def install(): status_set('maintenance', 'Executing pre-install') execd_preinstall() configure_installation_source(config('openstack-origin')) status_set('maintenance', 'Installing apt packages') apt_update() apt_install(determine_packages(), fatal=True) if snap_install_requested(): status_set('maintenance', 'Installing keystone snap') # NOTE(thedac) Setting devmode until LP#1719636 is fixed install_os_snaps( get_snaps_install_info_from_origin(['keystone'], config('openstack-origin'), mode='devmode')) post_snap_install() service_stop('snap.keystone.*') else: # unconfigured keystone service will prevent start of haproxy in some # circumstances. make sure haproxy runs. LP #1648396 service_stop('keystone') service_start('haproxy') if run_in_apache(): disable_unused_apache_sites() service_pause('keystone') # call the policy overrides handler which will install any policy overrides maybe_do_policyd_overrides( os_release('keystone'), 'keystone', restart_handler=lambda: service_restart('apache2'))
def install(): status_set('maintenance', 'Executing pre-install') execd_preinstall() openstack_origin = config('openstack-origin') configure_installation_source(openstack_origin) neutron_plugin = config('neutron-plugin') additional_install_locations(neutron_plugin, openstack_origin) add_source(config('extra-source'), config('extra-key')) status_set('maintenance', 'Installing apt packages') apt_update(fatal=True) packages = determine_packages(openstack_origin) apt_install(packages, fatal=True) for port in determine_ports(): open_port(port) if neutron_plugin == 'midonet': mkdir('/etc/neutron/plugins/midonet', owner='neutron', group='neutron', perms=0o755, force=False) # call the policy overrides handler which will install any policy overrides maybe_do_policyd_overrides( os_release('neutron-server'), 'neutron', restart_handler=lambda: service_restart('neutron-server'))
def upgrade_charm(): common_upgrade_charm_and_config_changed() # call the policy overrides handler which will install any policy overrides maybe_do_policyd_overrides( os_release('neutron-server'), 'neutron', restart_handler=lambda: service_restart('neutron-server'))
def upgrade_charm(): rel = openstack.get_os_codename_install_source(config('openstack-origin')) pkgs = determine_packages(rel) new_packages = filter_installed_packages(pkgs) if new_packages: apt_install(new_packages) update_rsync_acls() # call the policy overrides handler which will install any policy overrides policyd.maybe_do_policyd_overrides(openstack.os_release('swift-proxy'), 'swift')
def config_changed(self): """Note that this is usually a nop, and is only called from the default handler. Please check that the charm implementation actually uses it. """ try: super().config_changed() except Exception: pass args, kwargs = self._policyd_function_args() if 'config_changed' not in kwargs.keys(): kwargs['config_changed'] = True ch_policyd.maybe_do_policyd_overrides(*args, **kwargs)
def config_changed(): if is_elected_leader(SWIFT_HA_RES): log("Leader established, generating ring builders", level=INFO) # initialize new storage rings. for ring, path in SWIFT_RINGS.items(): if not os.path.exists(path): initialize_ring(path, config('partition-power'), determine_replicas(ring), config('min-hours')) if config('prefer-ipv6'): status_set('maintenance', 'Configuring ipv6') setup_ipv6() configure_https() open_port(config('bind-port')) update_nrpe_config() # Determine whether or not we should do an upgrade. if not config('action-managed-upgrade') and \ openstack.openstack_upgrade_available('swift'): do_openstack_upgrade(CONFIGS) status_set('maintenance', 'Running openstack upgrade') if not leader_get('swift-proxy-rings-consumer'): status_set('maintenance', 'Updating and (maybe) balancing rings') update_rings(min_part_hours=config('min-hours'), replicas=config('replicas')) if not config('disable-ring-balance') and is_elected_leader(SWIFT_HA_RES): # Try ring balance. If rings are balanced, no sync will occur. balance_rings() for r_id in relation_ids('identity-service'): keystone_joined(relid=r_id) for r_id in relation_ids('cluster'): cluster_joined(relation_id=r_id) for r_id in relation_ids('object-store'): object_store_joined(relation_id=r_id) for r_id in relation_ids('amqp'): amqp_joined(relation_id=r_id) for r_id in relation_ids('ha'): ha_relation_joined(relation_id=r_id) try_initialize_swauth() # call the policy overrides handler which will install any policy overrides policyd.maybe_do_policyd_overrides(openstack.os_release('swift-proxy'), 'swift')
def upgrade_charm(): packages_to_install = filter_installed_packages(determine_packages()) if packages_to_install: log('Installing apt packages') status_set('maintenance', 'Installing apt packages') apt_install(packages_to_install) packages_removed = remove_old_packages() if run_in_apache(): disable_unused_apache_sites() log('Regenerating configuration files') status_set('maintenance', 'Regenerating configuration files') CONFIGS.write_all() # We no longer use the admin_token and need to ensure the charm has # credentials. This call is idempotent and safe to run on existing # deployments. if is_leader(): bootstrap_keystone(configs=CONFIGS) # See LP bug 1519035 leader_init_db_if_ready() update_nrpe_config() if packages_removed: status_set('maintenance', 'Restarting services') log("Package purge detected, restarting services", "INFO") for s in services(): service_restart(s) stop_manager_instance() if is_elected_leader(CLUSTER_RES): log( 'Cluster leader - ensuring endpoint configuration is up to ' 'date', level=DEBUG) update_all_identity_relation_units() # also ensure that the PCI-DSS protection is in place for service # accounts. ensure_all_service_accounts_protected_for_pci_dss_options() # call the policy overrides handler which will install any policy overrides maybe_do_policyd_overrides( os_release('keystone'), 'keystone', restart_handler=lambda: service_restart('apache2')) inform_peers_if_ready(check_api_unit_ready)
def upgrade_charm(): apt_install(filter_installed_packages(determine_packages()), fatal=True) packages_removed = remove_old_packages() for rel_id in relation_ids('amqp'): amqp_joined(relation_id=rel_id) update_nrpe_config() scrub_old_style_ceph() if packages_removed: juju_log("Package purge detected, restarting services") for s in services(): service_restart(s) # call the policy overrides handler which will install any policy overrides maybe_do_policyd_overrides( os_release('cinder-common'), 'cinder', restart_handler=lambda: service_restart('cinder-api'))
def test_maybe_do_policyd_overrides( self, mock_log, mock_config, mock_isfile, mock__policy_success_file, mock_is_policyd_override_valid_on_this_release, mock_get_policy_resource_filename, mock_process_policy_resource_file, mock_remove_policy_success_file, mock_clean_policyd_dir_for, ): mock_isfile.return_value = False mock__policy_success_file.return_value = "s-return" # test success condition mock_config.return_value = {policyd.POLICYD_CONFIG_NAME: True} mock_is_policyd_override_valid_on_this_release.return_value = True mock_get_policy_resource_filename.return_value = "resource.zip" mock_process_policy_resource_file.return_value = True mod_fn = mock.Mock() restart_handler = mock.Mock() policyd.maybe_do_policyd_overrides("arelease", "aservice", ["a"], ["b"], mod_fn, restart_handler) mock_is_policyd_override_valid_on_this_release.assert_called_once_with( "arelease") mock_get_policy_resource_filename.assert_called_once_with() mock_process_policy_resource_file.assert_called_once_with( "resource.zip", "aservice", ["a"], ["b"], mod_fn) restart_handler.assert_called_once_with() # test process_policy_resource_file is not called if not valid on the # release. mock_process_policy_resource_file.reset_mock() restart_handler.reset_mock() mock_is_policyd_override_valid_on_this_release.return_value = False policyd.maybe_do_policyd_overrides("arelease", "aservice", ["a"], ["b"], mod_fn, restart_handler) mock_process_policy_resource_file.assert_not_called() restart_handler.assert_not_called() # test restart_handler is not called if not needed. mock_is_policyd_override_valid_on_this_release.return_value = True mock_process_policy_resource_file.return_value = False policyd.maybe_do_policyd_overrides("arelease", "aservice", ["a"], ["b"], mod_fn, restart_handler) mock_process_policy_resource_file.assert_called_once_with( "resource.zip", "aservice", ["a"], ["b"], mod_fn) restart_handler.assert_not_called() # test that directory gets cleaned if the config is not set mock_config.return_value = {policyd.POLICYD_CONFIG_NAME: False} mock_process_policy_resource_file.reset_mock() policyd.maybe_do_policyd_overrides("arelease", "aservice", ["a"], ["b"], mod_fn, restart_handler) mock_process_policy_resource_file.assert_not_called() mock_remove_policy_success_file.assert_called_once_with() mock_clean_policyd_dir_for.assert_called_once_with("aservice", ["a"], user='******', group='aservice')
def install(): status_set('maintenance', 'Executing pre-install') execd_preinstall() src = config('openstack-origin') if src != 'distro': openstack.configure_installation_source(src) status_set('maintenance', 'Installing apt packages') apt_update(fatal=True) rel = openstack.get_os_codename_install_source(src) pkgs = determine_packages(rel) apt_install(pkgs, fatal=True) apt_install(extra_pkgs, fatal=True) ensure_swift_dir() # configure a directory on webserver for distributing rings. ensure_www_dir_permissions(get_www_dir()) # call the policy overrides handler which will install any policy overrides policyd.maybe_do_policyd_overrides(openstack.os_release('swift-proxy'), 'swift')
def install(): status_set('maintenance', 'Executing pre-install') execd_preinstall() conf = config() src = conf['openstack-origin'] if (lsb_release()['DISTRIB_CODENAME'] == 'precise' and src == 'distro'): src = 'cloud:precise-folsom' configure_installation_source(src) status_set('maintenance', 'Installing apt packages') apt_update() apt_install(determine_packages(), fatal=True) if run_in_apache(): disable_package_apache_site() # call the policy overrides handler which will install any policy overrides maybe_do_policyd_overrides( os_release('cinder-common'), 'cinder', restart_handler=lambda: service_restart('cinder-api'))
def upgrade_charm(): packages_to_install = filter_installed_packages(determine_packages()) if packages_to_install: log('Installing apt packages') status_set('maintenance', 'Installing apt packages') apt_install(packages_to_install) packages_removed = remove_old_packages() if run_in_apache(): disable_unused_apache_sites() log('Regenerating configuration files') status_set('maintenance', 'Regenerating configuration files') CONFIGS.write_all() # See LP bug 1519035 leader_init_db_if_ready() update_nrpe_config() if packages_removed: status_set('maintenance', 'Restarting services') log("Package purge detected, restarting services", "INFO") for s in services(): service_restart(s) stop_manager_instance() if is_elected_leader(CLUSTER_RES): log( 'Cluster leader - ensuring endpoint configuration is up to ' 'date', level=DEBUG) update_all_identity_relation_units() # call the policy overrides handler which will install any policy overrides maybe_do_policyd_overrides(os_release('keystone'), 'keystone')
def _maybe_policyd_overrides(self): args, kwargs = self._policyd_function_args() ch_policyd.maybe_do_policyd_overrides(*args, **kwargs)