Juju Charms Collection
swift-proxy package

Merge lp:~openstack-charmers/charms/precise/swift-proxy/python-redux into lp:~charmers/charms/precise/swift-proxy/trunk

  1. Precise Pangolin (12.04)
  2. python-redux
  3. Merge into trunk
Proposed by Adam Gandelman
Status: Merged
Merged at revision: 45
Proposed branch: lp:~openstack-charmers/charms/precise/swift-proxy/python-redux
Merge into: lp:~charmers/charms/precise/swift-proxy/trunk
Diff against target: 4996 lines (+3213/-1404)
33 files modified
Makefile (+14/-0)
charm-helpers.yaml (+10/-0)
hooks/charmhelpers/contrib/hahelpers/apache.py (+58/-0)
hooks/charmhelpers/contrib/hahelpers/cluster.py (+183/-0)
hooks/charmhelpers/contrib/openstack/context.py (+522/-0)
hooks/charmhelpers/contrib/openstack/neutron.py (+117/-0)
hooks/charmhelpers/contrib/openstack/templates/__init__.py (+2/-0)
hooks/charmhelpers/contrib/openstack/templates/ceph.conf (+11/-0)
hooks/charmhelpers/contrib/openstack/templates/haproxy.cfg (+37/-0)
hooks/charmhelpers/contrib/openstack/templates/openstack_https_frontend (+23/-0)
hooks/charmhelpers/contrib/openstack/templates/openstack_https_frontend.conf (+23/-0)
hooks/charmhelpers/contrib/openstack/templating.py (+280/-0)
hooks/charmhelpers/contrib/openstack/utils.py (+365/-0)
hooks/charmhelpers/core/hookenv.py (+340/-0)
hooks/charmhelpers/core/host.py (+241/-0)
hooks/charmhelpers/fetch/__init__.py (+209/-0)
hooks/charmhelpers/fetch/archiveurl.py (+48/-0)
hooks/charmhelpers/fetch/bzrurl.py (+49/-0)
hooks/charmhelpers/payload/__init__.py (+1/-0)
hooks/charmhelpers/payload/execd.py (+50/-0)
hooks/lib/apache_utils.py (+0/-193)
hooks/lib/cluster_utils.py (+0/-130)
hooks/lib/haproxy_utils.py (+0/-52)
hooks/lib/openstack_common.py (+0/-231)
hooks/lib/utils.py (+0/-332)
hooks/swift_context.py (+223/-0)
hooks/swift_hooks.py (+208/-164)
hooks/swift_utils.py (+133/-246)
revision (+1/-1)
templates/apache2_site.tmpl (+0/-19)
templates/grizzly/proxy-server.conf (+0/-1)
templates/haproxy.cfg (+0/-35)
templates/havana/proxy-server.conf (+65/-0)
To merge this branch: bzr merge lp:~openstack-charmers/charms/precise/swift-proxy/python-redux
Reviewer Review Type Date Requested Status
charmers Pending
Review via email: mp+191087@code.launchpad.net

Description of the change

Update of all Havana / Saucy / python-redux work:

* Full python rewrite using new OpenStack charm-helpers.

* Test coverage

* Havana support

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== added file 'Makefile'
2--- Makefile 1970-01-01 00:00:00 +0000
3+++ Makefile 2013-10-15 01:36:24 +0000
4@@ -0,0 +1,14 @@
5+#!/usr/bin/make
6+PYTHON := /usr/bin/env python
7+
8+lint:
9+ @flake8 --exclude hooks/charmhelpers --ignore=E125 hooks
10+ #@flake8 --exclude hooks/charmhelpers --ignore=E125 unit_tests
11+ @charm proof
12+
13+test:
14+ @echo Starting tests...
15+ @$(PYTHON) /usr/bin/nosetests --nologcapture --with-coverage unit_tests
16+
17+sync:
18+ @charm-helper-sync -c charm-helpers.yaml
19
20=== added file 'charm-helpers.yaml'
21--- charm-helpers.yaml 1970-01-01 00:00:00 +0000
22+++ charm-helpers.yaml 2013-10-15 01:36:24 +0000
23@@ -0,0 +1,10 @@
24+branch: lp:charm-helpers
25+destination: hooks/charmhelpers
26+include:
27+ - core
28+ - fetch
29+ - contrib.openstack|inc=*
30+ - contrib.hahelpers:
31+ - apache
32+ - cluster
33+ - payload.execd
34
35=== added directory 'hooks/charmhelpers'
36=== added file 'hooks/charmhelpers/__init__.py'
37=== added directory 'hooks/charmhelpers/contrib'
38=== added file 'hooks/charmhelpers/contrib/__init__.py'
39=== added directory 'hooks/charmhelpers/contrib/hahelpers'
40=== added file 'hooks/charmhelpers/contrib/hahelpers/__init__.py'
41=== added file 'hooks/charmhelpers/contrib/hahelpers/apache.py'
42--- hooks/charmhelpers/contrib/hahelpers/apache.py 1970-01-01 00:00:00 +0000
43+++ hooks/charmhelpers/contrib/hahelpers/apache.py 2013-10-15 01:36:24 +0000
44@@ -0,0 +1,58 @@
45+#
46+# Copyright 2012 Canonical Ltd.
47+#
48+# This file is sourced from lp:openstack-charm-helpers
49+#
50+# Authors:
51+# James Page <james.page@ubuntu.com>
52+# Adam Gandelman <adamg@ubuntu.com>
53+#
54+
55+import subprocess
56+
57+from charmhelpers.core.hookenv import (
58+ config as config_get,
59+ relation_get,
60+ relation_ids,
61+ related_units as relation_list,
62+ log,
63+ INFO,
64+)
65+
66+
67+def get_cert():
68+ cert = config_get('ssl_cert')
69+ key = config_get('ssl_key')
70+ if not (cert and key):
71+ log("Inspecting identity-service relations for SSL certificate.",
72+ level=INFO)
73+ cert = key = None
74+ for r_id in relation_ids('identity-service'):
75+ for unit in relation_list(r_id):
76+ if not cert:
77+ cert = relation_get('ssl_cert',
78+ rid=r_id, unit=unit)
79+ if not key:
80+ key = relation_get('ssl_key',
81+ rid=r_id, unit=unit)
82+ return (cert, key)
83+
84+
85+def get_ca_cert():
86+ ca_cert = None
87+ log("Inspecting identity-service relations for CA SSL certificate.",
88+ level=INFO)
89+ for r_id in relation_ids('identity-service'):
90+ for unit in relation_list(r_id):
91+ if not ca_cert:
92+ ca_cert = relation_get('ca_cert',
93+ rid=r_id, unit=unit)
94+ return ca_cert
95+
96+
97+def install_ca_cert(ca_cert):
98+ if ca_cert:
99+ with open('/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt',
100+ 'w') as crt:
101+ crt.write(ca_cert)
102+ subprocess.check_call(['update-ca-certificates', '--fresh'])
103
104=== added file 'hooks/charmhelpers/contrib/hahelpers/cluster.py'
105--- hooks/charmhelpers/contrib/hahelpers/cluster.py 1970-01-01 00:00:00 +0000
106+++ hooks/charmhelpers/contrib/hahelpers/cluster.py 2013-10-15 01:36:24 +0000
107@@ -0,0 +1,183 @@
108+#
109+# Copyright 2012 Canonical Ltd.
110+#
111+# Authors:
112+# James Page <james.page@ubuntu.com>
113+# Adam Gandelman <adamg@ubuntu.com>
114+#
115+
116+import subprocess
117+import os
118+
119+from socket import gethostname as get_unit_hostname
120+
121+from charmhelpers.core.hookenv import (
122+ log,
123+ relation_ids,
124+ related_units as relation_list,
125+ relation_get,
126+ config as config_get,
127+ INFO,
128+ ERROR,
129+ unit_get,
130+)
131+
132+
133+class HAIncompleteConfig(Exception):
134+ pass
135+
136+
137+def is_clustered():
138+ for r_id in (relation_ids('ha') or []):
139+ for unit in (relation_list(r_id) or []):
140+ clustered = relation_get('clustered',
141+ rid=r_id,
142+ unit=unit)
143+ if clustered:
144+ return True
145+ return False
146+
147+
148+def is_leader(resource):
149+ cmd = [
150+ "crm", "resource",
151+ "show", resource
152+ ]
153+ try:
154+ status = subprocess.check_output(cmd)
155+ except subprocess.CalledProcessError:
156+ return False
157+ else:
158+ if get_unit_hostname() in status:
159+ return True
160+ else:
161+ return False
162+
163+
164+def peer_units():
165+ peers = []
166+ for r_id in (relation_ids('cluster') or []):
167+ for unit in (relation_list(r_id) or []):
168+ peers.append(unit)
169+ return peers
170+
171+
172+def oldest_peer(peers):
173+ local_unit_no = int(os.getenv('JUJU_UNIT_NAME').split('/')[1])
174+ for peer in peers:
175+ remote_unit_no = int(peer.split('/')[1])
176+ if remote_unit_no < local_unit_no:
177+ return False
178+ return True
179+
180+
181+def eligible_leader(resource):
182+ if is_clustered():
183+ if not is_leader(resource):
184+ log('Deferring action to CRM leader.', level=INFO)
185+ return False
186+ else:
187+ peers = peer_units()
188+ if peers and not oldest_peer(peers):
189+ log('Deferring action to oldest service unit.', level=INFO)
190+ return False
191+ return True
192+
193+
194+def https():
195+ '''
196+ Determines whether enough data has been provided in configuration
197+ or relation data to configure HTTPS
198+ .
199+ returns: boolean
200+ '''
201+ if config_get('use-https') == "yes":
202+ return True
203+ if config_get('ssl_cert') and config_get('ssl_key'):
204+ return True
205+ for r_id in relation_ids('identity-service'):
206+ for unit in relation_list(r_id):
207+ rel_state = [
208+ relation_get('https_keystone', rid=r_id, unit=unit),
209+ relation_get('ssl_cert', rid=r_id, unit=unit),
210+ relation_get('ssl_key', rid=r_id, unit=unit),
211+ relation_get('ca_cert', rid=r_id, unit=unit),
212+ ]
213+ # NOTE: works around (LP: #1203241)
214+ if (None not in rel_state) and ('' not in rel_state):
215+ return True
216+ return False
217+
218+
219+def determine_api_port(public_port):
220+ '''
221+ Determine correct API server listening port based on
222+ existence of HTTPS reverse proxy and/or haproxy.
223+
224+ public_port: int: standard public port for given service
225+
226+ returns: int: the correct listening port for the API service
227+ '''
228+ i = 0
229+ if len(peer_units()) > 0 or is_clustered():
230+ i += 1
231+ if https():
232+ i += 1
233+ return public_port - (i * 10)
234+
235+
236+def determine_haproxy_port(public_port):
237+ '''
238+ Description: Determine correct proxy listening port based on public IP +
239+ existence of HTTPS reverse proxy.
240+
241+ public_port: int: standard public port for given service
242+
243+ returns: int: the correct listening port for the HAProxy service
244+ '''
245+ i = 0
246+ if https():
247+ i += 1
248+ return public_port - (i * 10)
249+
250+
251+def get_hacluster_config():
252+ '''
253+ Obtains all relevant configuration from charm configuration required
254+ for initiating a relation to hacluster:
255+
256+ ha-bindiface, ha-mcastport, vip, vip_iface, vip_cidr
257+
258+ returns: dict: A dict containing settings keyed by setting name.
259+ raises: HAIncompleteConfig if settings are missing.
260+ '''
261+ settings = ['ha-bindiface', 'ha-mcastport', 'vip', 'vip_iface', 'vip_cidr']
262+ conf = {}
263+ for setting in settings:
264+ conf[setting] = config_get(setting)
265+ missing = []
266+ [missing.append(s) for s, v in conf.iteritems() if v is None]
267+ if missing:
268+ log('Insufficient config data to configure hacluster.', level=ERROR)
269+ raise HAIncompleteConfig
270+ return conf
271+
272+
273+def canonical_url(configs, vip_setting='vip'):
274+ '''
275+ Returns the correct HTTP URL to this host given the state of HTTPS
276+ configuration and hacluster.
277+
278+ :configs : OSTemplateRenderer: A config tempating object to inspect for
279+ a complete https context.
280+ :vip_setting: str: Setting in charm config that specifies
281+ VIP address.
282+ '''
283+ scheme = 'http'
284+ if 'https' in configs.complete_contexts():
285+ scheme = 'https'
286+ if is_clustered():
287+ addr = config_get(vip_setting)
288+ else:
289+ addr = unit_get('private-address')
290+ return '%s://%s' % (scheme, addr)
291
292=== added directory 'hooks/charmhelpers/contrib/openstack'
293=== added file 'hooks/charmhelpers/contrib/openstack/__init__.py'
294=== added file 'hooks/charmhelpers/contrib/openstack/context.py'
295--- hooks/charmhelpers/contrib/openstack/context.py 1970-01-01 00:00:00 +0000
296+++ hooks/charmhelpers/contrib/openstack/context.py 2013-10-15 01:36:24 +0000
297@@ -0,0 +1,522 @@
298+import json
299+import os
300+
301+from base64 import b64decode
302+
303+from subprocess import (
304+ check_call
305+)
306+
307+
308+from charmhelpers.fetch import (
309+ apt_install,
310+ filter_installed_packages,
311+)
312+
313+from charmhelpers.core.hookenv import (
314+ config,
315+ local_unit,
316+ log,
317+ relation_get,
318+ relation_ids,
319+ related_units,
320+ unit_get,
321+ unit_private_ip,
322+ ERROR,
323+ WARNING,
324+)
325+
326+from charmhelpers.contrib.hahelpers.cluster import (
327+ determine_api_port,
328+ determine_haproxy_port,
329+ https,
330+ is_clustered,
331+ peer_units,
332+)
333+
334+from charmhelpers.contrib.hahelpers.apache import (
335+ get_cert,
336+ get_ca_cert,
337+)
338+
339+from charmhelpers.contrib.openstack.neutron import (
340+ neutron_plugin_attribute,
341+)
342+
343+CA_CERT_PATH = '/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt'
344+
345+
346+class OSContextError(Exception):
347+ pass
348+
349+
350+def ensure_packages(packages):
351+ '''Install but do not upgrade required plugin packages'''
352+ required = filter_installed_packages(packages)
353+ if required:
354+ apt_install(required, fatal=True)
355+
356+
357+def context_complete(ctxt):
358+ _missing = []
359+ for k, v in ctxt.iteritems():
360+ if v is None or v == '':
361+ _missing.append(k)
362+ if _missing:
363+ log('Missing required data: %s' % ' '.join(_missing), level='INFO')
364+ return False
365+ return True
366+
367+
368+class OSContextGenerator(object):
369+ interfaces = []
370+
371+ def __call__(self):
372+ raise NotImplementedError
373+
374+
375+class SharedDBContext(OSContextGenerator):
376+ interfaces = ['shared-db']
377+
378+ def __init__(self, database=None, user=None, relation_prefix=None):
379+ '''
380+ Allows inspecting relation for settings prefixed with relation_prefix.
381+ This is useful for parsing access for multiple databases returned via
382+ the shared-db interface (eg, nova_password, quantum_password)
383+ '''
384+ self.relation_prefix = relation_prefix
385+ self.database = database
386+ self.user = user
387+
388+ def __call__(self):
389+ self.database = self.database or config('database')
390+ self.user = self.user or config('database-user')
391+ if None in [self.database, self.user]:
392+ log('Could not generate shared_db context. '
393+ 'Missing required charm config options. '
394+ '(database name and user)')
395+ raise OSContextError
396+ ctxt = {}
397+
398+ password_setting = 'password'
399+ if self.relation_prefix:
400+ password_setting = self.relation_prefix + '_password'
401+
402+ for rid in relation_ids('shared-db'):
403+ for unit in related_units(rid):
404+ passwd = relation_get(password_setting, rid=rid, unit=unit)
405+ ctxt = {
406+ 'database_host': relation_get('db_host', rid=rid,
407+ unit=unit),
408+ 'database': self.database,
409+ 'database_user': self.user,
410+ 'database_password': passwd,
411+ }
412+ if context_complete(ctxt):
413+ return ctxt
414+ return {}
415+
416+
417+class IdentityServiceContext(OSContextGenerator):
418+ interfaces = ['identity-service']
419+
420+ def __call__(self):
421+ log('Generating template context for identity-service')
422+ ctxt = {}
423+
424+ for rid in relation_ids('identity-service'):
425+ for unit in related_units(rid):
426+ ctxt = {
427+ 'service_port': relation_get('service_port', rid=rid,
428+ unit=unit),
429+ 'service_host': relation_get('service_host', rid=rid,
430+ unit=unit),
431+ 'auth_host': relation_get('auth_host', rid=rid, unit=unit),
432+ 'auth_port': relation_get('auth_port', rid=rid, unit=unit),
433+ 'admin_tenant_name': relation_get('service_tenant',
434+ rid=rid, unit=unit),
435+ 'admin_user': relation_get('service_username', rid=rid,
436+ unit=unit),
437+ 'admin_password': relation_get('service_password', rid=rid,
438+ unit=unit),
439+ # XXX: Hard-coded http.
440+ 'service_protocol': 'http',
441+ 'auth_protocol': 'http',
442+ }
443+ if context_complete(ctxt):
444+ return ctxt
445+ return {}
446+
447+
448+class AMQPContext(OSContextGenerator):
449+ interfaces = ['amqp']
450+
451+ def __call__(self):
452+ log('Generating template context for amqp')
453+ conf = config()
454+ try:
455+ username = conf['rabbit-user']
456+ vhost = conf['rabbit-vhost']
457+ except KeyError as e:
458+ log('Could not generate shared_db context. '
459+ 'Missing required charm config options: %s.' % e)
460+ raise OSContextError
461+
462+ ctxt = {}
463+ for rid in relation_ids('amqp'):
464+ for unit in related_units(rid):
465+ if relation_get('clustered', rid=rid, unit=unit):
466+ ctxt['clustered'] = True
467+ ctxt['rabbitmq_host'] = relation_get('vip', rid=rid,
468+ unit=unit)
469+ else:
470+ ctxt['rabbitmq_host'] = relation_get('private-address',
471+ rid=rid, unit=unit)
472+ ctxt.update({
473+ 'rabbitmq_user': username,
474+ 'rabbitmq_password': relation_get('password', rid=rid,
475+ unit=unit),
476+ 'rabbitmq_virtual_host': vhost,
477+ })
478+ if context_complete(ctxt):
479+ # Sufficient information found = break out!
480+ break
481+ # Used for active/active rabbitmq >= grizzly
482+ ctxt['rabbitmq_hosts'] = []
483+ for unit in related_units(rid):
484+ ctxt['rabbitmq_hosts'].append(relation_get('private-address',
485+ rid=rid, unit=unit))
486+ if not context_complete(ctxt):
487+ return {}
488+ else:
489+ return ctxt
490+
491+
492+class CephContext(OSContextGenerator):
493+ interfaces = ['ceph']
494+
495+ def __call__(self):
496+ '''This generates context for /etc/ceph/ceph.conf templates'''
497+ if not relation_ids('ceph'):
498+ return {}
499+ log('Generating template context for ceph')
500+ mon_hosts = []
501+ auth = None
502+ key = None
503+ for rid in relation_ids('ceph'):
504+ for unit in related_units(rid):
505+ mon_hosts.append(relation_get('private-address', rid=rid,
506+ unit=unit))
507+ auth = relation_get('auth', rid=rid, unit=unit)
508+ key = relation_get('key', rid=rid, unit=unit)
509+
510+ ctxt = {
511+ 'mon_hosts': ' '.join(mon_hosts),
512+ 'auth': auth,
513+ 'key': key,
514+ }
515+
516+ if not os.path.isdir('/etc/ceph'):
517+ os.mkdir('/etc/ceph')
518+
519+ if not context_complete(ctxt):
520+ return {}
521+
522+ ensure_packages(['ceph-common'])
523+
524+ return ctxt
525+
526+
527+class HAProxyContext(OSContextGenerator):
528+ interfaces = ['cluster']
529+
530+ def __call__(self):
531+ '''
532+ Builds half a context for the haproxy template, which describes
533+ all peers to be included in the cluster. Each charm needs to include
534+ its own context generator that describes the port mapping.
535+ '''
536+ if not relation_ids('cluster'):
537+ return {}
538+
539+ cluster_hosts = {}
540+ l_unit = local_unit().replace('/', '-')
541+ cluster_hosts[l_unit] = unit_get('private-address')
542+
543+ for rid in relation_ids('cluster'):
544+ for unit in related_units(rid):
545+ _unit = unit.replace('/', '-')
546+ addr = relation_get('private-address', rid=rid, unit=unit)
547+ cluster_hosts[_unit] = addr
548+
549+ ctxt = {
550+ 'units': cluster_hosts,
551+ }
552+ if len(cluster_hosts.keys()) > 1:
553+ # Enable haproxy when we have enough peers.
554+ log('Ensuring haproxy enabled in /etc/default/haproxy.')
555+ with open('/etc/default/haproxy', 'w') as out:
556+ out.write('ENABLED=1\n')
557+ return ctxt
558+ log('HAProxy context is incomplete, this unit has no peers.')
559+ return {}
560+
561+
562+class ImageServiceContext(OSContextGenerator):
563+ interfaces = ['image-service']
564+
565+ def __call__(self):
566+ '''
567+ Obtains the glance API server from the image-service relation. Useful
568+ in nova and cinder (currently).
569+ '''
570+ log('Generating template context for image-service.')
571+ rids = relation_ids('image-service')
572+ if not rids:
573+ return {}
574+ for rid in rids:
575+ for unit in related_units(rid):
576+ api_server = relation_get('glance-api-server',
577+ rid=rid, unit=unit)
578+ if api_server:
579+ return {'glance_api_servers': api_server}
580+ log('ImageService context is incomplete. '
581+ 'Missing required relation data.')
582+ return {}
583+
584+
585+class ApacheSSLContext(OSContextGenerator):
586+ """
587+ Generates a context for an apache vhost configuration that configures
588+ HTTPS reverse proxying for one or many endpoints. Generated context
589+ looks something like:
590+ {
591+ 'namespace': 'cinder',
592+ 'private_address': 'iscsi.mycinderhost.com',
593+ 'endpoints': [(8776, 8766), (8777, 8767)]
594+ }
595+
596+ The endpoints list consists of a tuples mapping external ports
597+ to internal ports.
598+ """
599+ interfaces = ['https']
600+
601+ # charms should inherit this context and set external ports
602+ # and service namespace accordingly.
603+ external_ports = []
604+ service_namespace = None
605+
606+ def enable_modules(self):
607+ cmd = ['a2enmod', 'ssl', 'proxy', 'proxy_http']
608+ check_call(cmd)
609+
610+ def configure_cert(self):
611+ if not os.path.isdir('/etc/apache2/ssl'):
612+ os.mkdir('/etc/apache2/ssl')
613+ ssl_dir = os.path.join('/etc/apache2/ssl/', self.service_namespace)
614+ if not os.path.isdir(ssl_dir):
615+ os.mkdir(ssl_dir)
616+ cert, key = get_cert()
617+ with open(os.path.join(ssl_dir, 'cert'), 'w') as cert_out:
618+ cert_out.write(b64decode(cert))
619+ with open(os.path.join(ssl_dir, 'key'), 'w') as key_out:
620+ key_out.write(b64decode(key))
621+ ca_cert = get_ca_cert()
622+ if ca_cert:
623+ with open(CA_CERT_PATH, 'w') as ca_out:
624+ ca_out.write(b64decode(ca_cert))
625+ check_call(['update-ca-certificates'])
626+
627+ def __call__(self):
628+ if isinstance(self.external_ports, basestring):
629+ self.external_ports = [self.external_ports]
630+ if (not self.external_ports or not https()):
631+ return {}
632+
633+ self.configure_cert()
634+ self.enable_modules()
635+
636+ ctxt = {
637+ 'namespace': self.service_namespace,
638+ 'private_address': unit_get('private-address'),
639+ 'endpoints': []
640+ }
641+ for ext_port in self.external_ports:
642+ if peer_units() or is_clustered():
643+ int_port = determine_haproxy_port(ext_port)
644+ else:
645+ int_port = determine_api_port(ext_port)
646+ portmap = (int(ext_port), int(int_port))
647+ ctxt['endpoints'].append(portmap)
648+ return ctxt
649+
650+
651+class NeutronContext(object):
652+ interfaces = []
653+
654+ @property
655+ def plugin(self):
656+ return None
657+
658+ @property
659+ def network_manager(self):
660+ return None
661+
662+ @property
663+ def packages(self):
664+ return neutron_plugin_attribute(
665+ self.plugin, 'packages', self.network_manager)
666+
667+ @property
668+ def neutron_security_groups(self):
669+ return None
670+
671+ def _ensure_packages(self):
672+ [ensure_packages(pkgs) for pkgs in self.packages]
673+
674+ def _save_flag_file(self):
675+ if self.network_manager == 'quantum':
676+ _file = '/etc/nova/quantum_plugin.conf'
677+ else:
678+ _file = '/etc/nova/neutron_plugin.conf'
679+ with open(_file, 'wb') as out:
680+ out.write(self.plugin + '\n')
681+
682+ def ovs_ctxt(self):
683+ driver = neutron_plugin_attribute(self.plugin, 'driver',
684+ self.network_manager)
685+
686+ ovs_ctxt = {
687+ 'core_plugin': driver,
688+ 'neutron_plugin': 'ovs',
689+ 'neutron_security_groups': self.neutron_security_groups,
690+ 'local_ip': unit_private_ip(),
691+ }
692+
693+ return ovs_ctxt
694+
695+ def __call__(self):
696+ self._ensure_packages()
697+
698+ if self.network_manager not in ['quantum', 'neutron']:
699+ return {}
700+
701+ if not self.plugin:
702+ return {}
703+
704+ ctxt = {'network_manager': self.network_manager}
705+
706+ if self.plugin == 'ovs':
707+ ctxt.update(self.ovs_ctxt())
708+
709+ self._save_flag_file()
710+ return ctxt
711+
712+
713+class OSConfigFlagContext(OSContextGenerator):
714+ '''
715+ Responsible adding user-defined config-flags in charm config to a
716+ to a template context.
717+ '''
718+ def __call__(self):
719+ config_flags = config('config-flags')
720+ if not config_flags or config_flags in ['None', '']:
721+ return {}
722+ config_flags = config_flags.split(',')
723+ flags = {}
724+ for flag in config_flags:
725+ if '=' not in flag:
726+ log('Improperly formatted config-flag, expected k=v '
727+ 'got %s' % flag, level=WARNING)
728+ continue
729+ k, v = flag.split('=')
730+ flags[k.strip()] = v
731+ ctxt = {'user_config_flags': flags}
732+ return ctxt
733+
734+
735+class SubordinateConfigContext(OSContextGenerator):
736+ """
737+ Responsible for inspecting relations to subordinates that
738+ may be exporting required config via a json blob.
739+
740+ The subordinate interface allows subordinates to export their
741+ configuration requirements to the principle for multiple config
742+ files and multiple serivces. Ie, a subordinate that has interfaces
743+ to both glance and nova may export to following yaml blob as json:
744+
745+ glance:
746+ /etc/glance/glance-api.conf:
747+ sections:
748+ DEFAULT:
749+ - [key1, value1]
750+ /etc/glance/glance-registry.conf:
751+ MYSECTION:
752+ - [key2, value2]
753+ nova:
754+ /etc/nova/nova.conf:
755+ sections:
756+ DEFAULT:
757+ - [key3, value3]
758+
759+
760+ It is then up to the principle charms to subscribe this context to
761+ the service+config file it is interestd in. Configuration data will
762+ be available in the template context, in glance's case, as:
763+ ctxt = {
764+ ... other context ...
765+ 'subordinate_config': {
766+ 'DEFAULT': {
767+ 'key1': 'value1',
768+ },
769+ 'MYSECTION': {
770+ 'key2': 'value2',
771+ },
772+ }
773+ }
774+
775+ """
776+ def __init__(self, service, config_file, interface):
777+ """
778+ :param service : Service name key to query in any subordinate
779+ data found
780+ :param config_file : Service's config file to query sections
781+ :param interface : Subordinate interface to inspect
782+ """
783+ self.service = service
784+ self.config_file = config_file
785+ self.interface = interface
786+
787+ def __call__(self):
788+ ctxt = {}
789+ for rid in relation_ids(self.interface):
790+ for unit in related_units(rid):
791+ sub_config = relation_get('subordinate_configuration',
792+ rid=rid, unit=unit)
793+ if sub_config and sub_config != '':
794+ try:
795+ sub_config = json.loads(sub_config)
796+ except:
797+ log('Could not parse JSON from subordinate_config '
798+ 'setting from %s' % rid, level=ERROR)
799+ continue
800+
801+ if self.service not in sub_config:
802+ log('Found subordinate_config on %s but it contained'
803+ 'nothing for %s service' % (rid, self.service))
804+ continue
805+
806+ sub_config = sub_config[self.service]
807+ if self.config_file not in sub_config:
808+ log('Found subordinate_config on %s but it contained'
809+ 'nothing for %s' % (rid, self.config_file))
810+ continue
811+
812+ sub_config = sub_config[self.config_file]
813+ for k, v in sub_config.iteritems():
814+ ctxt[k] = v
815+
816+ if not ctxt:
817+ ctxt['sections'] = {}
818+
819+ return ctxt
820
821=== added file 'hooks/charmhelpers/contrib/openstack/neutron.py'
822--- hooks/charmhelpers/contrib/openstack/neutron.py 1970-01-01 00:00:00 +0000
823+++ hooks/charmhelpers/contrib/openstack/neutron.py 2013-10-15 01:36:24 +0000
824@@ -0,0 +1,117 @@
825+# Various utilies for dealing with Neutron and the renaming from Quantum.
826+
827+from subprocess import check_output
828+
829+from charmhelpers.core.hookenv import (
830+ config,
831+ log,
832+ ERROR,
833+)
834+
835+from charmhelpers.contrib.openstack.utils import os_release
836+
837+
838+def headers_package():
839+ """Ensures correct linux-headers for running kernel are installed,
840+ for building DKMS package"""
841+ kver = check_output(['uname', '-r']).strip()
842+ return 'linux-headers-%s' % kver
843+
844+
845+# legacy
846+def quantum_plugins():
847+ from charmhelpers.contrib.openstack import context
848+ return {
849+ 'ovs': {
850+ 'config': '/etc/quantum/plugins/openvswitch/'
851+ 'ovs_quantum_plugin.ini',
852+ 'driver': 'quantum.plugins.openvswitch.ovs_quantum_plugin.'
853+ 'OVSQuantumPluginV2',
854+ 'contexts': [
855+ context.SharedDBContext(user=config('neutron-database-user'),
856+ database=config('neutron-database'),
857+ relation_prefix='neutron')],
858+ 'services': ['quantum-plugin-openvswitch-agent'],
859+ 'packages': [[headers_package(), 'openvswitch-datapath-dkms'],
860+ ['quantum-plugin-openvswitch-agent']],
861+ },
862+ 'nvp': {
863+ 'config': '/etc/quantum/plugins/nicira/nvp.ini',
864+ 'driver': 'quantum.plugins.nicira.nicira_nvp_plugin.'
865+ 'QuantumPlugin.NvpPluginV2',
866+ 'services': [],
867+ 'packages': [],
868+ }
869+ }
870+
871+
872+def neutron_plugins():
873+ from charmhelpers.contrib.openstack import context
874+ return {
875+ 'ovs': {
876+ 'config': '/etc/neutron/plugins/openvswitch/'
877+ 'ovs_neutron_plugin.ini',
878+ 'driver': 'neutron.plugins.openvswitch.ovs_neutron_plugin.'
879+ 'OVSNeutronPluginV2',
880+ 'contexts': [
881+ context.SharedDBContext(user=config('neutron-database-user'),
882+ database=config('neutron-database'),
883+ relation_prefix='neutron')],
884+ 'services': ['neutron-plugin-openvswitch-agent'],
885+ 'packages': [[headers_package(), 'openvswitch-datapath-dkms'],
886+ ['quantum-plugin-openvswitch-agent']],
887+ },
888+ 'nvp': {
889+ 'config': '/etc/neutron/plugins/nicira/nvp.ini',
890+ 'driver': 'neutron.plugins.nicira.nicira_nvp_plugin.'
891+ 'NeutronPlugin.NvpPluginV2',
892+ 'services': [],
893+ 'packages': [],
894+ }
895+ }
896+
897+
898+def neutron_plugin_attribute(plugin, attr, net_manager=None):
899+ manager = net_manager or network_manager()
900+ if manager == 'quantum':
901+ plugins = quantum_plugins()
902+ elif manager == 'neutron':
903+ plugins = neutron_plugins()
904+ else:
905+ log('Error: Network manager does not support plugins.')
906+ raise Exception
907+
908+ try:
909+ _plugin = plugins[plugin]
910+ except KeyError:
911+ log('Unrecognised plugin for %s: %s' % (manager, plugin), level=ERROR)
912+ raise Exception
913+
914+ try:
915+ return _plugin[attr]
916+ except KeyError:
917+ return None
918+
919+
920+def network_manager():
921+ '''
922+ Deals with the renaming of Quantum to Neutron in H and any situations
923+ that require compatability (eg, deploying H with network-manager=quantum,
924+ upgrading from G).
925+ '''
926+ release = os_release('nova-common')
927+ manager = config('network-manager').lower()
928+
929+ if manager not in ['quantum', 'neutron']:
930+ return manager
931+
932+ if release in ['essex']:
933+ # E does not support neutron
934+ log('Neutron networking not supported in Essex.', level=ERROR)
935+ raise Exception
936+ elif release in ['folsom', 'grizzly']:
937+ # neutron is named quantum in F and G
938+ return 'quantum'
939+ else:
940+ # ensure accurate naming for all releases post-H
941+ return 'neutron'
942
943=== added directory 'hooks/charmhelpers/contrib/openstack/templates'
944=== added file 'hooks/charmhelpers/contrib/openstack/templates/__init__.py'
945--- hooks/charmhelpers/contrib/openstack/templates/__init__.py 1970-01-01 00:00:00 +0000
946+++ hooks/charmhelpers/contrib/openstack/templates/__init__.py 2013-10-15 01:36:24 +0000
947@@ -0,0 +1,2 @@
948+# dummy __init__.py to fool syncer into thinking this is a syncable python
949+# module
950
951=== added file 'hooks/charmhelpers/contrib/openstack/templates/ceph.conf'
952--- hooks/charmhelpers/contrib/openstack/templates/ceph.conf 1970-01-01 00:00:00 +0000
953+++ hooks/charmhelpers/contrib/openstack/templates/ceph.conf 2013-10-15 01:36:24 +0000
954@@ -0,0 +1,11 @@
955+###############################################################################
956+# [ WARNING ]
957+# cinder configuration file maintained by Juju
958+# local changes may be overwritten.
959+###############################################################################
960+{% if auth -%}
961+[global]
962+ auth_supported = {{ auth }}
963+ keyring = /etc/ceph/$cluster.$name.keyring
964+ mon host = {{ mon_hosts }}
965+{% endif -%}
966
967=== added file 'hooks/charmhelpers/contrib/openstack/templates/haproxy.cfg'
968--- hooks/charmhelpers/contrib/openstack/templates/haproxy.cfg 1970-01-01 00:00:00 +0000
969+++ hooks/charmhelpers/contrib/openstack/templates/haproxy.cfg 2013-10-15 01:36:24 +0000
970@@ -0,0 +1,37 @@
971+global
972+ log 127.0.0.1 local0
973+ log 127.0.0.1 local1 notice
974+ maxconn 20000
975+ user haproxy
976+ group haproxy
977+ spread-checks 0
978+
979+defaults
980+ log global
981+ mode http
982+ option httplog
983+ option dontlognull
984+ retries 3
985+ timeout queue 1000
986+ timeout connect 1000
987+ timeout client 30000
988+ timeout server 30000
989+
990+listen stats :8888
991+ mode http
992+ stats enable
993+ stats hide-version
994+ stats realm Haproxy\ Statistics
995+ stats uri /
996+ stats auth admin:password
997+
998+{% if units -%}
999+{% for service, ports in service_ports.iteritems() -%}
1000+listen {{ service }} 0.0.0.0:{{ ports[0] }}
1001+ balance roundrobin
1002+ option tcplog
1003+ {% for unit, address in units.iteritems() -%}
1004+ server {{ unit }} {{ address }}:{{ ports[1] }} check
1005+ {% endfor %}
1006+{% endfor -%}
1007+{% endif -%}
1008
1009=== added file 'hooks/charmhelpers/contrib/openstack/templates/openstack_https_frontend'
1010--- hooks/charmhelpers/contrib/openstack/templates/openstack_https_frontend 1970-01-01 00:00:00 +0000
1011+++ hooks/charmhelpers/contrib/openstack/templates/openstack_https_frontend 2013-10-15 01:36:24 +0000
1012@@ -0,0 +1,23 @@
1013+{% if endpoints -%}
1014+{% for ext, int in endpoints -%}
1015+Listen {{ ext }}
1016+NameVirtualHost *:{{ ext }}
1017+<VirtualHost *:{{ ext }}>
1018+ ServerName {{ private_address }}
1019+ SSLEngine on
1020+ SSLCertificateFile /etc/apache2/ssl/{{ namespace }}/cert
1021+ SSLCertificateKeyFile /etc/apache2/ssl/{{ namespace }}/key
1022+ ProxyPass / http://localhost:{{ int }}/
1023+ ProxyPassReverse / http://localhost:{{ int }}/
1024+ ProxyPreserveHost on
1025+</VirtualHost>
1026+<Proxy *>
1027+ Order deny,allow
1028+ Allow from all
1029+</Proxy>
1030+<Location />
1031+ Order allow,deny
1032+ Allow from all
1033+</Location>
1034+{% endfor -%}
1035+{% endif -%}
1036
1037=== added file 'hooks/charmhelpers/contrib/openstack/templates/openstack_https_frontend.conf'
1038--- hooks/charmhelpers/contrib/openstack/templates/openstack_https_frontend.conf 1970-01-01 00:00:00 +0000
1039+++ hooks/charmhelpers/contrib/openstack/templates/openstack_https_frontend.conf 2013-10-15 01:36:24 +0000
1040@@ -0,0 +1,23 @@
1041+{% if endpoints -%}
1042+{% for ext, int in endpoints -%}
1043+Listen {{ ext }}
1044+NameVirtualHost *:{{ ext }}
1045+<VirtualHost *:{{ ext }}>
1046+ ServerName {{ private_address }}
1047+ SSLEngine on
1048+ SSLCertificateFile /etc/apache2/ssl/{{ namespace }}/cert
1049+ SSLCertificateKeyFile /etc/apache2/ssl/{{ namespace }}/key
1050+ ProxyPass / http://localhost:{{ int }}/
1051+ ProxyPassReverse / http://localhost:{{ int }}/
1052+ ProxyPreserveHost on
1053+</VirtualHost>
1054+<Proxy *>
1055+ Order deny,allow
1056+ Allow from all
1057+</Proxy>
1058+<Location />
1059+ Order allow,deny
1060+ Allow from all
1061+</Location>
1062+{% endfor -%}
1063+{% endif -%}
1064
1065=== added file 'hooks/charmhelpers/contrib/openstack/templating.py'
1066--- hooks/charmhelpers/contrib/openstack/templating.py 1970-01-01 00:00:00 +0000
1067+++ hooks/charmhelpers/contrib/openstack/templating.py 2013-10-15 01:36:24 +0000
1068@@ -0,0 +1,280 @@
1069+import os
1070+
1071+from charmhelpers.fetch import apt_install
1072+
1073+from charmhelpers.core.hookenv import (
1074+ log,
1075+ ERROR,
1076+ INFO
1077+)
1078+
1079+from charmhelpers.contrib.openstack.utils import OPENSTACK_CODENAMES
1080+
1081+try:
1082+ from jinja2 import FileSystemLoader, ChoiceLoader, Environment, exceptions
1083+except ImportError:
1084+ # python-jinja2 may not be installed yet, or we're running unittests.
1085+ FileSystemLoader = ChoiceLoader = Environment = exceptions = None
1086+
1087+
1088+class OSConfigException(Exception):
1089+ pass
1090+
1091+
1092+def get_loader(templates_dir, os_release):
1093+ """
1094+ Create a jinja2.ChoiceLoader containing template dirs up to
1095+ and including os_release. If directory template directory
1096+ is missing at templates_dir, it will be omitted from the loader.
1097+ templates_dir is added to the bottom of the search list as a base
1098+ loading dir.
1099+
1100+ A charm may also ship a templates dir with this module
1101+ and it will be appended to the bottom of the search list, eg:
1102+ hooks/charmhelpers/contrib/openstack/templates.
1103+
1104+ :param templates_dir: str: Base template directory containing release
1105+ sub-directories.
1106+ :param os_release : str: OpenStack release codename to construct template
1107+ loader.
1108+
1109+ :returns : jinja2.ChoiceLoader constructed with a list of
1110+ jinja2.FilesystemLoaders, ordered in descending
1111+ order by OpenStack release.
1112+ """
1113+ tmpl_dirs = [(rel, os.path.join(templates_dir, rel))
1114+ for rel in OPENSTACK_CODENAMES.itervalues()]
1115+
1116+ if not os.path.isdir(templates_dir):
1117+ log('Templates directory not found @ %s.' % templates_dir,
1118+ level=ERROR)
1119+ raise OSConfigException
1120+
1121+ # the bottom contains tempaltes_dir and possibly a common templates dir
1122+ # shipped with the helper.
1123+ loaders = [FileSystemLoader(templates_dir)]
1124+ helper_templates = os.path.join(os.path.dirname(__file__), 'templates')
1125+ if os.path.isdir(helper_templates):
1126+ loaders.append(FileSystemLoader(helper_templates))
1127+
1128+ for rel, tmpl_dir in tmpl_dirs:
1129+ if os.path.isdir(tmpl_dir):
1130+ loaders.insert(0, FileSystemLoader(tmpl_dir))
1131+ if rel == os_release:
1132+ break
1133+ log('Creating choice loader with dirs: %s' %
1134+ [l.searchpath for l in loaders], level=INFO)
1135+ return ChoiceLoader(loaders)
1136+
1137+
1138+class OSConfigTemplate(object):
1139+ """
1140+ Associates a config file template with a list of context generators.
1141+ Responsible for constructing a template context based on those generators.
1142+ """
1143+ def __init__(self, config_file, contexts):
1144+ self.config_file = config_file
1145+
1146+ if hasattr(contexts, '__call__'):
1147+ self.contexts = [contexts]
1148+ else:
1149+ self.contexts = contexts
1150+
1151+ self._complete_contexts = []
1152+
1153+ def context(self):
1154+ ctxt = {}
1155+ for context in self.contexts:
1156+ _ctxt = context()
1157+ if _ctxt:
1158+ ctxt.update(_ctxt)
1159+ # track interfaces for every complete context.
1160+ [self._complete_contexts.append(interface)
1161+ for interface in context.interfaces
1162+ if interface not in self._complete_contexts]
1163+ return ctxt
1164+
1165+ def complete_contexts(self):
1166+ '''
1167+ Return a list of interfaces that have atisfied contexts.
1168+ '''
1169+ if self._complete_contexts:
1170+ return self._complete_contexts
1171+ self.context()
1172+ return self._complete_contexts
1173+
1174+
1175+class OSConfigRenderer(object):
1176+ """
1177+ This class provides a common templating system to be used by OpenStack
1178+ charms. It is intended to help charms share common code and templates,
1179+ and ease the burden of managing config templates across multiple OpenStack
1180+ releases.
1181+
1182+ Basic usage:
1183+ # import some common context generates from charmhelpers
1184+ from charmhelpers.contrib.openstack import context
1185+
1186+ # Create a renderer object for a specific OS release.
1187+ configs = OSConfigRenderer(templates_dir='/tmp/templates',
1188+ openstack_release='folsom')
1189+ # register some config files with context generators.
1190+ configs.register(config_file='/etc/nova/nova.conf',
1191+ contexts=[context.SharedDBContext(),
1192+ context.AMQPContext()])
1193+ configs.register(config_file='/etc/nova/api-paste.ini',
1194+ contexts=[context.IdentityServiceContext()])
1195+ configs.register(config_file='/etc/haproxy/haproxy.conf',
1196+ contexts=[context.HAProxyContext()])
1197+ # write out a single config
1198+ configs.write('/etc/nova/nova.conf')
1199+ # write out all registered configs
1200+ configs.write_all()
1201+
1202+ Details:
1203+
1204+ OpenStack Releases and template loading
1205+ ---------------------------------------
1206+ When the object is instantiated, it is associated with a specific OS
1207+ release. This dictates how the template loader will be constructed.
1208+
1209+ The constructed loader attempts to load the template from several places
1210+ in the following order:
1211+ - from the most recent OS release-specific template dir (if one exists)
1212+ - the base templates_dir
1213+ - a template directory shipped in the charm with this helper file.
1214+
1215+
1216+ For the example above, '/tmp/templates' contains the following structure:
1217+ /tmp/templates/nova.conf
1218+ /tmp/templates/api-paste.ini
1219+ /tmp/templates/grizzly/api-paste.ini
1220+ /tmp/templates/havana/api-paste.ini
1221+
1222+ Since it was registered with the grizzly release, it first seraches
1223+ the grizzly directory for nova.conf, then the templates dir.
1224+
1225+ When writing api-paste.ini, it will find the template in the grizzly
1226+ directory.
1227+
1228+ If the object were created with folsom, it would fall back to the
1229+ base templates dir for its api-paste.ini template.
1230+
1231+ This system should help manage changes in config files through
1232+ openstack releases, allowing charms to fall back to the most recently
1233+ updated config template for a given release
1234+
1235+ The haproxy.conf, since it is not shipped in the templates dir, will
1236+ be loaded from the module directory's template directory, eg
1237+ $CHARM/hooks/charmhelpers/contrib/openstack/templates. This allows
1238+ us to ship common templates (haproxy, apache) with the helpers.
1239+
1240+ Context generators
1241+ ---------------------------------------
1242+ Context generators are used to generate template contexts during hook
1243+ execution. Doing so may require inspecting service relations, charm
1244+ config, etc. When registered, a config file is associated with a list
1245+ of generators. When a template is rendered and written, all context
1246+ generates are called in a chain to generate the context dictionary
1247+ passed to the jinja2 template. See context.py for more info.
1248+ """
1249+ def __init__(self, templates_dir, openstack_release):
1250+ if not os.path.isdir(templates_dir):
1251+ log('Could not locate templates dir %s' % templates_dir,
1252+ level=ERROR)
1253+ raise OSConfigException
1254+
1255+ self.templates_dir = templates_dir
1256+ self.openstack_release = openstack_release
1257+ self.templates = {}
1258+ self._tmpl_env = None
1259+
1260+ if None in [Environment, ChoiceLoader, FileSystemLoader]:
1261+ # if this code is running, the object is created pre-install hook.
1262+ # jinja2 shouldn't get touched until the module is reloaded on next
1263+ # hook execution, with proper jinja2 bits successfully imported.
1264+ apt_install('python-jinja2')
1265+
1266+ def register(self, config_file, contexts):
1267+ """
1268+ Register a config file with a list of context generators to be called
1269+ during rendering.
1270+ """
1271+ self.templates[config_file] = OSConfigTemplate(config_file=config_file,
1272+ contexts=contexts)
1273+ log('Registered config file: %s' % config_file, level=INFO)
1274+
1275+ def _get_tmpl_env(self):
1276+ if not self._tmpl_env:
1277+ loader = get_loader(self.templates_dir, self.openstack_release)
1278+ self._tmpl_env = Environment(loader=loader)
1279+
1280+ def _get_template(self, template):
1281+ self._get_tmpl_env()
1282+ template = self._tmpl_env.get_template(template)
1283+ log('Loaded template from %s' % template.filename, level=INFO)
1284+ return template
1285+
1286+ def render(self, config_file):
1287+ if config_file not in self.templates:
1288+ log('Config not registered: %s' % config_file, level=ERROR)
1289+ raise OSConfigException
1290+ ctxt = self.templates[config_file].context()
1291+
1292+ _tmpl = os.path.basename(config_file)
1293+ try:
1294+ template = self._get_template(_tmpl)
1295+ except exceptions.TemplateNotFound:
1296+ # if no template is found with basename, try looking for it
1297+ # using a munged full path, eg:
1298+ # /etc/apache2/apache2.conf -> etc_apache2_apache2.conf
1299+ _tmpl = '_'.join(config_file.split('/')[1:])
1300+ try:
1301+ template = self._get_template(_tmpl)
1302+ except exceptions.TemplateNotFound as e:
1303+ log('Could not load template from %s by %s or %s.' %
1304+ (self.templates_dir, os.path.basename(config_file), _tmpl),
1305+ level=ERROR)
1306+ raise e
1307+
1308+ log('Rendering from template: %s' % _tmpl, level=INFO)
1309+ return template.render(ctxt)
1310+
1311+ def write(self, config_file):
1312+ """
1313+ Write a single config file, raises if config file is not registered.
1314+ """
1315+ if config_file not in self.templates:
1316+ log('Config not registered: %s' % config_file, level=ERROR)
1317+ raise OSConfigException
1318+
1319+ _out = self.render(config_file)
1320+
1321+ with open(config_file, 'wb') as out:
1322+ out.write(_out)
1323+
1324+ log('Wrote template %s.' % config_file, level=INFO)
1325+
1326+ def write_all(self):
1327+ """
1328+ Write out all registered config files.
1329+ """
1330+ [self.write(k) for k in self.templates.iterkeys()]
1331+
1332+ def set_release(self, openstack_release):
1333+ """
1334+ Resets the template environment and generates a new template loader
1335+ based on a the new openstack release.
1336+ """
1337+ self._tmpl_env = None
1338+ self.openstack_release = openstack_release
1339+ self._get_tmpl_env()
1340+
1341+ def complete_contexts(self):
1342+ '''
1343+ Returns a list of context interfaces that yield a complete context.
1344+ '''
1345+ interfaces = []
1346+ [interfaces.extend(i.complete_contexts())
1347+ for i in self.templates.itervalues()]
1348+ return interfaces
1349
1350=== added file 'hooks/charmhelpers/contrib/openstack/utils.py'
1351--- hooks/charmhelpers/contrib/openstack/utils.py 1970-01-01 00:00:00 +0000
1352+++ hooks/charmhelpers/contrib/openstack/utils.py 2013-10-15 01:36:24 +0000
1353@@ -0,0 +1,365 @@
1354+#!/usr/bin/python
1355+
1356+# Common python helper functions used for OpenStack charms.
1357+from collections import OrderedDict
1358+
1359+import apt_pkg as apt
1360+import subprocess
1361+import os
1362+import socket
1363+import sys
1364+
1365+from charmhelpers.core.hookenv import (
1366+ config,
1367+ log as juju_log,
1368+ charm_dir,
1369+)
1370+
1371+from charmhelpers.core.host import (
1372+ lsb_release,
1373+)
1374+
1375+from charmhelpers.fetch import (
1376+ apt_install,
1377+)
1378+
1379+CLOUD_ARCHIVE_URL = "http://ubuntu-cloud.archive.canonical.com/ubuntu"
1380+CLOUD_ARCHIVE_KEY_ID = '5EDB1B62EC4926EA'
1381+
1382+UBUNTU_OPENSTACK_RELEASE = OrderedDict([
1383+ ('oneiric', 'diablo'),
1384+ ('precise', 'essex'),
1385+ ('quantal', 'folsom'),
1386+ ('raring', 'grizzly'),
1387+ ('saucy', 'havana'),
1388+])
1389+
1390+
1391+OPENSTACK_CODENAMES = OrderedDict([
1392+ ('2011.2', 'diablo'),
1393+ ('2012.1', 'essex'),
1394+ ('2012.2', 'folsom'),
1395+ ('2013.1', 'grizzly'),
1396+ ('2013.2', 'havana'),
1397+ ('2014.1', 'icehouse'),
1398+])
1399+
1400+# The ugly duckling
1401+SWIFT_CODENAMES = OrderedDict([
1402+ ('1.4.3', 'diablo'),
1403+ ('1.4.8', 'essex'),
1404+ ('1.7.4', 'folsom'),
1405+ ('1.8.0', 'grizzly'),
1406+ ('1.7.7', 'grizzly'),
1407+ ('1.7.6', 'grizzly'),
1408+ ('1.10.0', 'havana'),
1409+ ('1.9.1', 'havana'),
1410+ ('1.9.0', 'havana'),
1411+])
1412+
1413+
1414+def error_out(msg):
1415+ juju_log("FATAL ERROR: %s" % msg, level='ERROR')
1416+ sys.exit(1)
1417+
1418+
1419+def get_os_codename_install_source(src):
1420+ '''Derive OpenStack release codename from a given installation source.'''
1421+ ubuntu_rel = lsb_release()['DISTRIB_CODENAME']
1422+ rel = ''
1423+ if src == 'distro':
1424+ try:
1425+ rel = UBUNTU_OPENSTACK_RELEASE[ubuntu_rel]
1426+ except KeyError:
1427+ e = 'Could not derive openstack release for '\
1428+ 'this Ubuntu release: %s' % ubuntu_rel
1429+ error_out(e)
1430+ return rel
1431+
1432+ if src.startswith('cloud:'):
1433+ ca_rel = src.split(':')[1]
1434+ ca_rel = ca_rel.split('%s-' % ubuntu_rel)[1].split('/')[0]
1435+ return ca_rel
1436+
1437+ # Best guess match based on deb string provided
1438+ if src.startswith('deb') or src.startswith('ppa'):
1439+ for k, v in OPENSTACK_CODENAMES.iteritems():
1440+ if v in src:
1441+ return v
1442+
1443+
1444+def get_os_version_install_source(src):
1445+ codename = get_os_codename_install_source(src)
1446+ return get_os_version_codename(codename)
1447+
1448+
1449+def get_os_codename_version(vers):
1450+ '''Determine OpenStack codename from version number.'''
1451+ try:
1452+ return OPENSTACK_CODENAMES[vers]
1453+ except KeyError:
1454+ e = 'Could not determine OpenStack codename for version %s' % vers
1455+ error_out(e)
1456+
1457+
1458+def get_os_version_codename(codename):
1459+ '''Determine OpenStack version number from codename.'''
1460+ for k, v in OPENSTACK_CODENAMES.iteritems():
1461+ if v == codename:
1462+ return k
1463+ e = 'Could not derive OpenStack version for '\
1464+ 'codename: %s' % codename
1465+ error_out(e)
1466+
1467+
1468+def get_os_codename_package(package, fatal=True):
1469+ '''Derive OpenStack release codename from an installed package.'''
1470+ apt.init()
1471+ cache = apt.Cache()
1472+
1473+ try:
1474+ pkg = cache[package]
1475+ except:
1476+ if not fatal:
1477+ return None
1478+ # the package is unknown to the current apt cache.
1479+ e = 'Could not determine version of package with no installation '\
1480+ 'candidate: %s' % package
1481+ error_out(e)
1482+
1483+ if not pkg.current_ver:
1484+ if not fatal:
1485+ return None
1486+ # package is known, but no version is currently installed.
1487+ e = 'Could not determine version of uninstalled package: %s' % package
1488+ error_out(e)
1489+
1490+ vers = apt.upstream_version(pkg.current_ver.ver_str)
1491+
1492+ try:
1493+ if 'swift' in pkg.name:
1494+ swift_vers = vers[:5]
1495+ if swift_vers not in SWIFT_CODENAMES:
1496+ # Deal with 1.10.0 upward
1497+ swift_vers = vers[:6]
1498+ return SWIFT_CODENAMES[swift_vers]
1499+ else:
1500+ vers = vers[:6]
1501+ return OPENSTACK_CODENAMES[vers]
1502+ except KeyError:
1503+ e = 'Could not determine OpenStack codename for version %s' % vers
1504+ error_out(e)
1505+
1506+
1507+def get_os_version_package(pkg, fatal=True):
1508+ '''Derive OpenStack version number from an installed package.'''
1509+ codename = get_os_codename_package(pkg, fatal=fatal)
1510+
1511+ if not codename:
1512+ return None
1513+
1514+ if 'swift' in pkg:
1515+ vers_map = SWIFT_CODENAMES
1516+ else:
1517+ vers_map = OPENSTACK_CODENAMES
1518+
1519+ for version, cname in vers_map.iteritems():
1520+ if cname == codename:
1521+ return version
1522+ #e = "Could not determine OpenStack version for package: %s" % pkg
1523+ #error_out(e)
1524+
1525+
1526+os_rel = None
1527+
1528+
1529+def os_release(package, base='essex'):
1530+ '''
1531+ Returns OpenStack release codename from a cached global.
1532+ If the codename can not be determined from either an installed package or
1533+ the installation source, the earliest release supported by the charm should
1534+ be returned.
1535+ '''
1536+ global os_rel
1537+ if os_rel:
1538+ return os_rel
1539+ os_rel = (get_os_codename_package(package, fatal=False) or
1540+ get_os_codename_install_source(config('openstack-origin')) or
1541+ base)
1542+ return os_rel
1543+
1544+
1545+def import_key(keyid):
1546+ cmd = "apt-key adv --keyserver keyserver.ubuntu.com " \
1547+ "--recv-keys %s" % keyid
1548+ try:
1549+ subprocess.check_call(cmd.split(' '))
1550+ except subprocess.CalledProcessError:
1551+ error_out("Error importing repo key %s" % keyid)
1552+
1553+
1554+def configure_installation_source(rel):
1555+ '''Configure apt installation source.'''
1556+ if rel == 'distro':
1557+ return
1558+ elif rel[:4] == "ppa:":
1559+ src = rel
1560+ subprocess.check_call(["add-apt-repository", "-y", src])
1561+ elif rel[:3] == "deb":
1562+ l = len(rel.split('|'))
1563+ if l == 2:
1564+ src, key = rel.split('|')
1565+ juju_log("Importing PPA key from keyserver for %s" % src)
1566+ import_key(key)
1567+ elif l == 1:
1568+ src = rel
1569+ with open('/etc/apt/sources.list.d/juju_deb.list', 'w') as f:
1570+ f.write(src)
1571+ elif rel[:6] == 'cloud:':
1572+ ubuntu_rel = lsb_release()['DISTRIB_CODENAME']
1573+ rel = rel.split(':')[1]
1574+ u_rel = rel.split('-')[0]
1575+ ca_rel = rel.split('-')[1]
1576+
1577+ if u_rel != ubuntu_rel:
1578+ e = 'Cannot install from Cloud Archive pocket %s on this Ubuntu '\
1579+ 'version (%s)' % (ca_rel, ubuntu_rel)
1580+ error_out(e)
1581+
1582+ if 'staging' in ca_rel:
1583+ # staging is just a regular PPA.
1584+ os_rel = ca_rel.split('/')[0]
1585+ ppa = 'ppa:ubuntu-cloud-archive/%s-staging' % os_rel
1586+ cmd = 'add-apt-repository -y %s' % ppa
1587+ subprocess.check_call(cmd.split(' '))
1588+ return
1589+
1590+ # map charm config options to actual archive pockets.
1591+ pockets = {
1592+ 'folsom': 'precise-updates/folsom',
1593+ 'folsom/updates': 'precise-updates/folsom',
1594+ 'folsom/proposed': 'precise-proposed/folsom',
1595+ 'grizzly': 'precise-updates/grizzly',
1596+ 'grizzly/updates': 'precise-updates/grizzly',
1597+ 'grizzly/proposed': 'precise-proposed/grizzly',
1598+ 'havana': 'precise-updates/havana',
1599+ 'havana/updates': 'precise-updates/havana',
1600+ 'havana/proposed': 'precise-proposed/havana',
1601+ }
1602+
1603+ try:
1604+ pocket = pockets[ca_rel]
1605+ except KeyError:
1606+ e = 'Invalid Cloud Archive release specified: %s' % rel
1607+ error_out(e)
1608+
1609+ src = "deb %s %s main" % (CLOUD_ARCHIVE_URL, pocket)
1610+ apt_install('ubuntu-cloud-keyring', fatal=True)
1611+
1612+ with open('/etc/apt/sources.list.d/cloud-archive.list', 'w') as f:
1613+ f.write(src)
1614+ else:
1615+ error_out("Invalid openstack-release specified: %s" % rel)
1616+
1617+
1618+def save_script_rc(script_path="scripts/scriptrc", **env_vars):
1619+ """
1620+ Write an rc file in the charm-delivered directory containing
1621+ exported environment variables provided by env_vars. Any charm scripts run
1622+ outside the juju hook environment can source this scriptrc to obtain
1623+ updated config information necessary to perform health checks or
1624+ service changes.
1625+ """
1626+ juju_rc_path = "%s/%s" % (charm_dir(), script_path)
1627+ if not os.path.exists(os.path.dirname(juju_rc_path)):
1628+ os.mkdir(os.path.dirname(juju_rc_path))
1629+ with open(juju_rc_path, 'wb') as rc_script:
1630+ rc_script.write(
1631+ "#!/bin/bash\n")
1632+ [rc_script.write('export %s=%s\n' % (u, p))
1633+ for u, p in env_vars.iteritems() if u != "script_path"]
1634+
1635+
1636+def openstack_upgrade_available(package):
1637+ """
1638+ Determines if an OpenStack upgrade is available from installation
1639+ source, based on version of installed package.
1640+
1641+ :param package: str: Name of installed package.
1642+
1643+ :returns: bool: : Returns True if configured installation source offers
1644+ a newer version of package.
1645+
1646+ """
1647+
1648+ src = config('openstack-origin')
1649+ cur_vers = get_os_version_package(package)
1650+ available_vers = get_os_version_install_source(src)
1651+ apt.init()
1652+ return apt.version_compare(available_vers, cur_vers) == 1
1653+
1654+
1655+def is_ip(address):
1656+ """
1657+ Returns True if address is a valid IP address.
1658+ """
1659+ try:
1660+ # Test to see if already an IPv4 address
1661+ socket.inet_aton(address)
1662+ return True
1663+ except socket.error:
1664+ return False
1665+
1666+
1667+def ns_query(address):
1668+ try:
1669+ import dns.resolver
1670+ except ImportError:
1671+ apt_install('python-dnspython')
1672+ import dns.resolver
1673+
1674+ if isinstance(address, dns.name.Name):
1675+ rtype = 'PTR'
1676+ elif isinstance(address, basestring):
1677+ rtype = 'A'
1678+
1679+ answers = dns.resolver.query(address, rtype)
1680+ if answers:
1681+ return str(answers[0])
1682+ return None
1683+
1684+
1685+def get_host_ip(hostname):
1686+ """
1687+ Resolves the IP for a given hostname, or returns
1688+ the input if it is already an IP.
1689+ """
1690+ if is_ip(hostname):
1691+ return hostname
1692+
1693+ return ns_query(hostname)
1694+
1695+
1696+def get_hostname(address):
1697+ """
1698+ Resolves hostname for given IP, or returns the input
1699+ if it is already a hostname.
1700+ """
1701+ if not is_ip(address):
1702+ return address
1703+
1704+ try:
1705+ import dns.reversename
1706+ except ImportError:
1707+ apt_install('python-dnspython')
1708+ import dns.reversename
1709+
1710+ rev = dns.reversename.from_address(address)
1711+ result = ns_query(rev)
1712+ if not result:
1713+ return None
1714+
1715+ # strip trailing .
1716+ if result.endswith('.'):
1717+ return result[:-1]
1718+ return result
1719
1720=== added directory 'hooks/charmhelpers/core'
1721=== added file 'hooks/charmhelpers/core/__init__.py'
1722=== added file 'hooks/charmhelpers/core/hookenv.py'
1723--- hooks/charmhelpers/core/hookenv.py 1970-01-01 00:00:00 +0000
1724+++ hooks/charmhelpers/core/hookenv.py 2013-10-15 01:36:24 +0000
1725@@ -0,0 +1,340 @@
1726+"Interactions with the Juju environment"
1727+# Copyright 2013 Canonical Ltd.
1728+#
1729+# Authors:
1730+# Charm Helpers Developers <juju@lists.ubuntu.com>
1731+
1732+import os
1733+import json
1734+import yaml
1735+import subprocess
1736+import UserDict
1737+
1738+CRITICAL = "CRITICAL"
1739+ERROR = "ERROR"
1740+WARNING = "WARNING"
1741+INFO = "INFO"
1742+DEBUG = "DEBUG"
1743+MARKER = object()
1744+
1745+cache = {}
1746+
1747+
1748+def cached(func):
1749+ ''' Cache return values for multiple executions of func + args
1750+
1751+ For example:
1752+
1753+ @cached
1754+ def unit_get(attribute):
1755+ pass
1756+
1757+ unit_get('test')
1758+
1759+ will cache the result of unit_get + 'test' for future calls.
1760+ '''
1761+ def wrapper(*args, **kwargs):
1762+ global cache
1763+ key = str((func, args, kwargs))
1764+ try:
1765+ return cache[key]
1766+ except KeyError:
1767+ res = func(*args, **kwargs)
1768+ cache[key] = res
1769+ return res
1770+ return wrapper
1771+
1772+
1773+def flush(key):
1774+ ''' Flushes any entries from function cache where the
1775+ key is found in the function+args '''
1776+ flush_list = []
1777+ for item in cache:
1778+ if key in item:
1779+ flush_list.append(item)
1780+ for item in flush_list:
1781+ del cache[item]
1782+
1783+
1784+def log(message, level=None):
1785+ "Write a message to the juju log"
1786+ command = ['juju-log']
1787+ if level:
1788+ command += ['-l', level]
1789+ command += [message]
1790+ subprocess.call(command)
1791+
1792+
1793+class Serializable(UserDict.IterableUserDict):
1794+ "Wrapper, an object that can be serialized to yaml or json"
1795+
1796+ def __init__(self, obj):
1797+ # wrap the object
1798+ UserDict.IterableUserDict.__init__(self)
1799+ self.data = obj
1800+
1801+ def __getattr__(self, attr):
1802+ # See if this object has attribute.
1803+ if attr in ("json", "yaml", "data"):
1804+ return self.__dict__[attr]
1805+ # Check for attribute in wrapped object.
1806+ got = getattr(self.data, attr, MARKER)
1807+ if got is not MARKER:
1808+ return got
1809+ # Proxy to the wrapped object via dict interface.
1810+ try:
1811+ return self.data[attr]
1812+ except KeyError:
1813+ raise AttributeError(attr)
1814+
1815+ def __getstate__(self):
1816+ # Pickle as a standard dictionary.
1817+ return self.data
1818+
1819+ def __setstate__(self, state):
1820+ # Unpickle into our wrapper.
1821+ self.data = state
1822+
1823+ def json(self):
1824+ "Serialize the object to json"
1825+ return json.dumps(self.data)
1826+
1827+ def yaml(self):
1828+ "Serialize the object to yaml"
1829+ return yaml.dump(self.data)
1830+
1831+
1832+def execution_environment():
1833+ """A convenient bundling of the current execution context"""
1834+ context = {}
1835+ context['conf'] = config()
1836+ if relation_id():
1837+ context['reltype'] = relation_type()
1838+ context['relid'] = relation_id()
1839+ context['rel'] = relation_get()
1840+ context['unit'] = local_unit()
1841+ context['rels'] = relations()
1842+ context['env'] = os.environ
1843+ return context
1844+
1845+
1846+def in_relation_hook():
1847+ "Determine whether we're running in a relation hook"
1848+ return 'JUJU_RELATION' in os.environ
1849+
1850+
1851+def relation_type():
1852+ "The scope for the current relation hook"
1853+ return os.environ.get('JUJU_RELATION', None)
1854+
1855+
1856+def relation_id():
1857+ "The relation ID for the current relation hook"
1858+ return os.environ.get('JUJU_RELATION_ID', None)
1859+
1860+
1861+def local_unit():
1862+ "Local unit ID"
1863+ return os.environ['JUJU_UNIT_NAME']
1864+
1865+
1866+def remote_unit():
1867+ "The remote unit for the current relation hook"
1868+ return os.environ['JUJU_REMOTE_UNIT']
1869+
1870+
1871+def service_name():
1872+ "The name service group this unit belongs to"
1873+ return local_unit().split('/')[0]
1874+
1875+
1876+@cached
1877+def config(scope=None):
1878+ "Juju charm configuration"
1879+ config_cmd_line = ['config-get']
1880+ if scope is not None:
1881+ config_cmd_line.append(scope)
1882+ config_cmd_line.append('--format=json')
1883+ try:
1884+ return json.loads(subprocess.check_output(config_cmd_line))
1885+ except ValueError:
1886+ return None
1887+
1888+
1889+@cached
1890+def relation_get(attribute=None, unit=None, rid=None):
1891+ _args = ['relation-get', '--format=json']
1892+ if rid:
1893+ _args.append('-r')
1894+ _args.append(rid)
1895+ _args.append(attribute or '-')
1896+ if unit:
1897+ _args.append(unit)
1898+ try:
1899+ return json.loads(subprocess.check_output(_args))
1900+ except ValueError:
1901+ return None
1902+
1903+
1904+def relation_set(relation_id=None, relation_settings={}, **kwargs):
1905+ relation_cmd_line = ['relation-set']
1906+ if relation_id is not None:
1907+ relation_cmd_line.extend(('-r', relation_id))
1908+ for k, v in (relation_settings.items() + kwargs.items()):
1909+ if v is None:
1910+ relation_cmd_line.append('{}='.format(k))
1911+ else:
1912+ relation_cmd_line.append('{}={}'.format(k, v))
1913+ subprocess.check_call(relation_cmd_line)
1914+ # Flush cache of any relation-gets for local unit
1915+ flush(local_unit())
1916+
1917+
1918+@cached
1919+def relation_ids(reltype=None):
1920+ "A list of relation_ids"
1921+ reltype = reltype or relation_type()
1922+ relid_cmd_line = ['relation-ids', '--format=json']
1923+ if reltype is not None:
1924+ relid_cmd_line.append(reltype)
1925+ return json.loads(subprocess.check_output(relid_cmd_line)) or []
1926+ return []
1927+
1928+
1929+@cached
1930+def related_units(relid=None):
1931+ "A list of related units"
1932+ relid = relid or relation_id()
1933+ units_cmd_line = ['relation-list', '--format=json']
1934+ if relid is not None:
1935+ units_cmd_line.extend(('-r', relid))
1936+ return json.loads(subprocess.check_output(units_cmd_line)) or []
1937+
1938+
1939+@cached
1940+def relation_for_unit(unit=None, rid=None):
1941+ "Get the json represenation of a unit's relation"
1942+ unit = unit or remote_unit()
1943+ relation = relation_get(unit=unit, rid=rid)
1944+ for key in relation:
1945+ if key.endswith('-list'):
1946+ relation[key] = relation[key].split()
1947+ relation['__unit__'] = unit
1948+ return relation
1949+
1950+
1951+@cached
1952+def relations_for_id(relid=None):
1953+ "Get relations of a specific relation ID"
1954+ relation_data = []
1955+ relid = relid or relation_ids()
1956+ for unit in related_units(relid):
1957+ unit_data = relation_for_unit(unit, relid)
1958+ unit_data['__relid__'] = relid
1959+ relation_data.append(unit_data)
1960+ return relation_data
1961+
1962+
1963+@cached
1964+def relations_of_type(reltype=None):
1965+ "Get relations of a specific type"
1966+ relation_data = []
1967+ reltype = reltype or relation_type()
1968+ for relid in relation_ids(reltype):
1969+ for relation in relations_for_id(relid):
1970+ relation['__relid__'] = relid
1971+ relation_data.append(relation)
1972+ return relation_data
1973+
1974+
1975+@cached
1976+def relation_types():
1977+ "Get a list of relation types supported by this charm"
1978+ charmdir = os.environ.get('CHARM_DIR', '')
1979+ mdf = open(os.path.join(charmdir, 'metadata.yaml'))
1980+ md = yaml.safe_load(mdf)
1981+ rel_types = []
1982+ for key in ('provides', 'requires', 'peers'):
1983+ section = md.get(key)
1984+ if section:
1985+ rel_types.extend(section.keys())
1986+ mdf.close()
1987+ return rel_types
1988+
1989+
1990+@cached
1991+def relations():
1992+ rels = {}
1993+ for reltype in relation_types():
1994+ relids = {}
1995+ for relid in relation_ids(reltype):
1996+ units = {local_unit(): relation_get(unit=local_unit(), rid=relid)}
1997+ for unit in related_units(relid):
1998+ reldata = relation_get(unit=unit, rid=relid)
1999+ units[unit] = reldata
2000+ relids[relid] = units
2001+ rels[reltype] = relids
2002+ return rels
2003+
2004+
2005+def open_port(port, protocol="TCP"):
2006+ "Open a service network port"
2007+ _args = ['open-port']
2008+ _args.append('{}/{}'.format(port, protocol))
2009+ subprocess.check_call(_args)
2010+
2011+
2012+def close_port(port, protocol="TCP"):
2013+ "Close a service network port"
2014+ _args = ['close-port']
2015+ _args.append('{}/{}'.format(port, protocol))
2016+ subprocess.check_call(_args)
2017+
2018+
2019+@cached
2020+def unit_get(attribute):
2021+ _args = ['unit-get', '--format=json', attribute]
2022+ try:
2023+ return json.loads(subprocess.check_output(_args))
2024+ except ValueError:
2025+ return None
2026+
2027+
2028+def unit_private_ip():
2029+ return unit_get('private-address')
2030+
2031+
2032+class UnregisteredHookError(Exception):
2033+ pass
2034+
2035+
2036+class Hooks(object):
2037+ def __init__(self):
2038+ super(Hooks, self).__init__()
2039+ self._hooks = {}
2040+
2041+ def register(self, name, function):
2042+ self._hooks[name] = function
2043+
2044+ def execute(self, args):
2045+ hook_name = os.path.basename(args[0])
2046+ if hook_name in self._hooks:
2047+ self._hooks[hook_name]()
2048+ else:
2049+ raise UnregisteredHookError(hook_name)
2050+
2051+ def hook(self, *hook_names):
2052+ def wrapper(decorated):
2053+ for hook_name in hook_names:
2054+ self.register(hook_name, decorated)
2055+ else:
2056+ self.register(decorated.__name__, decorated)
2057+ if '_' in decorated.__name__:
2058+ self.register(
2059+ decorated.__name__.replace('_', '-'), decorated)
2060+ return decorated
2061+ return wrapper
2062+
2063+
2064+def charm_dir():
2065+ return os.environ.get('CHARM_DIR')
2066
2067=== added file 'hooks/charmhelpers/core/host.py'
2068--- hooks/charmhelpers/core/host.py 1970-01-01 00:00:00 +0000
2069+++ hooks/charmhelpers/core/host.py 2013-10-15 01:36:24 +0000
2070@@ -0,0 +1,241 @@
2071+"""Tools for working with the host system"""
2072+# Copyright 2012 Canonical Ltd.
2073+#
2074+# Authors:
2075+# Nick Moffitt <nick.moffitt@canonical.com>
2076+# Matthew Wedgwood <matthew.wedgwood@canonical.com>
2077+
2078+import os
2079+import pwd
2080+import grp
2081+import random
2082+import string
2083+import subprocess
2084+import hashlib
2085+
2086+from collections import OrderedDict
2087+
2088+from hookenv import log
2089+
2090+
2091+def service_start(service_name):
2092+ return service('start', service_name)
2093+
2094+
2095+def service_stop(service_name):
2096+ return service('stop', service_name)
2097+
2098+
2099+def service_restart(service_name):
2100+ return service('restart', service_name)
2101+
2102+
2103+def service_reload(service_name, restart_on_failure=False):
2104+ service_result = service('reload', service_name)
2105+ if not service_result and restart_on_failure:
2106+ service_result = service('restart', service_name)
2107+ return service_result
2108+
2109+
2110+def service(action, service_name):
2111+ cmd = ['service', service_name, action]
2112+ return subprocess.call(cmd) == 0
2113+
2114+
2115+def service_running(service):
2116+ try:
2117+ output = subprocess.check_output(['service', service, 'status'])
2118+ except subprocess.CalledProcessError:
2119+ return False
2120+ else:
2121+ if ("start/running" in output or "is running" in output):
2122+ return True
2123+ else:
2124+ return False
2125+
2126+
2127+def adduser(username, password=None, shell='/bin/bash', system_user=False):
2128+ """Add a user"""
2129+ try:
2130+ user_info = pwd.getpwnam(username)
2131+ log('user {0} already exists!'.format(username))
2132+ except KeyError:
2133+ log('creating user {0}'.format(username))
2134+ cmd = ['useradd']
2135+ if system_user or password is None:
2136+ cmd.append('--system')
2137+ else:
2138+ cmd.extend([
2139+ '--create-home',
2140+ '--shell', shell,
2141+ '--password', password,
2142+ ])
2143+ cmd.append(username)
2144+ subprocess.check_call(cmd)
2145+ user_info = pwd.getpwnam(username)
2146+ return user_info
2147+
2148+
2149+def add_user_to_group(username, group):
2150+ """Add a user to a group"""
2151+ cmd = [
2152+ 'gpasswd', '-a',
2153+ username,
2154+ group
2155+ ]
2156+ log("Adding user {} to group {}".format(username, group))
2157+ subprocess.check_call(cmd)
2158+
2159+
2160+def rsync(from_path, to_path, flags='-r', options=None):
2161+ """Replicate the contents of a path"""
2162+ options = options or ['--delete', '--executability']
2163+ cmd = ['/usr/bin/rsync', flags]
2164+ cmd.extend(options)
2165+ cmd.append(from_path)
2166+ cmd.append(to_path)
2167+ log(" ".join(cmd))
2168+ return subprocess.check_output(cmd).strip()
2169+
2170+
2171+def symlink(source, destination):
2172+ """Create a symbolic link"""
2173+ log("Symlinking {} as {}".format(source, destination))
2174+ cmd = [
2175+ 'ln',
2176+ '-sf',
2177+ source,
2178+ destination,
2179+ ]
2180+ subprocess.check_call(cmd)
2181+
2182+
2183+def mkdir(path, owner='root', group='root', perms=0555, force=False):
2184+ """Create a directory"""
2185+ log("Making dir {} {}:{} {:o}".format(path, owner, group,
2186+ perms))
2187+ uid = pwd.getpwnam(owner).pw_uid
2188+ gid = grp.getgrnam(group).gr_gid
2189+ realpath = os.path.abspath(path)
2190+ if os.path.exists(realpath):
2191+ if force and not os.path.isdir(realpath):
2192+ log("Removing non-directory file {} prior to mkdir()".format(path))
2193+ os.unlink(realpath)
2194+ else:
2195+ os.makedirs(realpath, perms)
2196+ os.chown(realpath, uid, gid)
2197+
2198+
2199+def write_file(path, content, owner='root', group='root', perms=0444):
2200+ """Create or overwrite a file with the contents of a string"""
2201+ log("Writing file {} {}:{} {:o}".format(path, owner, group, perms))
2202+ uid = pwd.getpwnam(owner).pw_uid
2203+ gid = grp.getgrnam(group).gr_gid
2204+ with open(path, 'w') as target:
2205+ os.fchown(target.fileno(), uid, gid)
2206+ os.fchmod(target.fileno(), perms)
2207+ target.write(content)
2208+
2209+
2210+def mount(device, mountpoint, options=None, persist=False):
2211+ '''Mount a filesystem'''
2212+ cmd_args = ['mount']
2213+ if options is not None:
2214+ cmd_args.extend(['-o', options])
2215+ cmd_args.extend([device, mountpoint])
2216+ try:
2217+ subprocess.check_output(cmd_args)
2218+ except subprocess.CalledProcessError, e:
2219+ log('Error mounting {} at {}\n{}'.format(device, mountpoint, e.output))
2220+ return False
2221+ if persist:
2222+ # TODO: update fstab
2223+ pass
2224+ return True
2225+
2226+
2227+def umount(mountpoint, persist=False):
2228+ '''Unmount a filesystem'''
2229+ cmd_args = ['umount', mountpoint]
2230+ try:
2231+ subprocess.check_output(cmd_args)
2232+ except subprocess.CalledProcessError, e:
2233+ log('Error unmounting {}\n{}'.format(mountpoint, e.output))
2234+ return False
2235+ if persist:
2236+ # TODO: update fstab
2237+ pass
2238+ return True
2239+
2240+
2241+def mounts():
2242+ '''List of all mounted volumes as [[mountpoint,device],[...]]'''
2243+ with open('/proc/mounts') as f:
2244+ # [['/mount/point','/dev/path'],[...]]
2245+ system_mounts = [m[1::-1] for m in [l.strip().split()
2246+ for l in f.readlines()]]
2247+ return system_mounts
2248+
2249+
2250+def file_hash(path):
2251+ ''' Generate a md5 hash of the contents of 'path' or None if not found '''
2252+ if os.path.exists(path):
2253+ h = hashlib.md5()
2254+ with open(path, 'r') as source:
2255+ h.update(source.read()) # IGNORE:E1101 - it does have update
2256+ return h.hexdigest()
2257+ else:
2258+ return None
2259+
2260+
2261+def restart_on_change(restart_map):
2262+ ''' Restart services based on configuration files changing
2263+
2264+ This function is used a decorator, for example
2265+
2266+ @restart_on_change({
2267+ '/etc/ceph/ceph.conf': [ 'cinder-api', 'cinder-volume' ]
2268+ })
2269+ def ceph_client_changed():
2270+ ...
2271+
2272+ In this example, the cinder-api and cinder-volume services
2273+ would be restarted if /etc/ceph/ceph.conf is changed by the
2274+ ceph_client_changed function.
2275+ '''
2276+ def wrap(f):
2277+ def wrapped_f(*args):
2278+ checksums = {}
2279+ for path in restart_map:
2280+ checksums[path] = file_hash(path)
2281+ f(*args)
2282+ restarts = []
2283+ for path in restart_map:
2284+ if checksums[path] != file_hash(path):
2285+ restarts += restart_map[path]
2286+ for service_name in list(OrderedDict.fromkeys(restarts)):
2287+ service('restart', service_name)
2288+ return wrapped_f
2289+ return wrap
2290+
2291+
2292+def lsb_release():
2293+ '''Return /etc/lsb-release in a dict'''
2294+ d = {}
2295+ with open('/etc/lsb-release', 'r') as lsb:
2296+ for l in lsb:
2297+ k, v = l.split('=')
2298+ d[k.strip()] = v.strip()
2299+ return d
2300+
2301+
2302+def pwgen(length=None):
2303+ '''Generate a random pasword.'''
2304+ if length is None:
2305+ length = random.choice(range(35, 45))
2306+ alphanumeric_chars = [
2307+ l for l in (string.letters + string.digits)
2308+ if l not in 'l0QD1vAEIOUaeiou']
2309+ random_chars = [
2310+ random.choice(alphanumeric_chars) for _ in range(length)]
2311+ return(''.join(random_chars))
2312
2313=== added directory 'hooks/charmhelpers/fetch'
2314=== added file 'hooks/charmhelpers/fetch/__init__.py'
2315--- hooks/charmhelpers/fetch/__init__.py 1970-01-01 00:00:00 +0000
2316+++ hooks/charmhelpers/fetch/__init__.py 2013-10-15 01:36:24 +0000
2317@@ -0,0 +1,209 @@
2318+import importlib
2319+from yaml import safe_load
2320+from charmhelpers.core.host import (
2321+ lsb_release
2322+)
2323+from urlparse import (
2324+ urlparse,
2325+ urlunparse,
2326+)
2327+import subprocess
2328+from charmhelpers.core.hookenv import (
2329+ config,
2330+ log,
2331+)
2332+import apt_pkg
2333+
2334+CLOUD_ARCHIVE = """# Ubuntu Cloud Archive
2335+deb http://ubuntu-cloud.archive.canonical.com/ubuntu {} main
2336+"""
2337+PROPOSED_POCKET = """# Proposed
2338+deb http://archive.ubuntu.com/ubuntu {}-proposed main universe multiverse restricted
2339+"""
2340+
2341+
2342+def filter_installed_packages(packages):
2343+ """Returns a list of packages that require installation"""
2344+ apt_pkg.init()
2345+ cache = apt_pkg.Cache()
2346+ _pkgs = []
2347+ for package in packages:
2348+ try:
2349+ p = cache[package]
2350+ p.current_ver or _pkgs.append(package)
2351+ except KeyError:
2352+ log('Package {} has no installation candidate.'.format(package),
2353+ level='WARNING')
2354+ _pkgs.append(package)
2355+ return _pkgs
2356+
2357+
2358+def apt_install(packages, options=None, fatal=False):
2359+ """Install one or more packages"""
2360+ options = options or []
2361+ cmd = ['apt-get', '-y']
2362+ cmd.extend(options)
2363+ cmd.append('install')
2364+ if isinstance(packages, basestring):
2365+ cmd.append(packages)
2366+ else:
2367+ cmd.extend(packages)
2368+ log("Installing {} with options: {}".format(packages,
2369+ options))
2370+ if fatal:
2371+ subprocess.check_call(cmd)
2372+ else:
2373+ subprocess.call(cmd)
2374+
2375+
2376+def apt_update(fatal=False):
2377+ """Update local apt cache"""
2378+ cmd = ['apt-get', 'update']
2379+ if fatal:
2380+ subprocess.check_call(cmd)
2381+ else:
2382+ subprocess.call(cmd)
2383+
2384+
2385+def apt_purge(packages, fatal=False):
2386+ """Purge one or more packages"""
2387+ cmd = ['apt-get', '-y', 'purge']
2388+ if isinstance(packages, basestring):
2389+ cmd.append(packages)
2390+ else:
2391+ cmd.extend(packages)
2392+ log("Purging {}".format(packages))
2393+ if fatal:
2394+ subprocess.check_call(cmd)
2395+ else:
2396+ subprocess.call(cmd)
2397+
2398+
2399+def add_source(source, key=None):
2400+ if ((source.startswith('ppa:') or
2401+ source.startswith('http:'))):
2402+ subprocess.check_call(['add-apt-repository', '--yes', source])
2403+ elif source.startswith('cloud:'):
2404+ apt_install(filter_installed_packages(['ubuntu-cloud-keyring']),
2405+ fatal=True)
2406+ pocket = source.split(':')[-1]
2407+ with open('/etc/apt/sources.list.d/cloud-archive.list', 'w') as apt:
2408+ apt.write(CLOUD_ARCHIVE.format(pocket))
2409+ elif source == 'proposed':
2410+ release = lsb_release()['DISTRIB_CODENAME']
2411+ with open('/etc/apt/sources.list.d/proposed.list', 'w') as apt:
2412+ apt.write(PROPOSED_POCKET.format(release))
2413+ if key:
2414+ subprocess.check_call(['apt-key', 'import', key])
2415+
2416+
2417+class SourceConfigError(Exception):
2418+ pass
2419+
2420+
2421+def configure_sources(update=False,
2422+ sources_var='install_sources',
2423+ keys_var='install_keys'):
2424+ """
2425+ Configure multiple sources from charm configuration
2426+
2427+ Example config:
2428+ install_sources:
2429+ - "ppa:foo"
2430+ - "http://example.com/repo precise main"
2431+ install_keys:
2432+ - null
2433+ - "a1b2c3d4"
2434+
2435+ Note that 'null' (a.k.a. None) should not be quoted.
2436+ """
2437+ sources = safe_load(config(sources_var))
2438+ keys = safe_load(config(keys_var))
2439+ if isinstance(sources, basestring) and isinstance(keys, basestring):
2440+ add_source(sources, keys)
2441+ else:
2442+ if not len(sources) == len(keys):
2443+ msg = 'Install sources and keys lists are different lengths'
2444+ raise SourceConfigError(msg)
2445+ for src_num in range(len(sources)):
2446+ add_source(sources[src_num], keys[src_num])
2447+ if update:
2448+ apt_update(fatal=True)
2449+
2450+# The order of this list is very important. Handlers should be listed in from
2451+# least- to most-specific URL matching.
2452+FETCH_HANDLERS = (
2453+ 'charmhelpers.fetch.archiveurl.ArchiveUrlFetchHandler',
2454+ 'charmhelpers.fetch.bzrurl.BzrUrlFetchHandler',
2455+)
2456+
2457+
2458+class UnhandledSource(Exception):
2459+ pass
2460+
2461+
2462+def install_remote(source):
2463+ """
2464+ Install a file tree from a remote source
2465+
2466+ The specified source should be a url of the form:
2467+ scheme://[host]/path[#[option=value][&...]]
2468+
2469+ Schemes supported are based on this modules submodules
2470+ Options supported are submodule-specific"""
2471+ # We ONLY check for True here because can_handle may return a string
2472+ # explaining why it can't handle a given source.
2473+ handlers = [h for h in plugins() if h.can_handle(source) is True]
2474+ installed_to = None
2475+ for handler in handlers:
2476+ try:
2477+ installed_to = handler.install(source)
2478+ except UnhandledSource:
2479+ pass
2480+ if not installed_to:
2481+ raise UnhandledSource("No handler found for source {}".format(source))
2482+ return installed_to
2483+
2484+
2485+def install_from_config(config_var_name):
2486+ charm_config = config()
2487+ source = charm_config[config_var_name]
2488+ return install_remote(source)
2489+
2490+
2491+class BaseFetchHandler(object):
2492+ """Base class for FetchHandler implementations in fetch plugins"""
2493+ def can_handle(self, source):
2494+ """Returns True if the source can be handled. Otherwise returns
2495+ a string explaining why it cannot"""
2496+ return "Wrong source type"
2497+
2498+ def install(self, source):
2499+ """Try to download and unpack the source. Return the path to the
2500+ unpacked files or raise UnhandledSource."""
2501+ raise UnhandledSource("Wrong source type {}".format(source))
2502+
2503+ def parse_url(self, url):
2504+ return urlparse(url)
2505+
2506+ def base_url(self, url):
2507+ """Return url without querystring or fragment"""
2508+ parts = list(self.parse_url(url))
2509+ parts[4:] = ['' for i in parts[4:]]
2510+ return urlunparse(parts)
2511+
2512+
2513+def plugins(fetch_handlers=None):
2514+ if not fetch_handlers:
2515+ fetch_handlers = FETCH_HANDLERS
2516+ plugin_list = []
2517+ for handler_name in fetch_handlers:
2518+ package, classname = handler_name.rsplit('.', 1)
2519+ try:
2520+ handler_class = getattr(importlib.import_module(package), classname)
2521+ plugin_list.append(handler_class())
2522+ except (ImportError, AttributeError):
2523+ # Skip missing plugins so that they can be ommitted from
2524+ # installation if desired
2525+ log("FetchHandler {} not found, skipping plugin".format(handler_name))
2526+ return plugin_list
2527
2528=== added file 'hooks/charmhelpers/fetch/archiveurl.py'
2529--- hooks/charmhelpers/fetch/archiveurl.py 1970-01-01 00:00:00 +0000
2530+++ hooks/charmhelpers/fetch/archiveurl.py 2013-10-15 01:36:24 +0000
2531@@ -0,0 +1,48 @@
2532+import os
2533+import urllib2
2534+from charmhelpers.fetch import (
2535+ BaseFetchHandler,
2536+ UnhandledSource
2537+)
2538+from charmhelpers.payload.archive import (
2539+ get_archive_handler,
2540+ extract,
2541+)
2542+from charmhelpers.core.host import mkdir
2543+
2544+
2545+class ArchiveUrlFetchHandler(BaseFetchHandler):
2546+ """Handler for archives via generic URLs"""
2547+ def can_handle(self, source):
2548+ url_parts = self.parse_url(source)
2549+ if url_parts.scheme not in ('http', 'https', 'ftp', 'file'):
2550+ return "Wrong source type"
2551+ if get_archive_handler(self.base_url(source)):
2552+ return True
2553+ return False
2554+
2555+ def download(self, source, dest):
2556+ # propogate all exceptions
2557+ # URLError, OSError, etc
2558+ response = urllib2.urlopen(source)
2559+ try:
2560+ with open(dest, 'w') as dest_file:
2561+ dest_file.write(response.read())
2562+ except Exception as e:
2563+ if os.path.isfile(dest):
2564+ os.unlink(dest)
2565+ raise e
2566+
2567+ def install(self, source):
2568+ url_parts = self.parse_url(source)
2569+ dest_dir = os.path.join(os.environ.get('CHARM_DIR'), 'fetched')
2570+ if not os.path.exists(dest_dir):
2571+ mkdir(dest_dir, perms=0755)
2572+ dld_file = os.path.join(dest_dir, os.path.basename(url_parts.path))
2573+ try:
2574+ self.download(source, dld_file)
2575+ except urllib2.URLError as e:
2576+ raise UnhandledSource(e.reason)
2577+ except OSError as e:
2578+ raise UnhandledSource(e.strerror)
2579+ return extract(dld_file)
2580
2581=== added file 'hooks/charmhelpers/fetch/bzrurl.py'
2582--- hooks/charmhelpers/fetch/bzrurl.py 1970-01-01 00:00:00 +0000
2583+++ hooks/charmhelpers/fetch/bzrurl.py 2013-10-15 01:36:24 +0000
2584@@ -0,0 +1,49 @@
2585+import os
2586+from charmhelpers.fetch import (
2587+ BaseFetchHandler,
2588+ UnhandledSource
2589+)
2590+from charmhelpers.core.host import mkdir
2591+
2592+try:
2593+ from bzrlib.branch import Branch
2594+except ImportError:
2595+ from charmhelpers.fetch import apt_install
2596+ apt_install("python-bzrlib")
2597+ from bzrlib.branch import Branch
2598+
2599+class BzrUrlFetchHandler(BaseFetchHandler):
2600+ """Handler for bazaar branches via generic and lp URLs"""
2601+ def can_handle(self, source):
2602+ url_parts = self.parse_url(source)
2603+ if url_parts.scheme not in ('bzr+ssh', 'lp'):
2604+ return False
2605+ else:
2606+ return True
2607+
2608+ def branch(self, source, dest):
2609+ url_parts = self.parse_url(source)
2610+ # If we use lp:branchname scheme we need to load plugins
2611+ if not self.can_handle(source):
2612+ raise UnhandledSource("Cannot handle {}".format(source))
2613+ if url_parts.scheme == "lp":
2614+ from bzrlib.plugin import load_plugins
2615+ load_plugins()
2616+ try:
2617+ remote_branch = Branch.open(source)
2618+ remote_branch.bzrdir.sprout(dest).open_branch()
2619+ except Exception as e:
2620+ raise e
2621+
2622+ def install(self, source):
2623+ url_parts = self.parse_url(source)
2624+ branch_name = url_parts.path.strip("/").split("/")[-1]
2625+ dest_dir = os.path.join(os.environ.get('CHARM_DIR'), "fetched", branch_name)
2626+ if not os.path.exists(dest_dir):
2627+ mkdir(dest_dir, perms=0755)
2628+ try:
2629+ self.branch(source, dest_dir)
2630+ except OSError as e:
2631+ raise UnhandledSource(e.strerror)
2632+ return dest_dir
2633+
2634
2635=== added directory 'hooks/charmhelpers/payload'
2636=== added file 'hooks/charmhelpers/payload/__init__.py'
2637--- hooks/charmhelpers/payload/__init__.py 1970-01-01 00:00:00 +0000
2638+++ hooks/charmhelpers/payload/__init__.py 2013-10-15 01:36:24 +0000
2639@@ -0,0 +1,1 @@
2640+"Tools for working with files injected into a charm just before deployment."
2641
2642=== added file 'hooks/charmhelpers/payload/execd.py'
2643--- hooks/charmhelpers/payload/execd.py 1970-01-01 00:00:00 +0000
2644+++ hooks/charmhelpers/payload/execd.py 2013-10-15 01:36:24 +0000
2645@@ -0,0 +1,50 @@
2646+#!/usr/bin/env python
2647+
2648+import os
2649+import sys
2650+import subprocess
2651+from charmhelpers.core import hookenv
2652+
2653+
2654+def default_execd_dir():
2655+ return os.path.join(os.environ['CHARM_DIR'], 'exec.d')
2656+
2657+
2658+def execd_module_paths(execd_dir=None):
2659+ """Generate a list of full paths to modules within execd_dir."""
2660+ if not execd_dir:
2661+ execd_dir = default_execd_dir()
2662+
2663+ if not os.path.exists(execd_dir):
2664+ return
2665+
2666+ for subpath in os.listdir(execd_dir):
2667+ module = os.path.join(execd_dir, subpath)
2668+ if os.path.isdir(module):
2669+ yield module
2670+
2671+
2672+def execd_submodule_paths(command, execd_dir=None):
2673+ """Generate a list of full paths to the specified command within exec_dir.
2674+ """
2675+ for module_path in execd_module_paths(execd_dir):
2676+ path = os.path.join(module_path, command)
2677+ if os.access(path, os.X_OK) and os.path.isfile(path):
2678+ yield path
2679+
2680+
2681+def execd_run(command, execd_dir=None, die_on_error=False, stderr=None):
2682+ """Run command for each module within execd_dir which defines it."""
2683+ for submodule_path in execd_submodule_paths(command, execd_dir):
2684+ try:
2685+ subprocess.check_call(submodule_path, shell=True, stderr=stderr)
2686+ except subprocess.CalledProcessError as e:
2687+ hookenv.log("Error ({}) running {}. Output: {}".format(
2688+ e.returncode, e.cmd, e.output))
2689+ if die_on_error:
2690+ sys.exit(e.returncode)
2691+
2692+
2693+def execd_preinstall(execd_dir=None):
2694+ """Run charm-pre-install for each module within execd_dir."""
2695+ execd_run('charm-pre-install', execd_dir=execd_dir)
2696
2697=== removed directory 'hooks/lib'
2698=== removed file 'hooks/lib/__init__.py'
2699=== removed file 'hooks/lib/apache_utils.py'
2700--- hooks/lib/apache_utils.py 2013-03-12 21:52:12 +0000
2701+++ hooks/lib/apache_utils.py 1970-01-01 00:00:00 +0000
2702@@ -1,193 +0,0 @@
2703-#
2704-# Copyright 2012 Canonical Ltd.
2705-#
2706-# Authors:
2707-# James Page <james.page@ubuntu.com>
2708-#
2709-
2710-from lib.utils import (
2711- relation_ids,
2712- relation_list,
2713- relation_get,
2714- render_template,
2715- juju_log,
2716- config_get,
2717- install,
2718- get_host_ip,
2719- restart
2720- )
2721-from lib.cluster_utils import https
2722-
2723-import os
2724-import subprocess
2725-from base64 import b64decode
2726-
2727-APACHE_SITE_DIR = "/etc/apache2/sites-available"
2728-SITE_TEMPLATE = "apache2_site.tmpl"
2729-RELOAD_CHECK = "To activate the new configuration"
2730-
2731-
2732-def get_cert():
2733- cert = config_get('ssl_cert')
2734- key = config_get('ssl_key')
2735- if not (cert and key):
2736- juju_log('INFO',
2737- "Inspecting identity-service relations for SSL certificate.")
2738- cert = key = None
2739- for r_id in relation_ids('identity-service'):
2740- for unit in relation_list(r_id):
2741- if not cert:
2742- cert = relation_get('ssl_cert',
2743- rid=r_id, unit=unit)
2744- if not key:
2745- key = relation_get('ssl_key',
2746- rid=r_id, unit=unit)
2747- return (cert, key)
2748-
2749-
2750-def get_ca_cert():
2751- ca_cert = None
2752- juju_log('INFO',
2753- "Inspecting identity-service relations for CA SSL certificate.")
2754- for r_id in relation_ids('identity-service'):
2755- for unit in relation_list(r_id):
2756- if not ca_cert:
2757- ca_cert = relation_get('ca_cert',
2758- rid=r_id, unit=unit)
2759- return ca_cert
2760-
2761-
2762-def install_ca_cert(ca_cert):
2763- if ca_cert:
2764- with open('/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt',
2765- 'w') as crt:
2766- crt.write(ca_cert)
2767- subprocess.check_call(['update-ca-certificates', '--fresh'])
2768-
2769-
2770-def enable_https(port_maps, namespace, cert, key, ca_cert=None):
2771- '''
2772- For a given number of port mappings, configures apache2
2773- HTTPs local reverse proxying using certficates and keys provided in
2774- either configuration data (preferred) or relation data. Assumes ports
2775- are not in use (calling charm should ensure that).
2776-
2777- port_maps: dict: external to internal port mappings
2778- namespace: str: name of charm
2779- '''
2780- def _write_if_changed(path, new_content):
2781- content = None
2782- if os.path.exists(path):
2783- with open(path, 'r') as f:
2784- content = f.read().strip()
2785- if content != new_content:
2786- with open(path, 'w') as f:
2787- f.write(new_content)
2788- return True
2789- else:
2790- return False
2791-
2792- juju_log('INFO', "Enabling HTTPS for port mappings: {}".format(port_maps))
2793- http_restart = False
2794-
2795- if cert:
2796- cert = b64decode(cert)
2797- if key:
2798- key = b64decode(key)
2799- if ca_cert:
2800- ca_cert = b64decode(ca_cert)
2801-
2802- if not cert and not key:
2803- juju_log('ERROR',
2804- "Expected but could not find SSL certificate data, not "
2805- "configuring HTTPS!")
2806- return False
2807-
2808- install('apache2')
2809- if RELOAD_CHECK in subprocess.check_output(['a2enmod', 'ssl',
2810- 'proxy', 'proxy_http']):
2811- http_restart = True
2812-
2813- ssl_dir = os.path.join('/etc/apache2/ssl', namespace)
2814- if not os.path.exists(ssl_dir):
2815- os.makedirs(ssl_dir)
2816-
2817- if (_write_if_changed(os.path.join(ssl_dir, 'cert'), cert)):
2818- http_restart = True
2819- if (_write_if_changed(os.path.join(ssl_dir, 'key'), key)):
2820- http_restart = True
2821- os.chmod(os.path.join(ssl_dir, 'key'), 0600)
2822-
2823- install_ca_cert(ca_cert)
2824-
2825- sites_dir = '/etc/apache2/sites-available'
2826- for ext_port, int_port in port_maps.items():
2827- juju_log('INFO',
2828- 'Creating apache2 reverse proxy vhost'
2829- ' for {}:{}'.format(ext_port,
2830- int_port))
2831- site = "{}_{}".format(namespace, ext_port)
2832- site_path = os.path.join(sites_dir, site)
2833- with open(site_path, 'w') as fsite:
2834- context = {
2835- "ext": ext_port,
2836- "int": int_port,
2837- "namespace": namespace,
2838- "private_address": get_host_ip()
2839- }
2840- fsite.write(render_template(SITE_TEMPLATE,
2841- context))
2842-
2843- if RELOAD_CHECK in subprocess.check_output(['a2ensite', site]):
2844- http_restart = True
2845-
2846- if http_restart:
2847- restart('apache2')
2848-
2849- return True
2850-
2851-
2852-def disable_https(port_maps, namespace):
2853- '''
2854- Ensure HTTPS reverse proxying is disables for given port mappings
2855-
2856- port_maps: dict: of ext -> int port mappings
2857- namespace: str: name of chamr
2858- '''
2859- juju_log('INFO', 'Ensuring HTTPS disabled for {}'.format(port_maps))
2860-
2861- if (not os.path.exists('/etc/apache2') or
2862- not os.path.exists(os.path.join('/etc/apache2/ssl', namespace))):
2863- return
2864-
2865- http_restart = False
2866- for ext_port in port_maps.keys():
2867- if os.path.exists(os.path.join(APACHE_SITE_DIR,
2868- "{}_{}".format(namespace,
2869- ext_port))):
2870- juju_log('INFO',
2871- "Disabling HTTPS reverse proxy"
2872- " for {} {}.".format(namespace,
2873- ext_port))
2874- if (RELOAD_CHECK in
2875- subprocess.check_output(['a2dissite',
2876- '{}_{}'.format(namespace,
2877- ext_port)])):
2878- http_restart = True
2879-
2880- if http_restart:
2881- restart(['apache2'])
2882-
2883-
2884-def setup_https(port_maps, namespace, cert, key, ca_cert=None):
2885- '''
2886- Ensures HTTPS is either enabled or disabled for given port
2887- mapping.
2888-
2889- port_maps: dict: of ext -> int port mappings
2890- namespace: str: name of charm
2891- '''
2892- if not https:
2893- disable_https(port_maps, namespace)
2894- else:
2895- enable_https(port_maps, namespace, cert, key, ca_cert)
2896
2897=== removed file 'hooks/lib/cluster_utils.py'
2898--- hooks/lib/cluster_utils.py 2013-03-19 14:04:54 +0000
2899+++ hooks/lib/cluster_utils.py 1970-01-01 00:00:00 +0000
2900@@ -1,130 +0,0 @@
2901-#
2902-# Copyright 2012 Canonical Ltd.
2903-#
2904-# This file is sourced from lp:openstack-charm-helpers
2905-#
2906-# Authors:
2907-# James Page <james.page@ubuntu.com>
2908-# Adam Gandelman <adamg@ubuntu.com>
2909-#
2910-
2911-from lib.utils import (
2912- juju_log,
2913- relation_ids,
2914- relation_list,
2915- relation_get,
2916- get_unit_hostname,
2917- config_get
2918- )
2919-import subprocess
2920-import os
2921-
2922-
2923-def is_clustered():
2924- for r_id in (relation_ids('ha') or []):
2925- for unit in (relation_list(r_id) or []):
2926- clustered = relation_get('clustered',
2927- rid=r_id,
2928- unit=unit)
2929- if clustered:
2930- return True
2931- return False
2932-
2933-
2934-def is_leader(resource):
2935- cmd = [
2936- "crm", "resource",
2937- "show", resource
2938- ]
2939- try:
2940- status = subprocess.check_output(cmd)
2941- except subprocess.CalledProcessError:
2942- return False
2943- else:
2944- if get_unit_hostname() in status:
2945- return True
2946- else:
2947- return False
2948-
2949-
2950-def peer_units():
2951- peers = []
2952- for r_id in (relation_ids('cluster') or []):
2953- for unit in (relation_list(r_id) or []):
2954- peers.append(unit)
2955- return peers
2956-
2957-
2958-def oldest_peer(peers):
2959- local_unit_no = int(os.getenv('JUJU_UNIT_NAME').split('/')[1])
2960- for peer in peers:
2961- remote_unit_no = int(peer.split('/')[1])
2962- if remote_unit_no < local_unit_no:
2963- return False
2964- return True
2965-
2966-
2967-def eligible_leader(resource):
2968- if is_clustered():
2969- if not is_leader(resource):
2970- juju_log('INFO', 'Deferring action to CRM leader.')
2971- return False
2972- else:
2973- peers = peer_units()
2974- if peers and not oldest_peer(peers):
2975- juju_log('INFO', 'Deferring action to oldest service unit.')
2976- return False
2977- return True
2978-
2979-
2980-def https():
2981- '''
2982- Determines whether enough data has been provided in configuration
2983- or relation data to configure HTTPS
2984- .
2985- returns: boolean
2986- '''
2987- if config_get('use-https') == "yes":
2988- return True
2989- if config_get('ssl_cert') and config_get('ssl_key'):
2990- return True
2991- for r_id in relation_ids('identity-service'):
2992- for unit in relation_list(r_id):
2993- if (relation_get('https_keystone', rid=r_id, unit=unit) and
2994- relation_get('ssl_cert', rid=r_id, unit=unit) and
2995- relation_get('ssl_key', rid=r_id, unit=unit) and
2996- relation_get('ca_cert', rid=r_id, unit=unit)):
2997- return True
2998- return False
2999-
3000-
3001-def determine_api_port(public_port):
3002- '''
3003- Determine correct API server listening port based on
3004- existence of HTTPS reverse proxy and/or haproxy.
3005-
3006- public_port: int: standard public port for given service
3007-
3008- returns: int: the correct listening port for the API service
3009- '''
3010- i = 0
3011- if len(peer_units()) > 0 or is_clustered():
3012- i += 1
3013- if https():
3014- i += 1
3015- return public_port - (i * 10)
3016-
3017-
3018-def determine_haproxy_port(public_port):
3019- '''
3020- Description: Determine correct proxy listening port based on public IP +
3021- existence of HTTPS reverse proxy.
3022-
3023- public_port: int: standard public port for given service
3024-
3025- returns: int: the correct listening port for the HAProxy service
3026- '''
3027- i = 0
3028- if https():
3029- i += 1
3030- return public_port - (i * 10)
3031
3032=== removed file 'hooks/lib/haproxy_utils.py'
3033--- hooks/lib/haproxy_utils.py 2013-03-12 11:17:32 +0000
3034+++ hooks/lib/haproxy_utils.py 1970-01-01 00:00:00 +0000
3035@@ -1,52 +0,0 @@
3036-#
3037-# Copyright 2012 Canonical Ltd.
3038-#
3039-# Authors:
3040-# James Page <james.page@ubuntu.com>
3041-#
3042-
3043-from lib.utils import (
3044- relation_ids,
3045- relation_list,
3046- relation_get,
3047- unit_get,
3048- reload,
3049- render_template
3050- )
3051-import os
3052-
3053-HAPROXY_CONF = '/etc/haproxy/haproxy.cfg'
3054-HAPROXY_DEFAULT = '/etc/default/haproxy'
3055-
3056-
3057-def configure_haproxy(service_ports):
3058- '''
3059- Configure HAProxy based on the current peers in the service
3060- cluster using the provided port map:
3061-
3062- "swift": [ 8080, 8070 ]
3063-
3064- HAproxy will also be reloaded/started if required
3065-
3066- service_ports: dict: dict of lists of [ frontend, backend ]
3067- '''
3068- cluster_hosts = {}
3069- cluster_hosts[os.getenv('JUJU_UNIT_NAME').replace('/', '-')] = \
3070- unit_get('private-address')
3071- for r_id in relation_ids('cluster'):
3072- for unit in relation_list(r_id):
3073- cluster_hosts[unit.replace('/', '-')] = \
3074- relation_get(attribute='private-address',
3075- rid=r_id,
3076- unit=unit)
3077- context = {
3078- 'units': cluster_hosts,
3079- 'service_ports': service_ports
3080- }
3081- with open(HAPROXY_CONF, 'w') as f:
3082- f.write(render_template(os.path.basename(HAPROXY_CONF),
3083- context))
3084- with open(HAPROXY_DEFAULT, 'w') as f:
3085- f.write('ENABLED=1')
3086-
3087- reload('haproxy')
3088
3089=== removed file 'hooks/lib/openstack_common.py'
3090--- hooks/lib/openstack_common.py 2013-07-19 19:35:01 +0000
3091+++ hooks/lib/openstack_common.py 1970-01-01 00:00:00 +0000
3092@@ -1,231 +0,0 @@
3093-#!/usr/bin/python
3094-
3095-# Common python helper functions used for OpenStack charms.
3096-
3097-import apt_pkg as apt
3098-import subprocess
3099-import os
3100-
3101-CLOUD_ARCHIVE_URL = "http://ubuntu-cloud.archive.canonical.com/ubuntu"
3102-CLOUD_ARCHIVE_KEY_ID = '5EDB1B62EC4926EA'
3103-
3104-ubuntu_openstack_release = {
3105- 'oneiric': 'diablo',
3106- 'precise': 'essex',
3107- 'quantal': 'folsom',
3108- 'raring': 'grizzly',
3109-}
3110-
3111-
3112-openstack_codenames = {
3113- '2011.2': 'diablo',
3114- '2012.1': 'essex',
3115- '2012.2': 'folsom',
3116- '2013.1': 'grizzly',
3117- '2013.2': 'havana',
3118-}
3119-
3120-# The ugly duckling
3121-swift_codenames = {
3122- '1.4.3': 'diablo',
3123- '1.4.8': 'essex',
3124- '1.7.4': 'folsom',
3125- '1.7.6': 'grizzly',
3126- '1.7.7': 'grizzly',
3127- '1.8.0': 'grizzly',
3128-}
3129-
3130-
3131-def juju_log(msg):
3132- subprocess.check_call(['juju-log', msg])
3133-
3134-
3135-def error_out(msg):
3136- juju_log("FATAL ERROR: %s" % msg)
3137- exit(1)
3138-
3139-
3140-def lsb_release():
3141- '''Return /etc/lsb-release in a dict'''
3142- lsb = open('/etc/lsb-release', 'r')
3143- d = {}
3144- for l in lsb:
3145- k, v = l.split('=')
3146- d[k.strip()] = v.strip()
3147- return d
3148-
3149-
3150-def get_os_codename_install_source(src):
3151- '''Derive OpenStack release codename from a given installation source.'''
3152- ubuntu_rel = lsb_release()['DISTRIB_CODENAME']
3153-
3154- rel = ''
3155- if src == 'distro':
3156- try:
3157- rel = ubuntu_openstack_release[ubuntu_rel]
3158- except KeyError:
3159- e = 'Code not derive openstack release for '\
3160- 'this Ubuntu release: %s' % rel
3161- error_out(e)
3162- return rel
3163-
3164- if src.startswith('cloud:'):
3165- ca_rel = src.split(':')[1]
3166- ca_rel = ca_rel.split('%s-' % ubuntu_rel)[1].split('/')[0]
3167- return ca_rel
3168-
3169- # Best guess match based on deb string provided
3170- if src.startswith('deb') or src.startswith('ppa'):
3171- for k, v in openstack_codenames.iteritems():
3172- if v in src:
3173- return v
3174-
3175-
3176-def get_os_codename_version(vers):
3177- '''Determine OpenStack codename from version number.'''
3178- try:
3179- return openstack_codenames[vers]
3180- except KeyError:
3181- e = 'Could not determine OpenStack codename for version %s' % vers
3182- error_out(e)
3183-
3184-
3185-def get_os_version_codename(codename):
3186- '''Determine OpenStack version number from codename.'''
3187- for k, v in openstack_codenames.iteritems():
3188- if v == codename:
3189- return k
3190- e = 'Code not derive OpenStack version for '\
3191- 'codename: %s' % codename
3192- error_out(e)
3193-
3194-
3195-def get_os_codename_package(pkg):
3196- '''Derive OpenStack release codename from an installed package.'''
3197- apt.init()
3198- cache = apt.Cache()
3199- try:
3200- pkg = cache[pkg]
3201- except:
3202- e = 'Could not determine version of installed package: %s' % pkg
3203- error_out(e)
3204-
3205- vers = apt.UpstreamVersion(pkg.current_ver.ver_str)
3206-
3207- try:
3208- if 'swift' in pkg.name:
3209- vers = vers[:5]
3210- return swift_codenames[vers]
3211- else:
3212- vers = vers[:6]
3213- return openstack_codenames[vers]
3214- except KeyError:
3215- e = 'Could not determine OpenStack codename for version %s' % vers
3216- error_out(e)
3217-
3218-
3219-def get_os_version_package(pkg):
3220- '''Derive OpenStack version number from an installed package.'''
3221- codename = get_os_codename_package(pkg)
3222-
3223- if 'swift' in pkg:
3224- vers_map = swift_codenames
3225- else:
3226- vers_map = openstack_codenames
3227-
3228- for version, cname in vers_map.iteritems():
3229- if cname == codename:
3230- return version
3231- e = "Could not determine OpenStack version for package: %s" % pkg
3232- error_out(e)
3233-
3234-
3235-def configure_installation_source(rel):
3236- '''Configure apt installation source.'''
3237-
3238- def _import_key(keyid):
3239- cmd = "apt-key adv --keyserver keyserver.ubuntu.com " \
3240- "--recv-keys %s" % keyid
3241- try:
3242- subprocess.check_call(cmd.split(' '))
3243- except subprocess.CalledProcessError:
3244- error_out("Error importing repo key %s" % keyid)
3245-
3246- if rel == 'distro':
3247- return
3248- elif rel[:4] == "ppa:":
3249- src = rel
3250- subprocess.check_call(["add-apt-repository", "-y", src])
3251- elif rel[:3] == "deb":
3252- l = len(rel.split('|'))
3253- if l == 2:
3254- src, key = rel.split('|')
3255- juju_log("Importing PPA key from keyserver for %s" % src)
3256- _import_key(key)
3257- elif l == 1:
3258- src = rel
3259- else:
3260- error_out("Invalid openstack-release: %s" % rel)
3261-
3262- with open('/etc/apt/sources.list.d/juju_deb.list', 'w') as f:
3263- f.write(src)
3264- elif rel[:6] == 'cloud:':
3265- ubuntu_rel = lsb_release()['DISTRIB_CODENAME']
3266- rel = rel.split(':')[1]
3267- u_rel = rel.split('-')[0]
3268- ca_rel = rel.split('-')[1]
3269-
3270- if u_rel != ubuntu_rel:
3271- e = 'Cannot install from Cloud Archive pocket %s on this Ubuntu '\
3272- 'version (%s)' % (ca_rel, ubuntu_rel)
3273- error_out(e)
3274-
3275- if 'staging' in ca_rel:
3276- # staging is just a regular PPA.
3277- os_rel = ca_rel.split('/')[0]
3278- ppa = 'ppa:ubuntu-cloud-archive/%s-staging' % os_rel
3279- cmd = 'add-apt-repository -y %s' % ppa
3280- subprocess.check_call(cmd.split(' '))
3281- return
3282-
3283- # map charm config options to actual archive pockets.
3284- pockets = {
3285- 'folsom': 'precise-updates/folsom',
3286- 'folsom/updates': 'precise-updates/folsom',
3287- 'folsom/proposed': 'precise-proposed/folsom',
3288- 'grizzly': 'precise-updates/grizzly',
3289- 'grizzly/updates': 'precise-updates/grizzly',
3290- 'grizzly/proposed': 'precise-proposed/grizzly'
3291- }
3292-
3293- try:
3294- pocket = pockets[ca_rel]
3295- except KeyError:
3296- e = 'Invalid Cloud Archive release specified: %s' % rel
3297- error_out(e)
3298-
3299- src = "deb %s %s main" % (CLOUD_ARCHIVE_URL, pocket)
3300- cmd = ['apt-get', '-y', 'install', 'ubuntu-cloud-keyring']
3301- subprocess.check_call(cmd)
3302-
3303- with open('/etc/apt/sources.list.d/cloud-archive.list', 'w') as f:
3304- f.write(src)
3305- else:
3306- error_out("Invalid openstack-release specified: %s" % rel)
3307-
3308-
3309-def save_script_rc(script_path="scripts/scriptrc", **env_vars):
3310- """
3311- Write an rc file in the charm-delivered directory containing
3312- exported environment variables provided by env_vars. Any charm scripts run
3313- outside the juju hook environment can source this scriptrc to obtain
3314- updated config information necessary to perform health checks or
3315- service changes.
3316- """
3317- charm_dir = os.getenv('CHARM_DIR')
3318- juju_rc_path = "%s/%s" % (charm_dir, script_path)
3319- with open(juju_rc_path, 'wb') as rc_script:
3320- rc_script.write(
3321- "#!/bin/bash\n")
3322- [rc_script.write('export %s=%s\n' % (u, p))
3323- for u, p in env_vars.iteritems() if u != "script_path"]
3324
3325=== removed file 'hooks/lib/utils.py'
3326--- hooks/lib/utils.py 2013-03-21 18:29:07 +0000
3327+++ hooks/lib/utils.py 1970-01-01 00:00:00 +0000
3328@@ -1,332 +0,0 @@
3329-#
3330-# Copyright 2012 Canonical Ltd.
3331-#
3332-# This file is sourced from lp:openstack-charm-helpers
3333-#
3334-# Authors:
3335-# James Page <james.page@ubuntu.com>
3336-# Paul Collins <paul.collins@canonical.com>
3337-# Adam Gandelman <adamg@ubuntu.com>
3338-#
3339-
3340-import json
3341-import os
3342-import subprocess
3343-import socket
3344-import sys
3345-
3346-
3347-def do_hooks(hooks):
3348- hook = os.path.basename(sys.argv[0])
3349-
3350- try:
3351- hook_func = hooks[hook]
3352- except KeyError:
3353- juju_log('INFO',
3354- "This charm doesn't know how to handle '{}'.".format(hook))
3355- else:
3356- hook_func()
3357-
3358-
3359-def install(*pkgs):
3360- cmd = [
3361- 'apt-get',
3362- '-y',
3363- 'install'
3364- ]
3365- for pkg in pkgs:
3366- cmd.append(pkg)
3367- subprocess.check_call(cmd)
3368-
3369-TEMPLATES_DIR = 'templates'
3370-
3371-try:
3372- import jinja2
3373-except ImportError:
3374- install('python-jinja2')
3375- import jinja2
3376-
3377-try:
3378- import dns.resolver
3379-except ImportError:
3380- install('python-dnspython')
3381- import dns.resolver
3382-
3383-
3384-def render_template(template_name, context, template_dir=TEMPLATES_DIR):
3385- templates = jinja2.Environment(
3386- loader=jinja2.FileSystemLoader(template_dir)
3387- )
3388- template = templates.get_template(template_name)
3389- return template.render(context)
3390-
3391-CLOUD_ARCHIVE = \
3392-""" # Ubuntu Cloud Archive
3393-deb http://ubuntu-cloud.archive.canonical.com/ubuntu {} main
3394-"""
3395-
3396-CLOUD_ARCHIVE_POCKETS = {
3397- 'folsom': 'precise-updates/folsom',
3398- 'folsom/updates': 'precise-updates/folsom',
3399- 'folsom/proposed': 'precise-proposed/folsom',
3400- 'grizzly': 'precise-updates/grizzly',
3401- 'grizzly/updates': 'precise-updates/grizzly',
3402- 'grizzly/proposed': 'precise-proposed/grizzly'
3403- }
3404-
3405-
3406-def configure_source():
3407- source = str(config_get('openstack-origin'))
3408- if not source:
3409- return
3410- if source.startswith('ppa:'):
3411- cmd = [
3412- 'add-apt-repository',
3413- source
3414- ]
3415- subprocess.check_call(cmd)
3416- if source.startswith('cloud:'):
3417- # CA values should be formatted as cloud:ubuntu-openstack/pocket, eg:
3418- # cloud:precise-folsom/updates or cloud:precise-folsom/proposed
3419- install('ubuntu-cloud-keyring')
3420- pocket = source.split(':')[1]
3421- pocket = pocket.split('-')[1]
3422- with open('/etc/apt/sources.list.d/cloud-archive.list', 'w') as apt:
3423- apt.write(CLOUD_ARCHIVE.format(CLOUD_ARCHIVE_POCKETS[pocket]))
3424- if source.startswith('deb'):
3425- l = len(source.split('|'))
3426- if l == 2:
3427- (apt_line, key) = source.split('|')
3428- cmd = [
3429- 'apt-key',
3430- 'adv', '--keyserver keyserver.ubuntu.com',
3431- '--recv-keys', key
3432- ]
3433- subprocess.check_call(cmd)
3434- elif l == 1:
3435- apt_line = source
3436-
3437- with open('/etc/apt/sources.list.d/quantum.list', 'w') as apt:
3438- apt.write(apt_line + "\n")
3439- cmd = [
3440- 'apt-get',
3441- 'update'
3442- ]
3443- subprocess.check_call(cmd)
3444-
3445-# Protocols
3446-TCP = 'TCP'
3447-UDP = 'UDP'
3448-
3449-
3450-def expose(port, protocol='TCP'):
3451- cmd = [
3452- 'open-port',
3453- '{}/{}'.format(port, protocol)
3454- ]
3455- subprocess.check_call(cmd)
3456-
3457-
3458-def juju_log(severity, message):
3459- cmd = [
3460- 'juju-log',
3461- '--log-level', severity,
3462- message
3463- ]
3464- subprocess.check_call(cmd)
3465-
3466-
3467-cache = {}
3468-
3469-
3470-def cached(func):
3471- def wrapper(*args, **kwargs):
3472- global cache
3473- key = str((func, args, kwargs))
3474- try:
3475- return cache[key]
3476- except KeyError:
3477- res = func(*args, **kwargs)
3478- cache[key] = res
3479- return res
3480- return wrapper
3481-
3482-
3483-@cached
3484-def relation_ids(relation):
3485- cmd = [
3486- 'relation-ids',
3487- relation
3488- ]
3489- result = str(subprocess.check_output(cmd)).split()
3490- if result == "":
3491- return None
3492- else:
3493- return result
3494-
3495-
3496-@cached
3497-def relation_list(rid):
3498- cmd = [
3499- 'relation-list',
3500- '-r', rid,
3501- ]
3502- result = str(subprocess.check_output(cmd)).split()
3503- if result == "":
3504- return None
3505- else:
3506- return result
3507-
3508-
3509-@cached
3510-def relation_get(attribute, unit=None, rid=None):
3511- cmd = [
3512- 'relation-get',
3513- ]
3514- if rid:
3515- cmd.append('-r')
3516- cmd.append(rid)
3517- cmd.append(attribute)
3518- if unit:
3519- cmd.append(unit)
3520- value = subprocess.check_output(cmd).strip() # IGNORE:E1103
3521- if value == "":
3522- return None
3523- else:
3524- return value
3525-
3526-
3527-@cached
3528-def relation_get_dict(relation_id=None, remote_unit=None):
3529- """Obtain all relation data as dict by way of JSON"""
3530- cmd = [
3531- 'relation-get', '--format=json'
3532- ]
3533- if relation_id:
3534- cmd.append('-r')
3535- cmd.append(relation_id)
3536- if remote_unit:
3537- remote_unit_orig = os.getenv('JUJU_REMOTE_UNIT', None)
3538- os.environ['JUJU_REMOTE_UNIT'] = remote_unit
3539- j = subprocess.check_output(cmd)
3540- if remote_unit and remote_unit_orig:
3541- os.environ['JUJU_REMOTE_UNIT'] = remote_unit_orig
3542- d = json.loads(j)
3543- settings = {}
3544- # convert unicode to strings
3545- for k, v in d.iteritems():
3546- settings[str(k)] = str(v)
3547- return settings
3548-
3549-
3550-def relation_set(**kwargs):
3551- cmd = [
3552- 'relation-set'
3553- ]
3554- args = []
3555- for k, v in kwargs.items():
3556- if k == 'rid':
3557- if v:
3558- cmd.append('-r')
3559- cmd.append(v)
3560- else:
3561- args.append('{}={}'.format(k, v))
3562- cmd += args
3563- subprocess.check_call(cmd)
3564-
3565-
3566-@cached
3567-def unit_get(attribute):
3568- cmd = [
3569- 'unit-get',
3570- attribute
3571- ]
3572- value = subprocess.check_output(cmd).strip() # IGNORE:E1103
3573- if value == "":
3574- return None
3575- else:
3576- return value
3577-
3578-
3579-@cached
3580-def config_get(attribute):
3581- cmd = [
3582- 'config-get',
3583- '--format',
3584- 'json',
3585- ]
3586- out = subprocess.check_output(cmd).strip() # IGNORE:E1103
3587- cfg = json.loads(out)
3588-
3589- try:
3590- return cfg[attribute]
3591- except KeyError:
3592- return None
3593-
3594-
3595-@cached
3596-def get_unit_hostname():
3597- return socket.gethostname()
3598-
3599-
3600-@cached
3601-def get_host_ip(hostname=unit_get('private-address')):
3602- try:
3603- # Test to see if already an IPv4 address
3604- socket.inet_aton(hostname)
3605- return hostname
3606- except socket.error:
3607- answers = dns.resolver.query(hostname, 'A')
3608- if answers:
3609- return answers[0].address
3610- return None
3611-
3612-
3613-def _svc_control(service, action):
3614- subprocess.check_call(['service', service, action])
3615-
3616-
3617-def restart(*services):
3618- for service in services:
3619- _svc_control(service, 'restart')
3620-
3621-
3622-def stop(*services):
3623- for service in services:
3624- _svc_control(service, 'stop')
3625-
3626-
3627-def start(*services):
3628- for service in services:
3629- _svc_control(service, 'start')
3630-
3631-
3632-def reload(*services):
3633- for service in services:
3634- try:
3635- _svc_control(service, 'reload')
3636- except subprocess.CalledProcessError:
3637- # Reload failed - either service does not support reload
3638- # or it was not running - restart will fixup most things
3639- _svc_control(service, 'restart')
3640-
3641-
3642-def running(service):
3643- try:
3644- output = subprocess.check_output(['service', service, 'status'])
3645- except subprocess.CalledProcessError:
3646- return False
3647- else:
3648- if ("start/running" in output or
3649- "is running" in output):
3650- return True
3651- else:
3652- return False
3653-
3654-
3655-def is_relation_made(relation, key='private-address'):
3656- for r_id in (relation_ids(relation) or []):
3657- for unit in (relation_list(r_id) or []):
3658- if relation_get(key, rid=r_id, unit=unit):
3659- return True
3660- return False
3661
3662=== added symlink 'hooks/start'
3663=== target is u'swift_hooks.py'
3664=== added symlink 'hooks/stop'
3665=== target is u'swift_hooks.py'
3666=== added file 'hooks/swift_context.py'
3667--- hooks/swift_context.py 1970-01-01 00:00:00 +0000
3668+++ hooks/swift_context.py 2013-10-15 01:36:24 +0000
3669@@ -0,0 +1,223 @@
3670+from charmhelpers.core.hookenv import (
3671+ config,
3672+ log,
3673+ relation_ids,
3674+ related_units,
3675+ relation_get,
3676+ unit_get
3677+)
3678+
3679+from charmhelpers.contrib.openstack.context import (
3680+ OSContextGenerator,
3681+ ApacheSSLContext as SSLContext,
3682+ context_complete,
3683+ CA_CERT_PATH
3684+)
3685+
3686+from charmhelpers.contrib.hahelpers.cluster import (
3687+ determine_api_port,
3688+ determine_haproxy_port,
3689+)
3690+
3691+from charmhelpers.contrib.openstack.utils import get_host_ip
3692+import subprocess
3693+import os
3694+
3695+
3696+from charmhelpers.contrib.hahelpers.apache import (
3697+ get_cert,
3698+ get_ca_cert,
3699+)
3700+
3701+from base64 import b64decode, b64encode
3702+
3703+
3704+class HAProxyContext(OSContextGenerator):
3705+ interfaces = ['cluster']
3706+
3707+ def __call__(self):
3708+ '''
3709+ Extends the main charmhelpers HAProxyContext with a port mapping
3710+ specific to this charm.
3711+ Also used to extend cinder.conf context with correct api_listening_port
3712+ '''
3713+ haproxy_port = determine_haproxy_port(config('bind-port'))
3714+ api_port = determine_api_port(config('bind-port'))
3715+
3716+ ctxt = {
3717+ 'service_ports': {'swift_api': [haproxy_port, api_port]},
3718+ }
3719+ return ctxt
3720+
3721+
3722+WWW_DIR = '/var/www/swift-rings'
3723+
3724+
3725+def generate_cert():
3726+ '''
3727+ Generates a self signed certificate and key using the
3728+ provided charm configuration data.
3729+
3730+ returns: tuple of (cert, key)
3731+ '''
3732+ CERT = '/etc/swift/ssl.cert'
3733+ KEY = '/etc/swift/ssl.key'
3734+ if not os.path.exists(CERT) and not os.path.exists(KEY):
3735+ subj = '/C=%s/ST=%s/L=%s/CN=%s' %\
3736+ (config('country'), config('state'),
3737+ config('locale'), config('common-name'))
3738+ cmd = ['openssl', 'req', '-new', '-x509', '-nodes',
3739+ '-out', CERT, '-keyout', KEY,
3740+ '-subj', subj]
3741+ subprocess.check_call(cmd)
3742+ os.chmod(KEY, 0600)
3743+ # Slurp as base64 encoded - makes handling easier up the stack
3744+ with open(CERT, 'r') as cfile:
3745+ ssl_cert = b64encode(cfile.read())
3746+ with open(KEY, 'r') as kfile:
3747+ ssl_key = b64encode(kfile.read())
3748+ return (ssl_cert, ssl_key)
3749+
3750+
3751+class ApacheSSLContext(SSLContext):
3752+ interfaces = ['https']
3753+ external_ports = [config('bind-port')]
3754+ service_namespace = 'swift'
3755+
3756+ def configure_cert(self):
3757+ if not os.path.isdir('/etc/apache2/ssl'):
3758+ os.mkdir('/etc/apache2/ssl')
3759+ ssl_dir = os.path.join('/etc/apache2/ssl/', self.service_namespace)
3760+ if not os.path.isdir(ssl_dir):
3761+ os.mkdir(ssl_dir)
3762+ cert, key = get_cert()
3763+ # Swift specific - generate a cert by default if not using
3764+ # a) user supplied cert or b) keystone signed cert
3765+ if None in [cert, key]:
3766+ cert, key = generate_cert()
3767+ with open(os.path.join(ssl_dir, 'cert'), 'w') as cert_out:
3768+ cert_out.write(b64decode(cert))
3769+ with open(os.path.join(ssl_dir, 'key'), 'w') as key_out:
3770+ key_out.write(b64decode(key))
3771+ ca_cert = get_ca_cert()
3772+ if ca_cert:
3773+ with open(CA_CERT_PATH, 'w') as ca_out:
3774+ ca_out.write(b64decode(ca_cert))
3775+ subprocess.check_call(['update-ca-certificates'])
3776+
3777+ def __call__(self):
3778+ return super(ApacheSSLContext, self).__call__()
3779+
3780+
3781+class SwiftRingContext(OSContextGenerator):
3782+ def __call__(self):
3783+ allowed_hosts = []
3784+ for relid in relation_ids('swift-storage'):
3785+ for unit in related_units(relid):
3786+ host = relation_get('private-address', unit, relid)
3787+ allowed_hosts.append(get_host_ip(host))
3788+
3789+ ctxt = {
3790+ 'www_dir': WWW_DIR,
3791+ 'allowed_hosts': allowed_hosts
3792+ }
3793+ return ctxt
3794+
3795+
3796+class SwiftIdentityContext(OSContextGenerator):
3797+ interfaces = ['identity-service']
3798+
3799+ def __call__(self):
3800+ bind_port = config('bind-port')
3801+ workers = config('workers')
3802+ if workers == '0':
3803+ import multiprocessing
3804+ workers = multiprocessing.cpu_count()
3805+ ctxt = {
3806+ 'proxy_ip': get_host_ip(unit_get('private-address')),
3807+ 'bind_port': determine_api_port(bind_port),
3808+ 'workers': workers,
3809+ 'operator_roles': config('operator-roles'),
3810+ 'delay_auth_decision': config('delay-auth-decision')
3811+ }
3812+
3813+ ctxt['ssl'] = False
3814+
3815+ auth_type = config('auth-type')
3816+ auth_host = config('keystone-auth-host')
3817+ admin_user = config('keystone-admin-user')
3818+ admin_password = config('keystone-admin-user')
3819+ if (auth_type == 'keystone' and auth_host
3820+ and admin_user and admin_password):
3821+ log('Using user-specified Keystone configuration.')
3822+ ks_auth = {
3823+ 'auth_type': 'keystone',
3824+ 'auth_protocol': config('keystone-auth-protocol'),
3825+ 'keystone_host': auth_host,
3826+ 'auth_port': config('keystone-auth-port'),
3827+ 'service_user': admin_user,
3828+ 'service_password': admin_password,
3829+ 'service_tenant': config('keystone-admin-tenant-name')
3830+ }
3831+ ctxt.update(ks_auth)
3832+
3833+ for relid in relation_ids('identity-service'):
3834+ log('Using Keystone configuration from identity-service.')
3835+ for unit in related_units(relid):
3836+ ks_auth = {
3837+ 'auth_type': 'keystone',
3838+ 'auth_protocol': 'http', # TODO: http hardcode
3839+ 'keystone_host': relation_get('auth_host',
3840+ unit, relid),
3841+ 'auth_port': relation_get('auth_port',
3842+ unit, relid),
3843+ 'service_user': relation_get('service_username',
3844+ unit, relid),
3845+ 'service_password': relation_get('service_password',
3846+ unit, relid),
3847+ 'service_tenant': relation_get('service_tenant',
3848+ unit, relid),
3849+ 'service_port': relation_get('service_port',
3850+ unit, relid),
3851+ 'admin_token': relation_get('admin_token',
3852+ unit, relid),
3853+ }
3854+ if context_complete(ks_auth):
3855+ ctxt.update(ks_auth)
3856+ return ctxt
3857+
3858+
3859+class MemcachedContext(OSContextGenerator):
3860+ def __call__(self):
3861+ ctxt = {
3862+ 'proxy_ip': get_host_ip(unit_get('private-address'))
3863+ }
3864+ return ctxt
3865+
3866+SWIFT_HASH_FILE = '/var/lib/juju/swift-hash-path.conf'
3867+
3868+
3869+def get_swift_hash():
3870+ if os.path.isfile(SWIFT_HASH_FILE):
3871+ with open(SWIFT_HASH_FILE, 'r') as hashfile:
3872+ swift_hash = hashfile.read().strip()
3873+ elif config('swift-hash'):
3874+ swift_hash = config('swift-hash')
3875+ with open(SWIFT_HASH_FILE, 'w') as hashfile:
3876+ hashfile.write(swift_hash)
3877+ else:
3878+ cmd = ['od', '-t', 'x8', '-N', '8', '-A', 'n']
3879+ rand = open('/dev/random', 'r')
3880+ p = subprocess.Popen(cmd, stdout=subprocess.PIPE, stdin=rand)
3881+ swift_hash = p.communicate()[0].strip()
3882+ with open(SWIFT_HASH_FILE, 'w') as hashfile:
3883+ hashfile.write(swift_hash)
3884+ return swift_hash
3885+
3886+
3887+class SwiftHashContext(OSContextGenerator):
3888+ def __call__(self):
3889+ ctxt = {
3890+ 'swift_hash': get_swift_hash()
3891+ }
3892+ return ctxt
3893
3894=== modified file 'hooks/swift_hooks.py'
3895--- hooks/swift_hooks.py 2013-05-22 21:30:39 +0000
3896+++ hooks/swift_hooks.py 2013-10-15 01:36:24 +0000
3897@@ -4,254 +4,298 @@
3898 import sys
3899 import shutil
3900 import uuid
3901-from subprocess import check_call
3902-
3903-import lib.openstack_common as openstack
3904-import lib.utils as utils
3905-import lib.cluster_utils as cluster
3906-import swift_utils as swift
3907+import subprocess
3908+
3909+import charmhelpers.contrib.openstack.utils as openstack
3910+import charmhelpers.contrib.hahelpers.cluster as cluster
3911+from swift_utils import (
3912+ register_configs,
3913+ restart_map,
3914+ determine_packages,
3915+ ensure_swift_dir,
3916+ SWIFT_RINGS, WWW_DIR,
3917+ initialize_ring,
3918+ swift_user,
3919+ SWIFT_HA_RES,
3920+ balance_ring,
3921+ SWIFT_CONF_DIR,
3922+ get_zone,
3923+ exists_in_ring,
3924+ add_to_ring,
3925+ should_balance,
3926+ do_openstack_upgrade,
3927+ write_rc_script
3928+)
3929+from swift_context import get_swift_hash
3930+
3931+from charmhelpers.core.hookenv import (
3932+ config,
3933+ unit_get,
3934+ relation_set,
3935+ relation_ids,
3936+ relation_get,
3937+ log, ERROR,
3938+ Hooks, UnregisteredHookError,
3939+ open_port
3940+)
3941+from charmhelpers.core.host import (
3942+ service_restart,
3943+ restart_on_change
3944+)
3945+from charmhelpers.fetch import (
3946+ apt_install,
3947+ apt_update
3948+)
3949+from charmhelpers.payload.execd import execd_preinstall
3950
3951 extra_pkgs = [
3952 "haproxy",
3953 "python-jinja2"
3954- ]
3955-
3956-
3957+]
3958+
3959+
3960+hooks = Hooks()
3961+
3962+CONFIGS = register_configs()
3963+
3964+
3965+@hooks.hook('install')
3966 def install():
3967- src = utils.config_get('openstack-origin')
3968+ execd_preinstall()
3969+ src = config('openstack-origin')
3970 if src != 'distro':
3971 openstack.configure_installation_source(src)
3972- check_call(['apt-get', 'update'])
3973+ apt_update(fatal=True)
3974 rel = openstack.get_os_codename_install_source(src)
3975
3976- pkgs = swift.determine_packages(rel)
3977- utils.install(*pkgs)
3978- utils.install(*extra_pkgs)
3979-
3980- swift.ensure_swift_dir()
3981-
3982- # initialize swift configs.
3983- # swift.conf hash
3984- ctxt = {
3985- 'swift_hash': swift.get_swift_hash()
3986- }
3987- with open(swift.SWIFT_CONF, 'w') as conf:
3988- conf.write(swift.render_config(swift.SWIFT_CONF, ctxt))
3989-
3990- # swift-proxy.conf
3991- swift.write_proxy_config()
3992-
3993- # memcached.conf
3994- ctxt = {'proxy_ip': utils.get_host_ip()}
3995- with open(swift.MEMCACHED_CONF, 'w') as conf:
3996- conf.write(swift.render_config(swift.MEMCACHED_CONF, ctxt))
3997- check_call(['service', 'memcached', 'restart'])
3998-
3999+ pkgs = determine_packages(rel)
4000+ apt_install(pkgs, fatal=True)
4001+ apt_install(extra_pkgs, fatal=True)
4002+
4003+ ensure_swift_dir()
4004 # initialize new storage rings.
4005- for ring in swift.SWIFT_RINGS.iteritems():
4006- swift.initialize_ring(ring[1],
4007- utils.config_get('partition-power'),
4008- utils.config_get('replicas'),
4009- utils.config_get('min-hours'))
4010+ for ring in SWIFT_RINGS.iteritems():
4011+ initialize_ring(ring[1],
4012+ config('partition-power'),
4013+ config('replicas'),
4014+ config('min-hours'))
4015
4016 # configure a directory on webserver for distributing rings.
4017- if not os.path.isdir(swift.WWW_DIR):
4018- os.mkdir(swift.WWW_DIR, 0755)
4019- uid, gid = swift.swift_user()
4020- os.chown(swift.WWW_DIR, uid, gid)
4021- swift.write_apache_config()
4022- swift.configure_https()
4023-
4024-
4025+ if not os.path.isdir(WWW_DIR):
4026+ os.mkdir(WWW_DIR, 0755)
4027+ uid, gid = swift_user()
4028+ os.chown(WWW_DIR, uid, gid)
4029+
4030+
4031+@hooks.hook('identity-service-relation-joined')
4032 def keystone_joined(relid=None):
4033- if not cluster.eligible_leader(swift.SWIFT_HA_RES):
4034+ if not cluster.eligible_leader(SWIFT_HA_RES):
4035 return
4036 if cluster.is_clustered():
4037- hostname = utils.config_get('vip')
4038+ hostname = config('vip')
4039 else:
4040- hostname = utils.unit_get('private-address')
4041- port = utils.config_get('bind-port')
4042+ hostname = unit_get('private-address')
4043+ port = config('bind-port')
4044 if cluster.https():
4045 proto = 'https'
4046 else:
4047 proto = 'http'
4048 admin_url = '%s://%s:%s' % (proto, hostname, port)
4049 internal_url = public_url = '%s/v1/AUTH_$(tenant_id)s' % admin_url
4050- utils.relation_set(service='swift',
4051- region=utils.config_get('region'),
4052- public_url=public_url, internal_url=internal_url,
4053- admin_url=admin_url,
4054- requested_roles=utils.config_get('operator-roles'),
4055- rid=relid)
4056-
4057-
4058+ relation_set(service='swift',
4059+ region=config('region'),
4060+ public_url=public_url, internal_url=internal_url,
4061+ admin_url=admin_url,
4062+ requested_roles=config('operator-roles'),
4063+ relation_id=relid)
4064+
4065+
4066+@hooks.hook('identity-service-relation-changed')
4067+@restart_on_change(restart_map())
4068 def keystone_changed():
4069- swift.write_proxy_config()
4070- swift.configure_https()
4071- # Re-fire keystone hooks to ripple back the HTTPS service entry
4072- for relid in utils.relation_ids('identity-service'):
4073- keystone_joined(relid=relid)
4074+ configure_https()
4075
4076
4077 def balance_rings():
4078 '''handle doing ring balancing and distribution.'''
4079 new_ring = False
4080- for ring in swift.SWIFT_RINGS.itervalues():
4081- if swift.balance_ring(ring):
4082- utils.juju_log('INFO', 'Balanced ring %s' % ring)
4083+ for ring in SWIFT_RINGS.itervalues():
4084+ if balance_ring(ring):
4085+ log('Balanced ring %s' % ring)
4086 new_ring = True
4087 if not new_ring:
4088 return
4089
4090- for ring in swift.SWIFT_RINGS.keys():
4091+ for ring in SWIFT_RINGS.keys():
4092 f = '%s.ring.gz' % ring
4093- shutil.copyfile(os.path.join(swift.SWIFT_CONF_DIR, f),
4094- os.path.join(swift.WWW_DIR, f))
4095+ shutil.copyfile(os.path.join(SWIFT_CONF_DIR, f),
4096+ os.path.join(WWW_DIR, f))
4097
4098- if cluster.eligible_leader(swift.SWIFT_HA_RES):
4099+ if cluster.eligible_leader(SWIFT_HA_RES):
4100 msg = 'Broadcasting notification to all storage nodes that new '\
4101 'ring is ready for consumption.'
4102- utils.juju_log('INFO', msg)
4103- path = swift.WWW_DIR.split('/var/www/')[1]
4104+ log(msg)
4105+ path = WWW_DIR.split('/var/www/')[1]
4106 trigger = uuid.uuid4()
4107- swift_hash = swift.get_swift_hash()
4108
4109 if cluster.is_clustered():
4110- hostname = utils.config_get('vip')
4111+ hostname = config('vip')
4112 else:
4113- hostname = utils.unit_get('private-address')
4114+ hostname = unit_get('private-address')
4115
4116 rings_url = 'http://%s/%s' % (hostname, path)
4117 # notify storage nodes that there is a new ring to fetch.
4118- for relid in utils.relation_ids('swift-storage'):
4119- utils.relation_set(rid=relid, swift_hash=swift_hash,
4120- rings_url=rings_url, trigger=trigger)
4121-
4122- swift.proxy_control('restart')
4123-
4124-
4125+ for relid in relation_ids('swift-storage'):
4126+ relation_set(relation_id=relid, swift_hash=get_swift_hash(),
4127+ rings_url=rings_url, trigger=trigger)
4128+
4129+ service_restart('swift-proxy')
4130+
4131+
4132+@hooks.hook('swift-storage-relation-changed')
4133+@restart_on_change(restart_map())
4134 def storage_changed():
4135- zone = swift.get_zone(utils.config_get('zone-assignment'))
4136+ zone = get_zone(config('zone-assignment'))
4137 node_settings = {
4138- 'ip': utils.get_host_ip(utils.relation_get('private-address')),
4139+ 'ip': openstack.get_host_ip(relation_get('private-address')),
4140 'zone': zone,
4141- 'account_port': utils.relation_get('account_port'),
4142- 'object_port': utils.relation_get('object_port'),
4143- 'container_port': utils.relation_get('container_port'),
4144+ 'account_port': relation_get('account_port'),
4145+ 'object_port': relation_get('object_port'),
4146+ 'container_port': relation_get('container_port'),
4147 }
4148 if None in node_settings.itervalues():
4149- utils.juju_log('INFO', 'storage_changed: Relation not ready.')
4150+ log('storage_changed: Relation not ready.')
4151 return None
4152
4153 for k in ['zone', 'account_port', 'object_port', 'container_port']:
4154 node_settings[k] = int(node_settings[k])
4155
4156- # Grant new node access to rings via apache.
4157- swift.write_apache_config()
4158+ CONFIGS.write_all()
4159
4160 # allow for multiple devs per unit, passed along as a : separated list
4161- devs = utils.relation_get('device').split(':')
4162+ devs = relation_get('device').split(':')
4163 for dev in devs:
4164 node_settings['device'] = dev
4165- for ring in swift.SWIFT_RINGS.itervalues():
4166- if not swift.exists_in_ring(ring, node_settings):
4167- swift.add_to_ring(ring, node_settings)
4168+ for ring in SWIFT_RINGS.itervalues():
4169+ if not exists_in_ring(ring, node_settings):
4170+ add_to_ring(ring, node_settings)
4171
4172- if swift.should_balance([r for r in swift.SWIFT_RINGS.itervalues()]):
4173+ if should_balance([r for r in SWIFT_RINGS.itervalues()]):
4174 balance_rings()
4175
4176
4177+@hooks.hook('swift-storage-relation-broken')
4178+@restart_on_change(restart_map())
4179 def storage_broken():
4180- swift.write_apache_config()
4181-
4182-
4183+ CONFIGS.write_all()
4184+
4185+
4186+@hooks.hook('config-changed')
4187+@restart_on_change(restart_map())
4188 def config_changed():
4189+ configure_https()
4190+ open_port(config('bind-port'))
4191 # Determine whether or not we should do an upgrade, based on the
4192 # the version offered in keyston-release.
4193- src = utils.config_get('openstack-origin')
4194+ src = config('openstack-origin')
4195 available = openstack.get_os_codename_install_source(src)
4196 installed = openstack.get_os_codename_package('python-swift')
4197 if (available and
4198- openstack.get_os_version_codename(available) > \
4199+ openstack.get_os_version_codename(available) >
4200 openstack.get_os_version_codename(installed)):
4201- pkgs = swift.determine_packages(available)
4202- swift.do_openstack_upgrade(src, pkgs)
4203-
4204- relids = utils.relation_ids('identity-service')
4205- if relids:
4206- for relid in relids:
4207- keystone_joined(relid)
4208- swift.write_proxy_config()
4209- swift.configure_https()
4210-
4211-
4212+ pkgs = determine_packages(available)
4213+ do_openstack_upgrade(src, pkgs)
4214+
4215+
4216+@hooks.hook('cluster-relation-changed',
4217+ 'cluster-relation-joined')
4218+@restart_on_change(restart_map())
4219 def cluster_changed():
4220- swift.configure_haproxy()
4221-
4222-
4223+ CONFIGS.write_all()
4224+
4225+
4226+@hooks.hook('ha-relation-changed')
4227 def ha_relation_changed():
4228- clustered = utils.relation_get('clustered')
4229- if clustered and cluster.is_leader(swift.SWIFT_HA_RES):
4230- utils.juju_log('INFO',
4231- 'Cluster configured, notifying other services and'
4232- 'updating keystone endpoint configuration')
4233+ clustered = relation_get('clustered')
4234+ if clustered and cluster.is_leader(SWIFT_HA_RES):
4235+ log('Cluster configured, notifying other services and'
4236+ 'updating keystone endpoint configuration')
4237 # Tell all related services to start using
4238 # the VIP instead
4239- for r_id in utils.relation_ids('identity-service'):
4240+ for r_id in relation_ids('identity-service'):
4241 keystone_joined(relid=r_id)
4242
4243
4244+@hooks.hook('ha-relation-joined')
4245 def ha_relation_joined():
4246 # Obtain the config values necessary for the cluster config. These
4247 # include multicast port and interface to bind to.
4248- corosync_bindiface = utils.config_get('ha-bindiface')
4249- corosync_mcastport = utils.config_get('ha-mcastport')
4250- vip = utils.config_get('vip')
4251- vip_cidr = utils.config_get('vip_cidr')
4252- vip_iface = utils.config_get('vip_iface')
4253+ corosync_bindiface = config('ha-bindiface')
4254+ corosync_mcastport = config('ha-mcastport')
4255+ vip = config('vip')
4256+ vip_cidr = config('vip_cidr')
4257+ vip_iface = config('vip_iface')
4258 if not vip:
4259- utils.juju_log('ERROR',
4260- 'Unable to configure hacluster as vip not provided')
4261+ log('Unable to configure hacluster as vip not provided',
4262+ level=ERROR)
4263 sys.exit(1)
4264
4265 # Obtain resources
4266 resources = {
4267- 'res_swift_vip': 'ocf:heartbeat:IPaddr2',
4268- 'res_swift_haproxy': 'lsb:haproxy'
4269- }
4270+ 'res_swift_vip': 'ocf:heartbeat:IPaddr2',
4271+ 'res_swift_haproxy': 'lsb:haproxy'
4272+ }
4273 resource_params = {
4274- 'res_swift_vip': 'params ip="%s" cidr_netmask="%s" nic="%s"' % \
4275- (vip, vip_cidr, vip_iface),
4276- 'res_swift_haproxy': 'op monitor interval="5s"'
4277- }
4278+ 'res_swift_vip': 'params ip="%s" cidr_netmask="%s" nic="%s"' %
4279+ (vip, vip_cidr, vip_iface),
4280+ 'res_swift_haproxy': 'op monitor interval="5s"'
4281+ }
4282 init_services = {
4283- 'res_swift_haproxy': 'haproxy'
4284- }
4285+ 'res_swift_haproxy': 'haproxy'
4286+ }
4287 clones = {
4288- 'cl_swift_haproxy': 'res_swift_haproxy'
4289- }
4290-
4291- utils.relation_set(init_services=init_services,
4292- corosync_bindiface=corosync_bindiface,
4293- corosync_mcastport=corosync_mcastport,
4294- resources=resources,
4295- resource_params=resource_params,
4296- clones=clones)
4297-
4298-
4299-hooks = {
4300- 'install': install,
4301- 'config-changed': config_changed,
4302- 'identity-service-relation-joined': keystone_joined,
4303- 'identity-service-relation-changed': keystone_changed,
4304- 'swift-storage-relation-changed': storage_changed,
4305- 'swift-storage-relation-broken': storage_broken,
4306- "cluster-relation-joined": cluster_changed,
4307- "cluster-relation-changed": cluster_changed,
4308- "ha-relation-joined": ha_relation_joined,
4309- "ha-relation-changed": ha_relation_changed
4310-}
4311-
4312-utils.do_hooks(hooks)
4313-
4314-sys.exit(0)
4315+ 'cl_swift_haproxy': 'res_swift_haproxy'
4316+ }
4317+
4318+ relation_set(init_services=init_services,
4319+ corosync_bindiface=corosync_bindiface,
4320+ corosync_mcastport=corosync_mcastport,
4321+ resources=resources,
4322+ resource_params=resource_params,
4323+ clones=clones)
4324+
4325+
4326+def configure_https():
4327+ '''
4328+ Enables SSL API Apache config if appropriate and kicks identity-service
4329+ with any required api updates.
4330+ '''
4331+ # need to write all to ensure changes to the entire request pipeline
4332+ # propagate (c-api, haprxy, apache)
4333+ CONFIGS.write_all()
4334+ if 'https' in CONFIGS.complete_contexts():
4335+ cmd = ['a2ensite', 'openstack_https_frontend']
4336+ subprocess.check_call(cmd)
4337+ else:
4338+ cmd = ['a2dissite', 'openstack_https_frontend']
4339+ subprocess.check_call(cmd)
4340+
4341+ # Apache 2.4 required enablement of configuration
4342+ if os.path.exists('/usr/sbin/a2enconf'):
4343+ subprocess.check_call(['a2enconf', 'swift-rings'])
4344+
4345+ for rid in relation_ids('identity-service'):
4346+ keystone_joined(relid=rid)
4347+
4348+ write_rc_script()
4349+
4350+
4351+def main():
4352+ try:
4353+ hooks.execute(sys.argv)
4354+ except UnregisteredHookError as e:
4355+ log('Unknown hook {} - skipping.'.format(e))
4356+
4357+
4358+if __name__ == '__main__':
4359+ main()
4360
4361=== modified file 'hooks/swift_utils.py'
4362--- hooks/swift_utils.py 2013-05-22 21:42:18 +0000
4363+++ hooks/swift_utils.py 2013-10-15 01:36:24 +0000
4364@@ -1,22 +1,36 @@
4365 import os
4366 import pwd
4367 import subprocess
4368-import lib.openstack_common as openstack
4369-import lib.utils as utils
4370-import lib.haproxy_utils as haproxy
4371-import lib.apache_utils as apache
4372-import lib.cluster_utils as cluster
4373+import charmhelpers.contrib.openstack.utils as openstack
4374 import sys
4375-from base64 import b64encode
4376+from collections import OrderedDict
4377+
4378+from charmhelpers.core.hookenv import (
4379+ log, ERROR,
4380+ config,
4381+ relation_get,
4382+)
4383+from charmhelpers.fetch import (
4384+ apt_update,
4385+ apt_install
4386+)
4387+
4388+import charmhelpers.contrib.openstack.context as context
4389+import charmhelpers.contrib.openstack.templating as templating
4390+import swift_context
4391
4392
4393 # Various config files that are managed via templating.
4394-SWIFT_HASH_FILE = '/var/lib/juju/swift-hash-path.conf'
4395 SWIFT_CONF = '/etc/swift/swift.conf'
4396 SWIFT_PROXY_CONF = '/etc/swift/proxy-server.conf'
4397 SWIFT_CONF_DIR = os.path.dirname(SWIFT_CONF)
4398 MEMCACHED_CONF = '/etc/memcached.conf'
4399-APACHE_CONF = '/etc/apache2/conf.d/swift-rings'
4400+SWIFT_RINGS_CONF = '/etc/apache2/conf.d/swift-rings'
4401+SWIFT_RINGS_24_CONF = '/etc/apache2/conf-available/swift-rings.conf'
4402+HAPROXY_CONF = '/etc/haproxy/haproxy.cfg'
4403+APACHE_SITE_CONF = '/etc/apache2/sites-available/openstack_https_frontend'
4404+APACHE_SITE_24_CONF = '/etc/apache2/sites-available/' \
4405+ 'openstack_https_frontend.conf'
4406
4407 WWW_DIR = '/var/www/swift-rings'
4408
4409@@ -37,47 +51,103 @@
4410 'apache2',
4411 'python-keystone',
4412 ]
4413+# > Folsom specific packages
4414+FOLSOM_PACKAGES = BASE_PACKAGES + ['swift-plugin-s3']
4415
4416 SWIFT_HA_RES = 'res_swift_vip'
4417
4418-# Folsom-specific packages
4419-FOLSOM_PACKAGES = BASE_PACKAGES + ['swift-plugin-s3']
4420-
4421-
4422-def proxy_control(action):
4423- '''utility to work around swift-init's bad RCs.'''
4424- def _cmd(action):
4425- return ['swift-init', 'proxy-server', action]
4426-
4427- p = subprocess.Popen(_cmd('status'), stdout=subprocess.PIPE)
4428- p.communicate()
4429- status = p.returncode
4430- if action == 'stop':
4431- if status == 1:
4432- return
4433- elif status == 0:
4434- return subprocess.check_call(_cmd('stop'))
4435-
4436- # the proxy will not start unless there are balanced rings
4437- # gzip'd in /etc/swift
4438- missing = False
4439- for k in SWIFT_RINGS.keys():
4440- if not os.path.exists(os.path.join(SWIFT_CONF_DIR, '%s.ring.gz' % k)):
4441- missing = True
4442- if missing:
4443- utils.juju_log('INFO', 'Rings not balanced, skipping %s.' % action)
4444- return
4445-
4446- if action == 'start':
4447- if status == 0:
4448- return
4449- elif status == 1:
4450- return subprocess.check_call(_cmd('start'))
4451- elif action == 'restart':
4452- if status == 0:
4453- return subprocess.check_call(_cmd('restart'))
4454- elif status == 1:
4455- return subprocess.check_call(_cmd('start'))
4456+TEMPLATES = 'templates/'
4457+
4458+# Map config files to hook contexts and services that will be associated
4459+# with file in restart_on_changes()'s service map.
4460+CONFIG_FILES = OrderedDict([
4461+ (SWIFT_CONF, {
4462+ 'hook_contexts': [swift_context.SwiftHashContext()],
4463+ 'services': ['swift-proxy'],
4464+ }),
4465+ (SWIFT_PROXY_CONF, {
4466+ 'hook_contexts': [swift_context.SwiftIdentityContext()],
4467+ 'services': ['swift-proxy'],
4468+ }),
4469+ (HAPROXY_CONF, {
4470+ 'hook_contexts': [context.HAProxyContext(),
4471+ swift_context.HAProxyContext()],
4472+ 'services': ['haproxy'],
4473+ }),
4474+ (SWIFT_RINGS_CONF, {
4475+ 'hook_contexts': [swift_context.SwiftRingContext()],
4476+ 'services': ['apache2'],
4477+ }),
4478+ (SWIFT_RINGS_24_CONF, {
4479+ 'hook_contexts': [swift_context.SwiftRingContext()],
4480+ 'services': ['apache2'],
4481+ }),
4482+ (APACHE_SITE_CONF, {
4483+ 'hook_contexts': [swift_context.ApacheSSLContext()],
4484+ 'services': ['apache2'],
4485+ }),
4486+ (APACHE_SITE_24_CONF, {
4487+ 'hook_contexts': [swift_context.ApacheSSLContext()],
4488+ 'services': ['apache2'],
4489+ }),
4490+ (MEMCACHED_CONF, {
4491+ 'hook_contexts': [swift_context.MemcachedContext()],
4492+ 'services': ['memcached'],
4493+ }),
4494+])
4495+
4496+
4497+def register_configs():
4498+ """
4499+ Register config files with their respective contexts.
4500+ Regstration of some configs may not be required depending on
4501+ existing of certain relations.
4502+ """
4503+ # if called without anything installed (eg during install hook)
4504+ # just default to earliest supported release. configs dont get touched
4505+ # till post-install, anyway.
4506+ release = openstack.get_os_codename_package('swift-proxy', fatal=False) \
4507+ or 'essex'
4508+ configs = templating.OSConfigRenderer(templates_dir=TEMPLATES,
4509+ openstack_release=release)
4510+
4511+ confs = [SWIFT_CONF,
4512+ SWIFT_PROXY_CONF,
4513+ HAPROXY_CONF,
4514+ MEMCACHED_CONF]
4515+
4516+ for conf in confs:
4517+ configs.register(conf, CONFIG_FILES[conf]['hook_contexts'])
4518+
4519+ if os.path.exists('/etc/apache2/conf-available'):
4520+ configs.register(SWIFT_RINGS_24_CONF,
4521+ CONFIG_FILES[SWIFT_RINGS_24_CONF]['hook_contexts'])
4522+ configs.register(APACHE_SITE_24_CONF,
4523+ CONFIG_FILES[APACHE_SITE_24_CONF]['hook_contexts'])
4524+ else:
4525+ configs.register(SWIFT_RINGS_CONF,
4526+ CONFIG_FILES[SWIFT_RINGS_CONF]['hook_contexts'])
4527+ configs.register(APACHE_SITE_CONF,
4528+ CONFIG_FILES[APACHE_SITE_CONF]['hook_contexts'])
4529+ return configs
4530+
4531+
4532+def restart_map():
4533+ '''
4534+ Determine the correct resource map to be passed to
4535+ charmhelpers.core.restart_on_change() based on the services configured.
4536+
4537+ :returns: dict: A dictionary mapping config file to lists of services
4538+ that should be restarted when file changes.
4539+ '''
4540+ _map = []
4541+ for f, ctxt in CONFIG_FILES.iteritems():
4542+ svcs = []
4543+ for svc in ctxt['services']:
4544+ svcs.append(svc)
4545+ if svcs:
4546+ _map.append((f, svcs))
4547+ return OrderedDict(_map)
4548
4549
4550 def swift_user(username='swift'):
4551@@ -100,120 +170,16 @@
4552 return FOLSOM_PACKAGES
4553 elif release == 'grizzly':
4554 return FOLSOM_PACKAGES
4555-
4556-
4557-def render_config(config_file, context):
4558- '''write out config using templates for a specific openstack release.'''
4559- os_release = openstack.get_os_codename_package('python-swift')
4560- # load os release-specific templates.
4561- cfile = os.path.basename(config_file)
4562- templates_dir = os.path.join(utils.TEMPLATES_DIR, os_release)
4563- context['os_release'] = os_release
4564- return utils.render_template(cfile, context, templates_dir)
4565-
4566-
4567-def get_swift_hash():
4568- if os.path.isfile(SWIFT_HASH_FILE):
4569- with open(SWIFT_HASH_FILE, 'r') as hashfile:
4570- swift_hash = hashfile.read().strip()
4571- elif utils.config_get('swift-hash'):
4572- swift_hash = utils.config_get('swift-hash')
4573- with open(SWIFT_HASH_FILE, 'w') as hashfile:
4574- hashfile.write(swift_hash)
4575 else:
4576- cmd = ['od', '-t', 'x8', '-N', '8', '-A', 'n']
4577- rand = open('/dev/random', 'r')
4578- p = subprocess.Popen(cmd, stdout=subprocess.PIPE, stdin=rand)
4579- swift_hash = p.communicate()[0].strip()
4580- with open(SWIFT_HASH_FILE, 'w') as hashfile:
4581- hashfile.write(swift_hash)
4582- return swift_hash
4583-
4584-
4585-def get_keystone_auth():
4586- '''return standard keystone auth credentials, either from config or the
4587- identity-service relation. user-specified config is given priority
4588- over an existing relation.
4589- '''
4590- auth_type = utils.config_get('auth-type')
4591- auth_host = utils.config_get('keystone-auth-host')
4592- admin_user = utils.config_get('keystone-admin-user')
4593- admin_password = utils.config_get('keystone-admin-user')
4594- if (auth_type == 'keystone' and auth_host
4595- and admin_user and admin_password):
4596- utils.juju_log('INFO', 'Using user-specified Keystone configuration.')
4597- ks_auth = {
4598- 'auth_type': 'keystone',
4599- 'auth_protocol': utils.config_get('keystone-auth-protocol'),
4600- 'keystone_host': auth_host,
4601- 'auth_port': utils.config_get('keystone-auth-port'),
4602- 'service_user': admin_user,
4603- 'service_password': admin_password,
4604- 'service_tenant': utils.config_get('keystone-admin-tenant-name')
4605- }
4606- return ks_auth
4607-
4608- for relid in utils.relation_ids('identity-service'):
4609- utils.juju_log('INFO',
4610- 'Using Keystone configuration from identity-service.')
4611- for unit in utils.relation_list(relid):
4612- ks_auth = {
4613- 'auth_type': 'keystone',
4614- 'auth_protocol': 'http',
4615- 'keystone_host': utils.relation_get('auth_host',
4616- unit, relid),
4617- 'auth_port': utils.relation_get('auth_port', unit, relid),
4618- 'service_user': utils.relation_get('service_username',
4619- unit, relid),
4620- 'service_password': utils.relation_get('service_password',
4621- unit, relid),
4622- 'service_tenant': utils.relation_get('service_tenant',
4623- unit, relid),
4624- 'service_port': utils.relation_get('service_port',
4625- unit, relid),
4626- 'admin_token': utils.relation_get('admin_token',
4627- unit, relid),
4628- }
4629- if None not in ks_auth.itervalues():
4630- return ks_auth
4631- return None
4632-
4633-
4634-def write_proxy_config():
4635-
4636- bind_port = utils.config_get('bind-port')
4637- workers = utils.config_get('workers')
4638- if workers == '0':
4639- import multiprocessing
4640- workers = multiprocessing.cpu_count()
4641-
4642+ return FOLSOM_PACKAGES
4643+
4644+
4645+def write_rc_script():
4646 env_vars = {'OPENSTACK_SERVICE_SWIFT': 'proxy-server',
4647- 'OPENSTACK_PORT_API': bind_port,
4648+ 'OPENSTACK_PORT_API': config('bind-port'),
4649 'OPENSTACK_PORT_MEMCACHED': 11211}
4650 openstack.save_script_rc(**env_vars)
4651
4652- ctxt = {
4653- 'proxy_ip': utils.get_host_ip(),
4654- 'bind_port': cluster.determine_api_port(bind_port),
4655- 'workers': workers,
4656- 'operator_roles': utils.config_get('operator-roles'),
4657- 'delay_auth_decision': utils.config_get('delay-auth-decision')
4658- }
4659-
4660- ctxt['ssl'] = False
4661-
4662- ks_auth = get_keystone_auth()
4663- if ks_auth:
4664- utils.juju_log('INFO', 'Enabling Keystone authentication.')
4665- for k, v in ks_auth.iteritems():
4666- ctxt[k] = v
4667-
4668- with open(SWIFT_PROXY_CONF, 'w') as conf:
4669- conf.write(render_config(SWIFT_PROXY_CONF, ctxt))
4670-
4671- proxy_control('restart')
4672- subprocess.check_call(['open-port', str(bind_port)])
4673-
4674
4675 def _load_builder(path):
4676 # lifted straight from /usr/bin/swift-ring-builder
4677@@ -263,7 +229,7 @@
4678 if sorted(d) == sorted(n):
4679
4680 msg = 'Node already exists in ring (%s).' % ring_path
4681- utils.juju_log('INFO', msg)
4682+ log(msg)
4683 return True
4684
4685 return False
4686@@ -290,9 +256,9 @@
4687 ring.add_dev(new_dev)
4688 _write_ring(ring, ring_path)
4689 msg = 'Added new device to ring %s: %s' %\
4690- (ring_path,
4691- [k for k in new_dev.iteritems()])
4692- utils.juju_log('INFO', msg)
4693+ (ring_path,
4694+ [k for k in new_dev.iteritems()])
4695+ log(msg)
4696
4697
4698 def _get_zone(ring_builder):
4699@@ -328,7 +294,7 @@
4700 being assigned to a different zone.
4701 '''
4702 if assignment_policy == 'manual':
4703- return utils.relation_get('zone')
4704+ return relation_get('zone')
4705 elif assignment_policy == 'auto':
4706 potential_zones = []
4707 for ring in SWIFT_RINGS.itervalues():
4708@@ -336,8 +302,8 @@
4709 potential_zones.append(_get_zone(builder))
4710 return set(potential_zones).pop()
4711 else:
4712- utils.juju_log('ERROR', 'Invalid zone assignment policy: %s' %\
4713- assignment_policy)
4714+ log('Invalid zone assignment policy: %s' % assignment_policy,
4715+ level=ERROR)
4716 sys.exit(1)
4717
4718
4719@@ -355,7 +321,7 @@
4720 # swift-ring-builder returns 1 on WARNING (ring didn't require balance)
4721 return False
4722 else:
4723- utils.juju_log('ERROR', 'balance_ring: %s returned %s' % (cmd, rc))
4724+ log('balance_ring: %s returned %s' % (cmd, rc), level=ERROR)
4725 sys.exit(1)
4726
4727
4728@@ -373,88 +339,9 @@
4729 return do_rebalance
4730
4731
4732-def write_apache_config():
4733- '''write out /etc/apache2/conf.d/swift-rings with a list of authenticated
4734- hosts'''
4735- utils.juju_log('INFO', 'Updating %s.' % APACHE_CONF)
4736-
4737- allowed_hosts = []
4738- for relid in utils.relation_ids('swift-storage'):
4739- for unit in utils.relation_list(relid):
4740- host = utils.relation_get('private-address', unit, relid)
4741- allowed_hosts.append(utils.get_host_ip(host))
4742-
4743- ctxt = {
4744- 'www_dir': WWW_DIR,
4745- 'allowed_hosts': allowed_hosts
4746- }
4747- with open(APACHE_CONF, 'w') as conf:
4748- conf.write(render_config(APACHE_CONF, ctxt))
4749- utils.reload('apache2')
4750-
4751-
4752-def generate_cert():
4753- '''
4754- Generates a self signed certificate and key using the
4755- provided charm configuration data.
4756-
4757- returns: tuple of (cert, key)
4758- '''
4759- CERT = '/etc/swift/ssl.cert'
4760- KEY = '/etc/swift/ssl.key'
4761- if (not os.path.exists(CERT) and
4762- not os.path.exists(KEY)):
4763- subj = '/C=%s/ST=%s/L=%s/CN=%s' %\
4764- (utils.config_get('country'), utils.config_get('state'),
4765- utils.config_get('locale'), utils.config_get('common-name'))
4766- cmd = ['openssl', 'req', '-new', '-x509', '-nodes',
4767- '-out', CERT, '-keyout', KEY,
4768- '-subj', subj]
4769- subprocess.check_call(cmd)
4770- os.chmod(KEY, 0600)
4771- # Slurp as base64 encoded - makes handling easier up the stack
4772- with open(CERT, 'r') as cfile:
4773- ssl_cert = b64encode(cfile.read())
4774- with open(KEY, 'r') as kfile:
4775- ssl_key = b64encode(kfile.read())
4776- return (ssl_cert, ssl_key)
4777-
4778-
4779-def configure_haproxy():
4780- api_port = utils.config_get('bind-port')
4781- service_ports = {
4782- "swift": [
4783- cluster.determine_haproxy_port(api_port),
4784- cluster.determine_api_port(api_port)
4785- ]
4786- }
4787- write_proxy_config()
4788- haproxy.configure_haproxy(service_ports)
4789-
4790-
4791-def configure_https():
4792- if cluster.https():
4793- api_port = utils.config_get('bind-port')
4794- if (len(cluster.peer_units()) > 0 or
4795- cluster.is_clustered()):
4796- target_port = cluster.determine_haproxy_port(api_port)
4797- configure_haproxy()
4798- else:
4799- target_port = cluster.determine_api_port(api_port)
4800- write_proxy_config()
4801- cert, key = apache.get_cert()
4802- if None in (cert, key):
4803- cert, key = generate_cert()
4804- ca_cert = apache.get_ca_cert()
4805- apache.setup_https(namespace="swift",
4806- port_maps={api_port: target_port},
4807- cert=cert, key=key, ca_cert=ca_cert)
4808-
4809-
4810 def do_openstack_upgrade(source, packages):
4811 openstack.configure_installation_source(source)
4812- os.environ['DEBIAN_FRONTEND'] = 'noninteractive'
4813- subprocess.check_call(['apt-get', 'update'])
4814- cmd = ['apt-get', '--option', 'Dpkg::Options::=--force-confnew', '-y',
4815- 'install'] + packages
4816- subprocess.check_call(cmd)
4817+ apt_update(fatal=True)
4818+ apt_install(options=['--option', 'Dpkg::Options::=--force-confnew'],
4819+ packages=packages,
4820+ fatal=True)
4821
4822=== modified file 'revision'
4823--- revision 2013-07-19 19:35:01 +0000
4824+++ revision 2013-10-15 01:36:24 +0000
4825@@ -1,1 +1,1 @@
4826-133
4827+146
4828
4829=== removed file 'templates/apache2_site.tmpl'
4830--- templates/apache2_site.tmpl 2013-03-07 21:55:52 +0000
4831+++ templates/apache2_site.tmpl 1970-01-01 00:00:00 +0000
4832@@ -1,19 +0,0 @@
4833-Listen {{ ext }}
4834-NameVirtualHost *:{{ ext }}
4835-<VirtualHost *:{{ ext }}>
4836- ServerName {{ private_address }}
4837- SSLEngine on
4838- SSLCertificateFile /etc/apache2/ssl/{{ namespace }}/cert
4839- SSLCertificateKeyFile /etc/apache2/ssl/{{ namespace }}/key
4840- ProxyPass / http://localhost:{{ int }}/
4841- ProxyPassReverse / http://localhost:{{ int }}/
4842- ProxyPreserveHost on
4843-</VirtualHost>
4844-<Proxy *>
4845- Order deny,allow
4846- Allow from all
4847-</Proxy>
4848-<Location />
4849- Order allow,deny
4850- Allow from all
4851-</Location>
4852
4853=== removed directory 'templates/folsom'
4854=== removed symlink 'templates/folsom/memcached.conf'
4855=== target was u'../essex/memcached.conf'
4856=== removed symlink 'templates/folsom/proxy-server.conf'
4857=== target was u'../essex/proxy-server.conf'
4858=== removed symlink 'templates/folsom/swift-rings'
4859=== target was u'../essex/swift-rings'
4860=== removed symlink 'templates/folsom/swift.conf'
4861=== target was u'../essex/swift.conf'
4862=== removed symlink 'templates/grizzly/memcached.conf'
4863=== target was u'../essex/memcached.conf'
4864=== modified file 'templates/grizzly/proxy-server.conf'
4865--- templates/grizzly/proxy-server.conf 2013-04-15 20:20:50 +0000
4866+++ templates/grizzly/proxy-server.conf 2013-10-15 01:36:24 +0000
4867@@ -48,7 +48,6 @@
4868 delay_auth_decision = {{ delay_auth_decision|lower }}
4869 {% if os_release != 'essex' %}signing_dir = /etc/swift{% endif %}
4870
4871-
4872 [filter:s3token]
4873 paste.filter_factory = keystone.middleware.s3_token:filter_factory
4874 service_host = {{ keystone_host }}
4875
4876=== removed symlink 'templates/grizzly/swift-rings'
4877=== target was u'../essex/swift-rings'
4878=== removed symlink 'templates/grizzly/swift.conf'
4879=== target was u'../essex/swift.conf'
4880=== removed file 'templates/haproxy.cfg'
4881--- templates/haproxy.cfg 2013-03-04 17:00:47 +0000
4882+++ templates/haproxy.cfg 1970-01-01 00:00:00 +0000
4883@@ -1,35 +0,0 @@
4884-global
4885- log 127.0.0.1 local0
4886- log 127.0.0.1 local1 notice
4887- maxconn 20000
4888- user haproxy
4889- group haproxy
4890- spread-checks 0
4891-
4892-defaults
4893- log global
4894- mode http
4895- option httplog
4896- option dontlognull
4897- retries 3
4898- timeout queue 1000
4899- timeout connect 1000
4900- timeout client 30000
4901- timeout server 30000
4902-
4903-listen stats :8888
4904- mode http
4905- stats enable
4906- stats hide-version
4907- stats realm Haproxy\ Statistics
4908- stats uri /
4909- stats auth admin:password
4910-
4911-{% for service, ports in service_ports.iteritems() -%}
4912-listen {{ service }} 0.0.0.0:{{ ports[0] }}
4913- balance roundrobin
4914- option tcplog
4915- {% for unit, address in units.iteritems() -%}
4916- server {{ unit }} {{ address }}:{{ ports[1] }} check
4917- {% endfor %}
4918-{% endfor %}
4919
4920=== added directory 'templates/havana'
4921=== added file 'templates/havana/proxy-server.conf'
4922--- templates/havana/proxy-server.conf 1970-01-01 00:00:00 +0000
4923+++ templates/havana/proxy-server.conf 2013-10-15 01:36:24 +0000
4924@@ -0,0 +1,65 @@
4925+[DEFAULT]
4926+bind_port = {{ bind_port }}
4927+workers = {{ workers }}
4928+user = swift
4929+{% if ssl %}
4930+cert_file = {{ ssl_cert }}
4931+key_file = {{ ssl_key }}
4932+{% endif %}
4933+
4934+{% if auth_type == 'keystone' %}
4935+[pipeline:main]
4936+pipeline = healthcheck cache swift3 authtoken keystoneauth proxy-server
4937+{% else %}
4938+[pipeline:main]
4939+pipeline = healthcheck cache tempauth proxy-server
4940+{% endif %}
4941+
4942+[app:proxy-server]
4943+use = egg:swift#proxy
4944+allow_account_management = true
4945+{% if auth_type == 'keystone' %}account_autocreate = true{% endif %}
4946+
4947+[filter:tempauth]
4948+use = egg:swift#tempauth
4949+user_system_root = testpass .admin https://{{ proxy_ip }}:8080/v1/AUTH_system
4950+
4951+[filter:healthcheck]
4952+use = egg:swift#healthcheck
4953+
4954+[filter:cache]
4955+use = egg:swift#memcache
4956+memcache_servers = {{ proxy_ip }}:11211
4957+
4958+{% if auth_type == 'keystone' %}
4959+[filter:keystoneauth]
4960+use = egg:swift#keystoneauth
4961+operator_roles = {{ operator_roles }}
4962+
4963+[filter:authtoken]
4964+paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
4965+auth_host = {{ keystone_host }}
4966+auth_port = {{ auth_port }}
4967+auth_protocol = {{ auth_protocol }}
4968+auth_uri = {{ auth_protocol }}://{{ keystone_host }}:{{ service_port }}
4969+admin_tenant_name = {{ service_tenant }}
4970+admin_user = {{ service_user }}
4971+admin_password = {{ service_password }}
4972+delay_auth_decision = {{ delay_auth_decision|lower }}
4973+{% if os_release != 'essex' %}signing_dir = /etc/swift{% endif %}
4974+cache = swift.cache
4975+
4976+[filter:s3token]
4977+paste.filter_factory = keystone.middleware.s3_token:filter_factory
4978+service_host = {{ keystone_host }}
4979+service_port = {{ service_port }}
4980+auth_port = {{ auth_port }}
4981+auth_host = {{ keystone_host }}
4982+auth_protocol = {{ auth_protocol }}
4983+auth_token = {{ admin_token }}
4984+admin_token = {{ admin_token }}
4985+
4986+[filter:swift3]
4987+{% if os_release == 'essex' %}use = egg:swift#swift3{% else %}use = egg:swift3#swift3
4988+{% endif %}
4989+{% endif %}
4990
4991=== renamed file 'templates/essex/memcached.conf' => 'templates/memcached.conf'
4992=== renamed file 'templates/essex/swift-rings' => 'templates/swift-rings'
4993=== added symlink 'templates/swift-rings.conf'
4994=== target is u'swift-rings'
4995=== renamed file 'templates/essex/swift.conf' => 'templates/swift.conf'
4996=== renamed directory 'tests' => 'unit_tests'

Subscribers

People subscribed via source and target branches