def add_user(): """Add a swauth user to swift.""" if config('auth-type') == 'swauth': try_initialize_swauth() account = action_get('account') username = action_get('username') password = action_get('password') bind_port = config('bind-port') bind_port = determine_api_port(bind_port, singlenode_mode=True) success = True try: check_call([ "swauth-add-user", "-A", "http://localhost:{}/auth/".format(bind_port), "-K", leader_get('swauth-admin-key'), "-a", account, username, password ]) except CalledProcessError as e: success = False log("Has a problem adding user: {}".format(e.output)) action_fail("Adding user {} failed with: \"{}\"".format( username, str(e))) if success: message = "Successfully added the user {}".format(username) action_set({ 'add-user.result': 'Success', 'add-user.message': message, })
def add_user(): """Add a swauth user to swift.""" if config('auth-type') == 'swauth': try_initialize_swauth() account = action_get('account') username = action_get('username') password = action_get('password') bind_port = config('bind-port') bind_port = determine_api_port(bind_port, singlenode_mode=True) success = True try: check_call([ "swauth-add-user", "-A", "http://localhost:{}/auth/".format(bind_port), "-K", leader_get('swauth-admin-key'), "-a", account, username, password]) except CalledProcessError as e: success = False log("Has a problem adding user: {}".format(e.output)) action_fail( "Adding user {} failed with: \"{}\"" .format(username, str(e))) if success: message = "Successfully added the user {}".format(username) action_set({ 'add-user.result': 'Success', 'add-user.message': message, })
def config_changed(): if is_elected_leader(SWIFT_HA_RES): log("Leader established, generating ring builders", level=INFO) # initialize new storage rings. for ring, path in SWIFT_RINGS.items(): if not os.path.exists(path): initialize_ring(path, config('partition-power'), determine_replicas(ring), config('min-hours')) if config('prefer-ipv6'): status_set('maintenance', 'Configuring ipv6') setup_ipv6() configure_https() open_port(config('bind-port')) update_nrpe_config() # Determine whether or not we should do an upgrade. if not config('action-managed-upgrade') and \ openstack.openstack_upgrade_available('swift'): do_openstack_upgrade(CONFIGS) status_set('maintenance', 'Running openstack upgrade') if not leader_get('swift-proxy-rings-consumer'): status_set('maintenance', 'Updating and (maybe) balancing rings') update_rings(min_part_hours=config('min-hours'), replicas=config('replicas')) if not config('disable-ring-balance') and is_elected_leader(SWIFT_HA_RES): # Try ring balance. If rings are balanced, no sync will occur. balance_rings() for r_id in relation_ids('identity-service'): keystone_joined(relid=r_id) for r_id in relation_ids('cluster'): cluster_joined(relation_id=r_id) for r_id in relation_ids('object-store'): object_store_joined(relation_id=r_id) for r_id in relation_ids('amqp'): amqp_joined(relation_id=r_id) for r_id in relation_ids('ha'): ha_relation_joined(relation_id=r_id) try_initialize_swauth() # call the policy overrides handler which will install any policy overrides policyd.maybe_do_policyd_overrides(openstack.os_release('swift-proxy'), 'swift')
def storage_joined(): if not is_elected_leader(SWIFT_HA_RES): log( "New storage relation joined - stopping proxy until ring builder " "synced", level=INFO) service_stop('swift-proxy') # This unit is not currently responsible for distributing rings but # may become so at some time in the future so we do this to avoid the # possibility of storage nodes getting out-of-date rings by deprecating # any existing ones from the www dir. mark_www_rings_deleted() try_initialize_swauth()
def test_config_and_leader_get(self, check_call, leader_get, config, is_leader, determine_api_port, leader_set): """Ensure that we config_get, and then leader_get.""" config.side_effect = lambda key: { 'auth-type': 'swauth', 'swauth-admin-key': None, 'bind-port': 8080 }[key] determine_api_port.return_value = 8080 is_leader.return_value = True leader_get.return_value = "Test" swift_utils.try_initialize_swauth() check_call.assert_called_with( ['swauth-prep', '-A', 'http://localhost:8080/auth', '-K', 'Test'])
def test_config_and_leader_get(self, check_call, leader_get, config, is_leader, determine_api_port, leader_set): """Ensure that we config_get, and then leader_get.""" config.side_effect = lambda key: { 'auth-type': 'swauth', 'swauth-admin-key': None, 'bind-port': 8080}[key] determine_api_port.return_value = 8080 is_leader.return_value = True leader_get.return_value = "Test" swift_utils.try_initialize_swauth() check_call.assert_called_with(['swauth-prep', '-A', 'http://localhost:8080/auth', '-K', 'Test'])
def storage_joined(rid=None): if not is_elected_leader(SWIFT_HA_RES): log( "New storage relation joined - stopping proxy until ring builder " "synced", level=INFO) service_stop('swift-proxy') # This unit is not currently responsible for distributing rings but # may become so at some time in the future so we do this to avoid the # possibility of storage nodes getting out-of-date rings by deprecating # any existing ones from the www dir. mark_www_rings_deleted() try_initialize_swauth() # NOTE(jamespage): Ensure private-address is set to any network-space # binding provided by the charm user. relation_set(relation_id=rid, relation_settings={ 'private-address': get_relation_ip('swift-storage') })