def ceph_changed(rid=None, unit=None): if 'ceph' not in CONFIGS.complete_contexts(): log('ceph relation incomplete. Peer not ready?') return if not ensure_ceph_keyring( service=service_name(), user='******', group='nova'): log('Could not create ceph keyring: peer not ready?') return CONFIGS.write(ceph_config_file()) CONFIGS.write(CEPH_SECRET) CONFIGS.write(NOVA_CONF) # With some refactoring, this can move into NovaComputeCephContext # and allow easily extended to support other compute flavors. key = relation_get(attribute='key', rid=rid, unit=unit) if config('virt-type') in ['kvm', 'qemu', 'lxc'] and key: create_libvirt_secret(secret_file=CEPH_SECRET, secret_uuid=CEPH_SECRET_UUID, key=key) if is_request_complete(get_ceph_request()): log('Request complete') # Ensure that nova-compute is restarted since only now can we # guarantee that ceph resources are ready, but only if not paused. if (not is_unit_paused_set() and not is_broker_action_done('nova_compute_restart', rid, unit)): service_restart('nova-compute') mark_broker_action_done('nova_compute_restart', rid, unit) else: send_request_if_needed(get_ceph_request())
def ceph_changed(): if 'ceph' not in CONFIGS.complete_contexts(): log('ceph relation incomplete. Peer not ready?') return if not ensure_ceph_keyring(service=service_name(), user='******', group='nova'): log('Could not create ceph keyring: peer not ready?') return CONFIGS.write(ceph_config_file()) CONFIGS.write(CEPH_SECRET) CONFIGS.write(NOVA_CONF) # With some refactoring, this can move into NovaComputeCephContext # and allow easily extended to support other compute flavors. if config('virt-type') in ['kvm', 'qemu', 'lxc'] and relation_get('key'): create_libvirt_secret(secret_file=CEPH_SECRET, secret_uuid=CEPH_SECRET_UUID, key=relation_get('key')) if (config('libvirt-image-backend') == 'rbd' and assert_libvirt_imagebackend_allowed()): if is_request_complete(get_ceph_request()): log('Request complete') # Ensure that nova-compute is restarted since only now can we # guarantee that ceph resources are ready. service_restart('nova-compute') else: send_request_if_needed(get_ceph_request())
def ceph_changed(rid=None, unit=None): if 'ceph' not in CONFIGS.complete_contexts(): log('ceph relation incomplete. Peer not ready?') return if not ensure_ceph_keyring( service=service_name(), user='******', group='nova'): log('Could not create ceph keyring: peer not ready?') return CONFIGS.write(ceph_config_file()) CONFIGS.write(CEPH_SECRET) CONFIGS.write(NOVA_CONF) # With some refactoring, this can move into NovaComputeCephContext # and allow easily extended to support other compute flavors. key = relation_get(attribute='key', rid=rid, unit=unit) if config('virt-type') in ['kvm', 'qemu', 'lxc'] and key: create_libvirt_secret(secret_file=CEPH_SECRET, secret_uuid=CEPH_SECRET_UUID, key=key) try: _handle_ceph_request() except ValueError as e: # The end user has most likely provided a invalid value for a # configuration option. Just log the traceback here, the end # user will be notified by assess_status() called at the end of # the hook execution. log('Caught ValueError, invalid value provided for ' 'configuration?: "{}"'.format(str(e)), level=DEBUG)
def ceph_changed(rid=None, unit=None): if 'ceph' not in CONFIGS.complete_contexts(): log('ceph relation incomplete. Peer not ready?') return if not ensure_ceph_keyring(service=service_name(), user='******', group='nova'): log('Could not create ceph keyring: peer not ready?') return CONFIGS.write(ceph_config_file()) CONFIGS.write(CEPH_SECRET) CONFIGS.write(NOVA_CONF) # With some refactoring, this can move into NovaComputeCephContext # and allow easily extended to support other compute flavors. key = relation_get(attribute='key', rid=rid, unit=unit) if config('virt-type') in ['kvm', 'qemu', 'lxc'] and key: create_libvirt_secret(secret_file=CEPH_SECRET, secret_uuid=CEPH_SECRET_UUID, key=key) if is_request_complete(get_ceph_request()): log('Request complete') # Ensure that nova-compute is restarted since only now can we # guarantee that ceph resources are ready, but only if not paused. if (not is_unit_paused_set() and not is_broker_action_done('nova_compute_restart', rid, unit)): service_restart('nova-compute') mark_broker_action_done('nova_compute_restart', rid, unit) else: send_request_if_needed(get_ceph_request())
def test_create_libvirt_key(self, _check_output, _check_call): key = 'AQCR2dRUaFQSOxAAC5fr79sLL3d7wVvpbbRFMg==' self.test_config.set('virt-type', 'kvm') utils.create_libvirt_secret(utils.CEPH_SECRET, compute_context.CEPH_SECRET_UUID, key) _check_output.assert_called_with( ['virsh', '-c', utils.LIBVIRT_URIS['kvm'], 'secret-list']) _check_call.assert_called_with([ 'virsh', '-c', utils.LIBVIRT_URIS['kvm'], 'secret-set-value', '--secret', compute_context.CEPH_SECRET_UUID, '--base64', key ])
def test_create_libvirt_key_existing(self, _check_output, _check_call): key = 'AQCR2dRUaFQSOxAAC5fr79sLL3d7wVvpbbRFMg==' self.test_config.set('virt-type', 'kvm') _check_output.side_effect = [compute_context.CEPH_SECRET_UUID, key] utils.create_libvirt_secret(utils.CEPH_SECRET, compute_context.CEPH_SECRET_UUID, key) expected = [call(['virsh', '-c', utils.LIBVIRT_URIS['kvm'], 'secret-list']), call(['virsh', '-c', utils.LIBVIRT_URIS['kvm'], 'secret-get-value', compute_context.CEPH_SECRET_UUID])] _check_output.assert_has_calls(expected)
def test_create_libvirt_key(self, _check_output, _check_call): key = 'AQCR2dRUaFQSOxAAC5fr79sLL3d7wVvpbbRFMg==' self.test_config.set('virt-type', 'kvm') utils.create_libvirt_secret(utils.CEPH_SECRET, compute_context.CEPH_SECRET_UUID, key) _check_output.assert_called_with(['virsh', '-c', utils.LIBVIRT_URIS['kvm'], 'secret-list']) _check_call.assert_called_with(['virsh', '-c', utils.LIBVIRT_URIS['kvm'], 'secret-set-value', '--secret', compute_context.CEPH_SECRET_UUID, '--base64', key])
def ceph_access(rid=None, unit=None): '''Setup libvirt secret for specific ceph backend access''' key = relation_get('key', unit, rid) uuid = relation_get('secret-uuid', unit, rid) if config('virt-type') in ['kvm', 'qemu', 'lxc'] and key and uuid: secrets_filename = CEPH_BACKEND_SECRET.format( remote_service_name(rid) ) render(os.path.basename(CEPH_SECRET), secrets_filename, context={'ceph_secret_uuid': uuid, 'service_name': remote_service_name(rid)}) create_libvirt_secret(secret_file=secrets_filename, secret_uuid=uuid, key=key)
def ceph_access(rid=None, unit=None): '''Setup libvirt secret for specific ceph backend access''' key = relation_get('key', unit, rid) uuid = relation_get('secret-uuid', unit, rid) if config('virt-type') in ['kvm', 'qemu', 'lxc'] and key and uuid: secrets_filename = CEPH_BACKEND_SECRET.format(remote_service_name(rid)) render(os.path.basename(CEPH_SECRET), secrets_filename, context={ 'ceph_secret_uuid': uuid, 'service_name': remote_service_name(rid) }) create_libvirt_secret(secret_file=secrets_filename, secret_uuid=uuid, key=key)
def _configure_keyring(service_name, key, uuid): if config('virt-type') in LIBVIRT_TYPES: secrets_filename = CEPH_BACKEND_SECRET.format(service_name) render(os.path.basename(CEPH_SECRET), secrets_filename, context={ 'ceph_secret_uuid': uuid, 'service_name': service_name }) create_libvirt_secret(secret_file=secrets_filename, secret_uuid=uuid, key=key) # NOTE(jamespage): LXD ceph integration via host rbd mapping, so # install keyring for rbd commands to use ensure_ceph_keyring(service=service_name, user='******', group='nova', key=key)
def ceph_changed(): if 'ceph' not in CONFIGS.complete_contexts(): log('ceph relation incomplete. Peer not ready?') return svc = service_name() if not ensure_ceph_keyring(service=svc): log('Could not create ceph keyring: peer not ready?') return CONFIGS.write(ceph_config_file()) CONFIGS.write(CEPH_SECRET) CONFIGS.write(NOVA_CONF) # With some refactoring, this can move into NovaComputeCephContext # and allow easily extended to support other compute flavors. if config('virt-type') in ['kvm', 'qemu', 'lxc']: create_libvirt_secret(secret_file=CEPH_SECRET, secret_uuid=CEPH_SECRET_UUID, key=relation_get('key'))
def ceph_access(rid=None, unit=None): '''Setup libvirt secret for specific ceph backend access''' key = relation_get('key', unit, rid) uuid = relation_get('secret-uuid', unit, rid) if key and uuid: remote_service = remote_service_name(rid) if config('virt-type') in LIBVIRT_TYPES: secrets_filename = CEPH_BACKEND_SECRET.format(remote_service) render(os.path.basename(CEPH_SECRET), secrets_filename, context={'ceph_secret_uuid': uuid, 'service_name': remote_service}) create_libvirt_secret(secret_file=secrets_filename, secret_uuid=uuid, key=key) # NOTE(jamespage): LXD ceph integration via host rbd mapping, so # install keyring for rbd commands to use ensure_ceph_keyring(service=remote_service, user='******', group='nova', key=key)
def ceph_changed(rid=None, unit=None): if 'ceph' not in CONFIGS.complete_contexts(): log('ceph relation incomplete. Peer not ready?') return if not ensure_ceph_keyring( service=service_name(), user='******', group='nova'): log('Could not create ceph keyring: peer not ready?') return CONFIGS.write(ceph_config_file()) CONFIGS.write(CEPH_SECRET) CONFIGS.write(NOVA_CONF) # With some refactoring, this can move into NovaComputeCephContext # and allow easily extended to support other compute flavors. key = relation_get(attribute='key', rid=rid, unit=unit) if config('virt-type') in ['kvm', 'qemu', 'lxc'] and key: create_libvirt_secret(secret_file=CEPH_SECRET, secret_uuid=CEPH_SECRET_UUID, key=key) _handle_ceph_request()