def config_changed(): # Determine whether vaultlocker is required and install if use_vaultlocker(): installed = len(filter_installed_packages(['vaultlocker'])) == 0 if not installed: apt_install('vaultlocker', fatal=True) # Check if an upgrade was requested check_for_upgrade() # Pre-flight checks if config('osd-format') not in ceph.DISK_FORMATS: log('Invalid OSD disk format configuration specified', level=ERROR) sys.exit(1) if config('prefer-ipv6'): assert_charm_supports_ipv6() sysctl_dict = config('sysctl') if sysctl_dict: create_sysctl(sysctl_dict, '/etc/sysctl.d/50-ceph-osd-charm.conf') e_mountpoint = config('ephemeral-unmount') if e_mountpoint and ceph.filesystem_mounted(e_mountpoint): umount(e_mountpoint) prepare_disks_and_activate() install_apparmor_profile() add_to_updatedb_prunepath(STORAGE_MOUNT_PATH)
def validate_nfs(): """ Validate the nfs mount device """ usr = config('tvault-datamover-ext-usr') grp = config('tvault-datamover-ext-group') data_dir = config('tv-data-dir') device = config('nfs-shares') nfs_options = config('nfs-options') # install nfs-common package if not filter_missing_packages(['nfs-common']): log("'nfs-common' package not found, installing the package...") apt_install(['nfs-common'], fatal=True) if not device: log("NFS mount device can not be empty." "Check 'nfs-shares' value in config") return False # Ensure mount directory exists mkdir(data_dir, owner=usr, group=grp, perms=501, force=True) # check for mountable device if not mount(device, data_dir, options=nfs_options, filesystem='nfs'): log("Unable to mount, please enter valid mount device") return False log("Device mounted successfully") umount(data_dir) log("Device unmounted successfully") return True
def validate_nfs(): """ Validate the nfs mount device """ usr = config('tvault-datamover-ext-usr') grp = config('tvault-datamover-ext-group') data_dir = config('tv-data-dir') device = config('nfs-shares') if not device: log("NFS mount device can not be empty." "Check 'nfs-shares' value in config") return False # Ensure mount directory exists mkdir(data_dir, owner=usr, group=grp, perms=501, force=True) # check for mountable device if not mount(device, data_dir, filesystem='nfs'): log("Unable to mount, please enter valid mount device") return False log("Device mounted successfully") umount(data_dir) log("Device unmounted successfully") return True
def write_fstab(self): for (mnt, dev) in host.mounts(): if self.sftp_dir in mnt: host.umount(mnt, persist=True) for entry in self.parse_config(): host.mount( entry["src"], "{}/{}/{}".format(self.sftp_dir, entry["user"], entry["name"]), "bind,_netdev,x-systemd.requires={}".format(self.sftp_dir), persist=True, filesystem="none", ) if self.charm_config["sftp-chown-mnt"]: try: shutil.chown( "{}/{}/{}".format(self.sftp_dir, entry["user"], entry["name"]), user=entry["user"], group=entry["user"], ) except Exception as e: hookenv.log("Chown failed: {}".format(e), level=hookenv.WARNING) else: try: shutil.chown( "{}/{}/{}".format(self.sftp_dir, entry["user"], entry["name"]), user="******", group="sftp", ) except Exception as e: hookenv.log("Chown failed: {}".format(e), level=hookenv.WARNING)
def config_changed(): # if we are paused, delay doing any config changed hooks. # It is forced on the resume. if is_unit_paused_set(): log("Unit is pause or upgrading. Skipping config_changed", "WARN") return conf = config() if conf['prefer-ipv6']: status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) e_mountpoint = config('ephemeral-unmount') if e_mountpoint and filesystem_mounted(e_mountpoint): umount(e_mountpoint) # configure block devices either local or from juju storage _configure_block_devices() if not config('action-managed-upgrade'): if openstack_upgrade_available('cinder-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(configs=CONFIGS) # NOTE(jamespage) tell any storage-backends we just upgraded for rid in relation_ids('storage-backend'): relation_set(relation_id=rid, upgrade_nonce=uuid.uuid4()) # NOTE(hopem) tell any backup-backends we just upgraded for rid in relation_ids('backup-backend'): relation_set(relation_id=rid, upgrade_nonce=uuid.uuid4()) # overwrite config is not in conf file. so We can't use restart_on_change if config_value_changed('overwrite') and not is_unit_paused_set(): service_restart('cinder-volume') CONFIGS.write_all() configure_https() update_nrpe_config() open_port(config('api-listening-port')) for rid in relation_ids('cluster'): cluster_joined(relation_id=rid) for r_id in relation_ids('ha'): ha_joined(relation_id=r_id) # NOTE(jamespage): # ensure any new volume endpoints are created. Note that this # is normally done after an openstack series upgrade, but this # was not performed historically so always execute to ensure # any upgrades where this step was missed are fixed. for rid in relation_ids('identity-service'): identity_joined(rid=rid) # call the policy overrides handler which will install any policy overrides maybe_do_policyd_overrides_on_config_changed( os_release('cinder-common'), 'cinder', restart_handler=lambda: service_restart('cinder-api'))
def _del_hp_fstab_mount(pagesize): log("Remove {} mountpoint from fstab".format(pagesize)) mnt_point = '/dev/hugepages{}'.format(pagesize) lfstab = fstab.Fstab() fstab_entry = lfstab.get_entry_by_attr('mountpoint', mnt_point) if fstab_entry: umount(mnt_point) lfstab.remove_entry(fstab_entry)
def config_changed(): conf = config() if conf['prefer-ipv6']: status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) e_mountpoint = config('ephemeral-unmount') if e_mountpoint and filesystem_mounted(e_mountpoint): umount(e_mountpoint) if (service_enabled('volume') and conf['block-device'] not in [None, 'None', 'none']): status_set('maintenance', 'Configuring lvm storage') block_devices = conf['block-device'].split() configure_lvm_storage(block_devices, conf['volume-group'], conf['overwrite'] in ['true', 'True', True], conf['remove-missing'], conf['remove-missing-force']) if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('cinder-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(configs=CONFIGS) # NOTE(jamespage) tell any storage-backends we just upgraded for rid in relation_ids('storage-backend'): relation_set(relation_id=rid, upgrade_nonce=uuid.uuid4()) # NOTE(hopem) tell any backup-backends we just upgraded for rid in relation_ids('backup-backend'): relation_set(relation_id=rid, upgrade_nonce=uuid.uuid4()) # overwrite config is not in conf file. so We can't use restart_on_change if config_value_changed('overwrite') and not is_unit_paused_set(): service_restart('cinder-volume') CONFIGS.write_all() configure_https() update_nrpe_config() open_port(config('api-listening-port')) for rid in relation_ids('cluster'): cluster_joined(relation_id=rid) for r_id in relation_ids('ha'): ha_joined(relation_id=r_id)
def update_nfs(): rhost = relation_get('private-address') mpath = relation_get('mountpath') if len(mpath): umount('/mnt/plex/') fstab_remove('/mnt/plex') fstab_add( '{}:{}'.format(rhost, mpath), '/mnt/plex', 'nfs rw' ) mount()
def test_umounts_and_persist_device(self, log, check_output): mountpoint = '/mnt/guido' result = host.umount(mountpoint) self.assertTrue(result) check_output.assert_called_with(['umount', '/mnt/guido'])
def config_changed(): # Pre-flight checks if config('osd-format') not in ceph.DISK_FORMATS: log('Invalid OSD disk format configuration specified', level=ERROR) sys.exit(1) if config('prefer-ipv6'): assert_charm_supports_ipv6() sysctl_dict = config('sysctl') if sysctl_dict: create_sysctl(sysctl_dict, '/etc/sysctl.d/50-ceph-osd-charm.conf') e_mountpoint = config('ephemeral-unmount') if (e_mountpoint and ceph.filesystem_mounted(e_mountpoint)): umount(e_mountpoint) prepare_disks_and_activate()
def test_umounts_a_device(self, log, check_output, fstab): mountpoint = '/mnt/guido' result = host.umount(mountpoint, persist=True) self.assertTrue(result) check_output.assert_called_with(['umount', mountpoint]) fstab.remove_by_mountpoint_called_with(mountpoint)
def place_data_on_block_device(blk_device, data_src_dst): """Migrate data in data_src_dst to blk_device and then remount.""" # mount block device into /mnt mount(blk_device, '/mnt') # copy data to /mnt copy_files(data_src_dst, '/mnt') # umount block device umount('/mnt') # Grab user/group ID's from original source _dir = os.stat(data_src_dst) uid = _dir.st_uid gid = _dir.st_gid # re-mount where the data should originally be # TODO: persist is currently a NO-OP in core.host mount(blk_device, data_src_dst, persist=True) # ensure original ownership of new mount. os.chown(data_src_dst, uid, gid)
def place_data_on_block_device(blk_device, data_src_dst): ''' Migrate data in data_src_dst to blk_device and then remount ''' # mount block device into /mnt mount(blk_device, '/mnt') # copy data to /mnt copy_files(data_src_dst, '/mnt') # umount block device umount('/mnt') # Grab user/group ID's from original source _dir = os.stat(data_src_dst) uid = _dir.st_uid gid = _dir.st_gid # re-mount where the data should originally be # TODO: persist is currently a NO-OP in core.host mount(blk_device, data_src_dst, persist=True) # ensure original ownership of new mount. os.chown(data_src_dst, uid, gid)
def reconfig_charm(): bkp_type = config('backup-target-type') retry_count = 0 # Stop the service service_stop('tvault-contego') if bkp_type == 's3': service_stop('tvault-object-store') # Get the mount points and un-mount tvault's mount points. mount_points = mounts() sorted_list = [mp[0] for mp in mount_points if config('tv-data-dir') in mp[0]] # stopping the tvault-object-store service may take time while service_running('tvault-object-store') and retry_count < 3: log('Waiting for tvault-object-store service to stop') retry_count += 1 time.sleep(5) for sl in sorted_list: umount(sl) # Valildate backup target if not validate_backup(): log("Failed while validating backup") status_set( 'blocked', 'Invalid Backup target info, please provide valid info') return if not create_conf(): log("Failed while creating conf files") status_set('blocked', 'Failed while creating conf files') return # Re-start the object-store service if bkp_type == 's3': service_restart('tvault-object-store') # Re-start the datamover service service_restart('tvault-contego') # Reconfig successful status_set('active', 'Ready...')
def config_changed(): if config('prefer-ipv6'): assert_charm_supports_ipv6() log('Monitor hosts are ' + repr(get_mon_hosts())) # Pre-flight checks if not config('fsid'): log('No fsid supplied, cannot proceed.', level=ERROR) sys.exit(1) if not config('monitor-secret'): log('No monitor-secret supplied, cannot proceed.', level=ERROR) sys.exit(1) if config('osd-format') not in ceph.DISK_FORMATS: log('Invalid OSD disk format configuration specified', level=ERROR) sys.exit(1) sysctl_dict = config('sysctl') if sysctl_dict: create_sysctl(sysctl_dict, '/etc/sysctl.d/50-ceph-charm.conf') emit_cephconf() e_mountpoint = config('ephemeral-unmount') if e_mountpoint and ceph.filesystem_mounted(e_mountpoint): umount(e_mountpoint) osd_journal = get_osd_journal() if (osd_journal and not os.path.exists(JOURNAL_ZAPPED) and os.path.exists(osd_journal)): ceph.zap_disk(osd_journal) with open(JOURNAL_ZAPPED, 'w') as zapped: zapped.write('DONE') # Support use of single node ceph if (not ceph.is_bootstrapped() and int(config('monitor-count')) == 1): status_set('maintenance', 'Bootstrapping single Ceph MON') ceph.bootstrap_monitor_cluster(config('monitor-secret')) ceph.wait_for_bootstrap() storage_changed() if relations_of_type('nrpe-external-master'): update_nrpe_config()
def uninstall_plugin(): """ Uninstall TrilioVault DataMover packages """ retry_count = 0 bkp_type = config('backup-target-type') try: path = config('tvault-datamover-virtenv') service_stop('tvault-contego') os.system('sudo systemctl disable tvault-contego') os.system('rm -rf /etc/systemd/system/tvault-contego.service') if bkp_type == 's3': service_stop('tvault-object-store') os.system('systemctl disable tvault-object-store') os.system('rm -rf /etc/systemd/system/tvault-object-store.service') os.system('sudo systemctl daemon-reload') os.system('rm -rf {}'.format(path)) os.system('rm -rf /etc/logrotate.d/tvault-contego') os.system('rm -rf {}'.format(config('tv-datamover-conf'))) os.system('rm -rf /var/log/nova/tvault-contego.log') # Get the mount points and un-mount tvault's mount points. mount_points = mounts() sorted_list = [ mp[0] for mp in mount_points if config('tv-data-dir') in mp[0] ] # stopping the tvault-object-store service may take time while service_running('tvault-object-store') and retry_count < 3: log('Waiting for tvault-object-store service to stop') retry_count += 1 time.sleep(5) for sl in sorted_list: umount(sl) # Uninstall tvault-contego package apt_purge(['tvault-contego']) log("TrilioVault Datamover package uninstalled successfully") return True except Exception as e: # package uninstallation failed log("TrilioVault Datamover package un-installation failed:" " {}".format(e)) return False
def test_doesnt_umount_on_error(self, log, check_output): mountpoint = '/mnt/guido' error = subprocess.CalledProcessError(123, 'mount it', 'Oops...') check_output.side_effect = error result = host.umount(mountpoint) self.assertFalse(result) check_output.assert_called_with(['umount', '/mnt/guido'])
def clean_storage(block_device): '''Ensures a block device is clean. That is: - unmounted - any lvm volume groups are deactivated - any lvm physical device signatures removed - partition table wiped :param block_device: str: Full path to block device to clean. ''' for mp, d in mounts(): if d == block_device: juju_log('clean_storage(): Found %s mounted @ %s, unmounting.' % (d, mp)) umount(mp, persist=True) if is_lvm_physical_volume(block_device): deactivate_lvm_volume_group(block_device) remove_lvm_physical_volume(block_device) zap_disk(block_device)
def clean_storage(block_device): '''Ensures a block device is clean. That is: - unmounted - any lvm volume groups are deactivated - any lvm physical device signatures removed - partition table wiped :param block_device: str: Full path to block device to clean. ''' for mp, d in mounts(): if d == block_device: log('clean_storage(): Found %s mounted @ %s, unmounting.' % (d, mp)) umount(mp, persist=True) if is_lvm_physical_volume(block_device): deactivate_lvm_volume_group(block_device) remove_lvm_physical_volume(block_device) zap_disk(block_device)
def config_changed(): log('Begin config-changed hook.') log('Monitor hosts are ' + repr(get_mon_hosts())) # Pre-flight checks if not config('fsid'): log('No fsid supplied, cannot proceed.', level=ERROR) sys.exit(1) if not config('monitor-secret'): log('No monitor-secret supplied, cannot proceed.', level=ERROR) sys.exit(1) if config('osd-format') not in ceph.DISK_FORMATS: log('Invalid OSD disk format configuration specified', level=ERROR) sys.exit(1) emit_cephconf() e_mountpoint = config('ephemeral-unmount') if e_mountpoint and ceph.filesystem_mounted(e_mountpoint): umount(e_mountpoint) osd_journal = config('osd-journal') if (osd_journal and not os.path.exists(JOURNAL_ZAPPED) and os.path.exists(osd_journal)): ceph.zap_disk(osd_journal) with open(JOURNAL_ZAPPED, 'w') as zapped: zapped.write('DONE') # Support use of single node ceph if (not ceph.is_bootstrapped() and int(config('monitor-count')) == 1): ceph.bootstrap_monitor_cluster(config('monitor-secret')) ceph.wait_for_bootstrap() if ceph.is_bootstrapped(): for dev in get_devices(): ceph.osdize(dev, config('osd-format'), config('osd-journal'), reformat_osd()) ceph.start_osds(get_devices()) log('End config-changed hook.')
def config_changed(): # Check if an upgrade was requested check_for_upgrade() # Pre-flight checks if config('osd-format') not in ceph.DISK_FORMATS: log('Invalid OSD disk format configuration specified', level=ERROR) sys.exit(1) if config('prefer-ipv6'): assert_charm_supports_ipv6() sysctl_dict = config('sysctl') if sysctl_dict: create_sysctl(sysctl_dict, '/etc/sysctl.d/50-ceph-osd-charm.conf') e_mountpoint = config('ephemeral-unmount') if e_mountpoint and ceph.filesystem_mounted(e_mountpoint): umount(e_mountpoint) prepare_disks_and_activate() install_apparmor_profile() add_to_updatedb_prunepath(STORAGE_MOUNT_PATH)
def uninstall_plugin(): """ Uninstall TrilioVault DataMover packages """ retry_count = 0 try: path = TVAULT_VIRTENV_PATH service_stop('tvault-contego') subprocess.check_call( ['sudo', 'systemctl', 'disable', 'tvault-contego']) os.remove('/etc/systemd/system/tvault-contego.service') subprocess.check_call('sudo systemctl daemon-reload') shutil.rmtree(path) os.remove('/etc/logrotate.d/tvault-contego') os.remove(DATAMOVER_CONF) os.remove('/var/log/nova/tvault-contego.log') # Get the mount points and un-mount tvault's mount points. mount_points = mounts() sorted_list = [mp[0] for mp in mount_points if TV_DATA_DIR in mp[0]] # stopping the tvault-object-store service may take time while service_running('tvault-object-store') and retry_count < 3: log('Waiting for tvault-object-store service to stop') retry_count += 1 time.sleep(5) for sl in sorted_list: umount(sl) # Uninstall tvault-contego package apt_purge(['tvault-contego']) log("TrilioVault Datamover package uninstalled successfully") return True except Exception as e: # package uninstallation failed log("TrilioVault Datamover package un-installation failed:" " {}".format(e)) return False
def place_data_on_ceph(service, blk_device, data_src_dst, fstype='ext4'): # mount block device into /mnt mount(blk_device, '/mnt') # copy data to /mnt try: copy_files(data_src_dst, '/mnt') except: pass # umount block device umount('/mnt') _dir = os.stat(data_src_dst) uid = _dir.st_uid gid = _dir.st_gid # re-mount where the data should originally be mount(blk_device, data_src_dst, persist=True) # ensure original ownership of new mount. cmd = ['chown', '-R', '%s:%s' % (uid, gid), data_src_dst] check_call(cmd)
def config_changed(): if config('enable-firewall'): initialize_ufw() else: ufw.disable() if config('ephemeral-unmount'): umount(config('ephemeral-unmount'), persist=True) if config('prefer-ipv6'): status_set('maintenance', 'Configuring ipv6') assert_charm_supports_ipv6() ensure_swift_directories() setup_rsync() if not config('action-managed-upgrade') and \ openstack_upgrade_available('swift'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(configs=CONFIGS) install_vaultlocker() configure_storage() CONFIGS.write_all() save_script_rc() if relations_of_type('nrpe-external-master'): update_nrpe_config() sysctl_dict = config('sysctl') if sysctl_dict: create_sysctl(sysctl_dict, '/etc/sysctl.d/50-swift-storage-charm.conf') add_to_updatedb_prunepath(STORAGE_MOUNT_PATH)
def validate_nfs(): """ Validate the nfs mount device """ usr = DM_EXT_USR grp = DM_EXT_GRP data_dir = TV_DATA_DIR device = config('nfs-shares') # install nfs-common package if not filter_missing_packages(['nfs-common']): log("'nfs-common' package not found, installing the package...") apt_install(['nfs-common'], fatal=True) if not device: log("NFS shares can not be empty." "Check 'nfs-shares' value in config") status_set( 'blocked', 'No valid nfs-shares configuration found, please recheck') return False # Ensure mount directory exists mkdir(data_dir, owner=usr, group=grp, perms=501, force=True) # check for mountable device if not mount(device, data_dir, filesystem='nfs'): log("Unable to mount, please enter valid mount device") status_set( 'blocked', 'Failed while validating NFS mount, please recheck configuration') return False log("Device mounted successfully") umount(data_dir) log("Device unmounted successfully") return True
def ephemeral_unmount() -> Result: """ Unmount amazon ephemeral mount points. :return: Result with Ok or Err depending on the outcome of unmount. """ mountpoint = config("ephemeral_unmount") if mountpoint is None: return Ok(()) # Remove the entry from the fstab if it's set fstab = FsTab(os.path.join(os.sep, "etc", "fstab")) log("Removing ephemeral mount from fstab") fstab.remove_entry(mountpoint) if filesystem_mounted(mountpoint): result = umount(mountpoint=mountpoint) if not result: return Err("unmount of {} failed".format(mountpoint)) # Unmounted Ok return Ok(()) # Not mounted return Ok(())
def unmount_volume(config): if os.path.ismount(config['mountpoint']): if not host.umount(config['mountpoint'], persist=True): raise VolumeConfigurationError()
def config_changed(): # if we are paused, delay doing any config changed hooks. # It is forced on the resume. if is_unit_paused_set(): log("Unit is pause or upgrading. Skipping config_changed", "WARN") return conf = config() if conf['prefer-ipv6']: status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) e_mountpoint = config('ephemeral-unmount') if e_mountpoint and filesystem_mounted(e_mountpoint): umount(e_mountpoint) if (service_enabled('volume') and conf['block-device'] not in [None, 'None', 'none']): status_set('maintenance', 'Configuring lvm storage') block_devices = conf['block-device'].split() configure_lvm_storage(block_devices, conf['volume-group'], conf['overwrite'] in ['true', 'True', True], conf['remove-missing'], conf['remove-missing-force']) if not config('action-managed-upgrade'): if openstack_upgrade_available('cinder-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(configs=CONFIGS) # NOTE(jamespage) tell any storage-backends we just upgraded for rid in relation_ids('storage-backend'): relation_set(relation_id=rid, upgrade_nonce=uuid.uuid4()) # NOTE(hopem) tell any backup-backends we just upgraded for rid in relation_ids('backup-backend'): relation_set(relation_id=rid, upgrade_nonce=uuid.uuid4()) # overwrite config is not in conf file. so We can't use restart_on_change if config_value_changed('overwrite') and not is_unit_paused_set(): service_restart('cinder-volume') CONFIGS.write_all() configure_https() update_nrpe_config() open_port(config('api-listening-port')) for rid in relation_ids('cluster'): cluster_joined(relation_id=rid) for r_id in relation_ids('ha'): ha_joined(relation_id=r_id) # NOTE(jamespage): # ensure any new volume endpoints are created. Note that this # is normally done after an openstack series upgrade, but this # was not performed historically so always execute to ensure # any upgrades where this step was missed are fixed. for rid in relation_ids('identity-service'): identity_joined(rid=rid)
def config_changed(): e_mountpoint = config('ephemeral-unmount') if e_mountpoint and filesystem_mounted(e_mountpoint): umount(e_mountpoint) configure_lxd_block() configure_lxd_host()
def config_changed(): if is_unit_paused_set(): log("Do not run config_changed when paused", "WARNING") return if config('ephemeral-unmount'): umount(config('ephemeral-unmount'), persist=True) if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') assert_charm_supports_ipv6() if (migration_enabled() and config('migration-auth-type') not in MIGRATION_AUTH_TYPES): message = ("Invalid migration-auth-type") status_set('blocked', message) raise Exception(message) global CONFIGS send_remote_restart = False if not config('action-managed-upgrade'): if openstack_upgrade_available('nova-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(CONFIGS) send_remote_restart = True sysctl_settings = config('sysctl') if sysctl_settings: create_sysctl(sysctl_settings, '/etc/sysctl.d/50-nova-compute.conf') remove_libvirt_network('default') if migration_enabled() and config('migration-auth-type') == 'ssh': # Check-in with nova-c-c and register new ssh key, if it has just been # generated. status_set('maintenance', 'SSH key exchange') initialize_ssh_keys() import_authorized_keys() if config('enable-resize') is True: enable_shell(user='******') status_set('maintenance', 'SSH key exchange') initialize_ssh_keys(user='******') import_authorized_keys(user='******', prefix='nova') else: disable_shell(user='******') if config('instances-path') is not None: fp = config('instances-path') fix_path_ownership(fp, user='******') [compute_joined(rid) for rid in relation_ids('cloud-compute')] for rid in relation_ids('neutron-plugin'): neutron_plugin_joined(rid, remote_restart=send_remote_restart) for rid in relation_ids('nova-ceilometer'): nova_ceilometer_joined(rid, remote_restart=send_remote_restart) if is_relation_made("nrpe-external-master"): update_nrpe_config() if config('hugepages'): install_hugepages() # Disable smt for ppc64, required for nova/libvirt/kvm arch = platform.machine() log('CPU architecture: {}'.format(arch)) if arch in ['ppc64el', 'ppc64le']: set_ppc64_cpu_smt_state('off') # NOTE(jamespage): trigger any configuration related changes # for cephx permissions restrictions and # keys on disk for ceph-access backends for rid in relation_ids('ceph'): for unit in related_units(rid): ceph_changed(rid=rid, unit=unit) for rid in relation_ids('ceph-access'): for unit in related_units(rid): ceph_access(rid=rid, unit=unit) CONFIGS.write_all() NovaComputeAppArmorContext().setup_aa_profile() if (network_manager() in ['flatmanager', 'flatdhcpmanager'] and config('multi-host').lower() == 'yes'): NovaAPIAppArmorContext().setup_aa_profile() NovaNetworkAppArmorContext().setup_aa_profile() install_vaultlocker() install_multipath() configure_local_ephemeral_storage()
def config_changed(): if is_unit_paused_set(): log("Do not run config_changed when paused", "WARNING") return if config('ephemeral-unmount'): umount(config('ephemeral-unmount'), persist=True) if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') assert_charm_supports_ipv6() if (migration_enabled() and config('migration-auth-type') not in MIGRATION_AUTH_TYPES): message = ("Invalid migration-auth-type") status_set('blocked', message) raise Exception(message) global CONFIGS send_remote_restart = False if not config('action-managed-upgrade'): if openstack_upgrade_available('nova-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(CONFIGS) send_remote_restart = True sysctl_settings = config('sysctl') if sysctl_settings and not is_container(): create_sysctl( sysctl_settings, '/etc/sysctl.d/50-nova-compute.conf', # Some keys in the config may not exist in /proc/sys/net/. # For example, the conntrack module may not be loaded when # using lxd drivers insteam of kvm. In these cases, we # simply ignore the missing keys, rather than making time # consuming calls out to the filesystem to check for their # existence. ignore=True) remove_libvirt_network('default') if migration_enabled() and config('migration-auth-type') == 'ssh': # Check-in with nova-c-c and register new ssh key, if it has just been # generated. status_set('maintenance', 'SSH key exchange') initialize_ssh_keys() import_authorized_keys() if config('enable-resize') is True: enable_shell(user='******') status_set('maintenance', 'SSH key exchange') initialize_ssh_keys(user='******') import_authorized_keys(user='******', prefix='nova') else: disable_shell(user='******') if config('instances-path') is not None: fp = config('instances-path') if not os.path.exists(fp): mkdir(path=fp, owner='nova', group='nova', perms=0o775) fix_path_ownership(fp, user='******') for rid in relation_ids('cloud-compute'): compute_joined(rid) for rid in relation_ids('neutron-plugin'): neutron_plugin_joined(rid, remote_restart=send_remote_restart) for rid in relation_ids('nova-ceilometer'): nova_ceilometer_joined(rid, remote_restart=send_remote_restart) for rid in relation_ids('nova-vgpu'): nova_vgpu_joined(rid, remote_restart=send_remote_restart) if is_relation_made("nrpe-external-master"): update_nrpe_config() if config('hugepages'): install_hugepages() # Disable smt for ppc64, required for nova/libvirt/kvm arch = platform.machine() log('CPU architecture: {}'.format(arch)) if arch in ['ppc64el', 'ppc64le']: set_ppc64_cpu_smt_state('off') # NOTE(jamespage): trigger any configuration related changes # for cephx permissions restrictions and # keys on disk for ceph-access backends for rid in relation_ids('ceph'): for unit in related_units(rid): ceph_changed(rid=rid, unit=unit) for rid in relation_ids('ceph-access'): for unit in related_units(rid): ceph_access(rid=rid, unit=unit) update_all_configs() install_vaultlocker() install_multipath() configure_local_ephemeral_storage() check_and_start_iscsid()
def config_changed(): if is_unit_paused_set(): log("Do not run config_changed when paused", "WARNING") return if config('ephemeral-unmount'): umount(config('ephemeral-unmount'), persist=True) if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') assert_charm_supports_ipv6() if (migration_enabled() and config('migration-auth-type') not in MIGRATION_AUTH_TYPES): message = ("Invalid migration-auth-type") status_set('blocked', message) raise Exception(message) global CONFIGS send_remote_restart = False if not config('action-managed-upgrade'): if openstack_upgrade_available('nova-common'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(CONFIGS) send_remote_restart = True sysctl_settings = config('sysctl') if sysctl_settings and not is_container(): create_sysctl( sysctl_settings, '/etc/sysctl.d/50-nova-compute.conf', # Some keys in the config may not exist in /proc/sys/net/. # For example, the conntrack module may not be loaded when # using lxd drivers insteam of kvm. In these cases, we # simply ignore the missing keys, rather than making time # consuming calls out to the filesystem to check for their # existence. ignore=True) remove_libvirt_network('default') if migration_enabled() and config('migration-auth-type') == 'ssh': # Check-in with nova-c-c and register new ssh key, if it has just been # generated. status_set('maintenance', 'SSH key exchange') initialize_ssh_keys() import_authorized_keys() if config('enable-resize') is True: enable_shell(user='******') status_set('maintenance', 'SSH key exchange') initialize_ssh_keys(user='******') import_authorized_keys(user='******', prefix='nova') else: disable_shell(user='******') if config('instances-path') is not None: fp = config('instances-path') fix_path_ownership(fp, user='******') [compute_joined(rid) for rid in relation_ids('cloud-compute')] for rid in relation_ids('neutron-plugin'): neutron_plugin_joined(rid, remote_restart=send_remote_restart) for rid in relation_ids('nova-ceilometer'): nova_ceilometer_joined(rid, remote_restart=send_remote_restart) if is_relation_made("nrpe-external-master"): update_nrpe_config() if config('hugepages'): install_hugepages() # Disable smt for ppc64, required for nova/libvirt/kvm arch = platform.machine() log('CPU architecture: {}'.format(arch)) if arch in ['ppc64el', 'ppc64le']: set_ppc64_cpu_smt_state('off') # NOTE(jamespage): trigger any configuration related changes # for cephx permissions restrictions and # keys on disk for ceph-access backends for rid in relation_ids('ceph'): for unit in related_units(rid): ceph_changed(rid=rid, unit=unit) for rid in relation_ids('ceph-access'): for unit in related_units(rid): ceph_access(rid=rid, unit=unit) CONFIGS.write_all() NovaComputeAppArmorContext().setup_aa_profile() if (network_manager() in ['flatmanager', 'flatdhcpmanager'] and config('multi-host').lower() == 'yes'): NovaAPIAppArmorContext().setup_aa_profile() NovaNetworkAppArmorContext().setup_aa_profile() install_vaultlocker() install_multipath() configure_local_ephemeral_storage()