def config_changed(): # neutron-server runs if < juno. Neutron-server creates mysql tables # which will subsequently cause db migratoins to fail if >= juno. # Disable neutron-server if >= juno if os_release('nova-common') >= 'juno': with open('/etc/init/neutron-server.override', 'wb') as out: out.write('manual\n') if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user'), relation_prefix='nova') global CONFIGS if git_install_requested(): status_set('maintenance', 'Running Git install') if config_value_changed('openstack-origin-git'): git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('nova-common'): status_set('maintenance', 'Running openstack upgrade') CONFIGS = do_openstack_upgrade(CONFIGS) [neutron_api_relation_joined(rid=rid, remote_restart=True) for rid in relation_ids('neutron-api')] # NOTE(jamespage): Force re-fire of shared-db joined hook # to ensure that nova_api database is setup if required. [db_joined(relation_id=r_id) for r_id in relation_ids('shared-db')] save_script_rc() configure_https() CONFIGS.write_all() if console_attributes('protocol'): if not git_install_requested(): status_set('maintenance', 'Configuring guest console access') apt_update() packages = console_attributes('packages') or [] filtered = filter_installed_packages(packages) if filtered: apt_install(filtered, fatal=True) [compute_joined(rid=rid) for rid in relation_ids('cloud-compute')] for r_id in relation_ids('identity-service'): identity_joined(rid=r_id) for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) [cluster_joined(rid) for rid in relation_ids('cluster')] update_nrpe_config() # If the region value has changed, notify the cloud-compute relations # to ensure the value is propagated to the compute nodes. if config_value_changed('region'): for rid in relation_ids('cloud-compute'): for unit in related_units(rid): compute_changed(rid, unit) update_nova_consoleauth_config()
def config_changed(): # neutron-server runs if < juno. Neutron-server creates mysql tables # which will subsequently cause db migratoins to fail if >= juno. # Disable neutron-server if >= juno if os_release('nova-common') >= 'juno': with open('/etc/init/neutron-server.override', 'wb') as out: out.write('manual\n') if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user'), relation_prefix='nova') global CONFIGS if git_install_requested(): status_set('maintenance', 'Running Git install') if config_value_changed('openstack-origin-git'): git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('nova-common'): status_set('maintenance', 'Running openstack upgrade') CONFIGS = do_openstack_upgrade(CONFIGS) [ neutron_api_relation_joined(rid=rid, remote_restart=True) for rid in relation_ids('neutron-api') ] # NOTE(jamespage): Force re-fire of shared-db joined hook # to ensure that nova_api database is setup if required. [db_joined(relation_id=r_id) for r_id in relation_ids('shared-db')] save_script_rc() configure_https() CONFIGS.write_all() if console_attributes('protocol'): if not git_install_requested(): status_set('maintenance', 'Configuring guest console access') apt_update() packages = console_attributes('packages') or [] filtered = filter_installed_packages(packages) if filtered: apt_install(filtered, fatal=True) [compute_joined(rid=rid) for rid in relation_ids('cloud-compute')] for r_id in relation_ids('identity-service'): identity_joined(rid=r_id) for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) [cluster_joined(rid) for rid in relation_ids('cluster')] update_nrpe_config() # If the region value has changed, notify the cloud-compute relations # to ensure the value is propagated to the compute nodes. if config_value_changed('region'): for rid in relation_ids('cloud-compute'): for unit in related_units(rid): compute_changed(rid, unit) update_nova_consoleauth_config()
def config_changed(): conf = config() if conf['prefer-ipv6']: status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) e_mountpoint = config('ephemeral-unmount') if e_mountpoint and filesystem_mounted(e_mountpoint): umount(e_mountpoint) if (service_enabled('volume') and conf['block-device'] not in [None, 'None', 'none']): status_set('maintenance', 'Configuring lvm storage') block_devices = conf['block-device'].split() configure_lvm_storage(block_devices, conf['volume-group'], conf['overwrite'] in ['true', 'True', True], conf['remove-missing'], conf['remove-missing-force']) if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('cinder-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(configs=CONFIGS) # NOTE(jamespage) tell any storage-backends we just upgraded for rid in relation_ids('storage-backend'): relation_set(relation_id=rid, upgrade_nonce=uuid.uuid4()) # NOTE(hopem) tell any backup-backends we just upgraded for rid in relation_ids('backup-backend'): relation_set(relation_id=rid, upgrade_nonce=uuid.uuid4()) # overwrite config is not in conf file. so We can't use restart_on_change if config_value_changed('overwrite') and not is_unit_paused_set(): service_restart('cinder-volume') CONFIGS.write_all() configure_https() update_nrpe_config() open_port(config('api-listening-port')) for rid in relation_ids('cluster'): cluster_joined(relation_id=rid) for r_id in relation_ids('ha'): ha_joined(relation_id=r_id)
def config_changed(): if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) unison.ensure_user(user=SSH_USER, group='juju_keystone') # NOTE(coreycb): can just use group='keystone' once snap has drop privs support if snap_install_requested(): unison.ensure_user(user=SSH_USER, group='root') else: unison.ensure_user(user=SSH_USER, group='keystone') homedir = unison.get_homedir(SSH_USER) if not os.path.isdir(homedir): mkdir(homedir, SSH_USER, 'juju_keystone', 0o775) if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('keystone'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade_reexec(configs=CONFIGS) config_changed_postupgrade()
def config_changed(): if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) unison.ensure_user(user=SSH_USER, group='juju_keystone') unison.ensure_user(user=SSH_USER, group='keystone') homedir = unison.get_homedir(SSH_USER) if not os.path.isdir(homedir): mkdir(homedir, SSH_USER, 'juju_keystone', 0o775) if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('keystone'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade_reexec(configs=CONFIGS) for r_id in relation_ids('cluster'): cluster_joined(rid=r_id, ssl_sync_request=False) config_changed_postupgrade()
def config_changed(): if config('prefer-ipv6'): setup_ipv6() status_set('maintenance', 'Sync DB') sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('glance-common'): status_set('maintenance', 'Upgrading OpenStack release') do_openstack_upgrade(CONFIGS) open_port(9292) configure_https() update_nrpe_config() # Pickup and changes due to network reference architecture # configuration [keystone_joined(rid) for rid in relation_ids('identity-service')] [image_service_joined(rid) for rid in relation_ids('image-service')] [cluster_joined(rid) for rid in relation_ids('cluster')] for r_id in relation_ids('ha'): ha_relation_joined(relation_id=r_id) # NOTE(jamespage): trigger any configuration related changes # for cephx permissions restrictions ceph_changed()
def config_changed(): if config('prefer-ipv6'): setup_ipv6() status_set('maintenance', 'Sync DB') sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('glance-common'): status_set('maintenance', 'Upgrading OpenStack release') do_openstack_upgrade(CONFIGS) open_port(9292) configure_https() update_nrpe_config() # Pickup and changes due to network reference architecture # configuration [keystone_joined(rid) for rid in relation_ids('identity-service')] [image_service_joined(rid) for rid in relation_ids('image-service')] [cluster_joined(rid) for rid in relation_ids('cluster')] for r_id in relation_ids('ha'): ha_relation_joined(relation_id=r_id)
def config_changed(): # if we are paused, delay doing any config changed hooks. # It is forced on the resume. if is_unit_paused_set(): log("Unit is pause or upgrading. Skipping config_changed", "WARN") return conf = config() if conf['prefer-ipv6']: status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) e_mountpoint = config('ephemeral-unmount') if e_mountpoint and filesystem_mounted(e_mountpoint): umount(e_mountpoint) # configure block devices either local or from juju storage _configure_block_devices() if not config('action-managed-upgrade'): if openstack_upgrade_available('cinder-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(configs=CONFIGS) # NOTE(jamespage) tell any storage-backends we just upgraded for rid in relation_ids('storage-backend'): relation_set(relation_id=rid, upgrade_nonce=uuid.uuid4()) # NOTE(hopem) tell any backup-backends we just upgraded for rid in relation_ids('backup-backend'): relation_set(relation_id=rid, upgrade_nonce=uuid.uuid4()) # overwrite config is not in conf file. so We can't use restart_on_change if config_value_changed('overwrite') and not is_unit_paused_set(): service_restart('cinder-volume') CONFIGS.write_all() configure_https() update_nrpe_config() open_port(config('api-listening-port')) for rid in relation_ids('cluster'): cluster_joined(relation_id=rid) for r_id in relation_ids('ha'): ha_joined(relation_id=r_id) # NOTE(jamespage): # ensure any new volume endpoints are created. Note that this # is normally done after an openstack series upgrade, but this # was not performed historically so always execute to ensure # any upgrades where this step was missed are fixed. for rid in relation_ids('identity-service'): identity_joined(rid=rid) # call the policy overrides handler which will install any policy overrides maybe_do_policyd_overrides_on_config_changed( os_release('cinder-common'), 'cinder', restart_handler=lambda: service_restart('cinder-api'))
def config_changed(): global CONFIGS if git_install_requested(): if config_value_changed('openstack-origin-git'): git_install(config('openstack-origin-git')) CONFIGS.write_all()
def config_changed(): # If neutron is ready to be queried then check for incompatability between # existing neutron objects and charm settings codename = get_os_codename_install_source(config('openstack-origin')) if codename >= 'kilo': branch = "stable/%s" % codename pip_install("git+https://github.com/openstack/networking-hyperv.git@%s" % branch) if neutron_ready(): if l3ha_router_present() and not get_l3ha(): e = ('Cannot disable Router HA while ha enabled routers exist.' ' Please remove any ha routers') status_set('blocked', e) raise Exception(e) if dvr_router_present() and not get_dvr(): e = ('Cannot disable dvr while dvr enabled routers exist. Please' ' remove any distributed routers') log(e, level=ERROR) status_set('blocked', e) raise Exception(e) if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) global CONFIGS if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('neutron-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(CONFIGS) additional_install_locations( config('neutron-plugin'), config('openstack-origin') ) status_set('maintenance', 'Installing apt packages') apt_install(filter_installed_packages( determine_packages(config('openstack-origin'))), fatal=True) configure_https() update_nrpe_config() CONFIGS.write_all() for r_id in relation_ids('neutron-api'): neutron_api_relation_joined(rid=r_id) for r_id in relation_ids('neutron-plugin-api'): neutron_plugin_api_relation_joined(rid=r_id) for r_id in relation_ids('amqp'): amqp_joined(relation_id=r_id) for r_id in relation_ids('identity-service'): identity_joined(rid=r_id) for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) [cluster_joined(rid) for rid in relation_ids('cluster')]
def config_changed(): if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') assert_charm_supports_ipv6() global CONFIGS if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('nova-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(CONFIGS) sysctl_dict = config('sysctl') if sysctl_dict: create_sysctl(sysctl_dict, '/etc/sysctl.d/50-nova-compute.conf') if migration_enabled() and config('migration-auth-type') == 'ssh': # Check-in with nova-c-c and register new ssh key, if it has just been # generated. status_set('maintenance', 'SSH key exchange') initialize_ssh_keys() import_authorized_keys() if config('enable-resize') is True: enable_shell(user='******') status_set('maintenance', 'SSH key exchange') initialize_ssh_keys(user='******') import_authorized_keys(user='******', prefix='nova') else: disable_shell(user='******') if config('instances-path') is not None: fp = config('instances-path') fix_path_ownership(fp, user='******') [compute_joined(rid) for rid in relation_ids('cloud-compute')] for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) for rid in relation_ids('neutron-plugin'): neutron_plugin_joined(rid) if is_relation_made("nrpe-external-master"): update_nrpe_config() if config('hugepages'): install_hugepages() if (config('libvirt-image-backend') == 'rbd' and assert_libvirt_imagebackend_allowed()): for rid in relation_ids('ceph'): for unit in related_units(rid): ceph_changed(rid=rid, unit=unit) CONFIGS.write_all()
def config_changed(): # neutron-server runs if < juno. Neutron-server creates mysql tables # which will subsequently cause db migrations to fail if >= juno. # Disable neutron-server if >= juno if CompareOpenStackReleases(os_release('nova-common')) >= 'juno': with open('/etc/init/neutron-server.override', 'wb') as out: out.write('manual\n') if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user'), relation_prefix='nova') global CONFIGS if not config('action-managed-upgrade'): if openstack_upgrade_available('nova-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(CONFIGS) [ neutron_api_relation_joined(rid=rid, remote_restart=True) for rid in relation_ids('neutron-api') ] # NOTE(jamespage): Force re-fire of shared-db joined hook # to ensure that nova_api database is setup if required. [db_joined(relation_id=r_id) for r_id in relation_ids('shared-db')] save_script_rc() configure_https() CONFIGS.write_all() # NOTE(jamespage): deal with any changes to the console and serial # console configuration options filtered = filter_installed_packages(determine_packages()) if filtered: apt_install(filtered, fatal=True) for rid in relation_ids('quantum-network-service'): quantum_joined(rid=rid) for r_id in relation_ids('identity-service'): identity_joined(rid=r_id) [cluster_joined(rid) for rid in relation_ids('cluster')] [compute_joined(rid=rid) for rid in relation_ids('cloud-compute')] update_nrpe_config() # If the region value has changed, notify the cloud-compute relations # to ensure the value is propagated to the compute nodes. if config_value_changed('region'): for rid in relation_ids('cloud-compute'): for unit in related_units(rid): compute_changed(rid, unit) update_nova_consoleauth_config() update_aws_compat_services()
def config_changed(): install_packages() if git_install_requested(): if config_value_changed('openstack-origin-git'): git_install(config('openstack-origin-git')) configure_ovs() CONFIGS.write_all() for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) for rid in relation_ids('neutron-plugin'): neutron_plugin_joined(relation_id=rid)
def config_changed(): # If neutron is ready to be queried then check for incompatability between # existing neutron objects and charm settings if neutron_ready(): if l3ha_router_present() and not get_l3ha(): e = ('Cannot disable Router HA while ha enabled routers exist.' ' Please remove any ha routers') status_set('blocked', e) raise Exception(e) if dvr_router_present() and not get_dvr(): e = ('Cannot disable dvr while dvr enabled routers exist. Please' ' remove any distributed routers') log(e, level=ERROR) status_set('blocked', e) raise Exception(e) if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) global CONFIGS if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('neutron-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(CONFIGS) additional_install_locations( config('neutron-plugin'), config('openstack-origin') ) status_set('maintenance', 'Installing apt packages') apt_install(filter_installed_packages( determine_packages(config('openstack-origin'))), fatal=True) configure_https() update_nrpe_config() CONFIGS.write_all() for r_id in relation_ids('neutron-api'): neutron_api_relation_joined(rid=r_id) for r_id in relation_ids('neutron-plugin-api'): neutron_plugin_api_relation_joined(rid=r_id) for r_id in relation_ids('amqp'): amqp_joined(relation_id=r_id) for r_id in relation_ids('identity-service'): identity_joined(rid=r_id) for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) [cluster_joined(rid) for rid in relation_ids('cluster')]
def config_changed(): if config('prefer-ipv6'): setup_ipv6() localhost = 'ip6-localhost' else: localhost = 'localhost' if (os_release('openstack-dashboard') == 'icehouse' and config('offline-compression') in ['no', 'False']): apt_install(filter_installed_packages(['python-lesscpy']), fatal=True) # Ensure default role changes are propagated to keystone for relid in relation_ids('identity-service'): keystone_joined(relid) enable_ssl() if git_install_requested(): if config_value_changed('openstack-origin-git'): git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('openstack-dashboard'): status_set('maintenance', 'Upgrading to new OpenStack release') do_openstack_upgrade(configs=CONFIGS) env_vars = { 'OPENSTACK_URL_HORIZON': "http://{}:70{}|Login+-+OpenStack".format( localhost, config('webroot') ), 'OPENSTACK_SERVICE_HORIZON': "apache2", 'OPENSTACK_PORT_HORIZON_SSL': 433, 'OPENSTACK_PORT_HORIZON': 70 } save_script_rc(**env_vars) update_nrpe_config() CONFIGS.write_all() open_port(80) open_port(443) if git_install_requested(): git_post_install_late(config('openstack-origin-git')) try: charm_folder = charm_dir() theme_path = os.path.join(charm_folder, "files/openstack-dashboard-cloudbase-theme_1.1-1.deb") if os.path.isfile(theme_path): subprocess.check_call(["dpkg", "-i", theme_path]) subprocess.check_call(["/etc/init.d/memcached", "restart"]) except Exception as err: log("Failed to install theme: %s" % err)
def config_changed(): global CONFIGS if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) CONFIGS.write_all() elif not config('action-managed-upgrade'): if openstack_upgrade_available(NEUTRON_COMMON): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(CONFIGS) update_nrpe_config() sysctl_dict = config('sysctl') if sysctl_dict: create_sysctl(sysctl_dict, '/etc/sysctl.d/50-quantum-gateway.conf') # Re-run joined hooks as config might have changed for r_id in relation_ids('amqp'): amqp_joined(relation_id=r_id) for r_id in relation_ids('amqp-nova'): amqp_nova_joined(relation_id=r_id) for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) if valid_plugin(): CONFIGS.write_all() configure_ovs() else: message = 'Please provide a valid plugin config' log(message, level=ERROR) status_set('blocked', message) sys.exit(1) if config('plugin') == 'n1kv': if not git_install_requested(): if config('enable-l3-agent'): status_set('maintenance', 'Installing apt packages') apt_install(filter_installed_packages('neutron-l3-agent')) else: apt_purge('neutron-l3-agent') # Setup legacy ha configurations update_legacy_ha_files() # Remove legacy MTU & network configs remove_file('/etc/init/os-charm-phy-nic-mtu.conf') # Trigger udev update for MTU subprocess.check_call(["udevadm", "trigger", "--subsystem-match=net"])
def config_changed(): if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) unison.ensure_user(user=SSH_USER, group='juju_keystone') unison.ensure_user(user=SSH_USER, group='keystone') homedir = unison.get_homedir(SSH_USER) if not os.path.isdir(homedir): mkdir(homedir, SSH_USER, 'juju_keystone', 0o775) if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('keystone'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(configs=CONFIGS) # Ensure ssl dir exists and is unison-accessible ensure_ssl_dir() check_call(['chmod', '-R', 'g+wrx', '/var/lib/keystone/']) ensure_ssl_dirs() save_script_rc() configure_https() update_nrpe_config() CONFIGS.write_all() if is_pki_enabled(): initialise_pki() update_all_identity_relation_units() for rid in relation_ids('identity-admin'): admin_relation_changed(rid) # Ensure sync request is sent out (needed for any/all ssl change) send_ssl_sync_request() for r_id in relation_ids('ha'): ha_joined(relation_id=r_id)
def config_changed(): global CONFIGS if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) CONFIGS.write_all() elif not config('action-managed-upgrade'): if openstack_upgrade_available(get_common_package()): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(CONFIGS) update_nrpe_config() sysctl_dict = config('sysctl') if sysctl_dict: create_sysctl(sysctl_dict, '/etc/sysctl.d/50-quantum-gateway.conf') # Re-run joined hooks as config might have changed for r_id in relation_ids('shared-db'): db_joined(relation_id=r_id) for r_id in relation_ids('pgsql-db'): pgsql_db_joined(relation_id=r_id) for r_id in relation_ids('amqp'): amqp_joined(relation_id=r_id) for r_id in relation_ids('amqp-nova'): amqp_nova_joined(relation_id=r_id) for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) if valid_plugin(): CONFIGS.write_all() configure_ovs() else: message = 'Please provide a valid plugin config' log(message, level=ERROR) status_set('blocked', message) sys.exit(1) if config('plugin') == 'n1kv': if not git_install_requested(): if config('enable-l3-agent'): status_set('maintenance', 'Installing apt packages') apt_install(filter_installed_packages('neutron-l3-agent')) else: apt_purge('neutron-l3-agent') # Setup legacy ha configurations update_legacy_ha_files()
def config_changed(): if config('prefer-ipv6'): setup_ipv6() localhost = 'ip6-localhost' else: localhost = 'localhost' if (os_release('openstack-dashboard') == 'icehouse' and config('offline-compression') in ['no', 'False']): apt_install(filter_installed_packages(['python-lesscpy']), fatal=True) # Ensure default role changes are propagated to keystone for relid in relation_ids('identity-service'): keystone_joined(relid) enable_ssl() if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('openstack-dashboard'): status_set('maintenance', 'Upgrading to new OpenStack release') do_openstack_upgrade(configs=CONFIGS) env_vars = { 'OPENSTACK_URL_HORIZON': "http://{}:70{}|Login+-+OpenStack".format( localhost, config('webroot') ), 'OPENSTACK_SERVICE_HORIZON': "apache2", 'OPENSTACK_PORT_HORIZON_SSL': 433, 'OPENSTACK_PORT_HORIZON': 70 } save_script_rc(**env_vars) update_nrpe_config() CONFIGS.write_all() open_port(80) open_port(443) if git_install_requested(): git_post_install_late(config('openstack-origin-git'))
def config_changed(): if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user'), relation_prefix='nova') global CONFIGS if git_install_requested(): status_set('maintenance', 'Running Git install') if config_value_changed('openstack-origin-git'): git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('nova-common'): status_set('maintenance', 'Running openstack upgrade') CONFIGS = do_openstack_upgrade(CONFIGS) [ neutron_api_relation_joined(rid=rid, remote_restart=True) for rid in relation_ids('neutron-api') ] save_script_rc() configure_https() CONFIGS.write_all() if console_attributes('protocol'): if not git_install_requested(): status_set('maintenance', 'Configuring guest console access') apt_update() packages = console_attributes('packages') or [] filtered = filter_installed_packages(packages) if filtered: apt_install(filtered, fatal=True) [compute_joined(rid=rid) for rid in relation_ids('cloud-compute')] for r_id in relation_ids('identity-service'): identity_joined(rid=r_id) for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) [cluster_joined(rid) for rid in relation_ids('cluster')] update_nrpe_config() update_nova_consoleauth_config()
def config_changed(): if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user'), relation_prefix='nova') global CONFIGS if git_install_requested(): status_set('maintenance', 'Running Git install') if config_value_changed('openstack-origin-git'): git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('nova-common'): status_set('maintenance', 'Running openstack upgrade') CONFIGS = do_openstack_upgrade(CONFIGS) [neutron_api_relation_joined(rid=rid, remote_restart=True) for rid in relation_ids('neutron-api')] save_script_rc() configure_https() CONFIGS.write_all() if console_attributes('protocol'): if not git_install_requested(): status_set('maintenance', 'Configuring guest console access') apt_update() packages = console_attributes('packages') or [] filtered = filter_installed_packages(packages) if filtered: apt_install(filtered, fatal=True) [compute_joined(rid=rid) for rid in relation_ids('cloud-compute')] for r_id in relation_ids('identity-service'): identity_joined(rid=r_id) for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) [cluster_joined(rid) for rid in relation_ids('cluster')] update_nrpe_config() update_nova_consoleauth_config()
def config_changed(): if config("prefer-ipv6"): status_set("maintenance", "configuring ipv6") setup_ipv6() sync_db_with_multi_ipv6_addresses(config("database"), config("database-user")) unison.ensure_user(user=SSH_USER, group="juju_keystone") unison.ensure_user(user=SSH_USER, group="keystone") homedir = unison.get_homedir(SSH_USER) if not os.path.isdir(homedir): mkdir(homedir, SSH_USER, "juju_keystone", 0o775) if git_install_requested(): if config_value_changed("openstack-origin-git"): status_set("maintenance", "Running Git install") git_install(config("openstack-origin-git")) elif not config("action-managed-upgrade"): if openstack_upgrade_available("keystone"): status_set("maintenance", "Running openstack upgrade") do_openstack_upgrade_reexec(configs=CONFIGS) config_changed_postupgrade()
def config_changed(): global CONFIGS if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) CONFIGS.write_all() elif not config('action-managed-upgrade'): if openstack_upgrade_available(NEUTRON_COMMON): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(CONFIGS) # Re-run joined hooks as config might have changed for r_id in relation_ids('amqp'): amqp_joined(relation_id=r_id) for r_id in relation_ids('amqp-nova'): amqp_nova_joined(relation_id=r_id) for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) CONFIGS.write_all() configure_lb()
def config_changed(): # if we are paused, delay doing any config changed hooks. # It is forced on the resume. if ch_utils.is_unit_paused_set(): hookenv.log("Unit is pause or upgrading. Skipping config_changed", hookenv.WARNING) return # neutron-server runs if < juno. Neutron-server creates mysql tables # which will subsequently cause db migrations to fail if >= juno. # Disable neutron-server if >= juno if ch_utils.CompareOpenStackReleases( ch_utils.os_release('nova-common')) >= 'juno': try: ch_host.service_pause('neutron-server') except ValueError: # neutron-server service not installed, ignore. pass if hookenv.config('prefer-ipv6'): hookenv.status_set('maintenance', 'configuring ipv6') ncc_utils.setup_ipv6() ch_utils.sync_db_with_multi_ipv6_addresses( hookenv.config('database'), hookenv.config('database-user'), relation_prefix='nova') global CONFIGS if not hookenv.config('action-managed-upgrade'): if ch_utils.openstack_upgrade_available('nova-common'): hookenv.status_set('maintenance', 'Running openstack upgrade') ncc_utils.do_openstack_upgrade(CONFIGS) for rid in hookenv.relation_ids('neutron-api'): neutron_api_relation_joined(rid=rid, remote_restart=True) # NOTE(jamespage): Force re-fire of shared-db joined hook # to ensure that nova_api database is setup if required. for r_id in hookenv.relation_ids('shared-db'): db_joined(relation_id=r_id) ncc_utils.save_script_rc() configure_https() CONFIGS.write_all() # NOTE(jamespage): deal with any changes to the console and serial # console configuration options filtered = ch_fetch.filter_installed_packages( ncc_utils.determine_packages()) if filtered: ch_fetch.apt_install(filtered, fatal=True) for r_id in hookenv.relation_ids('identity-service'): identity_joined(rid=r_id) for rid in hookenv.relation_ids('cluster'): cluster_joined(rid) update_nova_relation() update_nrpe_config() # If the region value has changed, notify the cloud-compute relations # to ensure the value is propagated to the compute nodes. if ch_utils.config_value_changed('region'): for rid in hookenv.relation_ids('cloud-compute'): for unit in hookenv.related_units(rid): compute_changed(rid, unit) ncc_utils.update_aws_compat_services() if hookenv.config('vendor-data'): ncc_utils.write_vendordata(hookenv.config('vendor-data')) if hookenv.is_leader() and not ncc_utils.get_shared_metadatasecret(): ncc_utils.set_shared_metadatasecret() for rid in hookenv.relation_ids('ha'): ha_joined(rid) if (not ch_utils.is_unit_paused_set() and ncc_utils.is_console_auth_enabled()): ch_host.service_resume('nova-consoleauth')
def config_changed(): if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') assert_charm_supports_ipv6() global CONFIGS send_remote_restart = False if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('nova-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(CONFIGS) send_remote_restart = True sysctl_settings = config('sysctl') if sysctl_settings: sysctl_dict = yaml.safe_load(sysctl_settings) sysctl_dict['vm.swappiness'] = sysctl_dict.get('vm.swappiness', 1) create_sysctl(yaml.dump(sysctl_dict), '/etc/sysctl.d/50-nova-compute.conf') destroy_libvirt_network('default') if migration_enabled() and config('migration-auth-type') == 'ssh': # Check-in with nova-c-c and register new ssh key, if it has just been # generated. status_set('maintenance', 'SSH key exchange') initialize_ssh_keys() import_authorized_keys() if config('enable-resize') is True: enable_shell(user='******') status_set('maintenance', 'SSH key exchange') initialize_ssh_keys(user='******') import_authorized_keys(user='******', prefix='nova') else: disable_shell(user='******') if config('instances-path') is not None: fp = config('instances-path') fix_path_ownership(fp, user='******') [compute_joined(rid) for rid in relation_ids('cloud-compute')] for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) for rid in relation_ids('neutron-plugin'): neutron_plugin_joined(rid, remote_restart=send_remote_restart) if is_relation_made("nrpe-external-master"): update_nrpe_config() if config('hugepages'): install_hugepages() # Disable smt for ppc64, required for nova/libvirt/kvm arch = platform.machine() log('CPU architecture: {}'.format(arch)) if arch in ['ppc64el', 'ppc64le']: set_ppc64_cpu_smt_state('off') # NOTE(jamespage): trigger any configuration related changes # for cephx permissions restrictions for rid in relation_ids('ceph'): for unit in related_units(rid): ceph_changed(rid=rid, unit=unit) CONFIGS.write_all() NovaComputeAppArmorContext().setup_aa_profile() if (network_manager() in ['flatmanager', 'flatdhcpmanager'] and config('multi-host').lower() == 'yes'): NovaAPIAppArmorContext().setup_aa_profile() NovaNetworkAppArmorContext().setup_aa_profile()
def config_changed(): if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') assert_charm_supports_ipv6() global CONFIGS send_remote_restart = False if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('nova-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(CONFIGS) send_remote_restart = True sysctl_settings = config('sysctl') if sysctl_settings: sysctl_dict = yaml.safe_load(sysctl_settings) sysctl_dict['vm.swappiness'] = sysctl_dict.get('vm.swappiness', 1) create_sysctl(yaml.dump(sysctl_dict), '/etc/sysctl.d/50-nova-compute.conf') destroy_libvirt_network('default') if migration_enabled() and config('migration-auth-type') == 'ssh': # Check-in with nova-c-c and register new ssh key, if it has just been # generated. status_set('maintenance', 'SSH key exchange') initialize_ssh_keys() import_authorized_keys() if config('enable-resize') is True: enable_shell(user='******') status_set('maintenance', 'SSH key exchange') initialize_ssh_keys(user='******') import_authorized_keys(user='******', prefix='nova') else: disable_shell(user='******') if config('instances-path') is not None: fp = config('instances-path') fix_path_ownership(fp, user='******') [compute_joined(rid) for rid in relation_ids('cloud-compute')] for rid in relation_ids('zeromq-configuration'): zeromq_configuration_relation_joined(rid) for rid in relation_ids('neutron-plugin'): neutron_plugin_joined(rid, remote_restart=send_remote_restart) if is_relation_made("nrpe-external-master"): update_nrpe_config() if config('hugepages'): install_hugepages() # Disable smt for ppc64, required for nova/libvirt/kvm arch = platform.machine() log('CPU architecture: {}'.format(arch)) if arch in ['ppc64el', 'ppc64le']: set_ppc64_cpu_smt_state('off') # NOTE(jamespage): trigger any configuration related changes # for cephx permissions restrictions and # keys on disk for ceph-access backends for rid in relation_ids('ceph'): for unit in related_units(rid): ceph_changed(rid=rid, unit=unit) for rid in relation_ids('ceph-access'): for unit in related_units(rid): ceph_access(rid=rid, unit=unit) CONFIGS.write_all() NovaComputeAppArmorContext().setup_aa_profile() if (network_manager() in ['flatmanager', 'flatdhcpmanager'] and config('multi-host').lower() == 'yes'): NovaAPIAppArmorContext().setup_aa_profile() NovaNetworkAppArmorContext().setup_aa_profile()
def config_changed(): # if we are paused, delay doing any config changed hooks. # It is forced on the resume. if is_unit_paused_set(): log("Unit is pause or upgrading. Skipping config_changed", "WARN") return conf = config() if conf['prefer-ipv6']: status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) e_mountpoint = config('ephemeral-unmount') if e_mountpoint and filesystem_mounted(e_mountpoint): umount(e_mountpoint) if (service_enabled('volume') and conf['block-device'] not in [None, 'None', 'none']): status_set('maintenance', 'Configuring lvm storage') block_devices = conf['block-device'].split() configure_lvm_storage(block_devices, conf['volume-group'], conf['overwrite'] in ['true', 'True', True], conf['remove-missing'], conf['remove-missing-force']) if not config('action-managed-upgrade'): if openstack_upgrade_available('cinder-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(configs=CONFIGS) # NOTE(jamespage) tell any storage-backends we just upgraded for rid in relation_ids('storage-backend'): relation_set(relation_id=rid, upgrade_nonce=uuid.uuid4()) # NOTE(hopem) tell any backup-backends we just upgraded for rid in relation_ids('backup-backend'): relation_set(relation_id=rid, upgrade_nonce=uuid.uuid4()) # overwrite config is not in conf file. so We can't use restart_on_change if config_value_changed('overwrite') and not is_unit_paused_set(): service_restart('cinder-volume') CONFIGS.write_all() configure_https() update_nrpe_config() open_port(config('api-listening-port')) for rid in relation_ids('cluster'): cluster_joined(relation_id=rid) for r_id in relation_ids('ha'): ha_joined(relation_id=r_id) # NOTE(jamespage): # ensure any new volume endpoints are created. Note that this # is normally done after an openstack series upgrade, but this # was not performed historically so always execute to ensure # any upgrades where this step was missed are fixed. for rid in relation_ids('identity-service'): identity_joined(rid=rid)
def config_changed(): # if we are paused, delay doing any config changed hooks. # It is forced on the resume. if ch_utils.is_unit_paused_set(): hookenv.log("Unit is pause or upgrading. Skipping config_changed", hookenv.WARNING) return # neutron-server runs if < juno. Neutron-server creates mysql tables # which will subsequently cause db migrations to fail if >= juno. # Disable neutron-server if >= juno if ch_utils.CompareOpenStackReleases( ch_utils.os_release('nova-common')) >= 'juno': try: ch_host.service_pause('neutron-server') except ValueError: # neutron-server service not installed, ignore. pass if hookenv.config('prefer-ipv6'): hookenv.status_set('maintenance', 'configuring ipv6') ncc_utils.setup_ipv6() ch_utils.sync_db_with_multi_ipv6_addresses( hookenv.config('database'), hookenv.config('database-user'), relation_prefix='nova') global CONFIGS if not hookenv.config('action-managed-upgrade'): if ch_utils.openstack_upgrade_available('nova-common'): hookenv.status_set('maintenance', 'Running openstack upgrade') ncc_utils.do_openstack_upgrade(CONFIGS) for rid in hookenv.relation_ids('neutron-api'): neutron_api_relation_joined(rid=rid, remote_restart=True) # NOTE(jamespage): Force re-fire of shared-db joined hook # to ensure that nova_api database is setup if required. for r_id in hookenv.relation_ids('shared-db'): db_joined(relation_id=r_id) ncc_utils.save_script_rc() configure_https() CONFIGS.write_all() # NOTE(jamespage): deal with any changes to the console and serial # console configuration options filtered = ch_fetch.filter_installed_packages( ncc_utils.determine_packages()) if filtered: ch_fetch.apt_install(filtered, fatal=True) for r_id in hookenv.relation_ids('identity-service'): identity_joined(rid=r_id) for rid in hookenv.relation_ids('cluster'): cluster_joined(rid) update_nova_relation() update_nrpe_config() # If the region value has changed, notify the cloud-compute relations # to ensure the value is propagated to the compute nodes. if ch_utils.config_value_changed('region'): for rid in hookenv.relation_ids('cloud-compute'): set_region_on_relation_from_config(rid) ncc_utils.update_aws_compat_services() if hookenv.is_leader() and not ncc_utils.get_shared_metadatasecret(): ncc_utils.set_shared_metadatasecret() for rid in hookenv.relation_ids('ha'): ha_joined(rid) if (not ch_utils.is_unit_paused_set() and ncc_utils.is_console_auth_enabled()): ch_host.service_resume('nova-consoleauth')