines (+4627/-1060) 43 files modified
.bzrignore (+1/-0) .coveragerc (+6/-0) Makefile (+14/-0) README.md (+68/-0) charm-helpers-sync.yaml (+8/-0) config.yaml (+3/-0) hooks/charmhelpers/contrib/hahelpers/apache.py (+58/-0) hooks/charmhelpers/contrib/hahelpers/cluster.py (+183/-0) hooks/charmhelpers/contrib/openstack/context.py (+522/-0) hooks/charmhelpers/contrib/openstack/neutron.py (+117/-0) hooks/charmhelpers/contrib/openstack/templates/__init__.py (+2/-0) hooks/charmhelpers/contrib/openstack/templating.py (+280/-0) hooks/charmhelpers/contrib/openstack/utils.py (+365/-0) hooks/charmhelpers/core/hookenv.py (+340/-0) hooks/charmhelpers/core/host.py (+241/-0) hooks/charmhelpers/fetch/__init__.py (+209/-0) hooks/charmhelpers/fetch/archiveurl.py (+48/-0) hooks/charmhelpers/fetch/bzrurl.py (+49/-0) hooks/charmhelpers/payload/__init__.py (+1/-0) hooks/charmhelpers/payload/execd.py (+50/-0) hooks/horizon-common (+0/-97) hooks/horizon-relations (+0/-191) hooks/horizon_contexts.py (+118/-0) hooks/horizon_hooks.py (+149/-0) hooks/horizon_utils.py (+144/-0) hooks/lib/openstack-common (+0/-769) metadata.yaml (+5/-3) setup.cfg (+5/-0) templates/default (+32/-0) templates/default-ssl (+50/-0) templates/essex/local_settings.py (+120/-0) templates/essex/openstack-dashboard.conf (+7/-0) templates/folsom/local_settings.py (+165/-0) templates/grizzly/local_settings.py (+221/-0) templates/haproxy.cfg (+37/-0) templates/havana/local_settings.py (+425/-0) templates/havana/openstack-dashboard.conf (+8/-0) templates/ports.conf (+9/-0) unit_tests/__init__.py (+2/-0) unit_tests/test_horizon_contexts.py (+176/-0) unit_tests/test_horizon_hooks.py (+178/-0) unit_tests/test_horizon_utils.py (+114/-0) unit_tests/test_utils.py (+97/-0) |
To merge this branch: | bzr merge lp:~openstack-charmers/charms/precise/openstack-dashboard/python-redux |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Adam Gandelman (community) | Needs Fixing | ||
Review via email: mp+191085@code.launchpad.net |
Commit message
Description of the change
Update of all Havana / Saucy / python-redux work:
* Full python rewrite using new OpenStack charm-helpers.
* Test coverage
* Havana support
To post a comment you must log in.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === added file '.bzrignore' |
2 | --- .bzrignore 1970-01-01 00:00:00 +0000 |
3 | +++ .bzrignore 2013-10-15 14:11:37 +0000 |
4 | @@ -0,0 +1,1 @@ |
5 | +.coverage |
6 | |
7 | === added file '.coveragerc' |
8 | --- .coveragerc 1970-01-01 00:00:00 +0000 |
9 | +++ .coveragerc 2013-10-15 14:11:37 +0000 |
10 | @@ -0,0 +1,6 @@ |
11 | +[report] |
12 | +# Regexes for lines to exclude from consideration |
13 | +exclude_lines = |
14 | + if __name__ == .__main__.: |
15 | +include= |
16 | + hooks/horizon_* |
17 | |
18 | === added file 'Makefile' |
19 | --- Makefile 1970-01-01 00:00:00 +0000 |
20 | +++ Makefile 2013-10-15 14:11:37 +0000 |
21 | @@ -0,0 +1,14 @@ |
22 | +#!/usr/bin/make |
23 | +PYTHON := /usr/bin/env python |
24 | + |
25 | +lint: |
26 | + @flake8 --exclude hooks/charmhelpers hooks |
27 | + @flake8 --exclude hooks/charmhelpers unit_tests |
28 | + @charm proof |
29 | + |
30 | +test: |
31 | + @echo Starting tests... |
32 | + @$(PYTHON) /usr/bin/nosetests --nologcapture unit_tests |
33 | + |
34 | +sync: |
35 | + @charm-helper-sync -c charm-helpers-sync.yaml |
36 | |
37 | === added file 'README.md' |
38 | --- README.md 1970-01-01 00:00:00 +0000 |
39 | +++ README.md 2013-10-15 14:11:37 +0000 |
40 | @@ -0,0 +1,68 @@ |
41 | +Overview |
42 | +======== |
43 | + |
44 | +The OpenStack Dashboard provides a Django based web interface for use by both |
45 | +administrators and users of an OpenStack Cloud. |
46 | + |
47 | +It allows you to manage Nova, Glance, Cinder and Neutron resources within the |
48 | +cloud. |
49 | + |
50 | +Usage |
51 | +===== |
52 | + |
53 | +The OpenStack Dashboard is deployed and related to keystone: |
54 | + |
55 | + juju deploy openstack-dashboard |
56 | + juju add-unit openstack-dashboard keystone |
57 | + |
58 | +The dashboard will use keystone for user authentication and authorization and |
59 | +to interact with the catalog of services within the cloud. |
60 | + |
61 | +The dashboard is accessible on: |
62 | + |
63 | + http(s)://service_unit_address/horizon |
64 | + |
65 | +At a minimum, the cloud must provide Glance and Nova services. |
66 | + |
67 | +SSL configuration |
68 | +================= |
69 | + |
70 | +To fully secure your dashboard services, you can provide a SSL key and |
71 | +certificate for installation and configuration. These are provided as |
72 | +base64 encoded configuration options:: |
73 | + |
74 | + juju set openstack-dashboard ssl_key="$(base64 my.key)" \ |
75 | + ssl_cert="$(base64 my.cert)" |
76 | + |
77 | +The service will be reconfigured to use the supplied information. |
78 | + |
79 | +High Availability |
80 | +================= |
81 | + |
82 | +The OpenStack Dashboard charm supports HA in-conjunction with the hacluster |
83 | +charm: |
84 | + |
85 | + juju deploy hacluster dashboard-hacluster |
86 | + juju set openstack-dashboard vip="192.168.1.200" |
87 | + juju add-relation openstack-dashboard dashboard-hacluster |
88 | + juju add-unit -n 2 openstack-dashboard |
89 | + |
90 | +After addition of the extra 2 units completes, the dashboard will be |
91 | +accessible on 192.168.1.200 with full load-balancing across all three units. |
92 | + |
93 | +Please refer to the charm configuration for full details on all HA config |
94 | +options. |
95 | + |
96 | + |
97 | +Use with a Load Balancing Proxy |
98 | +=============================== |
99 | + |
100 | +Instead of deploying with the hacluster charm for load balancing, its possible |
101 | +to also deploy the dashboard with load balancing proxy such as HAProxy: |
102 | + |
103 | + juju deploy haproxy |
104 | + juju add-relation haproxy openstack-dashboard |
105 | + juju add-unit -n 2 openstack-dashboard |
106 | + |
107 | +This option potentially provides better scale-out than using the charm in |
108 | +conjunction with the hacluster charm. |
109 | |
110 | === added file 'charm-helpers-sync.yaml' |
111 | --- charm-helpers-sync.yaml 1970-01-01 00:00:00 +0000 |
112 | +++ charm-helpers-sync.yaml 2013-10-15 14:11:37 +0000 |
113 | @@ -0,0 +1,8 @@ |
114 | +branch: lp:charm-helpers |
115 | +destination: hooks/charmhelpers |
116 | +include: |
117 | + - core |
118 | + - fetch |
119 | + - contrib.openstack |
120 | + - contrib.hahelpers |
121 | + - payload.execd |
122 | |
123 | === modified file 'config.yaml' |
124 | --- config.yaml 2013-03-22 11:23:33 +0000 |
125 | +++ config.yaml 2013-10-15 14:11:37 +0000 |
126 | @@ -78,3 +78,6 @@ |
127 | type: string |
128 | default: "yes" |
129 | description: Use Ubuntu theme for the dashboard. |
130 | + secret: |
131 | + type: string |
132 | + descriptions: Secret for Horizon to use when securing internal data; set this when using multiple dashboard units. |
133 | |
134 | === added file 'hooks/__init__.py' |
135 | === added directory 'hooks/charmhelpers' |
136 | === added file 'hooks/charmhelpers/__init__.py' |
137 | === added directory 'hooks/charmhelpers/contrib' |
138 | === added file 'hooks/charmhelpers/contrib/__init__.py' |
139 | === added directory 'hooks/charmhelpers/contrib/hahelpers' |
140 | === added file 'hooks/charmhelpers/contrib/hahelpers/__init__.py' |
141 | === added file 'hooks/charmhelpers/contrib/hahelpers/apache.py' |
142 | --- hooks/charmhelpers/contrib/hahelpers/apache.py 1970-01-01 00:00:00 +0000 |
143 | +++ hooks/charmhelpers/contrib/hahelpers/apache.py 2013-10-15 14:11:37 +0000 |
144 | @@ -0,0 +1,58 @@ |
145 | +# |
146 | +# Copyright 2012 Canonical Ltd. |
147 | +# |
148 | +# This file is sourced from lp:openstack-charm-helpers |
149 | +# |
150 | +# Authors: |
151 | +# James Page <james.page@ubuntu.com> |
152 | +# Adam Gandelman <adamg@ubuntu.com> |
153 | +# |
154 | + |
155 | +import subprocess |
156 | + |
157 | +from charmhelpers.core.hookenv import ( |
158 | + config as config_get, |
159 | + relation_get, |
160 | + relation_ids, |
161 | + related_units as relation_list, |
162 | + log, |
163 | + INFO, |
164 | +) |
165 | + |
166 | + |
167 | +def get_cert(): |
168 | + cert = config_get('ssl_cert') |
169 | + key = config_get('ssl_key') |
170 | + if not (cert and key): |
171 | + log("Inspecting identity-service relations for SSL certificate.", |
172 | + level=INFO) |
173 | + cert = key = None |
174 | + for r_id in relation_ids('identity-service'): |
175 | + for unit in relation_list(r_id): |
176 | + if not cert: |
177 | + cert = relation_get('ssl_cert', |
178 | + rid=r_id, unit=unit) |
179 | + if not key: |
180 | + key = relation_get('ssl_key', |
181 | + rid=r_id, unit=unit) |
182 | + return (cert, key) |
183 | + |
184 | + |
185 | +def get_ca_cert(): |
186 | + ca_cert = None |
187 | + log("Inspecting identity-service relations for CA SSL certificate.", |
188 | + level=INFO) |
189 | + for r_id in relation_ids('identity-service'): |
190 | + for unit in relation_list(r_id): |
191 | + if not ca_cert: |
192 | + ca_cert = relation_get('ca_cert', |
193 | + rid=r_id, unit=unit) |
194 | + return ca_cert |
195 | + |
196 | + |
197 | +def install_ca_cert(ca_cert): |
198 | + if ca_cert: |
199 | + with open('/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt', |
200 | + 'w') as crt: |
201 | + crt.write(ca_cert) |
202 | + subprocess.check_call(['update-ca-certificates', '--fresh']) |
203 | |
204 | === added file 'hooks/charmhelpers/contrib/hahelpers/cluster.py' |
205 | --- hooks/charmhelpers/contrib/hahelpers/cluster.py 1970-01-01 00:00:00 +0000 |
206 | +++ hooks/charmhelpers/contrib/hahelpers/cluster.py 2013-10-15 14:11:37 +0000 |
207 | @@ -0,0 +1,183 @@ |
208 | +# |
209 | +# Copyright 2012 Canonical Ltd. |
210 | +# |
211 | +# Authors: |
212 | +# James Page <james.page@ubuntu.com> |
213 | +# Adam Gandelman <adamg@ubuntu.com> |
214 | +# |
215 | + |
216 | +import subprocess |
217 | +import os |
218 | + |
219 | +from socket import gethostname as get_unit_hostname |
220 | + |
221 | +from charmhelpers.core.hookenv import ( |
222 | + log, |
223 | + relation_ids, |
224 | + related_units as relation_list, |
225 | + relation_get, |
226 | + config as config_get, |
227 | + INFO, |
228 | + ERROR, |
229 | + unit_get, |
230 | +) |
231 | + |
232 | + |
233 | +class HAIncompleteConfig(Exception): |
234 | + pass |
235 | + |
236 | + |
237 | +def is_clustered(): |
238 | + for r_id in (relation_ids('ha') or []): |
239 | + for unit in (relation_list(r_id) or []): |
240 | + clustered = relation_get('clustered', |
241 | + rid=r_id, |
242 | + unit=unit) |
243 | + if clustered: |
244 | + return True |
245 | + return False |
246 | + |
247 | + |
248 | +def is_leader(resource): |
249 | + cmd = [ |
250 | + "crm", "resource", |
251 | + "show", resource |
252 | + ] |
253 | + try: |
254 | + status = subprocess.check_output(cmd) |
255 | + except subprocess.CalledProcessError: |
256 | + return False |
257 | + else: |
258 | + if get_unit_hostname() in status: |
259 | + return True |
260 | + else: |
261 | + return False |
262 | + |
263 | + |
264 | +def peer_units(): |
265 | + peers = [] |
266 | + for r_id in (relation_ids('cluster') or []): |
267 | + for unit in (relation_list(r_id) or []): |
268 | + peers.append(unit) |
269 | + return peers |
270 | + |
271 | + |
272 | +def oldest_peer(peers): |
273 | + local_unit_no = int(os.getenv('JUJU_UNIT_NAME').split('/')[1]) |
274 | + for peer in peers: |
275 | + remote_unit_no = int(peer.split('/')[1]) |
276 | + if remote_unit_no < local_unit_no: |
277 | + return False |
278 | + return True |
279 | + |
280 | + |
281 | +def eligible_leader(resource): |
282 | + if is_clustered(): |
283 | + if not is_leader(resource): |
284 | + log('Deferring action to CRM leader.', level=INFO) |
285 | + return False |
286 | + else: |
287 | + peers = peer_units() |
288 | + if peers and not oldest_peer(peers): |
289 | + log('Deferring action to oldest service unit.', level=INFO) |
290 | + return False |
291 | + return True |
292 | + |
293 | + |
294 | +def https(): |
295 | + ''' |
296 | + Determines whether enough data has been provided in configuration |
297 | + or relation data to configure HTTPS |
298 | + . |
299 | + returns: boolean |
300 | + ''' |
301 | + if config_get('use-https') == "yes": |
302 | + return True |
303 | + if config_get('ssl_cert') and config_get('ssl_key'): |
304 | + return True |
305 | + for r_id in relation_ids('identity-service'): |
306 | + for unit in relation_list(r_id): |
307 | + rel_state = [ |
308 | + relation_get('https_keystone', rid=r_id, unit=unit), |
309 | + relation_get('ssl_cert', rid=r_id, unit=unit), |
310 | + relation_get('ssl_key', rid=r_id, unit=unit), |
311 | + relation_get('ca_cert', rid=r_id, unit=unit), |
312 | + ] |
313 | + # NOTE: works around (LP: #1203241) |
314 | + if (None not in rel_state) and ('' not in rel_state): |
315 | + return True |
316 | + return False |
317 | + |
318 | + |
319 | +def determine_api_port(public_port): |
320 | + ''' |
321 | + Determine correct API server listening port based on |
322 | + existence of HTTPS reverse proxy and/or haproxy. |
323 | + |
324 | + public_port: int: standard public port for given service |
325 | + |
326 | + returns: int: the correct listening port for the API service |
327 | + ''' |
328 | + i = 0 |
329 | + if len(peer_units()) > 0 or is_clustered(): |
330 | + i += 1 |
331 | + if https(): |
332 | + i += 1 |
333 | + return public_port - (i * 10) |
334 | + |
335 | + |
336 | +def determine_haproxy_port(public_port): |
337 | + ''' |
338 | + Description: Determine correct proxy listening port based on public IP + |
339 | + existence of HTTPS reverse proxy. |
340 | + |
341 | + public_port: int: standard public port for given service |
342 | + |
343 | + returns: int: the correct listening port for the HAProxy service |
344 | + ''' |
345 | + i = 0 |
346 | + if https(): |
347 | + i += 1 |
348 | + return public_port - (i * 10) |
349 | + |
350 | + |
351 | +def get_hacluster_config(): |
352 | + ''' |
353 | + Obtains all relevant configuration from charm configuration required |
354 | + for initiating a relation to hacluster: |
355 | + |
356 | + ha-bindiface, ha-mcastport, vip, vip_iface, vip_cidr |
357 | + |
358 | + returns: dict: A dict containing settings keyed by setting name. |
359 | + raises: HAIncompleteConfig if settings are missing. |
360 | + ''' |
361 | + settings = ['ha-bindiface', 'ha-mcastport', 'vip', 'vip_iface', 'vip_cidr'] |
362 | + conf = {} |
363 | + for setting in settings: |
364 | + conf[setting] = config_get(setting) |
365 | + missing = [] |
366 | + [missing.append(s) for s, v in conf.iteritems() if v is None] |
367 | + if missing: |
368 | + log('Insufficient config data to configure hacluster.', level=ERROR) |
369 | + raise HAIncompleteConfig |
370 | + return conf |
371 | + |
372 | + |
373 | +def canonical_url(configs, vip_setting='vip'): |
374 | + ''' |
375 | + Returns the correct HTTP URL to this host given the state of HTTPS |
376 | + configuration and hacluster. |
377 | + |
378 | + :configs : OSTemplateRenderer: A config tempating object to inspect for |
379 | + a complete https context. |
380 | + :vip_setting: str: Setting in charm config that specifies |
381 | + VIP address. |
382 | + ''' |
383 | + scheme = 'http' |
384 | + if 'https' in configs.complete_contexts(): |
385 | + scheme = 'https' |
386 | + if is_clustered(): |
387 | + addr = config_get(vip_setting) |
388 | + else: |
389 | + addr = unit_get('private-address') |
390 | + return '%s://%s' % (scheme, addr) |
391 | |
392 | === added directory 'hooks/charmhelpers/contrib/openstack' |
393 | === added file 'hooks/charmhelpers/contrib/openstack/__init__.py' |
394 | === added file 'hooks/charmhelpers/contrib/openstack/context.py' |
395 | --- hooks/charmhelpers/contrib/openstack/context.py 1970-01-01 00:00:00 +0000 |
396 | +++ hooks/charmhelpers/contrib/openstack/context.py 2013-10-15 14:11:37 +0000 |
397 | @@ -0,0 +1,522 @@ |
398 | +import json |
399 | +import os |
400 | + |
401 | +from base64 import b64decode |
402 | + |
403 | +from subprocess import ( |
404 | + check_call |
405 | +) |
406 | + |
407 | + |
408 | +from charmhelpers.fetch import ( |
409 | + apt_install, |
410 | + filter_installed_packages, |
411 | +) |
412 | + |
413 | +from charmhelpers.core.hookenv import ( |
414 | + config, |
415 | + local_unit, |
416 | + log, |
417 | + relation_get, |
418 | + relation_ids, |
419 | + related_units, |
420 | + unit_get, |
421 | + unit_private_ip, |
422 | + ERROR, |
423 | + WARNING, |
424 | +) |
425 | + |
426 | +from charmhelpers.contrib.hahelpers.cluster import ( |
427 | + determine_api_port, |
428 | + determine_haproxy_port, |
429 | + https, |
430 | + is_clustered, |
431 | + peer_units, |
432 | +) |
433 | + |
434 | +from charmhelpers.contrib.hahelpers.apache import ( |
435 | + get_cert, |
436 | + get_ca_cert, |
437 | +) |
438 | + |
439 | +from charmhelpers.contrib.openstack.neutron import ( |
440 | + neutron_plugin_attribute, |
441 | +) |
442 | + |
443 | +CA_CERT_PATH = '/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt' |
444 | + |
445 | + |
446 | +class OSContextError(Exception): |
447 | + pass |
448 | + |
449 | + |
450 | +def ensure_packages(packages): |
451 | + '''Install but do not upgrade required plugin packages''' |
452 | + required = filter_installed_packages(packages) |
453 | + if required: |
454 | + apt_install(required, fatal=True) |
455 | + |
456 | + |
457 | +def context_complete(ctxt): |
458 | + _missing = [] |
459 | + for k, v in ctxt.iteritems(): |
460 | + if v is None or v == '': |
461 | + _missing.append(k) |
462 | + if _missing: |
463 | + log('Missing required data: %s' % ' '.join(_missing), level='INFO') |
464 | + return False |
465 | + return True |
466 | + |
467 | + |
468 | +class OSContextGenerator(object): |
469 | + interfaces = [] |
470 | + |
471 | + def __call__(self): |
472 | + raise NotImplementedError |
473 | + |
474 | + |
475 | +class SharedDBContext(OSContextGenerator): |
476 | + interfaces = ['shared-db'] |
477 | + |
478 | + def __init__(self, database=None, user=None, relation_prefix=None): |
479 | + ''' |
480 | + Allows inspecting relation for settings prefixed with relation_prefix. |
481 | + This is useful for parsing access for multiple databases returned via |
482 | + the shared-db interface (eg, nova_password, quantum_password) |
483 | + ''' |
484 | + self.relation_prefix = relation_prefix |
485 | + self.database = database |
486 | + self.user = user |
487 | + |
488 | + def __call__(self): |
489 | + self.database = self.database or config('database') |
490 | + self.user = self.user or config('database-user') |
491 | + if None in [self.database, self.user]: |
492 | + log('Could not generate shared_db context. ' |
493 | + 'Missing required charm config options. ' |
494 | + '(database name and user)') |
495 | + raise OSContextError |
496 | + ctxt = {} |
497 | + |
498 | + password_setting = 'password' |
499 | + if self.relation_prefix: |
500 | + password_setting = self.relation_prefix + '_password' |
501 | + |
502 | + for rid in relation_ids('shared-db'): |
503 | + for unit in related_units(rid): |
504 | + passwd = relation_get(password_setting, rid=rid, unit=unit) |
505 | + ctxt = { |
506 | + 'database_host': relation_get('db_host', rid=rid, |
507 | + unit=unit), |
508 | + 'database': self.database, |
509 | + 'database_user': self.user, |
510 | + 'database_password': passwd, |
511 | + } |
512 | + if context_complete(ctxt): |
513 | + return ctxt |
514 | + return {} |
515 | + |
516 | + |
517 | +class IdentityServiceContext(OSContextGenerator): |
518 | + interfaces = ['identity-service'] |
519 | + |
520 | + def __call__(self): |
521 | + log('Generating template context for identity-service') |
522 | + ctxt = {} |
523 | + |
524 | + for rid in relation_ids('identity-service'): |
525 | + for unit in related_units(rid): |
526 | + ctxt = { |
527 | + 'service_port': relation_get('service_port', rid=rid, |
528 | + unit=unit), |
529 | + 'service_host': relation_get('service_host', rid=rid, |
530 | + unit=unit), |
531 | + 'auth_host': relation_get('auth_host', rid=rid, unit=unit), |
532 | + 'auth_port': relation_get('auth_port', rid=rid, unit=unit), |
533 | + 'admin_tenant_name': relation_get('service_tenant', |
534 | + rid=rid, unit=unit), |
535 | + 'admin_user': relation_get('service_username', rid=rid, |
536 | + unit=unit), |
537 | + 'admin_password': relation_get('service_password', rid=rid, |
538 | + unit=unit), |
539 | + # XXX: Hard-coded http. |
540 | + 'service_protocol': 'http', |
541 | + 'auth_protocol': 'http', |
542 | + } |
543 | + if context_complete(ctxt): |
544 | + return ctxt |
545 | + return {} |
546 | + |
547 | + |
548 | +class AMQPContext(OSContextGenerator): |
549 | + interfaces = ['amqp'] |
550 | + |
551 | + def __call__(self): |
552 | + log('Generating template context for amqp') |
553 | + conf = config() |
554 | + try: |
555 | + username = conf['rabbit-user'] |
556 | + vhost = conf['rabbit-vhost'] |
557 | + except KeyError as e: |
558 | + log('Could not generate shared_db context. ' |
559 | + 'Missing required charm config options: %s.' % e) |
560 | + raise OSContextError |
561 | + |
562 | + ctxt = {} |
563 | + for rid in relation_ids('amqp'): |
564 | + for unit in related_units(rid): |
565 | + if relation_get('clustered', rid=rid, unit=unit): |
566 | + ctxt['clustered'] = True |
567 | + ctxt['rabbitmq_host'] = relation_get('vip', rid=rid, |
568 | + unit=unit) |
569 | + else: |
570 | + ctxt['rabbitmq_host'] = relation_get('private-address', |
571 | + rid=rid, unit=unit) |
572 | + ctxt.update({ |
573 | + 'rabbitmq_user': username, |
574 | + 'rabbitmq_password': relation_get('password', rid=rid, |
575 | + unit=unit), |
576 | + 'rabbitmq_virtual_host': vhost, |
577 | + }) |
578 | + if context_complete(ctxt): |
579 | + # Sufficient information found = break out! |
580 | + break |
581 | + # Used for active/active rabbitmq >= grizzly |
582 | + ctxt['rabbitmq_hosts'] = [] |
583 | + for unit in related_units(rid): |
584 | + ctxt['rabbitmq_hosts'].append(relation_get('private-address', |
585 | + rid=rid, unit=unit)) |
586 | + if not context_complete(ctxt): |
587 | + return {} |
588 | + else: |
589 | + return ctxt |
590 | + |
591 | + |
592 | +class CephContext(OSContextGenerator): |
593 | + interfaces = ['ceph'] |
594 | + |
595 | + def __call__(self): |
596 | + '''This generates context for /etc/ceph/ceph.conf templates''' |
597 | + if not relation_ids('ceph'): |
598 | + return {} |
599 | + log('Generating template context for ceph') |
600 | + mon_hosts = [] |
601 | + auth = None |
602 | + key = None |
603 | + for rid in relation_ids('ceph'): |
604 | + for unit in related_units(rid): |
605 | + mon_hosts.append(relation_get('private-address', rid=rid, |
606 | + unit=unit)) |
607 | + auth = relation_get('auth', rid=rid, unit=unit) |
608 | + key = relation_get('key', rid=rid, unit=unit) |
609 | + |
610 | + ctxt = { |
611 | + 'mon_hosts': ' '.join(mon_hosts), |
612 | + 'auth': auth, |
613 | + 'key': key, |
614 | + } |
615 | + |
616 | + if not os.path.isdir('/etc/ceph'): |
617 | + os.mkdir('/etc/ceph') |
618 | + |
619 | + if not context_complete(ctxt): |
620 | + return {} |
621 | + |
622 | + ensure_packages(['ceph-common']) |
623 | + |
624 | + return ctxt |
625 | + |
626 | + |
627 | +class HAProxyContext(OSContextGenerator): |
628 | + interfaces = ['cluster'] |
629 | + |
630 | + def __call__(self): |
631 | + ''' |
632 | + Builds half a context for the haproxy template, which describes |
633 | + all peers to be included in the cluster. Each charm needs to include |
634 | + its own context generator that describes the port mapping. |
635 | + ''' |
636 | + if not relation_ids('cluster'): |
637 | + return {} |
638 | + |
639 | + cluster_hosts = {} |
640 | + l_unit = local_unit().replace('/', '-') |
641 | + cluster_hosts[l_unit] = unit_get('private-address') |
642 | + |
643 | + for rid in relation_ids('cluster'): |
644 | + for unit in related_units(rid): |
645 | + _unit = unit.replace('/', '-') |
646 | + addr = relation_get('private-address', rid=rid, unit=unit) |
647 | + cluster_hosts[_unit] = addr |
648 | + |
649 | + ctxt = { |
650 | + 'units': cluster_hosts, |
651 | + } |
652 | + if len(cluster_hosts.keys()) > 1: |
653 | + # Enable haproxy when we have enough peers. |
654 | + log('Ensuring haproxy enabled in /etc/default/haproxy.') |
655 | + with open('/etc/default/haproxy', 'w') as out: |
656 | + out.write('ENABLED=1\n') |
657 | + return ctxt |
658 | + log('HAProxy context is incomplete, this unit has no peers.') |
659 | + return {} |
660 | + |
661 | + |
662 | +class ImageServiceContext(OSContextGenerator): |
663 | + interfaces = ['image-service'] |
664 | + |
665 | + def __call__(self): |
666 | + ''' |
667 | + Obtains the glance API server from the image-service relation. Useful |
668 | + in nova and cinder (currently). |
669 | + ''' |
670 | + log('Generating template context for image-service.') |
671 | + rids = relation_ids('image-service') |
672 | + if not rids: |
673 | + return {} |
674 | + for rid in rids: |
675 | + for unit in related_units(rid): |
676 | + api_server = relation_get('glance-api-server', |
677 | + rid=rid, unit=unit) |
678 | + if api_server: |
679 | + return {'glance_api_servers': api_server} |
680 | + log('ImageService context is incomplete. ' |
681 | + 'Missing required relation data.') |
682 | + return {} |
683 | + |
684 | + |
685 | +class ApacheSSLContext(OSContextGenerator): |
686 | + """ |
687 | + Generates a context for an apache vhost configuration that configures |
688 | + HTTPS reverse proxying for one or many endpoints. Generated context |
689 | + looks something like: |
690 | + { |
691 | + 'namespace': 'cinder', |
692 | + 'private_address': 'iscsi.mycinderhost.com', |
693 | + 'endpoints': [(8776, 8766), (8777, 8767)] |
694 | + } |
695 | + |
696 | + The endpoints list consists of a tuples mapping external ports |
697 | + to internal ports. |
698 | + """ |
699 | + interfaces = ['https'] |
700 | + |
701 | + # charms should inherit this context and set external ports |
702 | + # and service namespace accordingly. |
703 | + external_ports = [] |
704 | + service_namespace = None |
705 | + |
706 | + def enable_modules(self): |
707 | + cmd = ['a2enmod', 'ssl', 'proxy', 'proxy_http'] |
708 | + check_call(cmd) |
709 | + |
710 | + def configure_cert(self): |
711 | + if not os.path.isdir('/etc/apache2/ssl'): |
712 | + os.mkdir('/etc/apache2/ssl') |
713 | + ssl_dir = os.path.join('/etc/apache2/ssl/', self.service_namespace) |
714 | + if not os.path.isdir(ssl_dir): |
715 | + os.mkdir(ssl_dir) |
716 | + cert, key = get_cert() |
717 | + with open(os.path.join(ssl_dir, 'cert'), 'w') as cert_out: |
718 | + cert_out.write(b64decode(cert)) |
719 | + with open(os.path.join(ssl_dir, 'key'), 'w') as key_out: |
720 | + key_out.write(b64decode(key)) |
721 | + ca_cert = get_ca_cert() |
722 | + if ca_cert: |
723 | + with open(CA_CERT_PATH, 'w') as ca_out: |
724 | + ca_out.write(b64decode(ca_cert)) |
725 | + check_call(['update-ca-certificates']) |
726 | + |
727 | + def __call__(self): |
728 | + if isinstance(self.external_ports, basestring): |
729 | + self.external_ports = [self.external_ports] |
730 | + if (not self.external_ports or not https()): |
731 | + return {} |
732 | + |
733 | + self.configure_cert() |
734 | + self.enable_modules() |
735 | + |
736 | + ctxt = { |
737 | + 'namespace': self.service_namespace, |
738 | + 'private_address': unit_get('private-address'), |
739 | + 'endpoints': [] |
740 | + } |
741 | + for ext_port in self.external_ports: |
742 | + if peer_units() or is_clustered(): |
743 | + int_port = determine_haproxy_port(ext_port) |
744 | + else: |
745 | + int_port = determine_api_port(ext_port) |
746 | + portmap = (int(ext_port), int(int_port)) |
747 | + ctxt['endpoints'].append(portmap) |
748 | + return ctxt |
749 | + |
750 | + |
751 | +class NeutronContext(object): |
752 | + interfaces = [] |
753 | + |
754 | + @property |
755 | + def plugin(self): |
756 | + return None |
757 | + |
758 | + @property |
759 | + def network_manager(self): |
760 | + return None |
761 | + |
762 | + @property |
763 | + def packages(self): |
764 | + return neutron_plugin_attribute( |
765 | + self.plugin, 'packages', self.network_manager) |
766 | + |
767 | + @property |
768 | + def neutron_security_groups(self): |
769 | + return None |
770 | + |
771 | + def _ensure_packages(self): |
772 | + [ensure_packages(pkgs) for pkgs in self.packages] |
773 | + |
774 | + def _save_flag_file(self): |
775 | + if self.network_manager == 'quantum': |
776 | + _file = '/etc/nova/quantum_plugin.conf' |
777 | + else: |
778 | + _file = '/etc/nova/neutron_plugin.conf' |
779 | + with open(_file, 'wb') as out: |
780 | + out.write(self.plugin + '\n') |
781 | + |
782 | + def ovs_ctxt(self): |
783 | + driver = neutron_plugin_attribute(self.plugin, 'driver', |
784 | + self.network_manager) |
785 | + |
786 | + ovs_ctxt = { |
787 | + 'core_plugin': driver, |
788 | + 'neutron_plugin': 'ovs', |
789 | + 'neutron_security_groups': self.neutron_security_groups, |
790 | + 'local_ip': unit_private_ip(), |
791 | + } |
792 | + |
793 | + return ovs_ctxt |
794 | + |
795 | + def __call__(self): |
796 | + self._ensure_packages() |
797 | + |
798 | + if self.network_manager not in ['quantum', 'neutron']: |
799 | + return {} |
800 | + |
801 | + if not self.plugin: |
802 | + return {} |
803 | + |
804 | + ctxt = {'network_manager': self.network_manager} |
805 | + |
806 | + if self.plugin == 'ovs': |
807 | + ctxt.update(self.ovs_ctxt()) |
808 | + |
809 | + self._save_flag_file() |
810 | + return ctxt |
811 | + |
812 | + |
813 | +class OSConfigFlagContext(OSContextGenerator): |
814 | + ''' |
815 | + Responsible adding user-defined config-flags in charm config to a |
816 | + to a template context. |
817 | + ''' |
818 | + def __call__(self): |
819 | + config_flags = config('config-flags') |
820 | + if not config_flags or config_flags in ['None', '']: |
821 | + return {} |
822 | + config_flags = config_flags.split(',') |
823 | + flags = {} |
824 | + for flag in config_flags: |
825 | + if '=' not in flag: |
826 | + log('Improperly formatted config-flag, expected k=v ' |
827 | + 'got %s' % flag, level=WARNING) |
828 | + continue |
829 | + k, v = flag.split('=') |
830 | + flags[k.strip()] = v |
831 | + ctxt = {'user_config_flags': flags} |
832 | + return ctxt |
833 | + |
834 | + |
835 | +class SubordinateConfigContext(OSContextGenerator): |
836 | + """ |
837 | + Responsible for inspecting relations to subordinates that |
838 | + may be exporting required config via a json blob. |
839 | + |
840 | + The subordinate interface allows subordinates to export their |
841 | + configuration requirements to the principle for multiple config |
842 | + files and multiple serivces. Ie, a subordinate that has interfaces |
843 | + to both glance and nova may export to following yaml blob as json: |
844 | + |
845 | + glance: |
846 | + /etc/glance/glance-api.conf: |
847 | + sections: |
848 | + DEFAULT: |
849 | + - [key1, value1] |
850 | + /etc/glance/glance-registry.conf: |
851 | + MYSECTION: |
852 | + - [key2, value2] |
853 | + nova: |
854 | + /etc/nova/nova.conf: |
855 | + sections: |
856 | + DEFAULT: |
857 | + - [key3, value3] |
858 | + |
859 | + |
860 | + It is then up to the principle charms to subscribe this context to |
861 | + the service+config file it is interestd in. Configuration data will |
862 | + be available in the template context, in glance's case, as: |
863 | + ctxt = { |
864 | + ... other context ... |
865 | + 'subordinate_config': { |
866 | + 'DEFAULT': { |
867 | + 'key1': 'value1', |
868 | + }, |
869 | + 'MYSECTION': { |
870 | + 'key2': 'value2', |
871 | + }, |
872 | + } |
873 | + } |
874 | + |
875 | + """ |
876 | + def __init__(self, service, config_file, interface): |
877 | + """ |
878 | + :param service : Service name key to query in any subordinate |
879 | + data found |
880 | + :param config_file : Service's config file to query sections |
881 | + :param interface : Subordinate interface to inspect |
882 | + """ |
883 | + self.service = service |
884 | + self.config_file = config_file |
885 | + self.interface = interface |
886 | + |
887 | + def __call__(self): |
888 | + ctxt = {} |
889 | + for rid in relation_ids(self.interface): |
890 | + for unit in related_units(rid): |
891 | + sub_config = relation_get('subordinate_configuration', |
892 | + rid=rid, unit=unit) |
893 | + if sub_config and sub_config != '': |
894 | + try: |
895 | + sub_config = json.loads(sub_config) |
896 | + except: |
897 | + log('Could not parse JSON from subordinate_config ' |
898 | + 'setting from %s' % rid, level=ERROR) |
899 | + continue |
900 | + |
901 | + if self.service not in sub_config: |
902 | + log('Found subordinate_config on %s but it contained' |
903 | + 'nothing for %s service' % (rid, self.service)) |
904 | + continue |
905 | + |
906 | + sub_config = sub_config[self.service] |
907 | + if self.config_file not in sub_config: |
908 | + log('Found subordinate_config on %s but it contained' |
909 | + 'nothing for %s' % (rid, self.config_file)) |
910 | + continue |
911 | + |
912 | + sub_config = sub_config[self.config_file] |
913 | + for k, v in sub_config.iteritems(): |
914 | + ctxt[k] = v |
915 | + |
916 | + if not ctxt: |
917 | + ctxt['sections'] = {} |
918 | + |
919 | + return ctxt |
920 | |
921 | === added file 'hooks/charmhelpers/contrib/openstack/neutron.py' |
922 | --- hooks/charmhelpers/contrib/openstack/neutron.py 1970-01-01 00:00:00 +0000 |
923 | +++ hooks/charmhelpers/contrib/openstack/neutron.py 2013-10-15 14:11:37 +0000 |
924 | @@ -0,0 +1,117 @@ |
925 | +# Various utilies for dealing with Neutron and the renaming from Quantum. |
926 | + |
927 | +from subprocess import check_output |
928 | + |
929 | +from charmhelpers.core.hookenv import ( |
930 | + config, |
931 | + log, |
932 | + ERROR, |
933 | +) |
934 | + |
935 | +from charmhelpers.contrib.openstack.utils import os_release |
936 | + |
937 | + |
938 | +def headers_package(): |
939 | + """Ensures correct linux-headers for running kernel are installed, |
940 | + for building DKMS package""" |
941 | + kver = check_output(['uname', '-r']).strip() |
942 | + return 'linux-headers-%s' % kver |
943 | + |
944 | + |
945 | +# legacy |
946 | +def quantum_plugins(): |
947 | + from charmhelpers.contrib.openstack import context |
948 | + return { |
949 | + 'ovs': { |
950 | + 'config': '/etc/quantum/plugins/openvswitch/' |
951 | + 'ovs_quantum_plugin.ini', |
952 | + 'driver': 'quantum.plugins.openvswitch.ovs_quantum_plugin.' |
953 | + 'OVSQuantumPluginV2', |
954 | + 'contexts': [ |
955 | + context.SharedDBContext(user=config('neutron-database-user'), |
956 | + database=config('neutron-database'), |
957 | + relation_prefix='neutron')], |
958 | + 'services': ['quantum-plugin-openvswitch-agent'], |
959 | + 'packages': [[headers_package(), 'openvswitch-datapath-dkms'], |
960 | + ['quantum-plugin-openvswitch-agent']], |
961 | + }, |
962 | + 'nvp': { |
963 | + 'config': '/etc/quantum/plugins/nicira/nvp.ini', |
964 | + 'driver': 'quantum.plugins.nicira.nicira_nvp_plugin.' |
965 | + 'QuantumPlugin.NvpPluginV2', |
966 | + 'services': [], |
967 | + 'packages': [], |
968 | + } |
969 | + } |
970 | + |
971 | + |
972 | +def neutron_plugins(): |
973 | + from charmhelpers.contrib.openstack import context |
974 | + return { |
975 | + 'ovs': { |
976 | + 'config': '/etc/neutron/plugins/openvswitch/' |
977 | + 'ovs_neutron_plugin.ini', |
978 | + 'driver': 'neutron.plugins.openvswitch.ovs_neutron_plugin.' |
979 | + 'OVSNeutronPluginV2', |
980 | + 'contexts': [ |
981 | + context.SharedDBContext(user=config('neutron-database-user'), |
982 | + database=config('neutron-database'), |
983 | + relation_prefix='neutron')], |
984 | + 'services': ['neutron-plugin-openvswitch-agent'], |
985 | + 'packages': [[headers_package(), 'openvswitch-datapath-dkms'], |
986 | + ['quantum-plugin-openvswitch-agent']], |
987 | + }, |
988 | + 'nvp': { |
989 | + 'config': '/etc/neutron/plugins/nicira/nvp.ini', |
990 | + 'driver': 'neutron.plugins.nicira.nicira_nvp_plugin.' |
991 | + 'NeutronPlugin.NvpPluginV2', |
992 | + 'services': [], |
993 | + 'packages': [], |
994 | + } |
995 | + } |
996 | + |
997 | + |
998 | +def neutron_plugin_attribute(plugin, attr, net_manager=None): |
999 | + manager = net_manager or network_manager() |
1000 | + if manager == 'quantum': |
1001 | + plugins = quantum_plugins() |
1002 | + elif manager == 'neutron': |
1003 | + plugins = neutron_plugins() |
1004 | + else: |
1005 | + log('Error: Network manager does not support plugins.') |
1006 | + raise Exception |
1007 | + |
1008 | + try: |
1009 | + _plugin = plugins[plugin] |
1010 | + except KeyError: |
1011 | + log('Unrecognised plugin for %s: %s' % (manager, plugin), level=ERROR) |
1012 | + raise Exception |
1013 | + |
1014 | + try: |
1015 | + return _plugin[attr] |
1016 | + except KeyError: |
1017 | + return None |
1018 | + |
1019 | + |
1020 | +def network_manager(): |
1021 | + ''' |
1022 | + Deals with the renaming of Quantum to Neutron in H and any situations |
1023 | + that require compatability (eg, deploying H with network-manager=quantum, |
1024 | + upgrading from G). |
1025 | + ''' |
1026 | + release = os_release('nova-common') |
1027 | + manager = config('network-manager').lower() |
1028 | + |
1029 | + if manager not in ['quantum', 'neutron']: |
1030 | + return manager |
1031 | + |
1032 | + if release in ['essex']: |
1033 | + # E does not support neutron |
1034 | + log('Neutron networking not supported in Essex.', level=ERROR) |
1035 | + raise Exception |
1036 | + elif release in ['folsom', 'grizzly']: |
1037 | + # neutron is named quantum in F and G |
1038 | + return 'quantum' |
1039 | + else: |
1040 | + # ensure accurate naming for all releases post-H |
1041 | + return 'neutron' |
1042 | |
1043 | === added directory 'hooks/charmhelpers/contrib/openstack/templates' |
1044 | === added file 'hooks/charmhelpers/contrib/openstack/templates/__init__.py' |
1045 | --- hooks/charmhelpers/contrib/openstack/templates/__init__.py 1970-01-01 00:00:00 +0000 |
1046 | +++ hooks/charmhelpers/contrib/openstack/templates/__init__.py 2013-10-15 14:11:37 +0000 |
1047 | @@ -0,0 +1,2 @@ |
1048 | +# dummy __init__.py to fool syncer into thinking this is a syncable python |
1049 | +# module |
1050 | |
1051 | === added file 'hooks/charmhelpers/contrib/openstack/templating.py' |
1052 | --- hooks/charmhelpers/contrib/openstack/templating.py 1970-01-01 00:00:00 +0000 |
1053 | +++ hooks/charmhelpers/contrib/openstack/templating.py 2013-10-15 14:11:37 +0000 |
1054 | @@ -0,0 +1,280 @@ |
1055 | +import os |
1056 | + |
1057 | +from charmhelpers.fetch import apt_install |
1058 | + |
1059 | +from charmhelpers.core.hookenv import ( |
1060 | + log, |
1061 | + ERROR, |
1062 | + INFO |
1063 | +) |
1064 | + |
1065 | +from charmhelpers.contrib.openstack.utils import OPENSTACK_CODENAMES |
1066 | + |
1067 | +try: |
1068 | + from jinja2 import FileSystemLoader, ChoiceLoader, Environment, exceptions |
1069 | +except ImportError: |
1070 | + # python-jinja2 may not be installed yet, or we're running unittests. |
1071 | + FileSystemLoader = ChoiceLoader = Environment = exceptions = None |
1072 | + |
1073 | + |
1074 | +class OSConfigException(Exception): |
1075 | + pass |
1076 | + |
1077 | + |
1078 | +def get_loader(templates_dir, os_release): |
1079 | + """ |
1080 | + Create a jinja2.ChoiceLoader containing template dirs up to |
1081 | + and including os_release. If directory template directory |
1082 | + is missing at templates_dir, it will be omitted from the loader. |
1083 | + templates_dir is added to the bottom of the search list as a base |
1084 | + loading dir. |
1085 | + |
1086 | + A charm may also ship a templates dir with this module |
1087 | + and it will be appended to the bottom of the search list, eg: |
1088 | + hooks/charmhelpers/contrib/openstack/templates. |
1089 | + |
1090 | + :param templates_dir: str: Base template directory containing release |
1091 | + sub-directories. |
1092 | + :param os_release : str: OpenStack release codename to construct template |
1093 | + loader. |
1094 | + |
1095 | + :returns : jinja2.ChoiceLoader constructed with a list of |
1096 | + jinja2.FilesystemLoaders, ordered in descending |
1097 | + order by OpenStack release. |
1098 | + """ |
1099 | + tmpl_dirs = [(rel, os.path.join(templates_dir, rel)) |
1100 | + for rel in OPENSTACK_CODENAMES.itervalues()] |
1101 | + |
1102 | + if not os.path.isdir(templates_dir): |
1103 | + log('Templates directory not found @ %s.' % templates_dir, |
1104 | + level=ERROR) |
1105 | + raise OSConfigException |
1106 | + |
1107 | + # the bottom contains tempaltes_dir and possibly a common templates dir |
1108 | + # shipped with the helper. |
1109 | + loaders = [FileSystemLoader(templates_dir)] |
1110 | + helper_templates = os.path.join(os.path.dirname(__file__), 'templates') |
1111 | + if os.path.isdir(helper_templates): |
1112 | + loaders.append(FileSystemLoader(helper_templates)) |
1113 | + |
1114 | + for rel, tmpl_dir in tmpl_dirs: |
1115 | + if os.path.isdir(tmpl_dir): |
1116 | + loaders.insert(0, FileSystemLoader(tmpl_dir)) |
1117 | + if rel == os_release: |
1118 | + break |
1119 | + log('Creating choice loader with dirs: %s' % |
1120 | + [l.searchpath for l in loaders], level=INFO) |
1121 | + return ChoiceLoader(loaders) |
1122 | + |
1123 | + |
1124 | +class OSConfigTemplate(object): |
1125 | + """ |
1126 | + Associates a config file template with a list of context generators. |
1127 | + Responsible for constructing a template context based on those generators. |
1128 | + """ |
1129 | + def __init__(self, config_file, contexts): |
1130 | + self.config_file = config_file |
1131 | + |
1132 | + if hasattr(contexts, '__call__'): |
1133 | + self.contexts = [contexts] |
1134 | + else: |
1135 | + self.contexts = contexts |
1136 | + |
1137 | + self._complete_contexts = [] |
1138 | + |
1139 | + def context(self): |
1140 | + ctxt = {} |
1141 | + for context in self.contexts: |
1142 | + _ctxt = context() |
1143 | + if _ctxt: |
1144 | + ctxt.update(_ctxt) |
1145 | + # track interfaces for every complete context. |
1146 | + [self._complete_contexts.append(interface) |
1147 | + for interface in context.interfaces |
1148 | + if interface not in self._complete_contexts] |
1149 | + return ctxt |
1150 | + |
1151 | + def complete_contexts(self): |
1152 | + ''' |
1153 | + Return a list of interfaces that have atisfied contexts. |
1154 | + ''' |
1155 | + if self._complete_contexts: |
1156 | + return self._complete_contexts |
1157 | + self.context() |
1158 | + return self._complete_contexts |
1159 | + |
1160 | + |
1161 | +class OSConfigRenderer(object): |
1162 | + """ |
1163 | + This class provides a common templating system to be used by OpenStack |
1164 | + charms. It is intended to help charms share common code and templates, |
1165 | + and ease the burden of managing config templates across multiple OpenStack |
1166 | + releases. |
1167 | + |
1168 | + Basic usage: |
1169 | + # import some common context generates from charmhelpers |
1170 | + from charmhelpers.contrib.openstack import context |
1171 | + |
1172 | + # Create a renderer object for a specific OS release. |
1173 | + configs = OSConfigRenderer(templates_dir='/tmp/templates', |
1174 | + openstack_release='folsom') |
1175 | + # register some config files with context generators. |
1176 | + configs.register(config_file='/etc/nova/nova.conf', |
1177 | + contexts=[context.SharedDBContext(), |
1178 | + context.AMQPContext()]) |
1179 | + configs.register(config_file='/etc/nova/api-paste.ini', |
1180 | + contexts=[context.IdentityServiceContext()]) |
1181 | + configs.register(config_file='/etc/haproxy/haproxy.conf', |
1182 | + contexts=[context.HAProxyContext()]) |
1183 | + # write out a single config |
1184 | + configs.write('/etc/nova/nova.conf') |
1185 | + # write out all registered configs |
1186 | + configs.write_all() |
1187 | + |
1188 | + Details: |
1189 | + |
1190 | + OpenStack Releases and template loading |
1191 | + --------------------------------------- |
1192 | + When the object is instantiated, it is associated with a specific OS |
1193 | + release. This dictates how the template loader will be constructed. |
1194 | + |
1195 | + The constructed loader attempts to load the template from several places |
1196 | + in the following order: |
1197 | + - from the most recent OS release-specific template dir (if one exists) |
1198 | + - the base templates_dir |
1199 | + - a template directory shipped in the charm with this helper file. |
1200 | + |
1201 | + |
1202 | + For the example above, '/tmp/templates' contains the following structure: |
1203 | + /tmp/templates/nova.conf |
1204 | + /tmp/templates/api-paste.ini |
1205 | + /tmp/templates/grizzly/api-paste.ini |
1206 | + /tmp/templates/havana/api-paste.ini |
1207 | + |
1208 | + Since it was registered with the grizzly release, it first seraches |
1209 | + the grizzly directory for nova.conf, then the templates dir. |
1210 | + |
1211 | + When writing api-paste.ini, it will find the template in the grizzly |
1212 | + directory. |
1213 | + |
1214 | + If the object were created with folsom, it would fall back to the |
1215 | + base templates dir for its api-paste.ini template. |
1216 | + |
1217 | + This system should help manage changes in config files through |
1218 | + openstack releases, allowing charms to fall back to the most recently |
1219 | + updated config template for a given release |
1220 | + |
1221 | + The haproxy.conf, since it is not shipped in the templates dir, will |
1222 | + be loaded from the module directory's template directory, eg |
1223 | + $CHARM/hooks/charmhelpers/contrib/openstack/templates. This allows |
1224 | + us to ship common templates (haproxy, apache) with the helpers. |
1225 | + |
1226 | + Context generators |
1227 | + --------------------------------------- |
1228 | + Context generators are used to generate template contexts during hook |
1229 | + execution. Doing so may require inspecting service relations, charm |
1230 | + config, etc. When registered, a config file is associated with a list |
1231 | + of generators. When a template is rendered and written, all context |
1232 | + generates are called in a chain to generate the context dictionary |
1233 | + passed to the jinja2 template. See context.py for more info. |
1234 | + """ |
1235 | + def __init__(self, templates_dir, openstack_release): |
1236 | + if not os.path.isdir(templates_dir): |
1237 | + log('Could not locate templates dir %s' % templates_dir, |
1238 | + level=ERROR) |
1239 | + raise OSConfigException |
1240 | + |
1241 | + self.templates_dir = templates_dir |
1242 | + self.openstack_release = openstack_release |
1243 | + self.templates = {} |
1244 | + self._tmpl_env = None |
1245 | + |
1246 | + if None in [Environment, ChoiceLoader, FileSystemLoader]: |
1247 | + # if this code is running, the object is created pre-install hook. |
1248 | + # jinja2 shouldn't get touched until the module is reloaded on next |
1249 | + # hook execution, with proper jinja2 bits successfully imported. |
1250 | + apt_install('python-jinja2') |
1251 | + |
1252 | + def register(self, config_file, contexts): |
1253 | + """ |
1254 | + Register a config file with a list of context generators to be called |
1255 | + during rendering. |
1256 | + """ |
1257 | + self.templates[config_file] = OSConfigTemplate(config_file=config_file, |
1258 | + contexts=contexts) |
1259 | + log('Registered config file: %s' % config_file, level=INFO) |
1260 | + |
1261 | + def _get_tmpl_env(self): |
1262 | + if not self._tmpl_env: |
1263 | + loader = get_loader(self.templates_dir, self.openstack_release) |
1264 | + self._tmpl_env = Environment(loader=loader) |
1265 | + |
1266 | + def _get_template(self, template): |
1267 | + self._get_tmpl_env() |
1268 | + template = self._tmpl_env.get_template(template) |
1269 | + log('Loaded template from %s' % template.filename, level=INFO) |
1270 | + return template |
1271 | + |
1272 | + def render(self, config_file): |
1273 | + if config_file not in self.templates: |
1274 | + log('Config not registered: %s' % config_file, level=ERROR) |
1275 | + raise OSConfigException |
1276 | + ctxt = self.templates[config_file].context() |
1277 | + |
1278 | + _tmpl = os.path.basename(config_file) |
1279 | + try: |
1280 | + template = self._get_template(_tmpl) |
1281 | + except exceptions.TemplateNotFound: |
1282 | + # if no template is found with basename, try looking for it |
1283 | + # using a munged full path, eg: |
1284 | + # /etc/apache2/apache2.conf -> etc_apache2_apache2.conf |
1285 | + _tmpl = '_'.join(config_file.split('/')[1:]) |
1286 | + try: |
1287 | + template = self._get_template(_tmpl) |
1288 | + except exceptions.TemplateNotFound as e: |
1289 | + log('Could not load template from %s by %s or %s.' % |
1290 | + (self.templates_dir, os.path.basename(config_file), _tmpl), |
1291 | + level=ERROR) |
1292 | + raise e |
1293 | + |
1294 | + log('Rendering from template: %s' % _tmpl, level=INFO) |
1295 | + return template.render(ctxt) |
1296 | + |
1297 | + def write(self, config_file): |
1298 | + """ |
1299 | + Write a single config file, raises if config file is not registered. |
1300 | + """ |
1301 | + if config_file not in self.templates: |
1302 | + log('Config not registered: %s' % config_file, level=ERROR) |
1303 | + raise OSConfigException |
1304 | + |
1305 | + _out = self.render(config_file) |
1306 | + |
1307 | + with open(config_file, 'wb') as out: |
1308 | + out.write(_out) |
1309 | + |
1310 | + log('Wrote template %s.' % config_file, level=INFO) |
1311 | + |
1312 | + def write_all(self): |
1313 | + """ |
1314 | + Write out all registered config files. |
1315 | + """ |
1316 | + [self.write(k) for k in self.templates.iterkeys()] |
1317 | + |
1318 | + def set_release(self, openstack_release): |
1319 | + """ |
1320 | + Resets the template environment and generates a new template loader |
1321 | + based on a the new openstack release. |
1322 | + """ |
1323 | + self._tmpl_env = None |
1324 | + self.openstack_release = openstack_release |
1325 | + self._get_tmpl_env() |
1326 | + |
1327 | + def complete_contexts(self): |
1328 | + ''' |
1329 | + Returns a list of context interfaces that yield a complete context. |
1330 | + ''' |
1331 | + interfaces = [] |
1332 | + [interfaces.extend(i.complete_contexts()) |
1333 | + for i in self.templates.itervalues()] |
1334 | + return interfaces |
1335 | |
1336 | === added file 'hooks/charmhelpers/contrib/openstack/utils.py' |
1337 | --- hooks/charmhelpers/contrib/openstack/utils.py 1970-01-01 00:00:00 +0000 |
1338 | +++ hooks/charmhelpers/contrib/openstack/utils.py 2013-10-15 14:11:37 +0000 |
1339 | @@ -0,0 +1,365 @@ |
1340 | +#!/usr/bin/python |
1341 | + |
1342 | +# Common python helper functions used for OpenStack charms. |
1343 | +from collections import OrderedDict |
1344 | + |
1345 | +import apt_pkg as apt |
1346 | +import subprocess |
1347 | +import os |
1348 | +import socket |
1349 | +import sys |
1350 | + |
1351 | +from charmhelpers.core.hookenv import ( |
1352 | + config, |
1353 | + log as juju_log, |
1354 | + charm_dir, |
1355 | +) |
1356 | + |
1357 | +from charmhelpers.core.host import ( |
1358 | + lsb_release, |
1359 | +) |
1360 | + |
1361 | +from charmhelpers.fetch import ( |
1362 | + apt_install, |
1363 | +) |
1364 | + |
1365 | +CLOUD_ARCHIVE_URL = "http://ubuntu-cloud.archive.canonical.com/ubuntu" |
1366 | +CLOUD_ARCHIVE_KEY_ID = '5EDB1B62EC4926EA' |
1367 | + |
1368 | +UBUNTU_OPENSTACK_RELEASE = OrderedDict([ |
1369 | + ('oneiric', 'diablo'), |
1370 | + ('precise', 'essex'), |
1371 | + ('quantal', 'folsom'), |
1372 | + ('raring', 'grizzly'), |
1373 | + ('saucy', 'havana'), |
1374 | +]) |
1375 | + |
1376 | + |
1377 | +OPENSTACK_CODENAMES = OrderedDict([ |
1378 | + ('2011.2', 'diablo'), |
1379 | + ('2012.1', 'essex'), |
1380 | + ('2012.2', 'folsom'), |
1381 | + ('2013.1', 'grizzly'), |
1382 | + ('2013.2', 'havana'), |
1383 | + ('2014.1', 'icehouse'), |
1384 | +]) |
1385 | + |
1386 | +# The ugly duckling |
1387 | +SWIFT_CODENAMES = OrderedDict([ |
1388 | + ('1.4.3', 'diablo'), |
1389 | + ('1.4.8', 'essex'), |
1390 | + ('1.7.4', 'folsom'), |
1391 | + ('1.8.0', 'grizzly'), |
1392 | + ('1.7.7', 'grizzly'), |
1393 | + ('1.7.6', 'grizzly'), |
1394 | + ('1.10.0', 'havana'), |
1395 | + ('1.9.1', 'havana'), |
1396 | + ('1.9.0', 'havana'), |
1397 | +]) |
1398 | + |
1399 | + |
1400 | +def error_out(msg): |
1401 | + juju_log("FATAL ERROR: %s" % msg, level='ERROR') |
1402 | + sys.exit(1) |
1403 | + |
1404 | + |
1405 | +def get_os_codename_install_source(src): |
1406 | + '''Derive OpenStack release codename from a given installation source.''' |
1407 | + ubuntu_rel = lsb_release()['DISTRIB_CODENAME'] |
1408 | + rel = '' |
1409 | + if src == 'distro': |
1410 | + try: |
1411 | + rel = UBUNTU_OPENSTACK_RELEASE[ubuntu_rel] |
1412 | + except KeyError: |
1413 | + e = 'Could not derive openstack release for '\ |
1414 | + 'this Ubuntu release: %s' % ubuntu_rel |
1415 | + error_out(e) |
1416 | + return rel |
1417 | + |
1418 | + if src.startswith('cloud:'): |
1419 | + ca_rel = src.split(':')[1] |
1420 | + ca_rel = ca_rel.split('%s-' % ubuntu_rel)[1].split('/')[0] |
1421 | + return ca_rel |
1422 | + |
1423 | + # Best guess match based on deb string provided |
1424 | + if src.startswith('deb') or src.startswith('ppa'): |
1425 | + for k, v in OPENSTACK_CODENAMES.iteritems(): |
1426 | + if v in src: |
1427 | + return v |
1428 | + |
1429 | + |
1430 | +def get_os_version_install_source(src): |
1431 | + codename = get_os_codename_install_source(src) |
1432 | + return get_os_version_codename(codename) |
1433 | + |
1434 | + |
1435 | +def get_os_codename_version(vers): |
1436 | + '''Determine OpenStack codename from version number.''' |
1437 | + try: |
1438 | + return OPENSTACK_CODENAMES[vers] |
1439 | + except KeyError: |
1440 | + e = 'Could not determine OpenStack codename for version %s' % vers |
1441 | + error_out(e) |
1442 | + |
1443 | + |
1444 | +def get_os_version_codename(codename): |
1445 | + '''Determine OpenStack version number from codename.''' |
1446 | + for k, v in OPENSTACK_CODENAMES.iteritems(): |
1447 | + if v == codename: |
1448 | + return k |
1449 | + e = 'Could not derive OpenStack version for '\ |
1450 | + 'codename: %s' % codename |
1451 | + error_out(e) |
1452 | + |
1453 | + |
1454 | +def get_os_codename_package(package, fatal=True): |
1455 | + '''Derive OpenStack release codename from an installed package.''' |
1456 | + apt.init() |
1457 | + cache = apt.Cache() |
1458 | + |
1459 | + try: |
1460 | + pkg = cache[package] |
1461 | + except: |
1462 | + if not fatal: |
1463 | + return None |
1464 | + # the package is unknown to the current apt cache. |
1465 | + e = 'Could not determine version of package with no installation '\ |
1466 | + 'candidate: %s' % package |
1467 | + error_out(e) |
1468 | + |
1469 | + if not pkg.current_ver: |
1470 | + if not fatal: |
1471 | + return None |
1472 | + # package is known, but no version is currently installed. |
1473 | + e = 'Could not determine version of uninstalled package: %s' % package |
1474 | + error_out(e) |
1475 | + |
1476 | + vers = apt.upstream_version(pkg.current_ver.ver_str) |
1477 | + |
1478 | + try: |
1479 | + if 'swift' in pkg.name: |
1480 | + swift_vers = vers[:5] |
1481 | + if swift_vers not in SWIFT_CODENAMES: |
1482 | + # Deal with 1.10.0 upward |
1483 | + swift_vers = vers[:6] |
1484 | + return SWIFT_CODENAMES[swift_vers] |
1485 | + else: |
1486 | + vers = vers[:6] |
1487 | + return OPENSTACK_CODENAMES[vers] |
1488 | + except KeyError: |
1489 | + e = 'Could not determine OpenStack codename for version %s' % vers |
1490 | + error_out(e) |
1491 | + |
1492 | + |
1493 | +def get_os_version_package(pkg, fatal=True): |
1494 | + '''Derive OpenStack version number from an installed package.''' |
1495 | + codename = get_os_codename_package(pkg, fatal=fatal) |
1496 | + |
1497 | + if not codename: |
1498 | + return None |
1499 | + |
1500 | + if 'swift' in pkg: |
1501 | + vers_map = SWIFT_CODENAMES |
1502 | + else: |
1503 | + vers_map = OPENSTACK_CODENAMES |
1504 | + |
1505 | + for version, cname in vers_map.iteritems(): |
1506 | + if cname == codename: |
1507 | + return version |
1508 | + #e = "Could not determine OpenStack version for package: %s" % pkg |
1509 | + #error_out(e) |
1510 | + |
1511 | + |
1512 | +os_rel = None |
1513 | + |
1514 | + |
1515 | +def os_release(package, base='essex'): |
1516 | + ''' |
1517 | + Returns OpenStack release codename from a cached global. |
1518 | + If the codename can not be determined from either an installed package or |
1519 | + the installation source, the earliest release supported by the charm should |
1520 | + be returned. |
1521 | + ''' |
1522 | + global os_rel |
1523 | + if os_rel: |
1524 | + return os_rel |
1525 | + os_rel = (get_os_codename_package(package, fatal=False) or |
1526 | + get_os_codename_install_source(config('openstack-origin')) or |
1527 | + base) |
1528 | + return os_rel |
1529 | + |
1530 | + |
1531 | +def import_key(keyid): |
1532 | + cmd = "apt-key adv --keyserver keyserver.ubuntu.com " \ |
1533 | + "--recv-keys %s" % keyid |
1534 | + try: |
1535 | + subprocess.check_call(cmd.split(' ')) |
1536 | + except subprocess.CalledProcessError: |
1537 | + error_out("Error importing repo key %s" % keyid) |
1538 | + |
1539 | + |
1540 | +def configure_installation_source(rel): |
1541 | + '''Configure apt installation source.''' |
1542 | + if rel == 'distro': |
1543 | + return |
1544 | + elif rel[:4] == "ppa:": |
1545 | + src = rel |
1546 | + subprocess.check_call(["add-apt-repository", "-y", src]) |
1547 | + elif rel[:3] == "deb": |
1548 | + l = len(rel.split('|')) |
1549 | + if l == 2: |
1550 | + src, key = rel.split('|') |
1551 | + juju_log("Importing PPA key from keyserver for %s" % src) |
1552 | + import_key(key) |
1553 | + elif l == 1: |
1554 | + src = rel |
1555 | + with open('/etc/apt/sources.list.d/juju_deb.list', 'w') as f: |
1556 | + f.write(src) |
1557 | + elif rel[:6] == 'cloud:': |
1558 | + ubuntu_rel = lsb_release()['DISTRIB_CODENAME'] |
1559 | + rel = rel.split(':')[1] |
1560 | + u_rel = rel.split('-')[0] |
1561 | + ca_rel = rel.split('-')[1] |
1562 | + |
1563 | + if u_rel != ubuntu_rel: |
1564 | + e = 'Cannot install from Cloud Archive pocket %s on this Ubuntu '\ |
1565 | + 'version (%s)' % (ca_rel, ubuntu_rel) |
1566 | + error_out(e) |
1567 | + |
1568 | + if 'staging' in ca_rel: |
1569 | + # staging is just a regular PPA. |
1570 | + os_rel = ca_rel.split('/')[0] |
1571 | + ppa = 'ppa:ubuntu-cloud-archive/%s-staging' % os_rel |
1572 | + cmd = 'add-apt-repository -y %s' % ppa |
1573 | + subprocess.check_call(cmd.split(' ')) |
1574 | + return |
1575 | + |
1576 | + # map charm config options to actual archive pockets. |
1577 | + pockets = { |
1578 | + 'folsom': 'precise-updates/folsom', |
1579 | + 'folsom/updates': 'precise-updates/folsom', |
1580 | + 'folsom/proposed': 'precise-proposed/folsom', |
1581 | + 'grizzly': 'precise-updates/grizzly', |
1582 | + 'grizzly/updates': 'precise-updates/grizzly', |
1583 | + 'grizzly/proposed': 'precise-proposed/grizzly', |
1584 | + 'havana': 'precise-updates/havana', |
1585 | + 'havana/updates': 'precise-updates/havana', |
1586 | + 'havana/proposed': 'precise-proposed/havana', |
1587 | + } |
1588 | + |
1589 | + try: |
1590 | + pocket = pockets[ca_rel] |
1591 | + except KeyError: |
1592 | + e = 'Invalid Cloud Archive release specified: %s' % rel |
1593 | + error_out(e) |
1594 | + |
1595 | + src = "deb %s %s main" % (CLOUD_ARCHIVE_URL, pocket) |
1596 | + apt_install('ubuntu-cloud-keyring', fatal=True) |
1597 | + |
1598 | + with open('/etc/apt/sources.list.d/cloud-archive.list', 'w') as f: |
1599 | + f.write(src) |
1600 | + else: |
1601 | + error_out("Invalid openstack-release specified: %s" % rel) |
1602 | + |
1603 | + |
1604 | +def save_script_rc(script_path="scripts/scriptrc", **env_vars): |
1605 | + """ |
1606 | + Write an rc file in the charm-delivered directory containing |
1607 | + exported environment variables provided by env_vars. Any charm scripts run |
1608 | + outside the juju hook environment can source this scriptrc to obtain |
1609 | + updated config information necessary to perform health checks or |
1610 | + service changes. |
1611 | + """ |
1612 | + juju_rc_path = "%s/%s" % (charm_dir(), script_path) |
1613 | + if not os.path.exists(os.path.dirname(juju_rc_path)): |
1614 | + os.mkdir(os.path.dirname(juju_rc_path)) |
1615 | + with open(juju_rc_path, 'wb') as rc_script: |
1616 | + rc_script.write( |
1617 | + "#!/bin/bash\n") |
1618 | + [rc_script.write('export %s=%s\n' % (u, p)) |
1619 | + for u, p in env_vars.iteritems() if u != "script_path"] |
1620 | + |
1621 | + |
1622 | +def openstack_upgrade_available(package): |
1623 | + """ |
1624 | + Determines if an OpenStack upgrade is available from installation |
1625 | + source, based on version of installed package. |
1626 | + |
1627 | + :param package: str: Name of installed package. |
1628 | + |
1629 | + :returns: bool: : Returns True if configured installation source offers |
1630 | + a newer version of package. |
1631 | + |
1632 | + """ |
1633 | + |
1634 | + src = config('openstack-origin') |
1635 | + cur_vers = get_os_version_package(package) |
1636 | + available_vers = get_os_version_install_source(src) |
1637 | + apt.init() |
1638 | + return apt.version_compare(available_vers, cur_vers) == 1 |
1639 | + |
1640 | + |
1641 | +def is_ip(address): |
1642 | + """ |
1643 | + Returns True if address is a valid IP address. |
1644 | + """ |
1645 | + try: |
1646 | + # Test to see if already an IPv4 address |
1647 | + socket.inet_aton(address) |
1648 | + return True |
1649 | + except socket.error: |
1650 | + return False |
1651 | + |
1652 | + |
1653 | +def ns_query(address): |
1654 | + try: |
1655 | + import dns.resolver |
1656 | + except ImportError: |
1657 | + apt_install('python-dnspython') |
1658 | + import dns.resolver |
1659 | + |
1660 | + if isinstance(address, dns.name.Name): |
1661 | + rtype = 'PTR' |
1662 | + elif isinstance(address, basestring): |
1663 | + rtype = 'A' |
1664 | + |
1665 | + answers = dns.resolver.query(address, rtype) |
1666 | + if answers: |
1667 | + return str(answers[0]) |
1668 | + return None |
1669 | + |
1670 | + |
1671 | +def get_host_ip(hostname): |
1672 | + """ |
1673 | + Resolves the IP for a given hostname, or returns |
1674 | + the input if it is already an IP. |
1675 | + """ |
1676 | + if is_ip(hostname): |
1677 | + return hostname |
1678 | + |
1679 | + return ns_query(hostname) |
1680 | + |
1681 | + |
1682 | +def get_hostname(address): |
1683 | + """ |
1684 | + Resolves hostname for given IP, or returns the input |
1685 | + if it is already a hostname. |
1686 | + """ |
1687 | + if not is_ip(address): |
1688 | + return address |
1689 | + |
1690 | + try: |
1691 | + import dns.reversename |
1692 | + except ImportError: |
1693 | + apt_install('python-dnspython') |
1694 | + import dns.reversename |
1695 | + |
1696 | + rev = dns.reversename.from_address(address) |
1697 | + result = ns_query(rev) |
1698 | + if not result: |
1699 | + return None |
1700 | + |
1701 | + # strip trailing . |
1702 | + if result.endswith('.'): |
1703 | + return result[:-1] |
1704 | + return result |
1705 | |
1706 | === added directory 'hooks/charmhelpers/core' |
1707 | === added file 'hooks/charmhelpers/core/__init__.py' |
1708 | === added file 'hooks/charmhelpers/core/hookenv.py' |
1709 | --- hooks/charmhelpers/core/hookenv.py 1970-01-01 00:00:00 +0000 |
1710 | +++ hooks/charmhelpers/core/hookenv.py 2013-10-15 14:11:37 +0000 |
1711 | @@ -0,0 +1,340 @@ |
1712 | +"Interactions with the Juju environment" |
1713 | +# Copyright 2013 Canonical Ltd. |
1714 | +# |
1715 | +# Authors: |
1716 | +# Charm Helpers Developers <juju@lists.ubuntu.com> |
1717 | + |
1718 | +import os |
1719 | +import json |
1720 | +import yaml |
1721 | +import subprocess |
1722 | +import UserDict |
1723 | + |
1724 | +CRITICAL = "CRITICAL" |
1725 | +ERROR = "ERROR" |
1726 | +WARNING = "WARNING" |
1727 | +INFO = "INFO" |
1728 | +DEBUG = "DEBUG" |
1729 | +MARKER = object() |
1730 | + |
1731 | +cache = {} |
1732 | + |
1733 | + |
1734 | +def cached(func): |
1735 | + ''' Cache return values for multiple executions of func + args |
1736 | + |
1737 | + For example: |
1738 | + |
1739 | + @cached |
1740 | + def unit_get(attribute): |
1741 | + pass |
1742 | + |
1743 | + unit_get('test') |
1744 | + |
1745 | + will cache the result of unit_get + 'test' for future calls. |
1746 | + ''' |
1747 | + def wrapper(*args, **kwargs): |
1748 | + global cache |
1749 | + key = str((func, args, kwargs)) |
1750 | + try: |
1751 | + return cache[key] |
1752 | + except KeyError: |
1753 | + res = func(*args, **kwargs) |
1754 | + cache[key] = res |
1755 | + return res |
1756 | + return wrapper |
1757 | + |
1758 | + |
1759 | +def flush(key): |
1760 | + ''' Flushes any entries from function cache where the |
1761 | + key is found in the function+args ''' |
1762 | + flush_list = [] |
1763 | + for item in cache: |
1764 | + if key in item: |
1765 | + flush_list.append(item) |
1766 | + for item in flush_list: |
1767 | + del cache[item] |
1768 | + |
1769 | + |
1770 | +def log(message, level=None): |
1771 | + "Write a message to the juju log" |
1772 | + command = ['juju-log'] |
1773 | + if level: |
1774 | + command += ['-l', level] |
1775 | + command += [message] |
1776 | + subprocess.call(command) |
1777 | + |
1778 | + |
1779 | +class Serializable(UserDict.IterableUserDict): |
1780 | + "Wrapper, an object that can be serialized to yaml or json" |
1781 | + |
1782 | + def __init__(self, obj): |
1783 | + # wrap the object |
1784 | + UserDict.IterableUserDict.__init__(self) |
1785 | + self.data = obj |
1786 | + |
1787 | + def __getattr__(self, attr): |
1788 | + # See if this object has attribute. |
1789 | + if attr in ("json", "yaml", "data"): |
1790 | + return self.__dict__[attr] |
1791 | + # Check for attribute in wrapped object. |
1792 | + got = getattr(self.data, attr, MARKER) |
1793 | + if got is not MARKER: |
1794 | + return got |
1795 | + # Proxy to the wrapped object via dict interface. |
1796 | + try: |
1797 | + return self.data[attr] |
1798 | + except KeyError: |
1799 | + raise AttributeError(attr) |
1800 | + |
1801 | + def __getstate__(self): |
1802 | + # Pickle as a standard dictionary. |
1803 | + return self.data |
1804 | + |
1805 | + def __setstate__(self, state): |
1806 | + # Unpickle into our wrapper. |
1807 | + self.data = state |
1808 | + |
1809 | + def json(self): |
1810 | + "Serialize the object to json" |
1811 | + return json.dumps(self.data) |
1812 | + |
1813 | + def yaml(self): |
1814 | + "Serialize the object to yaml" |
1815 | + return yaml.dump(self.data) |
1816 | + |
1817 | + |
1818 | +def execution_environment(): |
1819 | + """A convenient bundling of the current execution context""" |
1820 | + context = {} |
1821 | + context['conf'] = config() |
1822 | + if relation_id(): |
1823 | + context['reltype'] = relation_type() |
1824 | + context['relid'] = relation_id() |
1825 | + context['rel'] = relation_get() |
1826 | + context['unit'] = local_unit() |
1827 | + context['rels'] = relations() |
1828 | + context['env'] = os.environ |
1829 | + return context |
1830 | + |
1831 | + |
1832 | +def in_relation_hook(): |
1833 | + "Determine whether we're running in a relation hook" |
1834 | + return 'JUJU_RELATION' in os.environ |
1835 | + |
1836 | + |
1837 | +def relation_type(): |
1838 | + "The scope for the current relation hook" |
1839 | + return os.environ.get('JUJU_RELATION', None) |
1840 | + |
1841 | + |
1842 | +def relation_id(): |
1843 | + "The relation ID for the current relation hook" |
1844 | + return os.environ.get('JUJU_RELATION_ID', None) |
1845 | + |
1846 | + |
1847 | +def local_unit(): |
1848 | + "Local unit ID" |
1849 | + return os.environ['JUJU_UNIT_NAME'] |
1850 | + |
1851 | + |
1852 | +def remote_unit(): |
1853 | + "The remote unit for the current relation hook" |
1854 | + return os.environ['JUJU_REMOTE_UNIT'] |
1855 | + |
1856 | + |
1857 | +def service_name(): |
1858 | + "The name service group this unit belongs to" |
1859 | + return local_unit().split('/')[0] |
1860 | + |
1861 | + |
1862 | +@cached |
1863 | +def config(scope=None): |
1864 | + "Juju charm configuration" |
1865 | + config_cmd_line = ['config-get'] |
1866 | + if scope is not None: |
1867 | + config_cmd_line.append(scope) |
1868 | + config_cmd_line.append('--format=json') |
1869 | + try: |
1870 | + return json.loads(subprocess.check_output(config_cmd_line)) |
1871 | + except ValueError: |
1872 | + return None |
1873 | + |
1874 | + |
1875 | +@cached |
1876 | +def relation_get(attribute=None, unit=None, rid=None): |
1877 | + _args = ['relation-get', '--format=json'] |
1878 | + if rid: |
1879 | + _args.append('-r') |
1880 | + _args.append(rid) |
1881 | + _args.append(attribute or '-') |
1882 | + if unit: |
1883 | + _args.append(unit) |
1884 | + try: |
1885 | + return json.loads(subprocess.check_output(_args)) |
1886 | + except ValueError: |
1887 | + return None |
1888 | + |
1889 | + |
1890 | +def relation_set(relation_id=None, relation_settings={}, **kwargs): |
1891 | + relation_cmd_line = ['relation-set'] |
1892 | + if relation_id is not None: |
1893 | + relation_cmd_line.extend(('-r', relation_id)) |
1894 | + for k, v in (relation_settings.items() + kwargs.items()): |
1895 | + if v is None: |
1896 | + relation_cmd_line.append('{}='.format(k)) |
1897 | + else: |
1898 | + relation_cmd_line.append('{}={}'.format(k, v)) |
1899 | + subprocess.check_call(relation_cmd_line) |
1900 | + # Flush cache of any relation-gets for local unit |
1901 | + flush(local_unit()) |
1902 | + |
1903 | + |
1904 | +@cached |
1905 | +def relation_ids(reltype=None): |
1906 | + "A list of relation_ids" |
1907 | + reltype = reltype or relation_type() |
1908 | + relid_cmd_line = ['relation-ids', '--format=json'] |
1909 | + if reltype is not None: |
1910 | + relid_cmd_line.append(reltype) |
1911 | + return json.loads(subprocess.check_output(relid_cmd_line)) or [] |
1912 | + return [] |
1913 | + |
1914 | + |
1915 | +@cached |
1916 | +def related_units(relid=None): |
1917 | + "A list of related units" |
1918 | + relid = relid or relation_id() |
1919 | + units_cmd_line = ['relation-list', '--format=json'] |
1920 | + if relid is not None: |
1921 | + units_cmd_line.extend(('-r', relid)) |
1922 | + return json.loads(subprocess.check_output(units_cmd_line)) or [] |
1923 | + |
1924 | + |
1925 | +@cached |
1926 | +def relation_for_unit(unit=None, rid=None): |
1927 | + "Get the json represenation of a unit's relation" |
1928 | + unit = unit or remote_unit() |
1929 | + relation = relation_get(unit=unit, rid=rid) |
1930 | + for key in relation: |
1931 | + if key.endswith('-list'): |
1932 | + relation[key] = relation[key].split() |
1933 | + relation['__unit__'] = unit |
1934 | + return relation |
1935 | + |
1936 | + |
1937 | +@cached |
1938 | +def relations_for_id(relid=None): |
1939 | + "Get relations of a specific relation ID" |
1940 | + relation_data = [] |
1941 | + relid = relid or relation_ids() |
1942 | + for unit in related_units(relid): |
1943 | + unit_data = relation_for_unit(unit, relid) |
1944 | + unit_data['__relid__'] = relid |
1945 | + relation_data.append(unit_data) |
1946 | + return relation_data |
1947 | + |
1948 | + |
1949 | +@cached |
1950 | +def relations_of_type(reltype=None): |
1951 | + "Get relations of a specific type" |
1952 | + relation_data = [] |
1953 | + reltype = reltype or relation_type() |
1954 | + for relid in relation_ids(reltype): |
1955 | + for relation in relations_for_id(relid): |
1956 | + relation['__relid__'] = relid |
1957 | + relation_data.append(relation) |
1958 | + return relation_data |
1959 | + |
1960 | + |
1961 | +@cached |
1962 | +def relation_types(): |
1963 | + "Get a list of relation types supported by this charm" |
1964 | + charmdir = os.environ.get('CHARM_DIR', '') |
1965 | + mdf = open(os.path.join(charmdir, 'metadata.yaml')) |
1966 | + md = yaml.safe_load(mdf) |
1967 | + rel_types = [] |
1968 | + for key in ('provides', 'requires', 'peers'): |
1969 | + section = md.get(key) |
1970 | + if section: |
1971 | + rel_types.extend(section.keys()) |
1972 | + mdf.close() |
1973 | + return rel_types |
1974 | + |
1975 | + |
1976 | +@cached |
1977 | +def relations(): |
1978 | + rels = {} |
1979 | + for reltype in relation_types(): |
1980 | + relids = {} |
1981 | + for relid in relation_ids(reltype): |
1982 | + units = {local_unit(): relation_get(unit=local_unit(), rid=relid)} |
1983 | + for unit in related_units(relid): |
1984 | + reldata = relation_get(unit=unit, rid=relid) |
1985 | + units[unit] = reldata |
1986 | + relids[relid] = units |
1987 | + rels[reltype] = relids |
1988 | + return rels |
1989 | + |
1990 | + |
1991 | +def open_port(port, protocol="TCP"): |
1992 | + "Open a service network port" |
1993 | + _args = ['open-port'] |
1994 | + _args.append('{}/{}'.format(port, protocol)) |
1995 | + subprocess.check_call(_args) |
1996 | + |
1997 | + |
1998 | +def close_port(port, protocol="TCP"): |
1999 | + "Close a service network port" |
2000 | + _args = ['close-port'] |
2001 | + _args.append('{}/{}'.format(port, protocol)) |
2002 | + subprocess.check_call(_args) |
2003 | + |
2004 | + |
2005 | +@cached |
2006 | +def unit_get(attribute): |
2007 | + _args = ['unit-get', '--format=json', attribute] |
2008 | + try: |
2009 | + return json.loads(subprocess.check_output(_args)) |
2010 | + except ValueError: |
2011 | + return None |
2012 | + |
2013 | + |
2014 | +def unit_private_ip(): |
2015 | + return unit_get('private-address') |
2016 | + |
2017 | + |
2018 | +class UnregisteredHookError(Exception): |
2019 | + pass |
2020 | + |
2021 | + |
2022 | +class Hooks(object): |
2023 | + def __init__(self): |
2024 | + super(Hooks, self).__init__() |
2025 | + self._hooks = {} |
2026 | + |
2027 | + def register(self, name, function): |
2028 | + self._hooks[name] = function |
2029 | + |
2030 | + def execute(self, args): |
2031 | + hook_name = os.path.basename(args[0]) |
2032 | + if hook_name in self._hooks: |
2033 | + self._hooks[hook_name]() |
2034 | + else: |
2035 | + raise UnregisteredHookError(hook_name) |
2036 | + |
2037 | + def hook(self, *hook_names): |
2038 | + def wrapper(decorated): |
2039 | + for hook_name in hook_names: |
2040 | + self.register(hook_name, decorated) |
2041 | + else: |
2042 | + self.register(decorated.__name__, decorated) |
2043 | + if '_' in decorated.__name__: |
2044 | + self.register( |
2045 | + decorated.__name__.replace('_', '-'), decorated) |
2046 | + return decorated |
2047 | + return wrapper |
2048 | + |
2049 | + |
2050 | +def charm_dir(): |
2051 | + return os.environ.get('CHARM_DIR') |
2052 | |
2053 | === added file 'hooks/charmhelpers/core/host.py' |
2054 | --- hooks/charmhelpers/core/host.py 1970-01-01 00:00:00 +0000 |
2055 | +++ hooks/charmhelpers/core/host.py 2013-10-15 14:11:37 +0000 |
2056 | @@ -0,0 +1,241 @@ |
2057 | +"""Tools for working with the host system""" |
2058 | +# Copyright 2012 Canonical Ltd. |
2059 | +# |
2060 | +# Authors: |
2061 | +# Nick Moffitt <nick.moffitt@canonical.com> |
2062 | +# Matthew Wedgwood <matthew.wedgwood@canonical.com> |
2063 | + |
2064 | +import os |
2065 | +import pwd |
2066 | +import grp |
2067 | +import random |
2068 | +import string |
2069 | +import subprocess |
2070 | +import hashlib |
2071 | + |
2072 | +from collections import OrderedDict |
2073 | + |
2074 | +from hookenv import log |
2075 | + |
2076 | + |
2077 | +def service_start(service_name): |
2078 | + return service('start', service_name) |
2079 | + |
2080 | + |
2081 | +def service_stop(service_name): |
2082 | + return service('stop', service_name) |
2083 | + |
2084 | + |
2085 | +def service_restart(service_name): |
2086 | + return service('restart', service_name) |
2087 | + |
2088 | + |
2089 | +def service_reload(service_name, restart_on_failure=False): |
2090 | + service_result = service('reload', service_name) |
2091 | + if not service_result and restart_on_failure: |
2092 | + service_result = service('restart', service_name) |
2093 | + return service_result |
2094 | + |
2095 | + |
2096 | +def service(action, service_name): |
2097 | + cmd = ['service', service_name, action] |
2098 | + return subprocess.call(cmd) == 0 |
2099 | + |
2100 | + |
2101 | +def service_running(service): |
2102 | + try: |
2103 | + output = subprocess.check_output(['service', service, 'status']) |
2104 | + except subprocess.CalledProcessError: |
2105 | + return False |
2106 | + else: |
2107 | + if ("start/running" in output or "is running" in output): |
2108 | + return True |
2109 | + else: |
2110 | + return False |
2111 | + |
2112 | + |
2113 | +def adduser(username, password=None, shell='/bin/bash', system_user=False): |
2114 | + """Add a user""" |
2115 | + try: |
2116 | + user_info = pwd.getpwnam(username) |
2117 | + log('user {0} already exists!'.format(username)) |
2118 | + except KeyError: |
2119 | + log('creating user {0}'.format(username)) |
2120 | + cmd = ['useradd'] |
2121 | + if system_user or password is None: |
2122 | + cmd.append('--system') |
2123 | + else: |
2124 | + cmd.extend([ |
2125 | + '--create-home', |
2126 | + '--shell', shell, |
2127 | + '--password', password, |
2128 | + ]) |
2129 | + cmd.append(username) |
2130 | + subprocess.check_call(cmd) |
2131 | + user_info = pwd.getpwnam(username) |
2132 | + return user_info |
2133 | + |
2134 | + |
2135 | +def add_user_to_group(username, group): |
2136 | + """Add a user to a group""" |
2137 | + cmd = [ |
2138 | + 'gpasswd', '-a', |
2139 | + username, |
2140 | + group |
2141 | + ] |
2142 | + log("Adding user {} to group {}".format(username, group)) |
2143 | + subprocess.check_call(cmd) |
2144 | + |
2145 | + |
2146 | +def rsync(from_path, to_path, flags='-r', options=None): |
2147 | + """Replicate the contents of a path""" |
2148 | + options = options or ['--delete', '--executability'] |
2149 | + cmd = ['/usr/bin/rsync', flags] |
2150 | + cmd.extend(options) |
2151 | + cmd.append(from_path) |
2152 | + cmd.append(to_path) |
2153 | + log(" ".join(cmd)) |
2154 | + return subprocess.check_output(cmd).strip() |
2155 | + |
2156 | + |
2157 | +def symlink(source, destination): |
2158 | + """Create a symbolic link""" |
2159 | + log("Symlinking {} as {}".format(source, destination)) |
2160 | + cmd = [ |
2161 | + 'ln', |
2162 | + '-sf', |
2163 | + source, |
2164 | + destination, |
2165 | + ] |
2166 | + subprocess.check_call(cmd) |
2167 | + |
2168 | + |
2169 | +def mkdir(path, owner='root', group='root', perms=0555, force=False): |
2170 | + """Create a directory""" |
2171 | + log("Making dir {} {}:{} {:o}".format(path, owner, group, |
2172 | + perms)) |
2173 | + uid = pwd.getpwnam(owner).pw_uid |
2174 | + gid = grp.getgrnam(group).gr_gid |
2175 | + realpath = os.path.abspath(path) |
2176 | + if os.path.exists(realpath): |
2177 | + if force and not os.path.isdir(realpath): |
2178 | + log("Removing non-directory file {} prior to mkdir()".format(path)) |
2179 | + os.unlink(realpath) |
2180 | + else: |
2181 | + os.makedirs(realpath, perms) |
2182 | + os.chown(realpath, uid, gid) |
2183 | + |
2184 | + |
2185 | +def write_file(path, content, owner='root', group='root', perms=0444): |
2186 | + """Create or overwrite a file with the contents of a string""" |
2187 | + log("Writing file {} {}:{} {:o}".format(path, owner, group, perms)) |
2188 | + uid = pwd.getpwnam(owner).pw_uid |
2189 | + gid = grp.getgrnam(group).gr_gid |
2190 | + with open(path, 'w') as target: |
2191 | + os.fchown(target.fileno(), uid, gid) |
2192 | + os.fchmod(target.fileno(), perms) |
2193 | + target.write(content) |
2194 | + |
2195 | + |
2196 | +def mount(device, mountpoint, options=None, persist=False): |
2197 | + '''Mount a filesystem''' |
2198 | + cmd_args = ['mount'] |
2199 | + if options is not None: |
2200 | + cmd_args.extend(['-o', options]) |
2201 | + cmd_args.extend([device, mountpoint]) |
2202 | + try: |
2203 | + subprocess.check_output(cmd_args) |
2204 | + except subprocess.CalledProcessError, e: |
2205 | + log('Error mounting {} at {}\n{}'.format(device, mountpoint, e.output)) |
2206 | + return False |
2207 | + if persist: |
2208 | + # TODO: update fstab |
2209 | + pass |
2210 | + return True |
2211 | + |
2212 | + |
2213 | +def umount(mountpoint, persist=False): |
2214 | + '''Unmount a filesystem''' |
2215 | + cmd_args = ['umount', mountpoint] |
2216 | + try: |
2217 | + subprocess.check_output(cmd_args) |
2218 | + except subprocess.CalledProcessError, e: |
2219 | + log('Error unmounting {}\n{}'.format(mountpoint, e.output)) |
2220 | + return False |
2221 | + if persist: |
2222 | + # TODO: update fstab |
2223 | + pass |
2224 | + return True |
2225 | + |
2226 | + |
2227 | +def mounts(): |
2228 | + '''List of all mounted volumes as [[mountpoint,device],[...]]''' |
2229 | + with open('/proc/mounts') as f: |
2230 | + # [['/mount/point','/dev/path'],[...]] |
2231 | + system_mounts = [m[1::-1] for m in [l.strip().split() |
2232 | + for l in f.readlines()]] |
2233 | + return system_mounts |
2234 | + |
2235 | + |
2236 | +def file_hash(path): |
2237 | + ''' Generate a md5 hash of the contents of 'path' or None if not found ''' |
2238 | + if os.path.exists(path): |
2239 | + h = hashlib.md5() |
2240 | + with open(path, 'r') as source: |
2241 | + h.update(source.read()) # IGNORE:E1101 - it does have update |
2242 | + return h.hexdigest() |
2243 | + else: |
2244 | + return None |
2245 | + |
2246 | + |
2247 | +def restart_on_change(restart_map): |
2248 | + ''' Restart services based on configuration files changing |
2249 | + |
2250 | + This function is used a decorator, for example |
2251 | + |
2252 | + @restart_on_change({ |
2253 | + '/etc/ceph/ceph.conf': [ 'cinder-api', 'cinder-volume' ] |
2254 | + }) |
2255 | + def ceph_client_changed(): |
2256 | + ... |
2257 | + |
2258 | + In this example, the cinder-api and cinder-volume services |
2259 | + would be restarted if /etc/ceph/ceph.conf is changed by the |
2260 | + ceph_client_changed function. |
2261 | + ''' |
2262 | + def wrap(f): |
2263 | + def wrapped_f(*args): |
2264 | + checksums = {} |
2265 | + for path in restart_map: |
2266 | + checksums[path] = file_hash(path) |
2267 | + f(*args) |
2268 | + restarts = [] |
2269 | + for path in restart_map: |
2270 | + if checksums[path] != file_hash(path): |
2271 | + restarts += restart_map[path] |
2272 | + for service_name in list(OrderedDict.fromkeys(restarts)): |
2273 | + service('restart', service_name) |
2274 | + return wrapped_f |
2275 | + return wrap |
2276 | + |
2277 | + |
2278 | +def lsb_release(): |
2279 | + '''Return /etc/lsb-release in a dict''' |
2280 | + d = {} |
2281 | + with open('/etc/lsb-release', 'r') as lsb: |
2282 | + for l in lsb: |
2283 | + k, v = l.split('=') |
2284 | + d[k.strip()] = v.strip() |
2285 | + return d |
2286 | + |
2287 | + |
2288 | +def pwgen(length=None): |
2289 | + '''Generate a random pasword.''' |
2290 | + if length is None: |
2291 | + length = random.choice(range(35, 45)) |
2292 | + alphanumeric_chars = [ |
2293 | + l for l in (string.letters + string.digits) |
2294 | + if l not in 'l0QD1vAEIOUaeiou'] |
2295 | + random_chars = [ |
2296 | + random.choice(alphanumeric_chars) for _ in range(length)] |
2297 | + return(''.join(random_chars)) |
2298 | |
2299 | === added directory 'hooks/charmhelpers/fetch' |
2300 | === added file 'hooks/charmhelpers/fetch/__init__.py' |
2301 | --- hooks/charmhelpers/fetch/__init__.py 1970-01-01 00:00:00 +0000 |
2302 | +++ hooks/charmhelpers/fetch/__init__.py 2013-10-15 14:11:37 +0000 |
2303 | @@ -0,0 +1,209 @@ |
2304 | +import importlib |
2305 | +from yaml import safe_load |
2306 | +from charmhelpers.core.host import ( |
2307 | + lsb_release |
2308 | +) |
2309 | +from urlparse import ( |
2310 | + urlparse, |
2311 | + urlunparse, |
2312 | +) |
2313 | +import subprocess |
2314 | +from charmhelpers.core.hookenv import ( |
2315 | + config, |
2316 | + log, |
2317 | +) |
2318 | +import apt_pkg |
2319 | + |
2320 | +CLOUD_ARCHIVE = """# Ubuntu Cloud Archive |
2321 | +deb http://ubuntu-cloud.archive.canonical.com/ubuntu {} main |
2322 | +""" |
2323 | +PROPOSED_POCKET = """# Proposed |
2324 | +deb http://archive.ubuntu.com/ubuntu {}-proposed main universe multiverse restricted |
2325 | +""" |
2326 | + |
2327 | + |
2328 | +def filter_installed_packages(packages): |
2329 | + """Returns a list of packages that require installation""" |
2330 | + apt_pkg.init() |
2331 | + cache = apt_pkg.Cache() |
2332 | + _pkgs = [] |
2333 | + for package in packages: |
2334 | + try: |
2335 | + p = cache[package] |
2336 | + p.current_ver or _pkgs.append(package) |
2337 | + except KeyError: |
2338 | + log('Package {} has no installation candidate.'.format(package), |
2339 | + level='WARNING') |
2340 | + _pkgs.append(package) |
2341 | + return _pkgs |
2342 | + |
2343 | + |
2344 | +def apt_install(packages, options=None, fatal=False): |
2345 | + """Install one or more packages""" |
2346 | + options = options or [] |
2347 | + cmd = ['apt-get', '-y'] |
2348 | + cmd.extend(options) |
2349 | + cmd.append('install') |
2350 | + if isinstance(packages, basestring): |
2351 | + cmd.append(packages) |
2352 | + else: |
2353 | + cmd.extend(packages) |
2354 | + log("Installing {} with options: {}".format(packages, |
2355 | + options)) |
2356 | + if fatal: |
2357 | + subprocess.check_call(cmd) |
2358 | + else: |
2359 | + subprocess.call(cmd) |
2360 | + |
2361 | + |
2362 | +def apt_update(fatal=False): |
2363 | + """Update local apt cache""" |
2364 | + cmd = ['apt-get', 'update'] |
2365 | + if fatal: |
2366 | + subprocess.check_call(cmd) |
2367 | + else: |
2368 | + subprocess.call(cmd) |
2369 | + |
2370 | + |
2371 | +def apt_purge(packages, fatal=False): |
2372 | + """Purge one or more packages""" |
2373 | + cmd = ['apt-get', '-y', 'purge'] |
2374 | + if isinstance(packages, basestring): |
2375 | + cmd.append(packages) |
2376 | + else: |
2377 | + cmd.extend(packages) |
2378 | + log("Purging {}".format(packages)) |
2379 | + if fatal: |
2380 | + subprocess.check_call(cmd) |
2381 | + else: |
2382 | + subprocess.call(cmd) |
2383 | + |
2384 | + |
2385 | +def add_source(source, key=None): |
2386 | + if ((source.startswith('ppa:') or |
2387 | + source.startswith('http:'))): |
2388 | + subprocess.check_call(['add-apt-repository', '--yes', source]) |
2389 | + elif source.startswith('cloud:'): |
2390 | + apt_install(filter_installed_packages(['ubuntu-cloud-keyring']), |
2391 | + fatal=True) |
2392 | + pocket = source.split(':')[-1] |
2393 | + with open('/etc/apt/sources.list.d/cloud-archive.list', 'w') as apt: |
2394 | + apt.write(CLOUD_ARCHIVE.format(pocket)) |
2395 | + elif source == 'proposed': |
2396 | + release = lsb_release()['DISTRIB_CODENAME'] |
2397 | + with open('/etc/apt/sources.list.d/proposed.list', 'w') as apt: |
2398 | + apt.write(PROPOSED_POCKET.format(release)) |
2399 | + if key: |
2400 | + subprocess.check_call(['apt-key', 'import', key]) |
2401 | + |
2402 | + |
2403 | +class SourceConfigError(Exception): |
2404 | + pass |
2405 | + |
2406 | + |
2407 | +def configure_sources(update=False, |
2408 | + sources_var='install_sources', |
2409 | + keys_var='install_keys'): |
2410 | + """ |
2411 | + Configure multiple sources from charm configuration |
2412 | + |
2413 | + Example config: |
2414 | + install_sources: |
2415 | + - "ppa:foo" |
2416 | + - "http://example.com/repo precise main" |
2417 | + install_keys: |
2418 | + - null |
2419 | + - "a1b2c3d4" |
2420 | + |
2421 | + Note that 'null' (a.k.a. None) should not be quoted. |
2422 | + """ |
2423 | + sources = safe_load(config(sources_var)) |
2424 | + keys = safe_load(config(keys_var)) |
2425 | + if isinstance(sources, basestring) and isinstance(keys, basestring): |
2426 | + add_source(sources, keys) |
2427 | + else: |
2428 | + if not len(sources) == len(keys): |
2429 | + msg = 'Install sources and keys lists are different lengths' |
2430 | + raise SourceConfigError(msg) |
2431 | + for src_num in range(len(sources)): |
2432 | + add_source(sources[src_num], keys[src_num]) |
2433 | + if update: |
2434 | + apt_update(fatal=True) |
2435 | + |
2436 | +# The order of this list is very important. Handlers should be listed in from |
2437 | +# least- to most-specific URL matching. |
2438 | +FETCH_HANDLERS = ( |
2439 | + 'charmhelpers.fetch.archiveurl.ArchiveUrlFetchHandler', |
2440 | + 'charmhelpers.fetch.bzrurl.BzrUrlFetchHandler', |
2441 | +) |
2442 | + |
2443 | + |
2444 | +class UnhandledSource(Exception): |
2445 | + pass |
2446 | + |
2447 | + |
2448 | +def install_remote(source): |
2449 | + """ |
2450 | + Install a file tree from a remote source |
2451 | + |
2452 | + The specified source should be a url of the form: |
2453 | + scheme://[host]/path[#[option=value][&...]] |
2454 | + |
2455 | + Schemes supported are based on this modules submodules |
2456 | + Options supported are submodule-specific""" |
2457 | + # We ONLY check for True here because can_handle may return a string |
2458 | + # explaining why it can't handle a given source. |
2459 | + handlers = [h for h in plugins() if h.can_handle(source) is True] |
2460 | + installed_to = None |
2461 | + for handler in handlers: |
2462 | + try: |
2463 | + installed_to = handler.install(source) |
2464 | + except UnhandledSource: |
2465 | + pass |
2466 | + if not installed_to: |
2467 | + raise UnhandledSource("No handler found for source {}".format(source)) |
2468 | + return installed_to |
2469 | + |
2470 | + |
2471 | +def install_from_config(config_var_name): |
2472 | + charm_config = config() |
2473 | + source = charm_config[config_var_name] |
2474 | + return install_remote(source) |
2475 | + |
2476 | + |
2477 | +class BaseFetchHandler(object): |
2478 | + """Base class for FetchHandler implementations in fetch plugins""" |
2479 | + def can_handle(self, source): |
2480 | + """Returns True if the source can be handled. Otherwise returns |
2481 | + a string explaining why it cannot""" |
2482 | + return "Wrong source type" |
2483 | + |
2484 | + def install(self, source): |
2485 | + """Try to download and unpack the source. Return the path to the |
2486 | + unpacked files or raise UnhandledSource.""" |
2487 | + raise UnhandledSource("Wrong source type {}".format(source)) |
2488 | + |
2489 | + def parse_url(self, url): |
2490 | + return urlparse(url) |
2491 | + |
2492 | + def base_url(self, url): |
2493 | + """Return url without querystring or fragment""" |
2494 | + parts = list(self.parse_url(url)) |
2495 | + parts[4:] = ['' for i in parts[4:]] |
2496 | + return urlunparse(parts) |
2497 | + |
2498 | + |
2499 | +def plugins(fetch_handlers=None): |
2500 | + if not fetch_handlers: |
2501 | + fetch_handlers = FETCH_HANDLERS |
2502 | + plugin_list = [] |
2503 | + for handler_name in fetch_handlers: |
2504 | + package, classname = handler_name.rsplit('.', 1) |
2505 | + try: |
2506 | + handler_class = getattr(importlib.import_module(package), classname) |
2507 | + plugin_list.append(handler_class()) |
2508 | + except (ImportError, AttributeError): |
2509 | + # Skip missing plugins so that they can be ommitted from |
2510 | + # installation if desired |
2511 | + log("FetchHandler {} not found, skipping plugin".format(handler_name)) |
2512 | + return plugin_list |
2513 | |
2514 | === added file 'hooks/charmhelpers/fetch/archiveurl.py' |
2515 | --- hooks/charmhelpers/fetch/archiveurl.py 1970-01-01 00:00:00 +0000 |
2516 | +++ hooks/charmhelpers/fetch/archiveurl.py 2013-10-15 14:11:37 +0000 |
2517 | @@ -0,0 +1,48 @@ |
2518 | +import os |
2519 | +import urllib2 |
2520 | +from charmhelpers.fetch import ( |
2521 | + BaseFetchHandler, |
2522 | + UnhandledSource |
2523 | +) |
2524 | +from charmhelpers.payload.archive import ( |
2525 | + get_archive_handler, |
2526 | + extract, |
2527 | +) |
2528 | +from charmhelpers.core.host import mkdir |
2529 | + |
2530 | + |
2531 | +class ArchiveUrlFetchHandler(BaseFetchHandler): |
2532 | + """Handler for archives via generic URLs""" |
2533 | + def can_handle(self, source): |
2534 | + url_parts = self.parse_url(source) |
2535 | + if url_parts.scheme not in ('http', 'https', 'ftp', 'file'): |
2536 | + return "Wrong source type" |
2537 | + if get_archive_handler(self.base_url(source)): |
2538 | + return True |
2539 | + return False |
2540 | + |
2541 | + def download(self, source, dest): |
2542 | + # propogate all exceptions |
2543 | + # URLError, OSError, etc |
2544 | + response = urllib2.urlopen(source) |
2545 | + try: |
2546 | + with open(dest, 'w') as dest_file: |
2547 | + dest_file.write(response.read()) |
2548 | + except Exception as e: |
2549 | + if os.path.isfile(dest): |
2550 | + os.unlink(dest) |
2551 | + raise e |
2552 | + |
2553 | + def install(self, source): |
2554 | + url_parts = self.parse_url(source) |
2555 | + dest_dir = os.path.join(os.environ.get('CHARM_DIR'), 'fetched') |
2556 | + if not os.path.exists(dest_dir): |
2557 | + mkdir(dest_dir, perms=0755) |
2558 | + dld_file = os.path.join(dest_dir, os.path.basename(url_parts.path)) |
2559 | + try: |
2560 | + self.download(source, dld_file) |
2561 | + except urllib2.URLError as e: |
2562 | + raise UnhandledSource(e.reason) |
2563 | + except OSError as e: |
2564 | + raise UnhandledSource(e.strerror) |
2565 | + return extract(dld_file) |
2566 | |
2567 | === added file 'hooks/charmhelpers/fetch/bzrurl.py' |
2568 | --- hooks/charmhelpers/fetch/bzrurl.py 1970-01-01 00:00:00 +0000 |
2569 | +++ hooks/charmhelpers/fetch/bzrurl.py 2013-10-15 14:11:37 +0000 |
2570 | @@ -0,0 +1,49 @@ |
2571 | +import os |
2572 | +from charmhelpers.fetch import ( |
2573 | + BaseFetchHandler, |
2574 | + UnhandledSource |
2575 | +) |
2576 | +from charmhelpers.core.host import mkdir |
2577 | + |
2578 | +try: |
2579 | + from bzrlib.branch import Branch |
2580 | +except ImportError: |
2581 | + from charmhelpers.fetch import apt_install |
2582 | + apt_install("python-bzrlib") |
2583 | + from bzrlib.branch import Branch |
2584 | + |
2585 | +class BzrUrlFetchHandler(BaseFetchHandler): |
2586 | + """Handler for bazaar branches via generic and lp URLs""" |
2587 | + def can_handle(self, source): |
2588 | + url_parts = self.parse_url(source) |
2589 | + if url_parts.scheme not in ('bzr+ssh', 'lp'): |
2590 | + return False |
2591 | + else: |
2592 | + return True |
2593 | + |
2594 | + def branch(self, source, dest): |
2595 | + url_parts = self.parse_url(source) |
2596 | + # If we use lp:branchname scheme we need to load plugins |
2597 | + if not self.can_handle(source): |
2598 | + raise UnhandledSource("Cannot handle {}".format(source)) |
2599 | + if url_parts.scheme == "lp": |
2600 | + from bzrlib.plugin import load_plugins |
2601 | + load_plugins() |
2602 | + try: |
2603 | + remote_branch = Branch.open(source) |
2604 | + remote_branch.bzrdir.sprout(dest).open_branch() |
2605 | + except Exception as e: |
2606 | + raise e |
2607 | + |
2608 | + def install(self, source): |
2609 | + url_parts = self.parse_url(source) |
2610 | + branch_name = url_parts.path.strip("/").split("/")[-1] |
2611 | + dest_dir = os.path.join(os.environ.get('CHARM_DIR'), "fetched", branch_name) |
2612 | + if not os.path.exists(dest_dir): |
2613 | + mkdir(dest_dir, perms=0755) |
2614 | + try: |
2615 | + self.branch(source, dest_dir) |
2616 | + except OSError as e: |
2617 | + raise UnhandledSource(e.strerror) |
2618 | + return dest_dir |
2619 | + |
2620 | |
2621 | === added directory 'hooks/charmhelpers/payload' |
2622 | === added file 'hooks/charmhelpers/payload/__init__.py' |
2623 | --- hooks/charmhelpers/payload/__init__.py 1970-01-01 00:00:00 +0000 |
2624 | +++ hooks/charmhelpers/payload/__init__.py 2013-10-15 14:11:37 +0000 |
2625 | @@ -0,0 +1,1 @@ |
2626 | +"Tools for working with files injected into a charm just before deployment." |
2627 | |
2628 | === added file 'hooks/charmhelpers/payload/execd.py' |
2629 | --- hooks/charmhelpers/payload/execd.py 1970-01-01 00:00:00 +0000 |
2630 | +++ hooks/charmhelpers/payload/execd.py 2013-10-15 14:11:37 +0000 |
2631 | @@ -0,0 +1,50 @@ |
2632 | +#!/usr/bin/env python |
2633 | + |
2634 | +import os |
2635 | +import sys |
2636 | +import subprocess |
2637 | +from charmhelpers.core import hookenv |
2638 | + |
2639 | + |
2640 | +def default_execd_dir(): |
2641 | + return os.path.join(os.environ['CHARM_DIR'], 'exec.d') |
2642 | + |
2643 | + |
2644 | +def execd_module_paths(execd_dir=None): |
2645 | + """Generate a list of full paths to modules within execd_dir.""" |
2646 | + if not execd_dir: |
2647 | + execd_dir = default_execd_dir() |
2648 | + |
2649 | + if not os.path.exists(execd_dir): |
2650 | + return |
2651 | + |
2652 | + for subpath in os.listdir(execd_dir): |
2653 | + module = os.path.join(execd_dir, subpath) |
2654 | + if os.path.isdir(module): |
2655 | + yield module |
2656 | + |
2657 | + |
2658 | +def execd_submodule_paths(command, execd_dir=None): |
2659 | + """Generate a list of full paths to the specified command within exec_dir. |
2660 | + """ |
2661 | + for module_path in execd_module_paths(execd_dir): |
2662 | + path = os.path.join(module_path, command) |
2663 | + if os.access(path, os.X_OK) and os.path.isfile(path): |
2664 | + yield path |
2665 | + |
2666 | + |
2667 | +def execd_run(command, execd_dir=None, die_on_error=False, stderr=None): |
2668 | + """Run command for each module within execd_dir which defines it.""" |
2669 | + for submodule_path in execd_submodule_paths(command, execd_dir): |
2670 | + try: |
2671 | + subprocess.check_call(submodule_path, shell=True, stderr=stderr) |
2672 | + except subprocess.CalledProcessError as e: |
2673 | + hookenv.log("Error ({}) running {}. Output: {}".format( |
2674 | + e.returncode, e.cmd, e.output)) |
2675 | + if die_on_error: |
2676 | + sys.exit(e.returncode) |
2677 | + |
2678 | + |
2679 | +def execd_preinstall(execd_dir=None): |
2680 | + """Run charm-pre-install for each module within execd_dir.""" |
2681 | + execd_run('charm-pre-install', execd_dir=execd_dir) |
2682 | |
2683 | === modified symlink 'hooks/cluster-relation-changed' |
2684 | === target changed u'horizon-relations' => u'horizon_hooks.py' |
2685 | === modified symlink 'hooks/cluster-relation-departed' |
2686 | === target changed u'horizon-relations' => u'horizon_hooks.py' |
2687 | === modified symlink 'hooks/config-changed' |
2688 | === target changed u'horizon-relations' => u'horizon_hooks.py' |
2689 | === removed symlink 'hooks/ha-relation-changed' |
2690 | === target was u'horizon-relations' |
2691 | === modified symlink 'hooks/ha-relation-joined' |
2692 | === target changed u'horizon-relations' => u'horizon_hooks.py' |
2693 | === removed file 'hooks/horizon-common' |
2694 | --- hooks/horizon-common 2013-05-22 10:10:56 +0000 |
2695 | +++ hooks/horizon-common 1970-01-01 00:00:00 +0000 |
2696 | @@ -1,97 +0,0 @@ |
2697 | -#!/bin/bash |
2698 | -# vim: set ts=2:et |
2699 | - |
2700 | -CHARM="openstack-dashboard" |
2701 | - |
2702 | -PACKAGES="openstack-dashboard python-keystoneclient python-memcache memcached haproxy python-novaclient" |
2703 | -LOCAL_SETTINGS="/etc/openstack-dashboard/local_settings.py" |
2704 | -HOOKS_DIR="$CHARM_DIR/hooks" |
2705 | - |
2706 | -if [[ -e "$HOOKS_DIR/lib/openstack-common" ]] ; then |
2707 | - . $HOOKS_DIR/lib/openstack-common |
2708 | -else |
2709 | - juju-log "ERROR: Couldn't load $HOOKS_DIR/lib/openstack-common." && exit 1 |
2710 | -fi |
2711 | - |
2712 | -set_or_update() { |
2713 | - # set a key = value option in $LOCAL_SETTINGS |
2714 | - local key=$1 value=$2 |
2715 | - [[ -z "$key" ]] || [[ -z "$value" ]] && |
2716 | - juju-log "$CHARM set_or_update: ERROR - missing parameters" && return 1 |
2717 | - if [ "$value" == "True" ] || [ "$value" == "False" ]; then |
2718 | - grep -q "^$key = $value" "$LOCAL_SETTINGS" && |
2719 | - juju-log "$CHARM set_or_update: $key = $value already set" && return 0 |
2720 | - else |
2721 | - grep -q "^$key = \"$value\"" "$LOCAL_SETTINGS" && |
2722 | - juju-log "$CHARM set_or_update: $key = $value already set" && return 0 |
2723 | - fi |
2724 | - if grep -q "^$key = " "$LOCAL_SETTINGS" ; then |
2725 | - juju-log "$CHARM set_or_update: Setting $key = $value" |
2726 | - cp "$LOCAL_SETTINGS" /etc/openstack-dashboard/local_settings.last |
2727 | - if [ "$value" == "True" ] || [ "$value" == "False" ]; then |
2728 | - sed -i "s|\(^$key = \).*|\1$value|g" "$LOCAL_SETTINGS" || return 1 |
2729 | - else |
2730 | - sed -i "s|\(^$key = \).*|\1\"$value\"|g" "$LOCAL_SETTINGS" || return 1 |
2731 | - fi |
2732 | - else |
2733 | - juju-log "$CHARM set_or_update: Adding $key = $value" |
2734 | - if [ "$value" == "True" ] || [ "$value" == "False" ]; then |
2735 | - echo "$key = $value" >>$LOCAL_SETTINGS || return 1 |
2736 | - else |
2737 | - echo "$key = \"$value\"" >>$LOCAL_SETTINGS || return 1 |
2738 | - fi |
2739 | - fi |
2740 | - return 0 |
2741 | -} |
2742 | - |
2743 | -do_openstack_upgrade() { |
2744 | - local rel="$1" |
2745 | - shift |
2746 | - local packages=$@ |
2747 | - |
2748 | - # Setup apt repository access and kick off the actual package upgrade. |
2749 | - configure_install_source "$rel" |
2750 | - apt-get update |
2751 | - DEBIAN_FRONTEND=noninteractive apt-get --option Dpkg::Options::=--force-confnew -y \ |
2752 | - install $packages |
2753 | - |
2754 | - # Configure new config files for access to keystone, if a relation exists. |
2755 | - r_id=$(relation-ids identity-service | head -n1) |
2756 | - if [[ -n "$r_id" ]] ; then |
2757 | - export JUJU_REMOTE_UNIT=$(relation-list -r $r_id | head -n1) |
2758 | - export JUJU_RELATION="identity-service" |
2759 | - export JUJU_RELATION_ID="$r_id" |
2760 | - local service_host=$(relation-get -r $r_id service_host) |
2761 | - local service_port=$(relation-get -r $r_id service_port) |
2762 | - if [[ -n "$service_host" ]] && [[ -n "$service_port" ]] ; then |
2763 | - service_url="http://$service_host:$service_port/v2.0" |
2764 | - set_or_update OPENSTACK_KEYSTONE_URL "$service_url" |
2765 | - fi |
2766 | - fi |
2767 | -} |
2768 | - |
2769 | -configure_apache() { |
2770 | - # Reconfigure to listen on provided port |
2771 | - a2ensite default-ssl || : |
2772 | - a2enmod ssl || : |
2773 | - for ports in $@; do |
2774 | - from_port=$(echo $ports | cut -d : -f 1) |
2775 | - to_port=$(echo $ports | cut -d : -f 2) |
2776 | - sed -i -e "s/$from_port/$to_port/g" /etc/apache2/ports.conf |
2777 | - for site in $(ls -1 /etc/apache2/sites-available); do |
2778 | - sed -i -e "s/$from_port/$to_port/g" \ |
2779 | - /etc/apache2/sites-available/$site |
2780 | - done |
2781 | - done |
2782 | -} |
2783 | - |
2784 | -configure_apache_cert() { |
2785 | - cert=$1 |
2786 | - key=$2 |
2787 | - echo $cert | base64 -di > /etc/ssl/certs/dashboard.cert |
2788 | - echo $key | base64 -di > /etc/ssl/private/dashboard.key |
2789 | - chmod 0600 /etc/ssl/private/dashboard.key |
2790 | - sed -i -e "s|\(.*SSLCertificateFile\).*|\1 /etc/ssl/certs/dashboard.cert|g" \ |
2791 | - -e "s|\(.*SSLCertificateKeyFile\).*|\1 /etc/ssl/private/dashboard.key|g" \ |
2792 | - /etc/apache2/sites-available/default-ssl |
2793 | -} |
2794 | |
2795 | === removed file 'hooks/horizon-relations' |
2796 | --- hooks/horizon-relations 2013-04-26 20:22:52 +0000 |
2797 | +++ hooks/horizon-relations 1970-01-01 00:00:00 +0000 |
2798 | @@ -1,191 +0,0 @@ |
2799 | -#!/bin/bash |
2800 | -set -e |
2801 | - |
2802 | -HOOKS_DIR="$CHARM_DIR/hooks" |
2803 | -ARG0=${0##*/} |
2804 | - |
2805 | -if [[ -e $HOOKS_DIR/horizon-common ]] ; then |
2806 | - . $HOOKS_DIR/horizon-common |
2807 | -else |
2808 | - echo "ERROR: Could not load horizon-common from $HOOKS_DIR" |
2809 | -fi |
2810 | - |
2811 | -function install_hook { |
2812 | - configure_install_source "$(config-get openstack-origin)" |
2813 | - apt-get update |
2814 | - juju-log "$CHARM: Installing $PACKAGES." |
2815 | - DEBIAN_FRONTEND=noninteractive apt-get -y install $PACKAGES |
2816 | - set_or_update CACHE_BACKEND "memcached://127.0.0.1:11211/" |
2817 | - open-port 80 |
2818 | -} |
2819 | - |
2820 | -function db_joined { |
2821 | - # TODO |
2822 | - # relation-set database, username, hostname |
2823 | - return 0 |
2824 | -} |
2825 | - |
2826 | -function db_changed { |
2827 | - # TODO |
2828 | - # relation-get password, private-address |
2829 | - return 0 |
2830 | -} |
2831 | - |
2832 | -function keystone_joined { |
2833 | - # service=None lets keystone know we don't need anything entered |
2834 | - # into the service catalog. we only really care about getting the |
2835 | - # private-address from the relation |
2836 | - local relid="$1" |
2837 | - local rarg="" |
2838 | - [[ -n "$relid" ]] && rarg="-r $relid" |
2839 | - relation-set $rarg service="None" region="None" public_url="None" \ |
2840 | - admin_url="None" internal_url="None" \ |
2841 | - requested_roles="$(config-get default-role)" |
2842 | -} |
2843 | - |
2844 | -function keystone_changed { |
2845 | - local service_host=$(relation-get service_host) |
2846 | - local service_port=$(relation-get service_port) |
2847 | - if [ -z "${service_host}" ] || [ -z "${service_port}" ]; then |
2848 | - juju-log "Insufficient information to configure keystone url" |
2849 | - exit 0 |
2850 | - fi |
2851 | - local ca_cert=$(relation-get ca_cert) |
2852 | - if [ -n "$ca_cert" ]; then |
2853 | - juju-log "Installing Keystone supplied CA cert." |
2854 | - echo $ca_cert | base64 -di > /usr/local/share/ca-certificates/keystone_juju_ca_cert.crt |
2855 | - update-ca-certificates --fresh |
2856 | - fi |
2857 | - service_url="http://${service_host}:${service_port}/v2.0" |
2858 | - juju-log "$CHARM: Configuring Horizon to access keystone @ $service_url." |
2859 | - set_or_update OPENSTACK_KEYSTONE_URL "$service_url" |
2860 | - service apache2 restart |
2861 | -} |
2862 | - |
2863 | -function config_changed { |
2864 | - local install_src=$(config-get openstack-origin) |
2865 | - local cur=$(get_os_codename_package "openstack-dashboard") |
2866 | - local available=$(get_os_codename_install_source "$install_src") |
2867 | - |
2868 | - if dpkg --compare-versions $(get_os_version_codename "$cur") lt \ |
2869 | - $(get_os_version_codename "$available") ; then |
2870 | - juju-log "$CHARM: Upgrading OpenStack release: $cur -> $available." |
2871 | - do_openstack_upgrade "$install_src" $PACKAGES |
2872 | - fi |
2873 | - |
2874 | - # update the web root for the horizon app. |
2875 | - local web_root=$(config-get webroot) |
2876 | - juju-log "$CHARM: Setting web root for Horizon to $web_root". |
2877 | - cp /etc/apache2/conf.d/openstack-dashboard.conf \ |
2878 | - /var/lib/juju/openstack-dashboard.conf.last |
2879 | - awk -v root="$web_root" \ |
2880 | - '/^WSGIScriptAlias/{$2 = root }'1 \ |
2881 | - /var/lib/juju/openstack-dashboard.conf.last \ |
2882 | - >/etc/apache2/conf.d/openstack-dashboard.conf |
2883 | - set_or_update LOGIN_URL "$web_root/auth/login" |
2884 | - set_or_update LOGIN_REDIRECT_URL "$web_root" |
2885 | - |
2886 | - # Save our scriptrc env variables for health checks |
2887 | - declare -a env_vars=( |
2888 | - 'OPENSTACK_URL_HORIZON="http://localhost:70'$web_root'|Login+-+OpenStack"' |
2889 | - 'OPENSTACK_SERVICE_HORIZON=apache2' |
2890 | - 'OPENSTACK_PORT_HORIZON_SSL=433' |
2891 | - 'OPENSTACK_PORT_HORIZON=70') |
2892 | - save_script_rc ${env_vars[@]} |
2893 | - |
2894 | - |
2895 | - # Set default role and trigger a identity-service relation event to |
2896 | - # ensure role is created in keystone. |
2897 | - set_or_update OPENSTACK_KEYSTONE_DEFAULT_ROLE "$(config-get default-role)" |
2898 | - local relids="$(relation-ids identity-service)" |
2899 | - for relid in $relids ; do |
2900 | - keystone_joined "$relid" |
2901 | - done |
2902 | - |
2903 | - if [ "$(config-get offline-compression)" != "yes" ]; then |
2904 | - set_or_update COMPRESS_OFFLINE False |
2905 | - apt-get install -y nodejs node-less |
2906 | - else |
2907 | - set_or_update COMPRESS_OFFLINE True |
2908 | - fi |
2909 | - |
2910 | - # Configure default HAProxy + Apache config |
2911 | - if [ -n "$(config-get ssl_cert)" ] && \ |
2912 | - [ -n "$(config-get ssl_key)" ]; then |
2913 | - configure_apache_cert "$(config-get ssl_cert)" "$(config-get ssl_key)" |
2914 | - fi |
2915 | - |
2916 | - if [ "$(config-get debug)" != "yes" ]; then |
2917 | - set_or_update DEBUG False |
2918 | - else |
2919 | - set_or_update DEBUG True |
2920 | - fi |
2921 | - |
2922 | - if [ "$(config-get ubuntu-theme)" != "yes" ]; then |
2923 | - apt-get -y purge openstack-dashboard-ubuntu-theme || : |
2924 | - else |
2925 | - apt-get -y install openstack-dashboard-ubuntu-theme |
2926 | - fi |
2927 | - |
2928 | - # Reconfigure Apache Ports |
2929 | - configure_apache "80:70" "443:433" |
2930 | - service apache2 restart |
2931 | - configure_haproxy "dash_insecure:80:70:http dash_secure:443:433:tcp" |
2932 | - service haproxy restart |
2933 | -} |
2934 | - |
2935 | -function cluster_changed() { |
2936 | - configure_haproxy "dash_insecure:80:70:http dash_secure:443:433:tcp" |
2937 | - service haproxy reload |
2938 | -} |
2939 | - |
2940 | -function ha_relation_joined() { |
2941 | - # Configure HA Cluster |
2942 | - local corosync_bindiface=`config-get ha-bindiface` |
2943 | - local corosync_mcastport=`config-get ha-mcastport` |
2944 | - local vip=`config-get vip` |
2945 | - local vip_iface=`config-get vip_iface` |
2946 | - local vip_cidr=`config-get vip_cidr` |
2947 | - if [ -n "$vip" ] && [ -n "$vip_iface" ] && \ |
2948 | - [ -n "$vip_cidr" ] && [ -n "$corosync_bindiface" ] && \ |
2949 | - [ -n "$corosync_mcastport" ]; then |
2950 | - # TODO: This feels horrible but the data required by the hacluster |
2951 | - # charm is quite complex and is python ast parsed. |
2952 | - resources="{ |
2953 | -'res_horizon_vip':'ocf:heartbeat:IPaddr2', |
2954 | -'res_horizon_haproxy':'lsb:haproxy' |
2955 | -}" |
2956 | - resource_params="{ |
2957 | -'res_horizon_vip': 'params ip=\"$vip\" cidr_netmask=\"$vip_cidr\" nic=\"$vip_iface\"', |
2958 | -'res_horizon_haproxy': 'op monitor interval=\"5s\"' |
2959 | -}" |
2960 | - init_services="{ |
2961 | -'res_horizon_haproxy':'haproxy' |
2962 | -}" |
2963 | - clones="{ |
2964 | -'cl_horizon_haproxy':'res_horizon_haproxy' |
2965 | -}" |
2966 | - relation-set corosync_bindiface=$corosync_bindiface \ |
2967 | - corosync_mcastport=$corosync_mcastport \ |
2968 | - resources="$resources" resource_params="$resource_params" \ |
2969 | - init_services="$init_services" clones="$clones" |
2970 | - else |
2971 | - juju-log "Insufficient configuration data to configure hacluster" |
2972 | - exit 1 |
2973 | - fi |
2974 | -} |
2975 | - |
2976 | -juju-log "$CHARM: Running hook $ARG0." |
2977 | -case $ARG0 in |
2978 | - "install") install_hook ;; |
2979 | - "start") exit 0 ;; |
2980 | - "stop") exit 0 ;; |
2981 | - "shared-db-relation-joined") db_joined ;; |
2982 | - "shared-db-relation-changed") db_changed;; |
2983 | - "identity-service-relation-joined") keystone_joined;; |
2984 | - "identity-service-relation-changed") keystone_changed;; |
2985 | - "config-changed") config_changed;; |
2986 | - "cluster-relation-changed") cluster_changed ;; |
2987 | - "cluster-relation-departed") cluster_changed ;; |
2988 | - "ha-relation-joined") ha_relation_joined ;; |
2989 | -esac |
2990 | |
2991 | === added file 'hooks/horizon_contexts.py' |
2992 | --- hooks/horizon_contexts.py 1970-01-01 00:00:00 +0000 |
2993 | +++ hooks/horizon_contexts.py 2013-10-15 14:11:37 +0000 |
2994 | @@ -0,0 +1,118 @@ |
2995 | +# vim: set ts=4:et |
2996 | +from charmhelpers.core.hookenv import ( |
2997 | + config, |
2998 | + relation_ids, |
2999 | + related_units, |
3000 | + relation_get, |
3001 | + local_unit, |
3002 | + unit_get, |
3003 | + log |
3004 | +) |
3005 | +from charmhelpers.contrib.openstack.context import ( |
3006 | + OSContextGenerator, |
3007 | + HAProxyContext, |
3008 | + context_complete |
3009 | +) |
3010 | +from charmhelpers.contrib.hahelpers.apache import ( |
3011 | + get_cert |
3012 | +) |
3013 | + |
3014 | +from charmhelpers.core.host import pwgen |
3015 | + |
3016 | +from base64 import b64decode |
3017 | +import os |
3018 | + |
3019 | + |
3020 | +class HorizonHAProxyContext(HAProxyContext): |
3021 | + def __call__(self): |
3022 | + ''' |
3023 | + Horizon specific HAProxy context; haproxy is used all the time |
3024 | + in the openstack dashboard charm so a single instance just |
3025 | + self refers |
3026 | + ''' |
3027 | + cluster_hosts = {} |
3028 | + l_unit = local_unit().replace('/', '-') |
3029 | + cluster_hosts[l_unit] = unit_get('private-address') |
3030 | + |
3031 | + for rid in relation_ids('cluster'): |
3032 | + for unit in related_units(rid): |
3033 | + _unit = unit.replace('/', '-') |
3034 | + addr = relation_get('private-address', rid=rid, unit=unit) |
3035 | + cluster_hosts[_unit] = addr |
3036 | + |
3037 | + log('Ensuring haproxy enabled in /etc/default/haproxy.') |
3038 | + with open('/etc/default/haproxy', 'w') as out: |
3039 | + out.write('ENABLED=1\n') |
3040 | + |
3041 | + ctxt = { |
3042 | + 'units': cluster_hosts, |
3043 | + 'service_ports': { |
3044 | + 'dash_insecure': [80, 70], |
3045 | + 'dash_secure': [443, 433] |
3046 | + } |
3047 | + } |
3048 | + return ctxt |
3049 | + |
3050 | + |
3051 | +class IdentityServiceContext(OSContextGenerator): |
3052 | + def __call__(self): |
3053 | + ''' Provide context for Identity Service relation ''' |
3054 | + ctxt = {} |
3055 | + for r_id in relation_ids('identity-service'): |
3056 | + for unit in related_units(r_id): |
3057 | + ctxt['service_host'] = relation_get('service_host', |
3058 | + rid=r_id, |
3059 | + unit=unit) |
3060 | + ctxt['service_port'] = relation_get('service_port', |
3061 | + rid=r_id, |
3062 | + unit=unit) |
3063 | + if context_complete(ctxt): |
3064 | + return ctxt |
3065 | + return {} |
3066 | + |
3067 | + |
3068 | +class HorizonContext(OSContextGenerator): |
3069 | + def __call__(self): |
3070 | + ''' Provide all configuration for Horizon ''' |
3071 | + ctxt = { |
3072 | + 'compress_offline': config('offline-compression') in ['yes', True], |
3073 | + 'debug': config('debug') in ['yes', True], |
3074 | + 'default_role': config('default-role'), |
3075 | + "webroot": config('webroot'), |
3076 | + "ubuntu_theme": config('ubuntu-theme') in ['yes', True], |
3077 | + "secret": config('secret') or pwgen() |
3078 | + } |
3079 | + return ctxt |
3080 | + |
3081 | + |
3082 | +class ApacheContext(OSContextGenerator): |
3083 | + def __call__(self): |
3084 | + ''' Grab cert and key from configuraton for SSL config ''' |
3085 | + ctxt = { |
3086 | + 'http_port': 70, |
3087 | + 'https_port': 433 |
3088 | + } |
3089 | + return ctxt |
3090 | + |
3091 | + |
3092 | +class ApacheSSLContext(OSContextGenerator): |
3093 | + def __call__(self): |
3094 | + ''' Grab cert and key from configuration for SSL config ''' |
3095 | + (ssl_cert, ssl_key) = get_cert() |
3096 | + if None not in [ssl_cert, ssl_key]: |
3097 | + with open('/etc/ssl/certs/dashboard.cert', 'w') as cert_out: |
3098 | + cert_out.write(b64decode(ssl_cert)) |
3099 | + with open('/etc/ssl/private/dashboard.key', 'w') as key_out: |
3100 | + key_out.write(b64decode(ssl_key)) |
3101 | + os.chmod('/etc/ssl/private/dashboard.key', 0600) |
3102 | + ctxt = { |
3103 | + 'ssl_configured': True, |
3104 | + 'ssl_cert': '/etc/ssl/certs/dashboard.cert', |
3105 | + 'ssl_key': '/etc/ssl/private/dashboard.key', |
3106 | + } |
3107 | + else: |
3108 | + # Use snakeoil ones by default |
3109 | + ctxt = { |
3110 | + 'ssl_configured': False, |
3111 | + } |
3112 | + return ctxt |
3113 | |
3114 | === added file 'hooks/horizon_hooks.py' |
3115 | --- hooks/horizon_hooks.py 1970-01-01 00:00:00 +0000 |
3116 | +++ hooks/horizon_hooks.py 2013-10-15 14:11:37 +0000 |
3117 | @@ -0,0 +1,149 @@ |
3118 | +#!/usr/bin/python |
3119 | +# vim: set ts=4:et |
3120 | + |
3121 | +import sys |
3122 | +from charmhelpers.core.hookenv import ( |
3123 | + Hooks, UnregisteredHookError, |
3124 | + log, |
3125 | + open_port, |
3126 | + config, |
3127 | + relation_set, |
3128 | + relation_get, |
3129 | + relation_ids, |
3130 | + unit_get |
3131 | +) |
3132 | +from charmhelpers.fetch import ( |
3133 | + apt_update, apt_install, |
3134 | + filter_installed_packages, |
3135 | +) |
3136 | +from charmhelpers.core.host import ( |
3137 | + restart_on_change |
3138 | +) |
3139 | +from charmhelpers.contrib.openstack.utils import ( |
3140 | + configure_installation_source, |
3141 | + openstack_upgrade_available, |
3142 | + save_script_rc |
3143 | +) |
3144 | +from horizon_utils import ( |
3145 | + PACKAGES, register_configs, |
3146 | + restart_map, |
3147 | + LOCAL_SETTINGS, HAPROXY_CONF, |
3148 | + enable_ssl, |
3149 | + do_openstack_upgrade |
3150 | +) |
3151 | +from charmhelpers.contrib.hahelpers.apache import install_ca_cert |
3152 | +from charmhelpers.contrib.hahelpers.cluster import get_hacluster_config |
3153 | +from charmhelpers.payload.execd import execd_preinstall |
3154 | + |
3155 | +hooks = Hooks() |
3156 | +CONFIGS = register_configs() |
3157 | + |
3158 | + |
3159 | +@hooks.hook('install') |
3160 | +def install(): |
3161 | + configure_installation_source(config('openstack-origin')) |
3162 | + apt_update(fatal=True) |
3163 | + apt_install(filter_installed_packages(PACKAGES), fatal=True) |
3164 | + |
3165 | + |
3166 | +@hooks.hook('upgrade-charm') |
3167 | +@restart_on_change(restart_map()) |
3168 | +def upgrade_charm(): |
3169 | + execd_preinstall() |
3170 | + apt_install(filter_installed_packages(PACKAGES), fatal=True) |
3171 | + CONFIGS.write_all() |
3172 | + |
3173 | + |
3174 | +@hooks.hook('config-changed') |
3175 | +@restart_on_change(restart_map()) |
3176 | +def config_changed(): |
3177 | + # Ensure default role changes are propagated to keystone |
3178 | + for relid in relation_ids('identity-service'): |
3179 | + keystone_joined(relid) |
3180 | + enable_ssl() |
3181 | + if openstack_upgrade_available('openstack-dashboard'): |
3182 | + do_openstack_upgrade(configs=CONFIGS) |
3183 | + |
3184 | + env_vars = { |
3185 | + 'OPENSTACK_URL_HORIZON': |
3186 | + "http://localhost:70{}|Login+-+OpenStack".format( |
3187 | + config('webroot') |
3188 | + ), |
3189 | + 'OPENSTACK_SERVICE_HORIZON': "apache2", |
3190 | + 'OPENSTACK_PORT_HORIZON_SSL': 433, |
3191 | + 'OPENSTACK_PORT_HORIZON': 70 |
3192 | + } |
3193 | + save_script_rc(**env_vars) |
3194 | + CONFIGS.write_all() |
3195 | + open_port(80) |
3196 | + open_port(443) |
3197 | + |
3198 | + |
3199 | +@hooks.hook('identity-service-relation-joined') |
3200 | +def keystone_joined(rel_id=None): |
3201 | + relation_set(relation_id=rel_id, |
3202 | + service="None", |
3203 | + region="None", |
3204 | + public_url="None", |
3205 | + admin_url="None", |
3206 | + internal_url="None", |
3207 | + requested_roles=config('default-role')) |
3208 | + |
3209 | + |
3210 | +@hooks.hook('identity-service-relation-changed') |
3211 | +@restart_on_change(restart_map()) |
3212 | +def keystone_changed(): |
3213 | + CONFIGS.write(LOCAL_SETTINGS) |
3214 | + if relation_get('ca_cert'): |
3215 | + install_ca_cert(relation_get('ca_cert')) |
3216 | + |
3217 | + |
3218 | +@hooks.hook('cluster-relation-departed', |
3219 | + 'cluster-relation-changed') |
3220 | +@restart_on_change(restart_map()) |
3221 | +def cluster_relation(): |
3222 | + CONFIGS.write(HAPROXY_CONF) |
3223 | + |
3224 | + |
3225 | +@hooks.hook('ha-relation-joined') |
3226 | +def ha_relation_joined(): |
3227 | + config = get_hacluster_config() |
3228 | + resources = { |
3229 | + 'res_horizon_vip': 'ocf:heartbeat:IPaddr2', |
3230 | + 'res_horizon_haproxy': 'lsb:haproxy' |
3231 | + } |
3232 | + vip_params = 'params ip="{}" cidr_netmask="{}" nic="{}"'.format( |
3233 | + config['vip'], config['vip_cidr'], config['vip_iface']) |
3234 | + resource_params = { |
3235 | + 'res_horizon_vip': vip_params, |
3236 | + 'res_horizon_haproxy': 'op monitor interval="5s"' |
3237 | + } |
3238 | + init_services = { |
3239 | + 'res_horizon_haproxy': 'haproxy' |
3240 | + } |
3241 | + clones = { |
3242 | + 'cl_horizon_haproxy': 'res_horizon_haproxy' |
3243 | + } |
3244 | + relation_set(init_services=init_services, |
3245 | + corosync_bindiface=config['ha-bindiface'], |
3246 | + corosync_mcastport=config['ha-mcastport'], |
3247 | + resources=resources, |
3248 | + resource_params=resource_params, |
3249 | + clones=clones) |
3250 | + |
3251 | + |
3252 | +@hooks.hook('website-relation-joined') |
3253 | +def website_relation_joined(): |
3254 | + relation_set(port=70, |
3255 | + hostname=unit_get('private-address')) |
3256 | + |
3257 | + |
3258 | +def main(): |
3259 | + try: |
3260 | + hooks.execute(sys.argv) |
3261 | + except UnregisteredHookError as e: |
3262 | + log('Unknown hook {} - skipping.'.format(e)) |
3263 | + |
3264 | + |
3265 | +if __name__ == '__main__': |
3266 | + main() |
3267 | |
3268 | === added file 'hooks/horizon_utils.py' |
3269 | --- hooks/horizon_utils.py 1970-01-01 00:00:00 +0000 |
3270 | +++ hooks/horizon_utils.py 2013-10-15 14:11:37 +0000 |
3271 | @@ -0,0 +1,144 @@ |
3272 | +# vim: set ts=4:et |
3273 | +import horizon_contexts |
3274 | +import charmhelpers.contrib.openstack.templating as templating |
3275 | +import subprocess |
3276 | +import os |
3277 | +from collections import OrderedDict |
3278 | + |
3279 | +from charmhelpers.contrib.openstack.utils import ( |
3280 | + get_os_codename_package, |
3281 | + get_os_codename_install_source, |
3282 | + configure_installation_source |
3283 | +) |
3284 | +from charmhelpers.core.hookenv import ( |
3285 | + config, |
3286 | + log |
3287 | +) |
3288 | +from charmhelpers.fetch import ( |
3289 | + apt_install, |
3290 | + apt_update |
3291 | +) |
3292 | + |
3293 | +PACKAGES = [ |
3294 | + "openstack-dashboard", "python-keystoneclient", "python-memcache", |
3295 | + "memcached", "haproxy", "python-novaclient", |
3296 | + "nodejs", "node-less", "openstack-dashboard-ubuntu-theme" |
3297 | +] |
3298 | + |
3299 | +LOCAL_SETTINGS = "/etc/openstack-dashboard/local_settings.py" |
3300 | +HAPROXY_CONF = "/etc/haproxy/haproxy.cfg" |
3301 | +APACHE_CONF = "/etc/apache2/conf.d/openstack-dashboard.conf" |
3302 | +APACHE_24_CONF = "/etc/apache2/conf-available/openstack-dashboard.conf" |
3303 | +PORTS_CONF = "/etc/apache2/ports.conf" |
3304 | +APACHE_SSL = "/etc/apache2/sites-available/default-ssl" |
3305 | +APACHE_DEFAULT = "/etc/apache2/sites-available/default" |
3306 | + |
3307 | +TEMPLATES = 'templates' |
3308 | + |
3309 | +CONFIG_FILES = OrderedDict([ |
3310 | + (LOCAL_SETTINGS, { |
3311 | + 'hook_contexts': [horizon_contexts.HorizonContext(), |
3312 | + horizon_contexts.IdentityServiceContext()], |
3313 | + 'services': ['apache2'] |
3314 | + }), |
3315 | + (APACHE_CONF, { |
3316 | + 'hook_contexts': [horizon_contexts.HorizonContext()], |
3317 | + 'services': ['apache2'], |
3318 | + }), |
3319 | + (APACHE_24_CONF, { |
3320 | + 'hook_contexts': [horizon_contexts.HorizonContext()], |
3321 | + 'services': ['apache2'], |
3322 | + }), |
3323 | + (APACHE_SSL, { |
3324 | + 'hook_contexts': [horizon_contexts.ApacheSSLContext(), |
3325 | + horizon_contexts.ApacheContext()], |
3326 | + 'services': ['apache2'], |
3327 | + }), |
3328 | + (APACHE_DEFAULT, { |
3329 | + 'hook_contexts': [horizon_contexts.ApacheContext()], |
3330 | + 'services': ['apache2'], |
3331 | + }), |
3332 | + (PORTS_CONF, { |
3333 | + 'hook_contexts': [horizon_contexts.ApacheContext()], |
3334 | + 'services': ['apache2'], |
3335 | + }), |
3336 | + (HAPROXY_CONF, { |
3337 | + 'hook_contexts': [horizon_contexts.HorizonHAProxyContext()], |
3338 | + 'services': ['haproxy'], |
3339 | + }), |
3340 | +]) |
3341 | + |
3342 | + |
3343 | +def register_configs(): |
3344 | + ''' Register config files with their respective contexts. ''' |
3345 | + release = get_os_codename_package('openstack-dashboard', fatal=False) or \ |
3346 | + 'essex' |
3347 | + configs = templating.OSConfigRenderer(templates_dir=TEMPLATES, |
3348 | + openstack_release=release) |
3349 | + |
3350 | + confs = [LOCAL_SETTINGS, |
3351 | + HAPROXY_CONF, |
3352 | + APACHE_SSL, |
3353 | + APACHE_DEFAULT, |
3354 | + PORTS_CONF] |
3355 | + |
3356 | + for conf in confs: |
3357 | + configs.register(conf, CONFIG_FILES[conf]['hook_contexts']) |
3358 | + |
3359 | + if os.path.exists(os.path.dirname(APACHE_24_CONF)): |
3360 | + configs.register(APACHE_24_CONF, |
3361 | + CONFIG_FILES[APACHE_24_CONF]['hook_contexts']) |
3362 | + else: |
3363 | + configs.register(APACHE_CONF, |
3364 | + CONFIG_FILES[APACHE_CONF]['hook_contexts']) |
3365 | + |
3366 | + return configs |
3367 | + |
3368 | + |
3369 | +def restart_map(): |
3370 | + ''' |
3371 | + Determine the correct resource map to be passed to |
3372 | + charmhelpers.core.restart_on_change() based on the services configured. |
3373 | + |
3374 | + :returns: dict: A dictionary mapping config file to lists of services |
3375 | + that should be restarted when file changes. |
3376 | + ''' |
3377 | + _map = [] |
3378 | + for f, ctxt in CONFIG_FILES.iteritems(): |
3379 | + svcs = [] |
3380 | + for svc in ctxt['services']: |
3381 | + svcs.append(svc) |
3382 | + if svcs: |
3383 | + _map.append((f, svcs)) |
3384 | + return OrderedDict(_map) |
3385 | + |
3386 | + |
3387 | +def enable_ssl(): |
3388 | + ''' Enable SSL support in local apache2 instance ''' |
3389 | + subprocess.call(['a2ensite', 'default-ssl']) |
3390 | + subprocess.call(['a2enmod', 'ssl']) |
3391 | + |
3392 | + |
3393 | +def do_openstack_upgrade(configs): |
3394 | + """ |
3395 | + Perform an upgrade. Takes care of upgrading packages, rewriting |
3396 | + configs, database migrations and potentially any other post-upgrade |
3397 | + actions. |
3398 | + |
3399 | + :param configs: The charms main OSConfigRenderer object. |
3400 | + """ |
3401 | + new_src = config('openstack-origin') |
3402 | + new_os_rel = get_os_codename_install_source(new_src) |
3403 | + |
3404 | + log('Performing OpenStack upgrade to %s.' % (new_os_rel)) |
3405 | + |
3406 | + configure_installation_source(new_src) |
3407 | + dpkg_opts = [ |
3408 | + '--option', 'Dpkg::Options::=--force-confnew', |
3409 | + '--option', 'Dpkg::Options::=--force-confdef', |
3410 | + ] |
3411 | + apt_update(fatal=True) |
3412 | + apt_install(packages=PACKAGES, options=dpkg_opts, fatal=True) |
3413 | + |
3414 | + # set CONFIGS to load templates from new release |
3415 | + configs.set_release(openstack_release=new_os_rel) |
3416 | |
3417 | === modified symlink 'hooks/identity-service-relation-changed' |
3418 | === target changed u'horizon-relations' => u'horizon_hooks.py' |
3419 | === modified symlink 'hooks/identity-service-relation-joined' |
3420 | === target changed u'horizon-relations' => u'horizon_hooks.py' |
3421 | === modified symlink 'hooks/install' |
3422 | === target changed u'horizon-relations' => u'horizon_hooks.py' |
3423 | === removed directory 'hooks/lib' |
3424 | === removed file 'hooks/lib/openstack-common' |
3425 | --- hooks/lib/openstack-common 2013-04-26 20:22:52 +0000 |
3426 | +++ hooks/lib/openstack-common 1970-01-01 00:00:00 +0000 |
3427 | @@ -1,769 +0,0 @@ |
3428 | -#!/bin/bash -e |
3429 | - |
3430 | -# Common utility functions used across all OpenStack charms. |
3431 | - |
3432 | -error_out() { |
3433 | - juju-log "$CHARM ERROR: $@" |
3434 | - exit 1 |
3435 | -} |
3436 | - |
3437 | -function service_ctl_status { |
3438 | - # Return 0 if a service is running, 1 otherwise. |
3439 | - local svc="$1" |
3440 | - local status=$(service $svc status | cut -d/ -f1 | awk '{ print $2 }') |
3441 | - case $status in |
3442 | - "start") return 0 ;; |
3443 | - "stop") return 1 ;; |
3444 | - *) error_out "Unexpected status of service $svc: $status" ;; |
3445 | - esac |
3446 | -} |
3447 | - |
3448 | -function service_ctl { |
3449 | - # control a specific service, or all (as defined by $SERVICES) |
3450 | - if [[ $1 == "all" ]] ; then |
3451 | - ctl="$SERVICES" |
3452 | - else |
3453 | - ctl="$1" |
3454 | - fi |
3455 | - action="$2" |
3456 | - if [[ -z "$ctl" ]] || [[ -z "$action" ]] ; then |
3457 | - error_out "ERROR service_ctl: Not enough arguments" |
3458 | - fi |
3459 | - |
3460 | - for i in $ctl ; do |
3461 | - case $action in |
3462 | - "start") |
3463 | - service_ctl_status $i || service $i start ;; |
3464 | - "stop") |
3465 | - service_ctl_status $i && service $i stop || return 0 ;; |
3466 | - "restart") |
3467 | - service_ctl_status $i && service $i restart || service $i start ;; |
3468 | - esac |
3469 | - if [[ $? != 0 ]] ; then |
3470 | - juju-log "$CHARM: service_ctl ERROR - Service $i failed to $action" |
3471 | - fi |
3472 | - done |
3473 | -} |
3474 | - |
3475 | -function configure_install_source { |
3476 | - # Setup and configure installation source based on a config flag. |
3477 | - local src="$1" |
3478 | - |
3479 | - # Default to installing from the main Ubuntu archive. |
3480 | - [[ $src == "distro" ]] || [[ -z "$src" ]] && return 0 |
3481 | - |
3482 | - . /etc/lsb-release |
3483 | - |
3484 | - # standard 'ppa:someppa/name' format. |
3485 | - if [[ "${src:0:4}" == "ppa:" ]] ; then |
3486 | - juju-log "$CHARM: Configuring installation from custom src ($src)" |
3487 | - add-apt-repository -y "$src" || error_out "Could not configure PPA access." |
3488 | - return 0 |
3489 | - fi |
3490 | - |
3491 | - # standard 'deb http://url/ubuntu main' entries. gpg key ids must |
3492 | - # be appended to the end of url after a |, ie: |
3493 | - # 'deb http://url/ubuntu main|$GPGKEYID' |
3494 | - if [[ "${src:0:3}" == "deb" ]] ; then |
3495 | - juju-log "$CHARM: Configuring installation from custom src URL ($src)" |
3496 | - if echo "$src" | grep -q "|" ; then |
3497 | - # gpg key id tagged to end of url folloed by a | |
3498 | - url=$(echo $src | cut -d'|' -f1) |
3499 | - key=$(echo $src | cut -d'|' -f2) |
3500 | - juju-log "$CHARM: Importing repository key: $key" |
3501 | - apt-key adv --keyserver keyserver.ubuntu.com --recv-keys "$key" || \ |
3502 | - juju-log "$CHARM WARN: Could not import key from keyserver: $key" |
3503 | - else |
3504 | - juju-log "$CHARM No repository key specified." |
3505 | - url="$src" |
3506 | - fi |
3507 | - echo "$url" > /etc/apt/sources.list.d/juju_deb.list |
3508 | - return 0 |
3509 | - fi |
3510 | - |
3511 | - # Cloud Archive |
3512 | - if [[ "${src:0:6}" == "cloud:" ]] ; then |
3513 | - |
3514 | - # current os releases supported by the UCA. |
3515 | - local cloud_archive_versions="folsom grizzly" |
3516 | - |
3517 | - local ca_rel=$(echo $src | cut -d: -f2) |
3518 | - local u_rel=$(echo $ca_rel | cut -d- -f1) |
3519 | - local os_rel=$(echo $ca_rel | cut -d- -f2 | cut -d/ -f1) |
3520 | - |
3521 | - [[ "$u_rel" != "$DISTRIB_CODENAME" ]] && |
3522 | - error_out "Cannot install from Cloud Archive pocket $src " \ |
3523 | - "on this Ubuntu version ($DISTRIB_CODENAME)!" |
3524 | - |
3525 | - valid_release="" |
3526 | - for rel in $cloud_archive_versions ; do |
3527 | - if [[ "$os_rel" == "$rel" ]] ; then |
3528 | - valid_release=1 |
3529 | - juju-log "Installing OpenStack ($os_rel) from the Ubuntu Cloud Archive." |
3530 | - fi |
3531 | - done |
3532 | - if [[ -z "$valid_release" ]] ; then |
3533 | - error_out "OpenStack release ($os_rel) not supported by "\ |
3534 | - "the Ubuntu Cloud Archive." |
3535 | - fi |
3536 | - |
3537 | - # CA staging repos are standard PPAs. |
3538 | - if echo $ca_rel | grep -q "staging" ; then |
3539 | - add-apt-repository -y ppa:ubuntu-cloud-archive/${os_rel}-staging |
3540 | - return 0 |
3541 | - fi |
3542 | - |
3543 | - # the others are LP-external deb repos. |
3544 | - case "$ca_rel" in |
3545 | - "$u_rel-$os_rel"|"$u_rel-$os_rel/updates") pocket="$u_rel-updates/$os_rel" ;; |
3546 | - "$u_rel-$os_rel/proposed") pocket="$u_rel-proposed/$os_rel" ;; |
3547 | - "$u_rel-$os_rel"|"$os_rel/updates") pocket="$u_rel-updates/$os_rel" ;; |
3548 | - "$u_rel-$os_rel/proposed") pocket="$u_rel-proposed/$os_rel" ;; |
3549 | - *) error_out "Invalid Cloud Archive repo specified: $src" |
3550 | - esac |
3551 | - |
3552 | - apt-get -y install ubuntu-cloud-keyring |
3553 | - entry="deb http://ubuntu-cloud.archive.canonical.com/ubuntu $pocket main" |
3554 | - echo "$entry" \ |
3555 | - >/etc/apt/sources.list.d/ubuntu-cloud-archive-$DISTRIB_CODENAME.list |
3556 | - return 0 |
3557 | - fi |
3558 | - |
3559 | - error_out "Invalid installation source specified in config: $src" |
3560 | - |
3561 | -} |
3562 | - |
3563 | -get_os_codename_install_source() { |
3564 | - # derive the openstack release provided by a supported installation source. |
3565 | - local rel="$1" |
3566 | - local codename="unknown" |
3567 | - . /etc/lsb-release |
3568 | - |
3569 | - # map ubuntu releases to the openstack version shipped with it. |
3570 | - if [[ "$rel" == "distro" ]] ; then |
3571 | - case "$DISTRIB_CODENAME" in |
3572 | - "oneiric") codename="diablo" ;; |
3573 | - "precise") codename="essex" ;; |
3574 | - "quantal") codename="folsom" ;; |
3575 | - "raring") codename="grizzly" ;; |
3576 | - esac |
3577 | - fi |
3578 | - |
3579 | - # derive version from cloud archive strings. |
3580 | - if [[ "${rel:0:6}" == "cloud:" ]] ; then |
3581 | - rel=$(echo $rel | cut -d: -f2) |
3582 | - local u_rel=$(echo $rel | cut -d- -f1) |
3583 | - local ca_rel=$(echo $rel | cut -d- -f2) |
3584 | - if [[ "$u_rel" == "$DISTRIB_CODENAME" ]] ; then |
3585 | - case "$ca_rel" in |
3586 | - "folsom"|"folsom/updates"|"folsom/proposed"|"folsom/staging") |
3587 | - codename="folsom" ;; |
3588 | - "grizzly"|"grizzly/updates"|"grizzly/proposed"|"grizzly/staging") |
3589 | - codename="grizzly" ;; |
3590 | - esac |
3591 | - fi |
3592 | - fi |
3593 | - |
3594 | - # have a guess based on the deb string provided |
3595 | - if [[ "${rel:0:3}" == "deb" ]] || \ |
3596 | - [[ "${rel:0:3}" == "ppa" ]] ; then |
3597 | - CODENAMES="diablo essex folsom grizzly havana" |
3598 | - for cname in $CODENAMES; do |
3599 | - if echo $rel | grep -q $cname; then |
3600 | - codename=$cname |
3601 | - fi |
3602 | - done |
3603 | - fi |
3604 | - echo $codename |
3605 | -} |
3606 | - |
3607 | -get_os_codename_package() { |
3608 | - local pkg_vers=$(dpkg -l | grep "$1" | awk '{ print $3 }') || echo "none" |
3609 | - pkg_vers=$(echo $pkg_vers | cut -d: -f2) # epochs |
3610 | - case "${pkg_vers:0:6}" in |
3611 | - "2011.2") echo "diablo" ;; |
3612 | - "2012.1") echo "essex" ;; |
3613 | - "2012.2") echo "folsom" ;; |
3614 | - "2013.1") echo "grizzly" ;; |
3615 | - "2013.2") echo "havana" ;; |
3616 | - esac |
3617 | -} |
3618 | - |
3619 | -get_os_version_codename() { |
3620 | - case "$1" in |
3621 | - "diablo") echo "2011.2" ;; |
3622 | - "essex") echo "2012.1" ;; |
3623 | - "folsom") echo "2012.2" ;; |
3624 | - "grizzly") echo "2013.1" ;; |
3625 | - "havana") echo "2013.2" ;; |
3626 | - esac |
3627 | -} |
3628 | - |
3629 | -get_ip() { |
3630 | - dpkg -l | grep -q python-dnspython || { |
3631 | - apt-get -y install python-dnspython 2>&1 > /dev/null |
3632 | - } |
3633 | - hostname=$1 |
3634 | - python -c " |
3635 | -import dns.resolver |
3636 | -import socket |
3637 | -try: |
3638 | - # Test to see if already an IPv4 address |
3639 | - socket.inet_aton('$hostname') |
3640 | - print '$hostname' |
3641 | -except socket.error: |
3642 | - try: |
3643 | - answers = dns.resolver.query('$hostname', 'A') |
3644 | - if answers: |
3645 | - print answers[0].address |
3646 | - except dns.resolver.NXDOMAIN: |
3647 | - pass |
3648 | -" |
3649 | -} |
3650 | - |
3651 | -# Common storage routines used by cinder, nova-volume and swift-storage. |
3652 | -clean_storage() { |
3653 | - # if configured to overwrite existing storage, we unmount the block-dev |
3654 | - # if mounted and clear any previous pv signatures |
3655 | - local block_dev="$1" |
3656 | - juju-log "Cleaining storage '$block_dev'" |
3657 | - if grep -q "^$block_dev" /proc/mounts ; then |
3658 | - mp=$(grep "^$block_dev" /proc/mounts | awk '{ print $2 }') |
3659 | - juju-log "Unmounting $block_dev from $mp" |
3660 | - umount "$mp" || error_out "ERROR: Could not unmount storage from $mp" |
3661 | - fi |
3662 | - if pvdisplay "$block_dev" >/dev/null 2>&1 ; then |
3663 | - juju-log "Removing existing LVM PV signatures from $block_dev" |
3664 | - |
3665 | - # deactivate any volgroups that may be built on this dev |
3666 | - vg=$(pvdisplay $block_dev | grep "VG Name" | awk '{ print $3 }') |
3667 | - if [[ -n "$vg" ]] ; then |
3668 | - juju-log "Deactivating existing volume group: $vg" |
3669 | - vgchange -an "$vg" || |
3670 | - error_out "ERROR: Could not deactivate volgroup $vg. Is it in use?" |
3671 | - fi |
3672 | - echo "yes" | pvremove -ff "$block_dev" || |
3673 | - error_out "Could not pvremove $block_dev" |
3674 | - else |
3675 | - juju-log "Zapping disk of all GPT and MBR structures" |
3676 | - sgdisk --zap-all $block_dev || |
3677 | - error_out "Unable to zap $block_dev" |
3678 | - fi |
3679 | -} |
3680 | - |
3681 | -function get_block_device() { |
3682 | - # given a string, return full path to the block device for that |
3683 | - # if input is not a block device, find a loopback device |
3684 | - local input="$1" |
3685 | - |
3686 | - case "$input" in |
3687 | - /dev/*) [[ ! -b "$input" ]] && error_out "$input does not exist." |
3688 | - echo "$input"; return 0;; |
3689 | - /*) :;; |
3690 | - *) [[ ! -b "/dev/$input" ]] && error_out "/dev/$input does not exist." |
3691 | - echo "/dev/$input"; return 0;; |
3692 | - esac |
3693 | - |
3694 | - # this represents a file |
3695 | - # support "/path/to/file|5G" |
3696 | - local fpath size oifs="$IFS" |
3697 | - if [ "${input#*|}" != "${input}" ]; then |
3698 | - size=${input##*|} |
3699 | - fpath=${input%|*} |
3700 | - else |
3701 | - fpath=${input} |
3702 | - size=5G |
3703 | - fi |
3704 | - |
3705 | - ## loop devices are not namespaced. This is bad for containers. |
3706 | - ## it means that the output of 'losetup' may have the given $fpath |
3707 | - ## in it, but that may not represent this containers $fpath, but |
3708 | - ## another containers. To address that, we really need to |
3709 | - ## allow some uniq container-id to be expanded within path. |
3710 | - ## TODO: find a unique container-id that will be consistent for |
3711 | - ## this container throughout its lifetime and expand it |
3712 | - ## in the fpath. |
3713 | - # fpath=${fpath//%{id}/$THAT_ID} |
3714 | - |
3715 | - local found="" |
3716 | - # parse through 'losetup -a' output, looking for this file |
3717 | - # output is expected to look like: |
3718 | - # /dev/loop0: [0807]:961814 (/tmp/my.img) |
3719 | - found=$(losetup -a | |
3720 | - awk 'BEGIN { found=0; } |
3721 | - $3 == f { sub(/:$/,"",$1); print $1; found=found+1; } |
3722 | - END { if( found == 0 || found == 1 ) { exit(0); }; exit(1); }' \ |
3723 | - f="($fpath)") |
3724 | - |
3725 | - if [ $? -ne 0 ]; then |
3726 | - echo "multiple devices found for $fpath: $found" 1>&2 |
3727 | - return 1; |
3728 | - fi |
3729 | - |
3730 | - [ -n "$found" -a -b "$found" ] && { echo "$found"; return 1; } |
3731 | - |
3732 | - if [ -n "$found" ]; then |
3733 | - echo "confused, $found is not a block device for $fpath"; |
3734 | - return 1; |
3735 | - fi |
3736 | - |
3737 | - # no existing device was found, create one |
3738 | - mkdir -p "${fpath%/*}" |
3739 | - truncate --size "$size" "$fpath" || |
3740 | - { echo "failed to create $fpath of size $size"; return 1; } |
3741 | - |
3742 | - found=$(losetup --find --show "$fpath") || |
3743 | - { echo "failed to setup loop device for $fpath" 1>&2; return 1; } |
3744 | - |
3745 | - echo "$found" |
3746 | - return 0 |
3747 | -} |
3748 | - |
3749 | -HAPROXY_CFG=/etc/haproxy/haproxy.cfg |
3750 | -HAPROXY_DEFAULT=/etc/default/haproxy |
3751 | -########################################################################## |
3752 | -# Description: Configures HAProxy services for Openstack API's |
3753 | -# Parameters: |
3754 | -# Space delimited list of service:port:mode combinations for which |
3755 | -# haproxy service configuration should be generated for. The function |
3756 | -# assumes the name of the peer relation is 'cluster' and that every |
3757 | -# service unit in the peer relation is running the same services. |
3758 | -# |
3759 | -# Services that do not specify :mode in parameter will default to http. |
3760 | -# |
3761 | -# Example |
3762 | -# configure_haproxy cinder_api:8776:8756:tcp nova_api:8774:8764:http |
3763 | -########################################################################## |
3764 | -configure_haproxy() { |
3765 | - local address=`unit-get private-address` |
3766 | - local name=${JUJU_UNIT_NAME////-} |
3767 | - cat > $HAPROXY_CFG << EOF |
3768 | -global |
3769 | - log 127.0.0.1 local0 |
3770 | - log 127.0.0.1 local1 notice |
3771 | - maxconn 20000 |
3772 | - user haproxy |
3773 | - group haproxy |
3774 | - spread-checks 0 |
3775 | - |
3776 | -defaults |
3777 | - log global |
3778 | - mode http |
3779 | - option httplog |
3780 | - option dontlognull |
3781 | - retries 3 |
3782 | - timeout queue 1000 |
3783 | - timeout connect 1000 |
3784 | - timeout client 30000 |
3785 | - timeout server 30000 |
3786 | - |
3787 | -listen stats :8888 |
3788 | - mode http |
3789 | - stats enable |
3790 | - stats hide-version |
3791 | - stats realm Haproxy\ Statistics |
3792 | - stats uri / |
3793 | - stats auth admin:password |
3794 | - |
3795 | -EOF |
3796 | - for service in $@; do |
3797 | - local service_name=$(echo $service | cut -d : -f 1) |
3798 | - local haproxy_listen_port=$(echo $service | cut -d : -f 2) |
3799 | - local api_listen_port=$(echo $service | cut -d : -f 3) |
3800 | - local mode=$(echo $service | cut -d : -f 4) |
3801 | - [[ -z "$mode" ]] && mode="http" |
3802 | - juju-log "Adding haproxy configuration entry for $service "\ |
3803 | - "($haproxy_listen_port -> $api_listen_port)" |
3804 | - cat >> $HAPROXY_CFG << EOF |
3805 | -listen $service_name 0.0.0.0:$haproxy_listen_port |
3806 | - balance roundrobin |
3807 | - mode $mode |
3808 | - option ${mode}log |
3809 | - server $name $address:$api_listen_port check |
3810 | -EOF |
3811 | - local r_id="" |
3812 | - local unit="" |
3813 | - for r_id in `relation-ids cluster`; do |
3814 | - for unit in `relation-list -r $r_id`; do |
3815 | - local unit_name=${unit////-} |
3816 | - local unit_address=`relation-get -r $r_id private-address $unit` |
3817 | - if [ -n "$unit_address" ]; then |
3818 | - echo " server $unit_name $unit_address:$api_listen_port check" \ |
3819 | - >> $HAPROXY_CFG |
3820 | - fi |
3821 | - done |
3822 | - done |
3823 | - done |
3824 | - echo "ENABLED=1" > $HAPROXY_DEFAULT |
3825 | - service haproxy restart |
3826 | -} |
3827 | - |
3828 | -########################################################################## |
3829 | -# Description: Query HA interface to determine is cluster is configured |
3830 | -# Returns: 0 if configured, 1 if not configured |
3831 | -########################################################################## |
3832 | -is_clustered() { |
3833 | - local r_id="" |
3834 | - local unit="" |
3835 | - for r_id in $(relation-ids ha); do |
3836 | - if [ -n "$r_id" ]; then |
3837 | - for unit in $(relation-list -r $r_id); do |
3838 | - clustered=$(relation-get -r $r_id clustered $unit) |
3839 | - if [ -n "$clustered" ]; then |
3840 | - juju-log "Unit is haclustered" |
3841 | - return 0 |
3842 | - fi |
3843 | - done |
3844 | - fi |
3845 | - done |
3846 | - juju-log "Unit is not haclustered" |
3847 | - return 1 |
3848 | -} |
3849 | - |
3850 | -########################################################################## |
3851 | -# Description: Return a list of all peers in cluster relations |
3852 | -########################################################################## |
3853 | -peer_units() { |
3854 | - local peers="" |
3855 | - local r_id="" |
3856 | - for r_id in $(relation-ids cluster); do |
3857 | - peers="$peers $(relation-list -r $r_id)" |
3858 | - done |
3859 | - echo $peers |
3860 | -} |
3861 | - |
3862 | -########################################################################## |
3863 | -# Description: Determines whether the current unit is the oldest of all |
3864 | -# its peers - supports partial leader election |
3865 | -# Returns: 0 if oldest, 1 if not |
3866 | -########################################################################## |
3867 | -oldest_peer() { |
3868 | - peers=$1 |
3869 | - local l_unit_no=$(echo $JUJU_UNIT_NAME | cut -d / -f 2) |
3870 | - for peer in $peers; do |
3871 | - echo "Comparing $JUJU_UNIT_NAME with peers: $peers" |
3872 | - local r_unit_no=$(echo $peer | cut -d / -f 2) |
3873 | - if (($r_unit_no<$l_unit_no)); then |
3874 | - juju-log "Not oldest peer; deferring" |
3875 | - return 1 |
3876 | - fi |
3877 | - done |
3878 | - juju-log "Oldest peer; might take charge?" |
3879 | - return 0 |
3880 | -} |
3881 | - |
3882 | -########################################################################## |
3883 | -# Description: Determines whether the current service units is the |
3884 | -# leader within a) a cluster of its peers or b) across a |
3885 | -# set of unclustered peers. |
3886 | -# Parameters: CRM resource to check ownership of if clustered |
3887 | -# Returns: 0 if leader, 1 if not |
3888 | -########################################################################## |
3889 | -eligible_leader() { |
3890 | - if is_clustered; then |
3891 | - if ! is_leader $1; then |
3892 | - juju-log 'Deferring action to CRM leader' |
3893 | - return 1 |
3894 | - fi |
3895 | - else |
3896 | - peers=$(peer_units) |
3897 | - if [ -n "$peers" ] && ! oldest_peer "$peers"; then |
3898 | - juju-log 'Deferring action to oldest service unit.' |
3899 | - return 1 |
3900 | - fi |
3901 | - fi |
3902 | - return 0 |
3903 | -} |
3904 | - |
3905 | -########################################################################## |
3906 | -# Description: Query Cluster peer interface to see if peered |
3907 | -# Returns: 0 if peered, 1 if not peered |
3908 | -########################################################################## |
3909 | -is_peered() { |
3910 | - local r_id=$(relation-ids cluster) |
3911 | - if [ -n "$r_id" ]; then |
3912 | - if [ -n "$(relation-list -r $r_id)" ]; then |
3913 | - juju-log "Unit peered" |
3914 | - return 0 |
3915 | - fi |
3916 | - fi |
3917 | - juju-log "Unit not peered" |
3918 | - return 1 |
3919 | -} |
3920 | - |
3921 | -########################################################################## |
3922 | -# Description: Determines whether host is owner of clustered services |
3923 | -# Parameters: Name of CRM resource to check ownership of |
3924 | -# Returns: 0 if leader, 1 if not leader |
3925 | -########################################################################## |
3926 | -is_leader() { |
3927 | - hostname=`hostname` |
3928 | - if [ -x /usr/sbin/crm ]; then |
3929 | - if crm resource show $1 | grep -q $hostname; then |
3930 | - juju-log "$hostname is cluster leader." |
3931 | - return 0 |
3932 | - fi |
3933 | - fi |
3934 | - juju-log "$hostname is not cluster leader." |
3935 | - return 1 |
3936 | -} |
3937 | - |
3938 | -########################################################################## |
3939 | -# Description: Determines whether enough data has been provided in |
3940 | -# configuration or relation data to configure HTTPS. |
3941 | -# Parameters: None |
3942 | -# Returns: 0 if HTTPS can be configured, 1 if not. |
3943 | -########################################################################## |
3944 | -https() { |
3945 | - local r_id="" |
3946 | - if [[ -n "$(config-get ssl_cert)" ]] && |
3947 | - [[ -n "$(config-get ssl_key)" ]] ; then |
3948 | - return 0 |
3949 | - fi |
3950 | - for r_id in $(relation-ids identity-service) ; do |
3951 | - for unit in $(relation-list -r $r_id) ; do |
3952 | - if [[ "$(relation-get -r $r_id https_keystone $unit)" == "True" ]] && |
3953 | - [[ -n "$(relation-get -r $r_id ssl_cert $unit)" ]] && |
3954 | - [[ -n "$(relation-get -r $r_id ssl_key $unit)" ]] && |
3955 | - [[ -n "$(relation-get -r $r_id ca_cert $unit)" ]] ; then |
3956 | - return 0 |
3957 | - fi |
3958 | - done |
3959 | - done |
3960 | - return 1 |
3961 | -} |
3962 | - |
3963 | -########################################################################## |
3964 | -# Description: For a given number of port mappings, configures apache2 |
3965 | -# HTTPs local reverse proxying using certficates and keys provided in |
3966 | -# either configuration data (preferred) or relation data. Assumes ports |
3967 | -# are not in use (calling charm should ensure that). |
3968 | -# Parameters: Variable number of proxy port mappings as |
3969 | -# $internal:$external. |
3970 | -# Returns: 0 if reverse proxy(s) have been configured, 0 if not. |
3971 | -########################################################################## |
3972 | -enable_https() { |
3973 | - local port_maps="$@" |
3974 | - local http_restart="" |
3975 | - juju-log "Enabling HTTPS for port mappings: $port_maps." |
3976 | - |
3977 | - # allow overriding of keystone provided certs with those set manually |
3978 | - # in config. |
3979 | - local cert=$(config-get ssl_cert) |
3980 | - local key=$(config-get ssl_key) |
3981 | - local ca_cert="" |
3982 | - if [[ -z "$cert" ]] || [[ -z "$key" ]] ; then |
3983 | - juju-log "Inspecting identity-service relations for SSL certificate." |
3984 | - local r_id="" |
3985 | - cert="" |
3986 | - key="" |
3987 | - ca_cert="" |
3988 | - for r_id in $(relation-ids identity-service) ; do |
3989 | - for unit in $(relation-list -r $r_id) ; do |
3990 | - [[ -z "$cert" ]] && cert="$(relation-get -r $r_id ssl_cert $unit)" |
3991 | - [[ -z "$key" ]] && key="$(relation-get -r $r_id ssl_key $unit)" |
3992 | - [[ -z "$ca_cert" ]] && ca_cert="$(relation-get -r $r_id ca_cert $unit)" |
3993 | - done |
3994 | - done |
3995 | - [[ -n "$cert" ]] && cert=$(echo $cert | base64 -di) |
3996 | - [[ -n "$key" ]] && key=$(echo $key | base64 -di) |
3997 | - [[ -n "$ca_cert" ]] && ca_cert=$(echo $ca_cert | base64 -di) |
3998 | - else |
3999 | - juju-log "Using SSL certificate provided in service config." |
4000 | - fi |
4001 | - |
4002 | - [[ -z "$cert" ]] || [[ -z "$key" ]] && |
4003 | - juju-log "Expected but could not find SSL certificate data, not "\ |
4004 | - "configuring HTTPS!" && return 1 |
4005 | - |
4006 | - apt-get -y install apache2 |
4007 | - a2enmod ssl proxy proxy_http | grep -v "To activate the new configuration" && |
4008 | - http_restart=1 |
4009 | - |
4010 | - mkdir -p /etc/apache2/ssl/$CHARM |
4011 | - echo "$cert" >/etc/apache2/ssl/$CHARM/cert |
4012 | - echo "$key" >/etc/apache2/ssl/$CHARM/key |
4013 | - if [[ -n "$ca_cert" ]] ; then |
4014 | - juju-log "Installing Keystone supplied CA cert." |
4015 | - echo "$ca_cert" >/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt |
4016 | - update-ca-certificates --fresh |
4017 | - |
4018 | - # XXX TODO: Find a better way of exporting this? |
4019 | - if [[ "$CHARM" == "nova-cloud-controller" ]] ; then |
4020 | - [[ -e /var/www/keystone_juju_ca_cert.crt ]] && |
4021 | - rm -rf /var/www/keystone_juju_ca_cert.crt |
4022 | - ln -s /usr/local/share/ca-certificates/keystone_juju_ca_cert.crt \ |
4023 | - /var/www/keystone_juju_ca_cert.crt |
4024 | - fi |
4025 | - |
4026 | - fi |
4027 | - for port_map in $port_maps ; do |
4028 | - local ext_port=$(echo $port_map | cut -d: -f1) |
4029 | - local int_port=$(echo $port_map | cut -d: -f2) |
4030 | - juju-log "Creating apache2 reverse proxy vhost for $port_map." |
4031 | - cat >/etc/apache2/sites-available/${CHARM}_${ext_port} <<END |
4032 | -Listen $ext_port |
4033 | -NameVirtualHost *:$ext_port |
4034 | -<VirtualHost *:$ext_port> |
4035 | - ServerName $(unit-get private-address) |
4036 | - SSLEngine on |
4037 | - SSLCertificateFile /etc/apache2/ssl/$CHARM/cert |
4038 | - SSLCertificateKeyFile /etc/apache2/ssl/$CHARM/key |
4039 | - ProxyPass / http://localhost:$int_port/ |
4040 | - ProxyPassReverse / http://localhost:$int_port/ |
4041 | - ProxyPreserveHost on |
4042 | -</VirtualHost> |
4043 | -<Proxy *> |
4044 | - Order deny,allow |
4045 | - Allow from all |
4046 | -</Proxy> |
4047 | -<Location /> |
4048 | - Order allow,deny |
4049 | - Allow from all |
4050 | -</Location> |
4051 | -END |
4052 | - a2ensite ${CHARM}_${ext_port} | grep -v "To activate the new configuration" && |
4053 | - http_restart=1 |
4054 | - done |
4055 | - if [[ -n "$http_restart" ]] ; then |
4056 | - service apache2 restart |
4057 | - fi |
4058 | -} |
4059 | - |
4060 | -########################################################################## |
4061 | -# Description: Ensure HTTPS reverse proxying is disabled for given port |
4062 | -# mappings. |
4063 | -# Parameters: Variable number of proxy port mappings as |
4064 | -# $internal:$external. |
4065 | -# Returns: 0 if reverse proxy is not active for all portmaps, 1 on error. |
4066 | -########################################################################## |
4067 | -disable_https() { |
4068 | - local port_maps="$@" |
4069 | - local http_restart="" |
4070 | - juju-log "Ensuring HTTPS disabled for $port_maps." |
4071 | - ( [[ ! -d /etc/apache2 ]] || [[ ! -d /etc/apache2/ssl/$CHARM ]] ) && return 0 |
4072 | - for port_map in $port_maps ; do |
4073 | - local ext_port=$(echo $port_map | cut -d: -f1) |
4074 | - local int_port=$(echo $port_map | cut -d: -f2) |
4075 | - if [[ -e /etc/apache2/sites-available/${CHARM}_${ext_port} ]] ; then |
4076 | - juju-log "Disabling HTTPS reverse proxy for $CHARM $port_map." |
4077 | - a2dissite ${CHARM}_${ext_port} | grep -v "To activate the new configuration" && |
4078 | - http_restart=1 |
4079 | - fi |
4080 | - done |
4081 | - if [[ -n "$http_restart" ]] ; then |
4082 | - service apache2 restart |
4083 | - fi |
4084 | -} |
4085 | - |
4086 | - |
4087 | -########################################################################## |
4088 | -# Description: Ensures HTTPS is either enabled or disabled for given port |
4089 | -# mapping. |
4090 | -# Parameters: Variable number of proxy port mappings as |
4091 | -# $internal:$external. |
4092 | -# Returns: 0 if HTTPS reverse proxy is in place, 1 if it is not. |
4093 | -########################################################################## |
4094 | -setup_https() { |
4095 | - # configure https via apache reverse proxying either |
4096 | - # using certs provided by config or keystone. |
4097 | - [[ -z "$CHARM" ]] && |
4098 | - error_out "setup_https(): CHARM not set." |
4099 | - if ! https ; then |
4100 | - disable_https $@ |
4101 | - else |
4102 | - enable_https $@ |
4103 | - fi |
4104 | -} |
4105 | - |
4106 | -########################################################################## |
4107 | -# Description: Determine correct API server listening port based on |
4108 | -# existence of HTTPS reverse proxy and/or haproxy. |
4109 | -# Paremeters: The standard public port for given service. |
4110 | -# Returns: The correct listening port for API service. |
4111 | -########################################################################## |
4112 | -determine_api_port() { |
4113 | - local public_port="$1" |
4114 | - local i=0 |
4115 | - ( [[ -n "$(peer_units)" ]] || is_clustered >/dev/null 2>&1 ) && i=$[$i + 1] |
4116 | - https >/dev/null 2>&1 && i=$[$i + 1] |
4117 | - echo $[$public_port - $[$i * 10]] |
4118 | -} |
4119 | - |
4120 | -########################################################################## |
4121 | -# Description: Determine correct proxy listening port based on public IP + |
4122 | -# existence of HTTPS reverse proxy. |
4123 | -# Paremeters: The standard public port for given service. |
4124 | -# Returns: The correct listening port for haproxy service public address. |
4125 | -########################################################################## |
4126 | -determine_haproxy_port() { |
4127 | - local public_port="$1" |
4128 | - local i=0 |
4129 | - https >/dev/null 2>&1 && i=$[$i + 1] |
4130 | - echo $[$public_port - $[$i * 10]] |
4131 | -} |
4132 | - |
4133 | -########################################################################## |
4134 | -# Description: Print the value for a given config option in an OpenStack |
4135 | -# .ini style configuration file. |
4136 | -# Parameters: File path, option to retrieve, optional |
4137 | -# section name (default=DEFAULT) |
4138 | -# Returns: Prints value if set, prints nothing otherwise. |
4139 | -########################################################################## |
4140 | -local_config_get() { |
4141 | - # return config values set in openstack .ini config files. |
4142 | - # default placeholders starting (eg, %AUTH_HOST%) treated as |
4143 | - # unset values. |
4144 | - local file="$1" |
4145 | - local option="$2" |
4146 | - local section="$3" |
4147 | - [[ -z "$section" ]] && section="DEFAULT" |
4148 | - python -c " |
4149 | -import ConfigParser |
4150 | -config = ConfigParser.RawConfigParser() |
4151 | -config.read('$file') |
4152 | -try: |
4153 | - value = config.get('$section', '$option') |
4154 | -except: |
4155 | - print '' |
4156 | - exit(0) |
4157 | -if value.startswith('%'): exit(0) |
4158 | -print value |
4159 | -" |
4160 | -} |
4161 | - |
4162 | -########################################################################## |
4163 | -# Description: Creates an rc file exporting environment variables to a |
4164 | -# script_path local to the charm's installed directory. |
4165 | -# Any charm scripts run outside the juju hook environment can source this |
4166 | -# scriptrc to obtain updated config information necessary to perform health |
4167 | -# checks or service changes |
4168 | -# |
4169 | -# Parameters: |
4170 | -# An array of '=' delimited ENV_VAR:value combinations to export. |
4171 | -# If optional script_path key is not provided in the array, script_path |
4172 | -# defaults to scripts/scriptrc |
4173 | -########################################################################## |
4174 | -function save_script_rc { |
4175 | - if [ ! -n "$JUJU_UNIT_NAME" ]; then |
4176 | - echo "Error: Missing JUJU_UNIT_NAME environment variable" |
4177 | - exit 1 |
4178 | - fi |
4179 | - # our default unit_path |
4180 | - unit_path="$CHARM_DIR/scripts/scriptrc" |
4181 | - echo $unit_path |
4182 | - tmp_rc="/tmp/${JUJU_UNIT_NAME/\//-}rc" |
4183 | - |
4184 | - echo "#!/bin/bash" > $tmp_rc |
4185 | - for env_var in "${@}" |
4186 | - do |
4187 | - if `echo $env_var | grep -q script_path`; then |
4188 | - # well then we need to reset the new unit-local script path |
4189 | - unit_path="$CHARM_DIR/${env_var/script_path=/}" |
4190 | - else |
4191 | - echo "export $env_var" >> $tmp_rc |
4192 | - fi |
4193 | - done |
4194 | - chmod 755 $tmp_rc |
4195 | - mv $tmp_rc $unit_path |
4196 | -} |
4197 | |
4198 | === removed symlink 'hooks/shared-db-relation-changed' |
4199 | === target was u'horizon-relations' |
4200 | === removed symlink 'hooks/shared-db-relation-joined' |
4201 | === target was u'horizon-relations' |
4202 | === added symlink 'hooks/start' |
4203 | === target is u'horizon_hooks.py' |
4204 | === added symlink 'hooks/stop' |
4205 | === target is u'horizon_hooks.py' |
4206 | === modified symlink 'hooks/upgrade-charm' |
4207 | === target changed u'horizon-relations' => u'horizon_hooks.py' |
4208 | === added symlink 'hooks/website-relation-joined' |
4209 | === target is u'horizon_hooks.py' |
4210 | === modified file 'metadata.yaml' |
4211 | --- metadata.yaml 2013-05-20 10:38:10 +0000 |
4212 | +++ metadata.yaml 2013-10-15 14:11:37 +0000 |
4213 | @@ -2,11 +2,13 @@ |
4214 | summary: a Django web interface to OpenStack |
4215 | maintainer: Adam Gandelman <adamg@canonical.com> |
4216 | description: | |
4217 | - |
4218 | + The OpenStack Dashboard provides a full feature web interface for interacting |
4219 | + with instances, images, volumes and networks within an OpenStack deployment. |
4220 | categories: ["misc"] |
4221 | +provides: |
4222 | + website: |
4223 | + interface: http |
4224 | requires: |
4225 | - shared-db: |
4226 | - interface: mysql |
4227 | identity-service: |
4228 | interface: keystone |
4229 | ha: |
4230 | |
4231 | === added file 'setup.cfg' |
4232 | --- setup.cfg 1970-01-01 00:00:00 +0000 |
4233 | +++ setup.cfg 2013-10-15 14:11:37 +0000 |
4234 | @@ -0,0 +1,5 @@ |
4235 | +[nosetests] |
4236 | +verbosity=2 |
4237 | +with-coverage=1 |
4238 | +cover-erase=1 |
4239 | +cover-package=hooks |
4240 | |
4241 | === added directory 'templates' |
4242 | === added file 'templates/default' |
4243 | --- templates/default 1970-01-01 00:00:00 +0000 |
4244 | +++ templates/default 2013-10-15 14:11:37 +0000 |
4245 | @@ -0,0 +1,32 @@ |
4246 | +<VirtualHost *:{{ http_port }}> |
4247 | + ServerAdmin webmaster@localhost |
4248 | + |
4249 | + DocumentRoot /var/www |
4250 | + <Directory /> |
4251 | + Options FollowSymLinks |
4252 | + AllowOverride None |
4253 | + </Directory> |
4254 | + <Directory /var/www/> |
4255 | + Options Indexes FollowSymLinks MultiViews |
4256 | + AllowOverride None |
4257 | + Order allow,deny |
4258 | + allow from all |
4259 | + </Directory> |
4260 | + |
4261 | + ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ |
4262 | + <Directory "/usr/lib/cgi-bin"> |
4263 | + AllowOverride None |
4264 | + Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch |
4265 | + Order allow,deny |
4266 | + Allow from all |
4267 | + </Directory> |
4268 | + |
4269 | + ErrorLog ${APACHE_LOG_DIR}/error.log |
4270 | + |
4271 | + # Possible values include: debug, info, notice, warn, error, crit, |
4272 | + # alert, emerg. |
4273 | + LogLevel warn |
4274 | + |
4275 | + CustomLog ${APACHE_LOG_DIR}/access.log combined |
4276 | + |
4277 | +</VirtualHost> |
4278 | |
4279 | === added file 'templates/default-ssl' |
4280 | --- templates/default-ssl 1970-01-01 00:00:00 +0000 |
4281 | +++ templates/default-ssl 2013-10-15 14:11:37 +0000 |
4282 | @@ -0,0 +1,50 @@ |
4283 | +<IfModule mod_ssl.c> |
4284 | + <VirtualHost _default_:{{ https_port }}> |
4285 | + ServerAdmin webmaster@localhost |
4286 | + |
4287 | + DocumentRoot /var/www |
4288 | + <Directory /> |
4289 | + Options FollowSymLinks |
4290 | + AllowOverride None |
4291 | + </Directory> |
4292 | + <Directory /var/www/> |
4293 | + Options Indexes FollowSymLinks MultiViews |
4294 | + AllowOverride None |
4295 | + Order allow,deny |
4296 | + allow from all |
4297 | + </Directory> |
4298 | + |
4299 | + ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ |
4300 | + <Directory "/usr/lib/cgi-bin"> |
4301 | + AllowOverride None |
4302 | + Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch |
4303 | + Order allow,deny |
4304 | + Allow from all |
4305 | + </Directory> |
4306 | + |
4307 | + ErrorLog ${APACHE_LOG_DIR}/error.log |
4308 | + LogLevel warn |
4309 | + |
4310 | + CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined |
4311 | + |
4312 | + SSLEngine on |
4313 | +{% if ssl_configured %} |
4314 | + SSLCertificateFile {{ ssl_cert }} |
4315 | + SSLCertificateKeyFile {{ ssl_key }} |
4316 | +{% else %} |
4317 | + SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem |
4318 | + SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key |
4319 | +{% endif %} |
4320 | + <FilesMatch "\.(cgi|shtml|phtml|php)$"> |
4321 | + SSLOptions +StdEnvVars |
4322 | + </FilesMatch> |
4323 | + <Directory /usr/lib/cgi-bin> |
4324 | + SSLOptions +StdEnvVars |
4325 | + </Directory> |
4326 | + BrowserMatch "MSIE [2-6]" \ |
4327 | + nokeepalive ssl-unclean-shutdown \ |
4328 | + downgrade-1.0 force-response-1.0 |
4329 | + BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown |
4330 | + |
4331 | + </VirtualHost> |
4332 | +</IfModule> |
4333 | |
4334 | === added directory 'templates/essex' |
4335 | === added file 'templates/essex/local_settings.py' |
4336 | --- templates/essex/local_settings.py 1970-01-01 00:00:00 +0000 |
4337 | +++ templates/essex/local_settings.py 2013-10-15 14:11:37 +0000 |
4338 | @@ -0,0 +1,120 @@ |
4339 | +import os |
4340 | + |
4341 | +from django.utils.translation import ugettext_lazy as _ |
4342 | + |
4343 | +DEBUG = {{ debug }} |
4344 | +TEMPLATE_DEBUG = DEBUG |
4345 | +PROD = False |
4346 | +USE_SSL = False |
4347 | + |
4348 | +# Ubuntu-specific: Enables an extra panel in the 'Settings' section |
4349 | +# that easily generates a Juju environments.yaml for download, |
4350 | +# preconfigured with endpoints and credentails required for bootstrap |
4351 | +# and service deployment. |
4352 | +ENABLE_JUJU_PANEL = True |
4353 | + |
4354 | +# Note: You should change this value |
4355 | +SECRET_KEY = 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0' |
4356 | + |
4357 | +# Specify a regular expression to validate user passwords. |
4358 | +# HORIZON_CONFIG = { |
4359 | +# "password_validator": { |
4360 | +# "regex": '.*', |
4361 | +# "help_text": _("Your password does not meet the requirements.") |
4362 | +# } |
4363 | +# } |
4364 | + |
4365 | +LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) |
4366 | + |
4367 | +CACHE_BACKEND = 'memcached://127.0.0.1:11211/' |
4368 | + |
4369 | +# Send email to the console by default |
4370 | +EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' |
4371 | +# Or send them to /dev/null |
4372 | +#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend' |
4373 | + |
4374 | +# Configure these for your outgoing email host |
4375 | +# EMAIL_HOST = 'smtp.my-company.com' |
4376 | +# EMAIL_PORT = 25 |
4377 | +# EMAIL_HOST_USER = 'djangomail' |
4378 | +# EMAIL_HOST_PASSWORD = 'top-secret!' |
4379 | + |
4380 | +# For multiple regions uncomment this configuration, and add (endpoint, title). |
4381 | +# AVAILABLE_REGIONS = [ |
4382 | +# ('http://cluster1.example.com:5000/v2.0', 'cluster1'), |
4383 | +# ('http://cluster2.example.com:5000/v2.0', 'cluster2'), |
4384 | +# ] |
4385 | + |
4386 | +OPENSTACK_HOST = "127.0.0.1" |
4387 | +OPENSTACK_KEYSTONE_URL = "http://{{ service_host }}:{{ service_port }}/v2.0" |
4388 | +OPENSTACK_KEYSTONE_DEFAULT_ROLE = "{{ default_role }}" |
4389 | + |
4390 | +# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the |
4391 | +# capabilities of the auth backend for Keystone. |
4392 | +# If Keystone has been configured to use LDAP as the auth backend then set |
4393 | +# can_edit_user to False and name to 'ldap'. |
4394 | +# |
4395 | +# TODO(tres): Remove these once Keystone has an API to identify auth backend. |
4396 | +OPENSTACK_KEYSTONE_BACKEND = { |
4397 | + 'name': 'native', |
4398 | + 'can_edit_user': True |
4399 | +} |
4400 | + |
4401 | +# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints |
4402 | +# in the Keystone service catalog. Use this setting when Horizon is running |
4403 | +# external to the OpenStack environment. The default is 'internalURL'. |
4404 | +#OPENSTACK_ENDPOINT_TYPE = "publicURL" |
4405 | + |
4406 | +# The number of Swift containers and objects to display on a single page before |
4407 | +# providing a paging element (a "more" link) to paginate results. |
4408 | +API_RESULT_LIMIT = 1000 |
4409 | + |
4410 | +# If you have external monitoring links, eg: |
4411 | +# EXTERNAL_MONITORING = [ |
4412 | +# ['Nagios','http://foo.com'], |
4413 | +# ['Ganglia','http://bar.com'], |
4414 | +# ] |
4415 | + |
4416 | +LOGGING = { |
4417 | + 'version': 1, |
4418 | + # When set to True this will disable all logging except |
4419 | + # for loggers specified in this configuration dictionary. Note that |
4420 | + # if nothing is specified here and disable_existing_loggers is True, |
4421 | + # django.db.backends will still log unless it is disabled explicitly. |
4422 | + 'disable_existing_loggers': False, |
4423 | + 'handlers': { |
4424 | + 'null': { |
4425 | + 'level': 'DEBUG', |
4426 | + 'class': 'django.utils.log.NullHandler', |
4427 | + }, |
4428 | + 'console': { |
4429 | + # Set the level to "DEBUG" for verbose output logging. |
4430 | + 'level': 'INFO', |
4431 | + 'class': 'logging.StreamHandler', |
4432 | + }, |
4433 | + }, |
4434 | + 'loggers': { |
4435 | + # Logging from django.db.backends is VERY verbose, send to null |
4436 | + # by default. |
4437 | + 'django.db.backends': { |
4438 | + 'handlers': ['null'], |
4439 | + 'propagate': False, |
4440 | + }, |
4441 | + 'horizon': { |
4442 | + 'handlers': ['console'], |
4443 | + 'propagate': False, |
4444 | + }, |
4445 | + 'novaclient': { |
4446 | + 'handlers': ['console'], |
4447 | + 'propagate': False, |
4448 | + }, |
4449 | + 'keystoneclient': { |
4450 | + 'handlers': ['console'], |
4451 | + 'propagate': False, |
4452 | + }, |
4453 | + 'nose.plugins.manager': { |
4454 | + 'handlers': ['console'], |
4455 | + 'propagate': False, |
4456 | + } |
4457 | + } |
4458 | +} |
4459 | |
4460 | === added file 'templates/essex/openstack-dashboard.conf' |
4461 | --- templates/essex/openstack-dashboard.conf 1970-01-01 00:00:00 +0000 |
4462 | +++ templates/essex/openstack-dashboard.conf 2013-10-15 14:11:37 +0000 |
4463 | @@ -0,0 +1,7 @@ |
4464 | +WSGIScriptAlias {{ webroot }} /usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi |
4465 | +WSGIDaemonProcess horizon user=www-data group=www-data processes=3 threads=10 |
4466 | +Alias /static /usr/share/openstack-dashboard/openstack_dashboard/static/ |
4467 | +<Directory /usr/share/openstack-dashboard/openstack_dashboard/wsgi> |
4468 | + Order allow,deny |
4469 | + Allow from all |
4470 | +</Directory> |
4471 | |
4472 | === added directory 'templates/folsom' |
4473 | === added file 'templates/folsom/local_settings.py' |
4474 | --- templates/folsom/local_settings.py 1970-01-01 00:00:00 +0000 |
4475 | +++ templates/folsom/local_settings.py 2013-10-15 14:11:37 +0000 |
4476 | @@ -0,0 +1,165 @@ |
4477 | +import os |
4478 | + |
4479 | +from django.utils.translation import ugettext_lazy as _ |
4480 | + |
4481 | +DEBUG = {{ debug }} |
4482 | +TEMPLATE_DEBUG = DEBUG |
4483 | + |
4484 | +# Set SSL proxy settings: |
4485 | +# For Django 1.4+ pass this header from the proxy after terminating the SSL, |
4486 | +# and don't forget to strip it from the client's request. |
4487 | +# For more information see: |
4488 | +# https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header |
4489 | +# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https') |
4490 | + |
4491 | +# Specify a regular expression to validate user passwords. |
4492 | +# HORIZON_CONFIG = { |
4493 | +# "password_validator": { |
4494 | +# "regex": '.*', |
4495 | +# "help_text": _("Your password does not meet the requirements.") |
4496 | +# }, |
4497 | +# 'help_url': "http://docs.openstack.org" |
4498 | +# } |
4499 | + |
4500 | +LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) |
4501 | + |
4502 | +# Set custom secret key: |
4503 | +# You can either set it to a specific value or you can let horizion generate a |
4504 | +# default secret key that is unique on this machine, e.i. regardless of the |
4505 | +# amount of Python WSGI workers (if used behind Apache+mod_wsgi): However, there |
4506 | +# may be situations where you would want to set this explicitly, e.g. when |
4507 | +# multiple dashboard instances are distributed on different machines (usually |
4508 | +# behind a load-balancer). Either you have to make sure that a session gets all |
4509 | +# requests routed to the same dashboard instance or you set the same SECRET_KEY |
4510 | +# for all of them. |
4511 | +# from horizon.utils import secret_key |
4512 | +# SECRET_KEY = secret_key.generate_or_read_from_file(os.path.join(LOCAL_PATH, '.secret_key_store')) |
4513 | + |
4514 | +# We recommend you use memcached for development; otherwise after every reload |
4515 | +# of the django development server, you will have to login again. To use |
4516 | +# memcached set CACHE_BACKED to something like 'memcached://127.0.0.1:11211/' |
4517 | +CACHE_BACKEND = 'memcached://127.0.0.1:11211' |
4518 | + |
4519 | +# Send email to the console by default |
4520 | +EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' |
4521 | +# Or send them to /dev/null |
4522 | +#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend' |
4523 | + |
4524 | +# Configure these for your outgoing email host |
4525 | +# EMAIL_HOST = 'smtp.my-company.com' |
4526 | +# EMAIL_PORT = 25 |
4527 | +# EMAIL_HOST_USER = 'djangomail' |
4528 | +# EMAIL_HOST_PASSWORD = 'top-secret!' |
4529 | + |
4530 | +# For multiple regions uncomment this configuration, and add (endpoint, title). |
4531 | +# AVAILABLE_REGIONS = [ |
4532 | +# ('http://cluster1.example.com:5000/v2.0', 'cluster1'), |
4533 | +# ('http://cluster2.example.com:5000/v2.0', 'cluster2'), |
4534 | +# ] |
4535 | + |
4536 | +OPENSTACK_HOST = "127.0.0.1" |
4537 | +OPENSTACK_KEYSTONE_URL = "http://{{ service_host }}:{{ service_port }}/v2.0" |
4538 | +OPENSTACK_KEYSTONE_DEFAULT_ROLE = "{{ default_role }}" |
4539 | + |
4540 | +# Disable SSL certificate checks (useful for self-signed certificates): |
4541 | +# OPENSTACK_SSL_NO_VERIFY = True |
4542 | + |
4543 | +# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the |
4544 | +# capabilities of the auth backend for Keystone. |
4545 | +# If Keystone has been configured to use LDAP as the auth backend then set |
4546 | +# can_edit_user to False and name to 'ldap'. |
4547 | +# |
4548 | +# TODO(tres): Remove these once Keystone has an API to identify auth backend. |
4549 | +OPENSTACK_KEYSTONE_BACKEND = { |
4550 | + 'name': 'native', |
4551 | + 'can_edit_user': True |
4552 | +} |
4553 | + |
4554 | +OPENSTACK_HYPERVISOR_FEATURES = { |
4555 | + 'can_set_mount_point': True |
4556 | +} |
4557 | + |
4558 | +# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints |
4559 | +# in the Keystone service catalog. Use this setting when Horizon is running |
4560 | +# external to the OpenStack environment. The default is 'internalURL'. |
4561 | +#OPENSTACK_ENDPOINT_TYPE = "publicURL" |
4562 | + |
4563 | +# The number of objects (Swift containers/objects or images) to display |
4564 | +# on a single page before providing a paging element (a "more" link) |
4565 | +# to paginate results. |
4566 | +API_RESULT_LIMIT = 1000 |
4567 | +API_RESULT_PAGE_SIZE = 20 |
4568 | + |
4569 | +# The timezone of the server. This should correspond with the timezone |
4570 | +# of your entire OpenStack installation, and hopefully be in UTC. |
4571 | +TIME_ZONE = "UTC" |
4572 | + |
4573 | +LOGGING = { |
4574 | + 'version': 1, |
4575 | + # When set to True this will disable all logging except |
4576 | + # for loggers specified in this configuration dictionary. Note that |
4577 | + # if nothing is specified here and disable_existing_loggers is True, |
4578 | + # django.db.backends will still log unless it is disabled explicitly. |
4579 | + 'disable_existing_loggers': False, |
4580 | + 'handlers': { |
4581 | + 'null': { |
4582 | + 'level': 'DEBUG', |
4583 | + 'class': 'django.utils.log.NullHandler', |
4584 | + }, |
4585 | + 'console': { |
4586 | + # Set the level to "DEBUG" for verbose output logging. |
4587 | + 'level': 'INFO', |
4588 | + 'class': 'logging.StreamHandler', |
4589 | + }, |
4590 | + }, |
4591 | + 'loggers': { |
4592 | + # Logging from django.db.backends is VERY verbose, send to null |
4593 | + # by default. |
4594 | + 'django.db.backends': { |
4595 | + 'handlers': ['null'], |
4596 | + 'propagate': False, |
4597 | + }, |
4598 | + 'horizon': { |
4599 | + 'handlers': ['console'], |
4600 | + 'propagate': False, |
4601 | + }, |
4602 | + 'openstack_dashboard': { |
4603 | + 'handlers': ['console'], |
4604 | + 'propagate': False, |
4605 | + }, |
4606 | + 'novaclient': { |
4607 | + 'handlers': ['console'], |
4608 | + 'propagate': False, |
4609 | + }, |
4610 | + 'keystoneclient': { |
4611 | + 'handlers': ['console'], |
4612 | + 'propagate': False, |
4613 | + }, |
4614 | + 'glanceclient': { |
4615 | + 'handlers': ['console'], |
4616 | + 'propagate': False, |
4617 | + }, |
4618 | + 'nose.plugins.manager': { |
4619 | + 'handlers': ['console'], |
4620 | + 'propagate': False, |
4621 | + } |
4622 | + } |
4623 | +} |
4624 | + |
4625 | +{% if ubuntu_theme %} |
4626 | +# Enable the Ubuntu theme if it is present. |
4627 | +try: |
4628 | + from ubuntu_theme import * |
4629 | +except ImportError: |
4630 | + pass |
4631 | +{% endif %} |
4632 | + |
4633 | +# Default Ubuntu apache configuration uses /horizon as the application root. |
4634 | +# Configure auth redirects here accordingly. |
4635 | +LOGIN_URL='{{ webroot }}/auth/login/' |
4636 | +LOGIN_REDIRECT_URL='{{ webroot }}' |
4637 | + |
4638 | +# The Ubuntu package includes pre-compressed JS and compiled CSS to allow |
4639 | +# offline compression by default. To enable online compression, install |
4640 | +# the node-less package and enable the following option. |
4641 | +COMPRESS_OFFLINE = {{ compress_offline }} |
4642 | |
4643 | === added directory 'templates/grizzly' |
4644 | === added file 'templates/grizzly/local_settings.py' |
4645 | --- templates/grizzly/local_settings.py 1970-01-01 00:00:00 +0000 |
4646 | +++ templates/grizzly/local_settings.py 2013-10-15 14:11:37 +0000 |
4647 | @@ -0,0 +1,221 @@ |
4648 | +import os |
4649 | + |
4650 | +from django.utils.translation import ugettext_lazy as _ |
4651 | + |
4652 | +from openstack_dashboard import exceptions |
4653 | + |
4654 | +DEBUG = {{ debug }} |
4655 | +TEMPLATE_DEBUG = DEBUG |
4656 | + |
4657 | +# Set SSL proxy settings: |
4658 | +# For Django 1.4+ pass this header from the proxy after terminating the SSL, |
4659 | +# and don't forget to strip it from the client's request. |
4660 | +# For more information see: |
4661 | +# https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header |
4662 | +# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https') |
4663 | + |
4664 | +# If Horizon is being served through SSL, then uncomment the following two |
4665 | +# settings to better secure the cookies from security exploits |
4666 | +#CSRF_COOKIE_SECURE = True |
4667 | +#SESSION_COOKIE_SECURE = True |
4668 | + |
4669 | +# Default OpenStack Dashboard configuration. |
4670 | +HORIZON_CONFIG = { |
4671 | + 'dashboards': ('project', 'admin', 'settings',), |
4672 | + 'default_dashboard': 'project', |
4673 | + 'user_home': 'openstack_dashboard.views.get_user_home', |
4674 | + 'ajax_queue_limit': 10, |
4675 | + 'auto_fade_alerts': { |
4676 | + 'delay': 3000, |
4677 | + 'fade_duration': 1500, |
4678 | + 'types': ['alert-success', 'alert-info'] |
4679 | + }, |
4680 | + 'help_url': "http://docs.openstack.org", |
4681 | + 'exceptions': {'recoverable': exceptions.RECOVERABLE, |
4682 | + 'not_found': exceptions.NOT_FOUND, |
4683 | + 'unauthorized': exceptions.UNAUTHORIZED}, |
4684 | +} |
4685 | + |
4686 | +# Specify a regular expression to validate user passwords. |
4687 | +# HORIZON_CONFIG["password_validator"] = { |
4688 | +# "regex": '.*', |
4689 | +# "help_text": _("Your password does not meet the requirements.") |
4690 | +# } |
4691 | + |
4692 | +# Disable simplified floating IP address management for deployments with |
4693 | +# multiple floating IP pools or complex network requirements. |
4694 | +# HORIZON_CONFIG["simple_ip_management"] = False |
4695 | + |
4696 | +# Turn off browser autocompletion for the login form if so desired. |
4697 | +# HORIZON_CONFIG["password_autocomplete"] = "off" |
4698 | + |
4699 | +LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) |
4700 | + |
4701 | +# Set custom secret key: |
4702 | +# You can either set it to a specific value or you can let horizion generate a |
4703 | +# default secret key that is unique on this machine, e.i. regardless of the |
4704 | +# amount of Python WSGI workers (if used behind Apache+mod_wsgi): However, there |
4705 | +# may be situations where you would want to set this explicitly, e.g. when |
4706 | +# multiple dashboard instances are distributed on different machines (usually |
4707 | +# behind a load-balancer). Either you have to make sure that a session gets all |
4708 | +# requests routed to the same dashboard instance or you set the same SECRET_KEY |
4709 | +# for all of them. |
4710 | + |
4711 | +SECRET_KEY = "{{ secret }}" |
4712 | + |
4713 | +# We recommend you use memcached for development; otherwise after every reload |
4714 | +# of the django development server, you will have to login again. To use |
4715 | +# memcached set CACHES to something like |
4716 | +# CACHES = { |
4717 | +# 'default': { |
4718 | +# 'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache', |
4719 | +# 'LOCATION' : '127.0.0.1:11211', |
4720 | +# } |
4721 | +#} |
4722 | + |
4723 | +CACHES = { |
4724 | + 'default': { |
4725 | + 'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache', |
4726 | + 'LOCATION' : '127.0.0.1:11211' |
4727 | + } |
4728 | +} |
4729 | + |
4730 | +# Send email to the console by default |
4731 | +EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' |
4732 | +# Or send them to /dev/null |
4733 | +#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend' |
4734 | + |
4735 | +{% if ubuntu_theme %} |
4736 | +# Enable the Ubuntu theme if it is present. |
4737 | +try: |
4738 | + from ubuntu_theme import * |
4739 | +except ImportError: |
4740 | + pass |
4741 | +{% endif %} |
4742 | + |
4743 | +# Default Ubuntu apache configuration uses /horizon as the application root. |
4744 | +# Configure auth redirects here accordingly. |
4745 | +LOGIN_URL='{{ webroot }}/auth/login/' |
4746 | +LOGIN_REDIRECT_URL='{{ webroot }}' |
4747 | + |
4748 | +# The Ubuntu package includes pre-compressed JS and compiled CSS to allow |
4749 | +# offline compression by default. To enable online compression, install |
4750 | +# the node-less package and enable the following option. |
4751 | +COMPRESS_OFFLINE = {{ compress_offline }} |
4752 | + |
4753 | +# Configure these for your outgoing email host |
4754 | +# EMAIL_HOST = 'smtp.my-company.com' |
4755 | +# EMAIL_PORT = 25 |
4756 | +# EMAIL_HOST_USER = 'djangomail' |
4757 | +# EMAIL_HOST_PASSWORD = 'top-secret!' |
4758 | + |
4759 | +# For multiple regions uncomment this configuration, and add (endpoint, title). |
4760 | +# AVAILABLE_REGIONS = [ |
4761 | +# ('http://cluster1.example.com:5000/v2.0', 'cluster1'), |
4762 | +# ('http://cluster2.example.com:5000/v2.0', 'cluster2'), |
4763 | +# ] |
4764 | + |
4765 | +OPENSTACK_HOST = "127.0.0.1" |
4766 | +OPENSTACK_KEYSTONE_URL = "http://{{ service_host }}:{{ service_port }}/v2.0" |
4767 | +OPENSTACK_KEYSTONE_DEFAULT_ROLE = "{{ default_role }}" |
4768 | + |
4769 | +# Disable SSL certificate checks (useful for self-signed certificates): |
4770 | +# OPENSTACK_SSL_NO_VERIFY = True |
4771 | + |
4772 | +# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the |
4773 | +# capabilities of the auth backend for Keystone. |
4774 | +# If Keystone has been configured to use LDAP as the auth backend then set |
4775 | +# can_edit_user to False and name to 'ldap'. |
4776 | +# |
4777 | +# TODO(tres): Remove these once Keystone has an API to identify auth backend. |
4778 | +OPENSTACK_KEYSTONE_BACKEND = { |
4779 | + 'name': 'native', |
4780 | + 'can_edit_user': True, |
4781 | + 'can_edit_project': True |
4782 | +} |
4783 | + |
4784 | +OPENSTACK_HYPERVISOR_FEATURES = { |
4785 | + 'can_set_mount_point': True, |
4786 | + |
4787 | + # NOTE: as of Grizzly this is not yet supported in Nova so enabling this |
4788 | + # setting will not do anything useful |
4789 | + 'can_encrypt_volumes': False |
4790 | +} |
4791 | + |
4792 | +# The OPENSTACK_QUANTUM_NETWORK settings can be used to enable optional |
4793 | +# services provided by quantum. Currently only the load balancer service |
4794 | +# is available. |
4795 | +OPENSTACK_QUANTUM_NETWORK = { |
4796 | + 'enable_lb': False |
4797 | +} |
4798 | + |
4799 | +# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints |
4800 | +# in the Keystone service catalog. Use this setting when Horizon is running |
4801 | +# external to the OpenStack environment. The default is 'internalURL'. |
4802 | +#OPENSTACK_ENDPOINT_TYPE = "publicURL" |
4803 | + |
4804 | +# The number of objects (Swift containers/objects or images) to display |
4805 | +# on a single page before providing a paging element (a "more" link) |
4806 | +# to paginate results. |
4807 | +API_RESULT_LIMIT = 1000 |
4808 | +API_RESULT_PAGE_SIZE = 20 |
4809 | + |
4810 | +# The timezone of the server. This should correspond with the timezone |
4811 | +# of your entire OpenStack installation, and hopefully be in UTC. |
4812 | +TIME_ZONE = "UTC" |
4813 | + |
4814 | +LOGGING = { |
4815 | + 'version': 1, |
4816 | + # When set to True this will disable all logging except |
4817 | + # for loggers specified in this configuration dictionary. Note that |
4818 | + # if nothing is specified here and disable_existing_loggers is True, |
4819 | + # django.db.backends will still log unless it is disabled explicitly. |
4820 | + 'disable_existing_loggers': False, |
4821 | + 'handlers': { |
4822 | + 'null': { |
4823 | + 'level': 'DEBUG', |
4824 | + 'class': 'django.utils.log.NullHandler', |
4825 | + }, |
4826 | + 'console': { |
4827 | + # Set the level to "DEBUG" for verbose output logging. |
4828 | + 'level': 'INFO', |
4829 | + 'class': 'logging.StreamHandler', |
4830 | + }, |
4831 | + }, |
4832 | + 'loggers': { |
4833 | + # Logging from django.db.backends is VERY verbose, send to null |
4834 | + # by default. |
4835 | + 'django.db.backends': { |
4836 | + 'handlers': ['null'], |
4837 | + 'propagate': False, |
4838 | + }, |
4839 | + 'requests': { |
4840 | + 'handlers': ['null'], |
4841 | + 'propagate': False, |
4842 | + }, |
4843 | + 'horizon': { |
4844 | + 'handlers': ['console'], |
4845 | + 'propagate': False, |
4846 | + }, |
4847 | + 'openstack_dashboard': { |
4848 | + 'handlers': ['console'], |
4849 | + 'propagate': False, |
4850 | + }, |
4851 | + 'novaclient': { |
4852 | + 'handlers': ['console'], |
4853 | + 'propagate': False, |
4854 | + }, |
4855 | + 'keystoneclient': { |
4856 | + 'handlers': ['console'], |
4857 | + 'propagate': False, |
4858 | + }, |
4859 | + 'glanceclient': { |
4860 | + 'handlers': ['console'], |
4861 | + 'propagate': False, |
4862 | + }, |
4863 | + 'nose.plugins.manager': { |
4864 | + 'handlers': ['console'], |
4865 | + 'propagate': False, |
4866 | + } |
4867 | + } |
4868 | +} |
4869 | |
4870 | === added file 'templates/haproxy.cfg' |
4871 | --- templates/haproxy.cfg 1970-01-01 00:00:00 +0000 |
4872 | +++ templates/haproxy.cfg 2013-10-15 14:11:37 +0000 |
4873 | @@ -0,0 +1,37 @@ |
4874 | +global |
4875 | + log 127.0.0.1 local0 |
4876 | + log 127.0.0.1 local1 notice |
4877 | + maxconn 20000 |
4878 | + user haproxy |
4879 | + group haproxy |
4880 | + spread-checks 0 |
4881 | + |
4882 | +defaults |
4883 | + log global |
4884 | + mode tcp |
4885 | + option tcplog |
4886 | + option dontlognull |
4887 | + retries 3 |
4888 | + timeout queue 1000 |
4889 | + timeout connect 1000 |
4890 | + timeout client 30000 |
4891 | + timeout server 30000 |
4892 | + |
4893 | +listen stats :8888 |
4894 | + mode http |
4895 | + stats enable |
4896 | + stats hide-version |
4897 | + stats realm Haproxy\ Statistics |
4898 | + stats uri / |
4899 | + stats auth admin:password |
4900 | + |
4901 | +{% if units %} |
4902 | +{% for service, ports in service_ports.iteritems() -%} |
4903 | +listen {{ service }} 0.0.0.0:{{ ports[0] }} |
4904 | + balance roundrobin |
4905 | + option tcplog |
4906 | + {% for unit, address in units.iteritems() -%} |
4907 | + server {{ unit }} {{ address }}:{{ ports[1] }} check |
4908 | + {% endfor %} |
4909 | +{% endfor %} |
4910 | +{% endif %} |
4911 | \ No newline at end of file |
4912 | |
4913 | === added directory 'templates/havana' |
4914 | === added file 'templates/havana/local_settings.py' |
4915 | --- templates/havana/local_settings.py 1970-01-01 00:00:00 +0000 |
4916 | +++ templates/havana/local_settings.py 2013-10-15 14:11:37 +0000 |
4917 | @@ -0,0 +1,425 @@ |
4918 | +import os |
4919 | + |
4920 | +from django.utils.translation import ugettext_lazy as _ |
4921 | + |
4922 | +from openstack_dashboard import exceptions |
4923 | + |
4924 | +DEBUG = {{ debug }} |
4925 | +TEMPLATE_DEBUG = DEBUG |
4926 | + |
4927 | +# Required for Django 1.5. |
4928 | +# If horizon is running in production (DEBUG is False), set this |
4929 | +# with the list of host/domain names that the application can serve. |
4930 | +# For more information see: |
4931 | +# https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts |
4932 | +#ALLOWED_HOSTS = ['horizon.example.com', ] |
4933 | + |
4934 | +# Set SSL proxy settings: |
4935 | +# For Django 1.4+ pass this header from the proxy after terminating the SSL, |
4936 | +# and don't forget to strip it from the client's request. |
4937 | +# For more information see: |
4938 | +# https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header |
4939 | +# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https') |
4940 | + |
4941 | +# If Horizon is being served through SSL, then uncomment the following two |
4942 | +# settings to better secure the cookies from security exploits |
4943 | +#CSRF_COOKIE_SECURE = True |
4944 | +#SESSION_COOKIE_SECURE = True |
4945 | + |
4946 | +# Overrides for OpenStack API versions. Use this setting to force the |
4947 | +# OpenStack dashboard to use a specfic API version for a given service API. |
4948 | +# NOTE: The version should be formatted as it appears in the URL for the |
4949 | +# service API. For example, The identity service APIs have inconsistent |
4950 | +# use of the decimal point, so valid options would be "2.0" or "3". |
4951 | +# OPENSTACK_API_VERSIONS = { |
4952 | +# "identity": 3 |
4953 | +# } |
4954 | + |
4955 | +# Set this to True if running on multi-domain model. When this is enabled, it |
4956 | +# will require user to enter the Domain name in addition to username for login. |
4957 | +# OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = False |
4958 | + |
4959 | +# Overrides the default domain used when running on single-domain model |
4960 | +# with Keystone V3. All entities will be created in the default domain. |
4961 | +# OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default' |
4962 | + |
4963 | +# Set Console type: |
4964 | +# valid options would be "AUTO", "VNC" or "SPICE" |
4965 | +# CONSOLE_TYPE = "AUTO" |
4966 | + |
4967 | +# Default OpenStack Dashboard configuration. |
4968 | +HORIZON_CONFIG = { |
4969 | + 'dashboards': ('project', 'admin', 'settings',), |
4970 | + 'default_dashboard': 'project', |
4971 | + 'user_home': 'openstack_dashboard.views.get_user_home', |
4972 | + 'ajax_queue_limit': 10, |
4973 | + 'auto_fade_alerts': { |
4974 | + 'delay': 3000, |
4975 | + 'fade_duration': 1500, |
4976 | + 'types': ['alert-success', 'alert-info'] |
4977 | + }, |
4978 | + 'help_url': "http://docs.openstack.org", |
4979 | + 'exceptions': {'recoverable': exceptions.RECOVERABLE, |
4980 | + 'not_found': exceptions.NOT_FOUND, |
4981 | + 'unauthorized': exceptions.UNAUTHORIZED}, |
4982 | +} |
4983 | + |
4984 | +# Specify a regular expression to validate user passwords. |
4985 | +# HORIZON_CONFIG["password_validator"] = { |
4986 | +# "regex": '.*', |
4987 | +# "help_text": _("Your password does not meet the requirements.") |
4988 | +# } |
4989 | + |
4990 | +# Disable simplified floating IP address management for deployments with |
4991 | +# multiple floating IP pools or complex network requirements. |
4992 | +# HORIZON_CONFIG["simple_ip_management"] = False |
4993 | + |
4994 | +# Turn off browser autocompletion for the login form if so desired. |
4995 | +# HORIZON_CONFIG["password_autocomplete"] = "off" |
4996 | + |
4997 | +LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) |
4998 | + |
4999 | +# Set custom secret key: |
5000 | +# You can either set it to a specific value or you can let horizion generate a |
The diff has been truncated for viewing.
Tests currently failing