def test_get_named_key(self):
with mock.patch.object(ceph, "ceph_user", return_value="ceph"):
with mock.patch.object(ceph.subprocess, "check_output") \
as subprocess:
with mock.patch.object(ceph.socket, "gethostname",
return_value="osd001"):
ceph.get_named_key(name="rgw001")
subprocess.assert_called_with(
['sudo', '-u', 'ceph', 'ceph', '--name', 'mon.',
'--keyring',
'/var/lib/ceph/mon/ceph-osd001/keyring',
'auth',
'get-or-create', 'client.rgw001', 'mon', 'allow rw',
'osd',
'allow rwx'])
def test_get_named_key_empty(self, mock_config, mock_ceph_user,
mock_get_unit_hostname, mock_check_output):
user_name = 'cinder-ceph'
user_type = 'client'
admin_user = '******'
user_spec = '{}.{}'.format(user_type, user_name)
expected_key = 'AQCnjmtbuEACMxAA7joUmgLIGI4/3LKkPzUy8g=='
expected_output = (
'[client.testuser]\n key = {}'.format(expected_key))
caps = collections.OrderedDict([('mon', ['allow rw']),
('osd', ['allow rwx'])])
ceph_user = '******'
ceph_proxy_host = 'cephproxy'
mock_get_unit_hostname.return_value = ceph_proxy_host
def check_output_side_effect(cmd):
return {
' '.join([
'sudo', '-u', ceph_user, 'ceph', '--name', admin_user, '--keyring', '/var/lib/ceph/mon/ceph-{}/keyring'.format(ceph_proxy_host), 'auth', 'get-or-create', user_spec, 'mon', 'allow rw', 'osd', 'allow rwx'
]): (expected_output.encode('utf-8'))
}[' '.join(cmd)]
mock_check_output.side_effect = check_output_side_effect
mock_config.side_effect = self.empty_config_side_effect
mock_ceph_user.return_value = ceph_user
named_key = ceph.get_named_key(user_name, caps)
self.assertEqual(named_key, expected_key)
def test_get_named_key_empty(self, mock_config, mock_ceph_user,
mock_get_unit_hostname, mock_check_output):
user_name = 'cinder-ceph'
user_type = 'client'
admin_user = '******'
user_spec = '{}.{}'.format(user_type, user_name)
expected_key = 'AQCnjmtbuEACMxAA7joUmgLIGI4/3LKkPzUy8g=='
expected_output = ('[client.testuser]\n key = {}'
.format(expected_key))
caps = collections.OrderedDict([('mon', ['allow rw']),
('osd', ['allow rwx'])])
ceph_user = '******'
ceph_proxy_host = 'cephproxy'
mock_get_unit_hostname.return_value = ceph_proxy_host
def check_output_side_effect(cmd):
return {
' '.join(['sudo', '-u', ceph_user, 'ceph', '--name',
admin_user,
'--keyring',
'/var/lib/ceph/mon/ceph-{}/keyring'.format(
ceph_proxy_host),
'auth', 'get-or-create', user_spec, 'mon',
'allow rw', 'osd', 'allow rwx']): (expected_output
.encode('utf-8'))
}[' '.join(cmd)]
mock_check_output.side_effect = check_output_side_effect
mock_config.side_effect = self.empty_config_side_effect
mock_ceph_user.return_value = ceph_user
named_key = ceph.get_named_key(user_name, caps)
self.assertEqual(named_key, expected_key)
def test_get_named_key_populated(self, mock_config):
user_name = 'glance'
user_key = 'AQCnjmtbuEACMxAA7joUmgLIGI4/3LKkPzUy8g=='
mock_config.side_effect = self.populated_config_side_effect
named_key = ceph.get_named_key(user_name)
self.assertEqual(user_key, named_key)
def test_get_named_key_populated(self, mock_config):
user_name = 'glance'
user_key = 'AQCnjmtbuEACMxAA7joUmgLIGI4/3LKkPzUy8g=='
mock_config.side_effect = self.populated_config_side_effect
named_key = ceph.get_named_key(user_name)
self.assertEqual(user_key, named_key)
def notify_client():
utils.juju_log('INFO', 'Begin notify_client.')
for relid in utils.relation_ids('client'):
service_name = utils.relation_list(relid)[0].split('/')[0]
utils.relation_set(key=ceph.get_named_key(service_name),
auth=utils.config_get('auth-supported'),
rid=relid)
utils.juju_log('INFO', 'End notify_client.')
def client_relation():
log('Begin client-relation hook.')
if ceph.is_quorum():
log('mon cluster in quorum - providing client with keys')
service_name = remote_unit().split('/')[0]
relation_set(key=ceph.get_named_key(service_name),
auth=config('auth-supported'))
else:
log('mon cluster not in quorum - deferring key provision')
log('End client-relation hook.')
def notify_client():
log('Begin notify_client.')
for relid in relation_ids('client'):
units = related_units(relid)
if len(units) > 0:
service_name = units[0].split('/')[0]
relation_set(relation_id=relid,
key=ceph.get_named_key(service_name),
auth=config('auth-supported'))
log('End notify_client.')
def test_get_named_key_get(self):
self.get_unit_hostname.return_value = "myhost"
key = "AQAPiu1RCMb4CxAAmP7rrufwZPRqy8bpQa2OeQ=="
self.subprocess.check_output.return_value = key
self.assertEqual(ceph.get_named_key('dummy'), key)
cmd = [
'ceph',
'--name', 'mon.',
'--keyring',
'/var/lib/ceph/mon/ceph-myhost/keyring',
'auth', 'get-or-create', 'client.dummy',
'mon', 'allow r', 'osd', 'allow rwx'
]
self.subprocess.check_output.assert_called_with(cmd)
def client_relation():
utils.juju_log('INFO', 'Begin client-relation hook.')
if ceph.is_quorum():
utils.juju_log('INFO',
'mon cluster in quorum - \
providing client with keys')
service_name = os.environ['JUJU_REMOTE_UNIT'].split('/')[0]
utils.relation_set(key=ceph.get_named_key(service_name),
auth=utils.config_get('auth-supported'))
else:
utils.juju_log('INFO',
'mon cluster not in quorum - deferring key provision')
utils.juju_log('INFO', 'End client-relation hook.')
def admin_relation_joined(relid=None):
if ceph.is_quorum():
name = relation_get('keyring-name')
if name is None:
name = 'admin'
log('mon cluster in quorum - providing client with keys')
data = {
'key': ceph.get_named_key(name=name, caps=ceph.admin_caps),
'fsid': leader_get('fsid'),
'auth': config('auth-supported'),
'mon_hosts': config('mon-hosts') or " ".join(get_mon_hosts())
}
relation_set(relation_id=relid, relation_settings=data)
else:
log('mon cluster not in quorum - deferring key provision')
def osd_relation(relid=None):
if ceph.is_quorum():
log('mon cluster in quorum - providing fsid & keys')
public_addr = get_public_addr()
data = {
'fsid': leader_get('fsid'),
'osd_bootstrap_key': ceph.get_osd_bootstrap_key(),
'auth': config('auth-supported'),
'ceph-public-address': public_addr,
'osd_upgrade_key': ceph.get_named_key('osd-upgrade',
caps=ceph.osd_upgrade_caps),
}
relation_set(relation_id=relid,
relation_settings=data)
else:
log('mon cluster not in quorum - deferring fsid provision')
def osd_relation(relid=None):
if ceph.is_quorum():
log('mon cluster in quorum - providing fsid & keys')
public_addr = get_public_addr()
data = {
'fsid': leader_get('fsid'),
'osd_bootstrap_key': ceph.get_osd_bootstrap_key(),
'auth': config('auth-supported'),
'ceph-public-address': public_addr,
'osd_upgrade_key': ceph.get_named_key('osd-upgrade',
caps=ceph.osd_upgrade_caps),
}
relation_set(relation_id=relid,
relation_settings=data)
# NOTE: radosgw key provision is gated on presence of OSD
# units so ensure that any deferred hooks are processed
notify_radosgws()
else:
log('mon cluster not in quorum - deferring fsid provision')
def client_relation_joined(relid=None):
if ready():
service_name = None
if relid is None:
units = [remote_unit()]
service_name = units[0].split('/')[0]
else:
units = related_units(relid)
if len(units) > 0:
service_name = units[0].split('/')[0]
if service_name is not None:
public_addr = get_public_addr()
data = {'key': ceph.get_named_key(service_name),
'auth': 'cephx',
'ceph-public-address': public_addr}
relation_set(relation_id=relid,
relation_settings=data)
else:
log('FSID or admin key not provided, please configure them')
def client_relation(relid=None):
if ceph.is_quorum():
log('mon cluster in quorum - providing client with keys')
service_name = None
if relid is None:
service_name = remote_unit().split('/')[0]
else:
units = related_units(relid)
if len(units) > 0:
service_name = units[0].split('/')[0]
if service_name is not None:
data = {
'key': ceph.get_named_key(service_name),
'auth': config('auth-supported'),
'ceph-public-address': get_public_addr(),
}
relation_set(relation_id=relid,
relation_settings=data)
else:
log('mon cluster not in quorum - deferring key provision')
def client_relation_joined(relid=None):
if ready():
service_name = None
if relid is None:
units = [remote_unit()]
service_name = units[0].split('/')[0]
else:
units = related_units(relid)
if len(units) > 0:
service_name = units[0].split('/')[0]
if service_name is not None:
public_addr = get_public_addr()
data = {'key': ceph.get_named_key(service_name),
'auth': 'cephx',
'ceph-public-address': public_addr}
relation_set(relation_id=relid,
relation_settings=data)
else:
log('FSID or admin key not provided, please configure them')
def client_relation_joined(relid=None):
if ceph.is_quorum():
log('mon cluster in quorum - providing client with keys')
service_name = None
if relid is None:
units = [remote_unit()]
service_name = units[0].split('/')[0]
else:
units = related_units(relid)
if len(units) > 0:
service_name = units[0].split('/')[0]
if service_name is not None:
public_addr = get_public_addr()
data = {'key': ceph.get_named_key(service_name),
'auth': config('auth-supported'),
'ceph-public-address': public_addr}
relation_set(relation_id=relid,
relation_settings=data)
else:
log('mon cluster not in quorum - deferring key provision')
def client_relation_joined(relid=None):
if ready():
service_name = None
if relid is None:
units = [remote_unit()]
service_name = units[0].split('/')[0]
else:
units = related_units(relid)
if len(units) > 0:
service_name = units[0].split('/')[0]
if service_name is not None:
ceph_addrs = config('monitor-hosts')
data = {'key': ceph.get_named_key(service_name),
'auth': config('auth-supported'),
'ceph-public-address': ceph_addrs}
log('relation_set (%s): %s' % (relid, str(data)), level=DEBUG)
relation_set(relation_id=relid,
relation_settings=data)
else:
log('FSID or admin key not provided, please configure them')
def osd_relation(relid=None):
if ceph.is_quorum():
log('mon cluster in quorum - providing fsid & keys')
public_addr = get_public_addr()
data = {
'fsid':
leader_get('fsid'),
'osd_bootstrap_key':
ceph.get_osd_bootstrap_key(),
'auth':
config('auth-supported'),
'ceph-public-address':
public_addr,
'osd_upgrade_key':
ceph.get_named_key('osd-upgrade', caps=ceph.osd_upgrade_caps),
}
unit = remote_unit()
settings = relation_get(rid=relid, unit=unit)
"""Process broker request(s)."""
if 'broker_req' in settings:
if ceph.is_leader():
rsp = process_requests(settings['broker_req'])
unit_id = unit.replace('/', '-')
unit_response_key = 'broker-rsp-' + unit_id
data[unit_response_key] = rsp
else:
log("Not leader - ignoring broker request", level=DEBUG)
relation_set(relation_id=relid, relation_settings=data)
# NOTE: radosgw key provision is gated on presence of OSD
# units so ensure that any deferred hooks are processed
notify_radosgws()
notify_client()
else:
log('mon cluster not in quorum - deferring fsid provision')