def ceph_changed(rid=None, unit=None):
if 'ceph' not in CONFIGS.complete_contexts():
log('ceph relation incomplete. Peer not ready?')
return
if not ensure_ceph_keyring(
service=service_name(), user='******', group='nova'):
log('Could not create ceph keyring: peer not ready?')
return
CONFIGS.write(ceph_config_file())
CONFIGS.write(CEPH_SECRET)
CONFIGS.write(NOVA_CONF)
# With some refactoring, this can move into NovaComputeCephContext
# and allow easily extended to support other compute flavors.
key = relation_get(attribute='key', rid=rid, unit=unit)
if config('virt-type') in ['kvm', 'qemu', 'lxc'] and key:
create_libvirt_secret(secret_file=CEPH_SECRET,
secret_uuid=CEPH_SECRET_UUID,
key=key)
if is_request_complete(get_ceph_request()):
log('Request complete')
# Ensure that nova-compute is restarted since only now can we
# guarantee that ceph resources are ready, but only if not paused.
if (not is_unit_paused_set() and
not is_broker_action_done('nova_compute_restart', rid, unit)):
service_restart('nova-compute')
mark_broker_action_done('nova_compute_restart', rid, unit)
else:
send_request_if_needed(get_ceph_request())
def ceph_changed():
if 'ceph' not in CONFIGS.complete_contexts():
log('ceph relation incomplete. Peer not ready?')
return
if not ensure_ceph_keyring(service=service_name(), user='******',
group='nova'):
log('Could not create ceph keyring: peer not ready?')
return
CONFIGS.write(ceph_config_file())
CONFIGS.write(CEPH_SECRET)
CONFIGS.write(NOVA_CONF)
# With some refactoring, this can move into NovaComputeCephContext
# and allow easily extended to support other compute flavors.
if config('virt-type') in ['kvm', 'qemu', 'lxc'] and relation_get('key'):
create_libvirt_secret(secret_file=CEPH_SECRET,
secret_uuid=CEPH_SECRET_UUID,
key=relation_get('key'))
if (config('libvirt-image-backend') == 'rbd' and
assert_libvirt_imagebackend_allowed()):
if is_request_complete(get_ceph_request()):
log('Request complete')
# Ensure that nova-compute is restarted since only now can we
# guarantee that ceph resources are ready.
service_restart('nova-compute')
else:
send_request_if_needed(get_ceph_request())
def ceph_changed(rid=None, unit=None):
if 'ceph' not in CONFIGS.complete_contexts():
log('ceph relation incomplete. Peer not ready?')
return
if not ensure_ceph_keyring(
service=service_name(), user='******', group='nova'):
log('Could not create ceph keyring: peer not ready?')
return
CONFIGS.write(ceph_config_file())
CONFIGS.write(CEPH_SECRET)
CONFIGS.write(NOVA_CONF)
# With some refactoring, this can move into NovaComputeCephContext
# and allow easily extended to support other compute flavors.
key = relation_get(attribute='key', rid=rid, unit=unit)
if config('virt-type') in ['kvm', 'qemu', 'lxc'] and key:
create_libvirt_secret(secret_file=CEPH_SECRET,
secret_uuid=CEPH_SECRET_UUID,
key=key)
try:
_handle_ceph_request()
except ValueError as e:
# The end user has most likely provided a invalid value for a
# configuration option. Just log the traceback here, the end
# user will be notified by assess_status() called at the end of
# the hook execution.
log('Caught ValueError, invalid value provided for '
'configuration?: "{}"'.format(str(e)),
level=DEBUG)
def ceph_changed(rid=None, unit=None):
if 'ceph' not in CONFIGS.complete_contexts():
log('ceph relation incomplete. Peer not ready?')
return
if not ensure_ceph_keyring(service=service_name(), user='******',
group='nova'):
log('Could not create ceph keyring: peer not ready?')
return
CONFIGS.write(ceph_config_file())
CONFIGS.write(CEPH_SECRET)
CONFIGS.write(NOVA_CONF)
# With some refactoring, this can move into NovaComputeCephContext
# and allow easily extended to support other compute flavors.
key = relation_get(attribute='key', rid=rid, unit=unit)
if config('virt-type') in ['kvm', 'qemu', 'lxc'] and key:
create_libvirt_secret(secret_file=CEPH_SECRET,
secret_uuid=CEPH_SECRET_UUID, key=key)
if is_request_complete(get_ceph_request()):
log('Request complete')
# Ensure that nova-compute is restarted since only now can we
# guarantee that ceph resources are ready, but only if not paused.
if (not is_unit_paused_set() and
not is_broker_action_done('nova_compute_restart', rid,
unit)):
service_restart('nova-compute')
mark_broker_action_done('nova_compute_restart', rid, unit)
else:
send_request_if_needed(get_ceph_request())
def test_create_libvirt_key(self, _check_output, _check_call):
key = 'AQCR2dRUaFQSOxAAC5fr79sLL3d7wVvpbbRFMg=='
self.test_config.set('virt-type', 'kvm')
utils.create_libvirt_secret(utils.CEPH_SECRET,
compute_context.CEPH_SECRET_UUID, key)
_check_output.assert_called_with(
['virsh', '-c', utils.LIBVIRT_URIS['kvm'], 'secret-list'])
_check_call.assert_called_with([
'virsh', '-c', utils.LIBVIRT_URIS['kvm'], 'secret-set-value',
'--secret', compute_context.CEPH_SECRET_UUID, '--base64', key
])
def test_create_libvirt_key_existing(self, _check_output, _check_call):
key = 'AQCR2dRUaFQSOxAAC5fr79sLL3d7wVvpbbRFMg=='
self.test_config.set('virt-type', 'kvm')
_check_output.side_effect = [compute_context.CEPH_SECRET_UUID, key]
utils.create_libvirt_secret(utils.CEPH_SECRET,
compute_context.CEPH_SECRET_UUID, key)
expected = [call(['virsh', '-c',
utils.LIBVIRT_URIS['kvm'], 'secret-list']),
call(['virsh', '-c',
utils.LIBVIRT_URIS['kvm'], 'secret-get-value',
compute_context.CEPH_SECRET_UUID])]
_check_output.assert_has_calls(expected)
def test_create_libvirt_key(self, _check_output, _check_call):
key = 'AQCR2dRUaFQSOxAAC5fr79sLL3d7wVvpbbRFMg=='
self.test_config.set('virt-type', 'kvm')
utils.create_libvirt_secret(utils.CEPH_SECRET,
compute_context.CEPH_SECRET_UUID, key)
_check_output.assert_called_with(['virsh', '-c',
utils.LIBVIRT_URIS['kvm'],
'secret-list'])
_check_call.assert_called_with(['virsh', '-c',
utils.LIBVIRT_URIS['kvm'],
'secret-set-value', '--secret',
compute_context.CEPH_SECRET_UUID,
'--base64', key])
def ceph_access(rid=None, unit=None):
'''Setup libvirt secret for specific ceph backend access'''
key = relation_get('key', unit, rid)
uuid = relation_get('secret-uuid', unit, rid)
if config('virt-type') in ['kvm', 'qemu', 'lxc'] and key and uuid:
secrets_filename = CEPH_BACKEND_SECRET.format(
remote_service_name(rid)
)
render(os.path.basename(CEPH_SECRET), secrets_filename,
context={'ceph_secret_uuid': uuid,
'service_name': remote_service_name(rid)})
create_libvirt_secret(secret_file=secrets_filename,
secret_uuid=uuid,
key=key)
def ceph_access(rid=None, unit=None):
'''Setup libvirt secret for specific ceph backend access'''
key = relation_get('key', unit, rid)
uuid = relation_get('secret-uuid', unit, rid)
if config('virt-type') in ['kvm', 'qemu', 'lxc'] and key and uuid:
secrets_filename = CEPH_BACKEND_SECRET.format(remote_service_name(rid))
render(os.path.basename(CEPH_SECRET),
secrets_filename,
context={
'ceph_secret_uuid': uuid,
'service_name': remote_service_name(rid)
})
create_libvirt_secret(secret_file=secrets_filename,
secret_uuid=uuid,
key=key)
def _configure_keyring(service_name, key, uuid):
if config('virt-type') in LIBVIRT_TYPES:
secrets_filename = CEPH_BACKEND_SECRET.format(service_name)
render(os.path.basename(CEPH_SECRET),
secrets_filename,
context={
'ceph_secret_uuid': uuid,
'service_name': service_name
})
create_libvirt_secret(secret_file=secrets_filename,
secret_uuid=uuid,
key=key)
# NOTE(jamespage): LXD ceph integration via host rbd mapping, so
# install keyring for rbd commands to use
ensure_ceph_keyring(service=service_name,
user='******',
group='nova',
key=key)
def ceph_changed():
if 'ceph' not in CONFIGS.complete_contexts():
log('ceph relation incomplete. Peer not ready?')
return
svc = service_name()
if not ensure_ceph_keyring(service=svc):
log('Could not create ceph keyring: peer not ready?')
return
CONFIGS.write(ceph_config_file())
CONFIGS.write(CEPH_SECRET)
CONFIGS.write(NOVA_CONF)
# With some refactoring, this can move into NovaComputeCephContext
# and allow easily extended to support other compute flavors.
if config('virt-type') in ['kvm', 'qemu', 'lxc']:
create_libvirt_secret(secret_file=CEPH_SECRET,
secret_uuid=CEPH_SECRET_UUID,
key=relation_get('key'))
def ceph_access(rid=None, unit=None):
'''Setup libvirt secret for specific ceph backend access'''
key = relation_get('key', unit, rid)
uuid = relation_get('secret-uuid', unit, rid)
if key and uuid:
remote_service = remote_service_name(rid)
if config('virt-type') in LIBVIRT_TYPES:
secrets_filename = CEPH_BACKEND_SECRET.format(remote_service)
render(os.path.basename(CEPH_SECRET), secrets_filename,
context={'ceph_secret_uuid': uuid,
'service_name': remote_service})
create_libvirt_secret(secret_file=secrets_filename,
secret_uuid=uuid,
key=key)
# NOTE(jamespage): LXD ceph integration via host rbd mapping, so
# install keyring for rbd commands to use
ensure_ceph_keyring(service=remote_service,
user='******', group='nova',
key=key)
def ceph_access(rid=None, unit=None):
'''Setup libvirt secret for specific ceph backend access'''
key = relation_get('key', unit, rid)
uuid = relation_get('secret-uuid', unit, rid)
if key and uuid:
remote_service = remote_service_name(rid)
if config('virt-type') in LIBVIRT_TYPES:
secrets_filename = CEPH_BACKEND_SECRET.format(remote_service)
render(os.path.basename(CEPH_SECRET), secrets_filename,
context={'ceph_secret_uuid': uuid,
'service_name': remote_service})
create_libvirt_secret(secret_file=secrets_filename,
secret_uuid=uuid,
key=key)
# NOTE(jamespage): LXD ceph integration via host rbd mapping, so
# install keyring for rbd commands to use
ensure_ceph_keyring(service=remote_service,
user='******', group='nova',
key=key)
def ceph_changed(rid=None, unit=None):
if 'ceph' not in CONFIGS.complete_contexts():
log('ceph relation incomplete. Peer not ready?')
return
if not ensure_ceph_keyring(
service=service_name(), user='******', group='nova'):
log('Could not create ceph keyring: peer not ready?')
return
CONFIGS.write(ceph_config_file())
CONFIGS.write(CEPH_SECRET)
CONFIGS.write(NOVA_CONF)
# With some refactoring, this can move into NovaComputeCephContext
# and allow easily extended to support other compute flavors.
key = relation_get(attribute='key', rid=rid, unit=unit)
if config('virt-type') in ['kvm', 'qemu', 'lxc'] and key:
create_libvirt_secret(secret_file=CEPH_SECRET,
secret_uuid=CEPH_SECRET_UUID,
key=key)
_handle_ceph_request()