コード例 #1
0
ファイル: hooks.py プロジェクト: scuttlemonkey/ceph-ec2
def bootstrap_monitor_cluster():
    hostname = utils.get_unit_hostname()
    done = '/var/lib/ceph/mon/ceph-{}/done'.format(hostname)
    secret = utils.config_get('monitor-secret')
    keyring = '/var/lib/ceph/tmp/{}.mon.keyring'.format(hostname)

    if os.path.exists(done):
        utils.juju_log('INFO',
                       'bootstrap_monitor_cluster: mon already initialized.')
    else:
        try:
            subprocess.check_call(['ceph-authtool', keyring,
                                   '--create-keyring', '--name=mon.',
                                   '--add-key={}'.format(secret),
                                   '--cap', 'mon', 'allow *'])

            subprocess.check_call(['ceph-mon', '--mkfs',
                                   '-i', hostname,
                                   '--keyring', keyring])

            with open(done, 'w'):
                pass

            subprocess.check_call(['start', 'ceph-mon-all-starter'])
        except:
            raise
        finally:
            os.unlink(keyring)
コード例 #2
0
ファイル: hooks.py プロジェクト: alysisLeonis/juju-charms
def configure_gmetad():
    juju_log("INFO", "Configuring gmetad for master unit")
    data_sources = {
        "self": ["localhost"]
        }
    for _rid in relation_ids("master"):
        for _unit in relation_list(_rid):
            # endpoint is set by ganglia-node
            # subordinate to indicate that
            # gmond should not be used as a
            # datasource
            _datasource = relation_get('datasource',
                                       _unit, _rid)
            if _datasource == "true":
                service_name = _unit.split('/')[0]
                if service_name not in data_sources:
                    data_sources[service_name] = []
                data_sources[service_name]\
                    .append(relation_get('private-address',
                                         _unit, _rid))

    context = {
        "data_sources": data_sources,
        "gridname": config_get("gridname")
        }

    before = checksum(GMETAD_CONF)
    with open(GMETAD_CONF, "w") as gmetad:
        gmetad.write(render_template("gmetad.conf", context))
    if before != checksum(GMETAD_CONF):
        control(GMETAD, RESTART)
コード例 #3
0
def disable_https(port_maps, namespace):
    '''
    Ensure HTTPS reverse proxying is disables for given port mappings

    port_maps: dict: of ext -> int port mappings
    namespace: str: name of chamr
    '''
    juju_log('INFO', 'Ensuring HTTPS disabled for {}'.format(port_maps))

    if (not os.path.exists('/etc/apache2') or
        not os.path.exists(os.path.join('/etc/apache2/ssl', namespace))):
        return

    http_restart = False
    for ext_port in port_maps.keys():
        if os.path.exists(os.path.join(APACHE_SITE_DIR,
                                       "{}_{}".format(namespace,
                                                      ext_port))):
            juju_log('INFO',
                     "Disabling HTTPS reverse proxy"
                     " for {} {}.".format(namespace,
                                          ext_port))
            if (RELOAD_CHECK in
                subprocess.check_output(['a2dissite',
                                         '{}_{}'.format(namespace,
                                                        ext_port)])):
                http_restart = True

    if http_restart:
        restart(['apache2'])
コード例 #4
0
ファイル: hooks.py プロジェクト: Scott1989/ceph-radosgw
def install():
    utils.juju_log('INFO', 'Begin install hook.')
    utils.enable_pocket('multiverse')
    utils.configure_source()
    utils.install('radosgw', 'libapache2-mod-fastcgi', 'apache2', 'ntp')
    os.makedirs(NSS_DIR)
    utils.juju_log('INFO', 'End install hook.')
コード例 #5
0
ファイル: hooks.py プロジェクト: scuttlemonkey/ceph-ec2
def config_changed():
    utils.juju_log('INFO', 'Begin config-changed hook.')

    utils.juju_log('INFO', 'Monitor hosts are ' + repr(get_mon_hosts()))

    fsid = utils.config_get('fsid')
    if fsid == '':
        utils.juju_log('CRITICAL', 'No fsid supplied, cannot proceed.')
        sys.exit(1)

    monitor_secret = utils.config_get('monitor-secret')
    if monitor_secret == '':
        utils.juju_log('CRITICAL',
                       'No monitor-secret supplied, cannot proceed.')
        sys.exit(1)

    emit_cephconf()

    for dev in utils.config_get('osd-devices').split(' '):
        osdize(dev)

    # Support use of single node ceph
    if (not ceph.is_bootstrapped() and
        int(utils.config_get('monitor-count')) == 1):
        bootstrap_monitor_cluster()
        ceph.wait_for_bootstrap()

    if ceph.is_bootstrapped():
        ceph.rescan_osd_devices()

    utils.juju_log('INFO', 'End config-changed hook.')
コード例 #6
0
ファイル: hooks.py プロジェクト: alysisLeonis/juju-charms
def configure_gmond():
    juju_log("INFO", "Configuring new ganglia node")
    _rid = relation_ids("juju-info")[0]
    principle_unit = get_principle_name()
    service_name = principle_unit.split('/')[0]
    _rids = relation_ids("node")
    masters = []
    if _rids:
        # Configure as head unit and send data to masters
        for _rid in _rids:
            for _master in relation_list(_rid):
                masters.append(relation_get('private-address',
                                            _master, _rid))
    context = {
        "service_name": service_name,
        "masters": masters,
        "unit_name": principle_unit
        }

    before = checksum(GMOND_CONF)
    with open(GMOND_CONF, "w") as gmond:
        gmond.write(render_template("gmond.conf", context))

    if len(masters) > 0:
        if before != checksum(GMOND_CONF):
            control(GMOND, RESTART)
    else:
        control(GMOND, STOP)
コード例 #7
0
ファイル: hooks.py プロジェクト: CiscoSystems/ceph-radosgw
def mon_relation():
    utils.juju_log('INFO', 'Begin mon-relation hook.')
    emit_cephconf()
    key = utils.relation_get('radosgw_key')
    if key:
        ceph.import_radosgw_key(key)
        restart()  # TODO figure out a better way todo this
    utils.juju_log('INFO', 'End mon-relation hook.')
コード例 #8
0
ファイル: hooks.py プロジェクト: Scott1989/ceph-radosgw
def mon_relation():
    utils.juju_log('INFO', 'Begin mon-relation hook.')
    emit_cephconf()
    key = utils.relation_get('radosgw_key')
    if key:
        ceph.import_radosgw_key(key)
        restart()  # TODO figure out a better way todo this
    utils.juju_log('INFO', 'End mon-relation hook.')
コード例 #9
0
def create_key_file(service, key):
    # create a file containing the key
    keyfile = keyfile_path(service)
    if os.path.exists(keyfile):
        utils.juju_log('INFO', 'ceph: Keyfile exists at %s.' % keyfile)
    fd = open(keyfile, 'w')
    fd.write(key)
    fd.close()
    utils.juju_log('INFO', 'ceph: Created new keyfile at %s.' % keyfile)
コード例 #10
0
ファイル: hooks.py プロジェクト: Scott1989/ceph-radosgw
def config_changed():
    utils.juju_log('INFO', 'Begin config-changed hook.')
    emit_cephconf()
    emit_apacheconf()
    install_www_scripts()
    apache_sites()
    apache_modules()
    apache_reload()
    utils.juju_log('INFO', 'End config-changed hook.')
コード例 #11
0
ファイル: hooks.py プロジェクト: scuttlemonkey/ceph-ec2
def notify_radosgws():
    utils.juju_log('INFO', 'Begin notify_radosgws.')

    for relid in utils.relation_ids('radosgw'):
        utils.relation_set(radosgw_key=ceph.get_radosgw_key(),
                           auth=utils.config_get('auth-supported'),
                           rid=relid)

    utils.juju_log('INFO', 'End notify_radosgws.')
コード例 #12
0
ファイル: hooks.py プロジェクト: CiscoSystems/ceph-radosgw
def config_changed():
    utils.juju_log('INFO', 'Begin config-changed hook.')
    emit_cephconf()
    emit_apacheconf()
    install_www_scripts()
    apache_sites()
    apache_modules()
    apache_reload()
    utils.juju_log('INFO', 'End config-changed hook.')
コード例 #13
0
ファイル: hooks.py プロジェクト: CiscoSystems/ceph-radosgw
def install():
    utils.juju_log('INFO', 'Begin install hook.')
    utils.enable_pocket('multiverse')
    utils.configure_source()
    utils.install('radosgw',
                  'libapache2-mod-fastcgi',
                  'apache2',
                  'ntp')
    os.makedirs(NSS_DIR)
    utils.juju_log('INFO', 'End install hook.')
コード例 #14
0
def get_ca_cert():
    ca_cert = None
    juju_log('INFO',
             "Inspecting identity-service relations for CA SSL certificate.")
    for r_id in relation_ids('identity-service'):
        for unit in relation_list(r_id):
            if not ca_cert:
                ca_cert = relation_get('ca_cert',
                                       rid=r_id, unit=unit)
    return ca_cert
コード例 #15
0
ファイル: hooks.py プロジェクト: alysisLeonis/juju-charms
def configure_apache():
    juju_log("INFO", "Configuring apache vhost for ganglia master")
    if not os.path.exists(APACHE_CONFIG):
        os.symlink(GANGLIA_APACHE_CONFIG, APACHE_CONFIG)
	command = [ 'a2ensite', os.path.basename(APACHE_CONFIG) ]
        code = subprocess.call(command)
        if code != 0:
            juju-log("ERROR", "Unable to configure apache2")
            exit(code)
    control(APACHE, RELOAD)
コード例 #16
0
ファイル: hooks.py プロジェクト: scuttlemonkey/ceph-ec2
def notify_client():
    utils.juju_log('INFO', 'Begin notify_client.')

    for relid in utils.relation_ids('client'):
        service_name = utils.relation_list(relid)[0].split('/')[0]
        utils.relation_set(key=ceph.get_named_key(service_name),
                           auth=utils.config_get('auth-supported'),
                           rid=relid)

    utils.juju_log('INFO', 'End notify_client.')
コード例 #17
0
ファイル: hooks.py プロジェクト: scuttlemonkey/ceph-ec2
def notify_osds():
    utils.juju_log('INFO', 'Begin notify_osds.')

    for relid in utils.relation_ids('osd'):
        utils.relation_set(fsid=utils.config_get('fsid'),
                           osd_bootstrap_key=ceph.get_osd_bootstrap_key(),
                           auth=utils.config_get('auth-supported'),
                           rid=relid)

    utils.juju_log('INFO', 'End notify_osds.')
コード例 #18
0
def eligible_leader(resource):
    if is_clustered():
        if not is_leader(resource):
            juju_log('INFO', 'Deferring action to CRM leader.')
            return False
    else:
        peers = peer_units()
        if peers and not oldest_peer(peers):
            juju_log('INFO', 'Deferring action to oldest service unit.')
            return False
    return True
コード例 #19
0
def eligible_leader(resource):
    if is_clustered():
        if not is_leader(resource):
            juju_log('INFO', 'Deferring action to CRM leader.')
            return False
    else:
        peers = peer_units()
        if peers and not oldest_peer(peers):
            juju_log('INFO', 'Deferring action to oldest service unit.')
            return False
    return True
コード例 #20
0
def create_keyring(service, key):
    keyring = keyring_path(service)
    if os.path.exists(keyring):
        utils.juju_log('INFO', 'ceph: Keyring exists at %s.' % keyring)
    cmd = [
        'ceph-authtool',
        keyring,
        '--create-keyring',
        '--name=client.%s' % service,
        '--add-key=%s' % key
        ]
    execute(cmd)
    utils.juju_log('INFO', 'ceph: Created new ring at %s.' % keyring)
コード例 #21
0
ファイル: hooks.py プロジェクト: CiscoSystems/ceph-radosgw
def identity_joined(relid=None):
    if ceph.get_ceph_version('radosgw') < "0.55":
        utils.juju_log('ERROR',
                       'Integration with keystone requires ceph >= 0.55')
        sys.exit(1)

    hostname = utils.unit_get('private-address')
    admin_url = 'http://{}:80/swift'.format(hostname)
    internal_url = public_url = '{}/v1'.format(admin_url)
    utils.relation_set(service='swift',
                       region=utils.config_get('region'),
                       public_url=public_url, internal_url=internal_url,
                       admin_url=admin_url,
                       requested_roles=utils.config_get('operator-roles'),
                       rid=relid)
コード例 #22
0
ファイル: hooks.py プロジェクト: Scott1989/ceph-radosgw
def identity_joined(relid=None):
    if ceph.get_ceph_version('radosgw') < "0.55":
        utils.juju_log('ERROR',
                       'Integration with keystone requires ceph >= 0.55')
        sys.exit(1)

    hostname = utils.unit_get('private-address')
    admin_url = 'http://{}:80/swift'.format(hostname)
    internal_url = public_url = '{}/v1'.format(admin_url)
    utils.relation_set(service='swift',
                       region=utils.config_get('region'),
                       public_url=public_url,
                       internal_url=internal_url,
                       admin_url=admin_url,
                       requested_roles=utils.config_get('operator-roles'),
                       rid=relid)
コード例 #23
0
def get_cert():
    cert = config_get('ssl_cert')
    key = config_get('ssl_key')
    if not (cert and key):
        juju_log('INFO',
                 "Inspecting identity-service relations for SSL certificate.")
        cert = key = None
        for r_id in relation_ids('identity-service'):
            for unit in relation_list(r_id):
                if not cert:
                    cert = relation_get('ssl_cert',
                                        rid=r_id, unit=unit)
                if not key:
                    key = relation_get('ssl_key',
                                       rid=r_id, unit=unit)
    return (cert, key)
コード例 #24
0
ファイル: hooks.py プロジェクト: scuttlemonkey/ceph-ec2
def osdize(dev):
    e_mountpoint = utils.config_get('ephemeral-unmount')
    if e_mountpoint != "":
        subprocess.call(['umount', e_mountpoint])

    if ceph.is_osd_disk(dev):
        utils.juju_log('INFO',
                       'Looks like {} is already an OSD, skipping.'
                       .format(dev))
        return

    if subprocess.call(['grep', '-wqs', dev + '1', '/proc/mounts']) == 0:
        utils.juju_log('INFO',
                       'Looks like {} is in use, skipping.'.format(dev))
        return

    if os.path.exists(dev):
        subprocess.call(['ceph-disk-prepare', dev])
コード例 #25
0
ファイル: hooks.py プロジェクト: scuttlemonkey/ceph-ec2
def osd_relation():
    utils.juju_log('INFO', 'Begin osd-relation hook.')

    if ceph.is_quorum():
        utils.juju_log('INFO',
                       'mon cluster in quorum - providing fsid & keys')
        utils.relation_set(fsid=utils.config_get('fsid'),
                           osd_bootstrap_key=ceph.get_osd_bootstrap_key(),
                           auth=utils.config_get('auth-supported'))
    else:
        utils.juju_log('INFO',
                       'mon cluster not in quorum - deferring fsid provision')

    utils.juju_log('INFO', 'End osd-relation hook.')
コード例 #26
0
ファイル: hooks.py プロジェクト: alysisLeonis/juju-charms
def configure_gmond():
    juju_log("INFO", "Configuring ganglia monitoring daemon")
    service_name = os.environ['JUJU_UNIT_NAME'].split('/')[0]
    _rids = relation_ids("head")
    masters = []
    if _rids:
        # Configure as head unit and send data to masters
        for _rid in _rids:
            for _master in relation_list(_rid):
                masters.append(relation_get('private-address',
                                            _master, _rid))
    context = {
        "service_name": service_name,
        "masters": masters,
        "dead_host_timeout": config_get("dead_host_timeout")
        }

    before = checksum(GMOND_CONF)
    with open(GMOND_CONF, "w") as gmond:
        gmond.write(render_template("gmond.conf", context))
    if before != checksum(GMOND_CONF):
        control(GMOND, RESTART)
コード例 #27
0
ファイル: hooks.py プロジェクト: scuttlemonkey/ceph-ec2
def client_relation():
    utils.juju_log('INFO', 'Begin client-relation hook.')

    if ceph.is_quorum():
        utils.juju_log('INFO',
                       'mon cluster in quorum - \
                        providing client with keys')
        service_name = os.environ['JUJU_REMOTE_UNIT'].split('/')[0]
        utils.relation_set(key=ceph.get_named_key(service_name),
                           auth=utils.config_get('auth-supported'))
    else:
        utils.juju_log('INFO',
                       'mon cluster not in quorum - deferring key provision')

    utils.juju_log('INFO', 'End client-relation hook.')
コード例 #28
0
ファイル: hooks.py プロジェクト: scuttlemonkey/ceph-ec2
def radosgw_relation():
    utils.juju_log('INFO', 'Begin radosgw-relation hook.')

    utils.install('radosgw')  # Install radosgw for admin tools

    if ceph.is_quorum():
        utils.juju_log('INFO',
                       'mon cluster in quorum - \
                        providing radosgw with keys')
        utils.relation_set(radosgw_key=ceph.get_radosgw_key(),
                           auth=utils.config_get('auth-supported'))
    else:
        utils.juju_log('INFO',
                       'mon cluster not in quorum - deferring key provision')

    utils.juju_log('INFO', 'End radosgw-relation hook.')
コード例 #29
0
def ensure_ceph_storage(service, pool, rbd_img, sizemb, mount_point,
                        blk_device, fstype, system_services=[]):
    """
    To be called from the current cluster leader.
    Ensures given pool and RBD image exists, is mapped to a block device,
    and the device is formatted and mounted at the given mount_point.

    If formatting a device for the first time, data existing at mount_point
    will be migrated to the RBD device before being remounted.

    All services listed in system_services will be stopped prior to data
    migration and restarted when complete.
    """
    # Ensure pool, RBD image, RBD mappings are in place.
    if not pool_exists(service, pool):
        utils.juju_log('INFO', 'ceph: Creating new pool %s.' % pool)
        create_pool(service, pool)

    if not rbd_exists(service, pool, rbd_img):
        utils.juju_log('INFO', 'ceph: Creating RBD image (%s).' % rbd_img)
        create_rbd_image(service, pool, rbd_img, sizemb)

    if not image_mapped(rbd_img):
        utils.juju_log('INFO', 'ceph: Mapping RBD Image as a Block Device.')
        map_block_storage(service, pool, rbd_img)

    # make file system
    # TODO: What happens if for whatever reason this is run again and
    # the data is already in the rbd device and/or is mounted??
    # When it is mounted already, it will fail to make the fs
    # XXX: This is really sketchy!  Need to at least add an fstab entry
    #      otherwise this hook will blow away existing data if its executed
    #      after a reboot.
    if not filesystem_mounted(mount_point):
        make_filesystem(blk_device, fstype)

        for svc in system_services:
            if utils.running(svc):
                utils.juju_log('INFO',
                               'Stopping services %s prior to migrating '\
                               'data' % svc)
                utils.stop(svc)

        place_data_on_ceph(service, blk_device, mount_point, fstype)

        for svc in system_services:
            utils.start(svc)
コード例 #30
0
ファイル: hooks.py プロジェクト: scuttlemonkey/ceph-ec2
def mon_relation():
    utils.juju_log('INFO', 'Begin mon-relation hook.')
    emit_cephconf()

    moncount = int(utils.config_get('monitor-count'))
    if len(get_mon_hosts()) >= moncount:
        bootstrap_monitor_cluster()
        ceph.wait_for_bootstrap()
        ceph.rescan_osd_devices()
        notify_osds()
        notify_radosgws()
        notify_client()
    else:
        utils.juju_log('INFO',
                       'Not enough mons ({}), punting.'.format(
                            len(get_mon_hosts())))

    utils.juju_log('INFO', 'End mon-relation hook.')
コード例 #31
0
def modprobe_kernel_module(module):
    utils.juju_log('INFO', 'Loading kernel module')
    cmd = ['modprobe', module]
    execute(cmd)
    cmd = 'echo %s >> /etc/modules' % module
    execute_shell(cmd)
コード例 #32
0
def make_filesystem(blk_device, fstype='ext4'):
    utils.juju_log('INFO',
                   'ceph: Formatting block device %s as filesystem %s.' %\
                   (blk_device, fstype))
    cmd = ['mkfs', '-t', fstype, blk_device]
    execute(cmd)
コード例 #33
0
        etc_local_settings = "/etc/vsm-dashboard/local_settings"
        rsync(
            charm_dir() + '/files/local_settings.template',
            local_settings
        )
        subprocess.check_call(['sudo', 'sed', '-i',
                               's/^KEYSTONE_VSM_SERVICE_PASSWORD =*.*/KEYSTONE_VSM_SERVICE_PASSWORD = "******"/g' % keystone_vsm_service_password,
                               local_settings])
        subprocess.check_call(['sudo', 'sed', '-i', 's/^OPENSTACK_HOST =*.*/OPENSTACK_HOST = "%s"/g' % service_host,
                               local_settings])
        subprocess.check_call(['sudo', 'sed', '-i', 's/^OPENSTACK_KEYSTONE_DEFAULT_ROLE =*.*/OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"/g',
                               local_settings])
        subprocess.check_call(['sudo', 'rm', '-rf', etc_local_settings])
        subprocess.check_call(['sudo', 'ln', '-sf', local_settings, etc_local_settings])

        rsync(
            charm_dir() + '/scripts/https',
            '/tmp/https'
        )
        subprocess.check_call(['sudo', 'bash', '/tmp/https'])
        subprocess.check_call(['sudo', 'service', 'apache2', 'restart'])
        open_port('443')
        open_port('80')


if __name__ == '__main__':
    try:
        hooks.execute(sys.argv)
    except UnregisteredHookError as e:
        utils.juju_log('warn', 'Unknown hook {} - skipping.'.format(e))
コード例 #34
0
ファイル: hooks.py プロジェクト: Scott1989/ceph-radosgw
def apache_modules():
    utils.juju_log('INFO', 'Begin apache_sites.')
    subprocess.check_call(['a2enmod', 'fastcgi'])
    subprocess.check_call(['a2enmod', 'rewrite'])
    utils.juju_log('INFO', 'End apache_sites.')
コード例 #35
0
ファイル: hooks.py プロジェクト: CiscoSystems/ceph-radosgw
def apache_sites():
    utils.juju_log('INFO', 'Begin apache_sites.')
    subprocess.check_call(['a2dissite', 'default'])
    subprocess.check_call(['a2ensite', 'rgw'])
    utils.juju_log('INFO', 'End apache_sites.')
コード例 #36
0
        juju_log("**********hostname is %s" % hostname)
        juju_log("**********hostaddress is %s" % hostaddress)
        with open('/etc/hosts', 'a') as hosts:
            hosts.write('%s  %s' % (hostaddress, hostname) + '\n')

        token_tenant = rel_settings.get('token_tenant')
        juju_log("**********token_tenant is %s" % token_tenant)
        rsync(
            charm_dir() + '/files/server.manifest',
            '/etc/manifest/server.manifest'
        )
        c_hostaddress = rel_settings.get('hostaddress')
        juju_log("**********controller_hostaddress is %s" % c_hostaddress)
        subprocess.check_call(['sudo', 'sed', '-i', 's/^controller_ip/%s/g' % c_hostaddress,
                               '/etc/manifest/server.manifest'])
        subprocess.check_call(['sudo', 'sed', '-i', 's/token-tenant/%s/g' % token_tenant,
                               '/etc/manifest/server.manifest'])
        subprocess.check_call(['sudo', 'service', 'vsm-agent', 'stop'])
        subprocess.check_call(['sudo', 'service', 'vsm-agent', 'start'])
        subprocess.check_call(['sudo', 'service', 'vsm-physical', 'stop'])
        subprocess.check_call(['sudo', 'service', 'vsm-physical', 'start'])
        juju_log("**********start vsm-agent")
        juju_log("**********start vsm-physical")


if __name__ == '__main__':
    try:
        hooks.execute(sys.argv)
    except UnregisteredHookError as e:
        utils.juju_log('warn', 'Unknown hook {} - skipping.'.format(e))
コード例 #37
0
ファイル: hooks.py プロジェクト: Scott1989/ceph-radosgw
def upgrade_charm():
    utils.juju_log('INFO', 'Begin upgrade-charm hook.')
    utils.juju_log('INFO', 'End upgrade-charm hook.')
コード例 #38
0
ファイル: hooks.py プロジェクト: Scott1989/ceph-radosgw
def gateway_relation():
    utils.juju_log('INFO', 'Begin gateway-relation hook.')
    utils.relation_set(hostname=utils.unit_get('private-address'), port=80)
    utils.juju_log('INFO', 'Begin gateway-relation hook.')
コード例 #39
0
def enable_https(port_maps, namespace, cert, key, ca_cert=None):
    '''
    For a given number of port mappings, configures apache2
    HTTPs local reverse proxying using certficates and keys provided in
    either configuration data (preferred) or relation data.  Assumes ports
    are not in use (calling charm should ensure that).

    port_maps: dict: external to internal port mappings
    namespace: str: name of charm
    '''
    def _write_if_changed(path, new_content):
        content = None
        if os.path.exists(path):
            with open(path, 'r') as f:
                content = f.read().strip()
        if content != new_content:
            with open(path, 'w') as f:
                f.write(new_content)
            return True
        else:
            return False

    juju_log('INFO', "Enabling HTTPS for port mappings: {}".format(port_maps))
    http_restart = False

    if cert:
        cert = b64decode(cert)
    if key:
        key = b64decode(key)
    if ca_cert:
        ca_cert = b64decode(ca_cert)

    if not cert and not key:
        juju_log('ERROR',
                 "Expected but could not find SSL certificate data, not "
                 "configuring HTTPS!")
        return False

    install('apache2')
    if RELOAD_CHECK in subprocess.check_output(['a2enmod', 'ssl',
                                                'proxy', 'proxy_http']):
        http_restart = True

    ssl_dir = os.path.join('/etc/apache2/ssl', namespace)
    if not os.path.exists(ssl_dir):
        os.makedirs(ssl_dir)

    if (_write_if_changed(os.path.join(ssl_dir, 'cert'), cert)):
        http_restart = True
    if (_write_if_changed(os.path.join(ssl_dir, 'key'), key)):
        http_restart = True
    os.chmod(os.path.join(ssl_dir, 'key'), 0600)

    install_ca_cert(ca_cert)

    sites_dir = '/etc/apache2/sites-available'
    for ext_port, int_port in port_maps.items():
        juju_log('INFO',
                 'Creating apache2 reverse proxy vhost'
                 ' for {}:{}'.format(ext_port,
                                     int_port))
        site = "{}_{}".format(namespace, ext_port)
        site_path = os.path.join(sites_dir, site)
        with open(site_path, 'w') as fsite:
            context = {
                "ext": ext_port,
                "int": int_port,
                "namespace": namespace,
                "private_address": get_host_ip()
                }
            fsite.write(render_template(SITE_TEMPLATE,
                                        context))

        if RELOAD_CHECK in subprocess.check_output(['a2ensite', site]):
            http_restart = True

    if http_restart:
        restart('apache2')

    return True
コード例 #40
0
ファイル: hooks.py プロジェクト: CiscoSystems/ceph-radosgw
def apache_modules():
    utils.juju_log('INFO', 'Begin apache_sites.')
    subprocess.check_call(['a2enmod', 'fastcgi'])
    subprocess.check_call(['a2enmod', 'rewrite'])
    utils.juju_log('INFO', 'End apache_sites.')
コード例 #41
0
ファイル: hooks.py プロジェクト: Scott1989/ceph-radosgw
def apache_sites():
    utils.juju_log('INFO', 'Begin apache_sites.')
    subprocess.check_call(['a2dissite', 'default'])
    subprocess.check_call(['a2ensite', 'rgw'])
    utils.juju_log('INFO', 'End apache_sites.')