class Resource(object): ACTIONS = (INIT, CREATE, DELETE, UPDATE, ROLLBACK, SUSPEND, RESUME) = ('INIT', 'CREATE', 'DELETE', 'UPDATE', 'ROLLBACK', 'SUSPEND', 'RESUME') STATUSES = (IN_PROGRESS, FAILED, COMPLETE) = ('IN_PROGRESS', 'FAILED', 'COMPLETE') # If True, this resource must be created before it can be referenced. strict_dependency = True created_time = timestamp.Timestamp(db_api.resource_get, 'created_at') updated_time = timestamp.Timestamp(db_api.resource_get, 'updated_at') metadata = Metadata() # Resource implementation set this to the subset of template keys # which are supported for handle_update, used by update_template_diff update_allowed_keys = () # Resource implementation set this to the subset of resource properties # supported for handle_update, used by update_template_diff_properties update_allowed_properties = () # Resource implementations set this to the name: description dictionary # that describes the appropriate resource attributes attributes_schema = {} def __new__(cls, name, json, stack): '''Create a new Resource of the appropriate class for its type.''' if cls != Resource: # Call is already for a subclass, so pass it through return super(Resource, cls).__new__(cls) # Select the correct subclass to instantiate ResourceClass = stack.env.get_class(json['Type'], resource_name=name) return ResourceClass(name, json, stack) def __init__(self, name, json_snippet, stack): if '/' in name: raise ValueError(_('Resource name may not contain "/"')) self.stack = stack self.context = stack.context self.name = name self.json_snippet = json_snippet self.t = stack.resolve_static_data(json_snippet) self.properties = Properties(self.properties_schema, self.t.get('Properties', {}), self._resolve_runtime_data, self.name) self.attributes = Attributes(self.name, self.attributes_schema, self._resolve_attribute) resource = db_api.resource_get_by_name_and_stack( self.context, name, stack.id) if resource: self.resource_id = resource.nova_instance self.action = resource.action self.status = resource.status self.status_reason = resource.status_reason self.id = resource.id self.data = resource.data else: self.resource_id = None # if the stack is being deleted, assume we've already been deleted if stack.action == stack.DELETE: self.action = self.DELETE else: self.action = self.INIT self.status = self.COMPLETE self.status_reason = '' self.id = None self.data = [] def __eq__(self, other): '''Allow == comparison of two resources.''' # For the purposes of comparison, we declare two resource objects # equal if their names and parsed_templates are the same if isinstance(other, Resource): return (self.name == other.name) and (self.parsed_template() == other.parsed_template()) return NotImplemented def __ne__(self, other): '''Allow != comparison of two resources.''' result = self.__eq__(other) if result is NotImplemented: return result return not result def type(self): return self.t['Type'] def _resolve_runtime_data(self, snippet): return self.stack.resolve_runtime_data(snippet) def has_interface(self, resource_type): """Check to see if this resource is either mapped to resource_type or is a "resource_type". """ if self.type() == resource_type: return True ri = self.stack.env.get_resource_info(self.type(), self.name) return ri.name == resource_type def identifier(self): '''Return an identifier for this resource.''' return identifier.ResourceIdentifier(resource_name=self.name, **self.stack.identifier()) def parsed_template(self, section=None, default={}): ''' Return the parsed template data for the resource. May be limited to only one section of the data, in which case a default value may also be supplied. ''' if section is None: template = self.t else: template = self.t.get(section, default) return self._resolve_runtime_data(template) def update_template_diff(self, after, before): ''' Returns the difference between the before and after json snippets. If something has been removed in after which exists in before we set it to None. If any keys have changed which are not in update_allowed_keys, raises UpdateReplace if the differing keys are not in update_allowed_keys ''' update_allowed_set = set(self.update_allowed_keys) # Create a set containing the keys in both current and update template template_keys = set(before.keys()) template_keys.update(set(after.keys())) # Create a set of keys which differ (or are missing/added) changed_keys_set = set( [k for k in template_keys if before.get(k) != after.get(k)]) if not changed_keys_set.issubset(update_allowed_set): badkeys = changed_keys_set - update_allowed_set raise UpdateReplace(self.name) return dict((k, after.get(k)) for k in changed_keys_set) def update_template_diff_properties(self, after, before): ''' Returns the changed Properties between the before and after json snippets. If a property has been removed in after which exists in before we set it to None. If any properties have changed which are not in update_allowed_properties, raises UpdateReplace if the modified properties are not in the update_allowed_properties ''' update_allowed_set = set(self.update_allowed_properties) # Create a set containing the keys in both current and update template current_properties = before.get('Properties', {}) template_properties = set(current_properties.keys()) updated_properties = after.get('Properties', {}) template_properties.update(set(updated_properties.keys())) # Create a set of keys which differ (or are missing/added) changed_properties_set = set( k for k in template_properties if current_properties.get(k) != updated_properties.get(k)) if not changed_properties_set.issubset(update_allowed_set): raise UpdateReplace(self.name) return dict( (k, updated_properties.get(k)) for k in changed_properties_set) def __str__(self): return '%s "%s"' % (self.__class__.__name__, self.name) def _add_dependencies(self, deps, head, fragment): if isinstance(fragment, dict): for key, value in fragment.items(): if key in ('DependsOn', 'Ref', 'Fn::GetAtt'): if key == 'Fn::GetAtt': value, head = value try: target = self.stack.resources[value] except KeyError: raise exception.InvalidTemplateReference( resource=value, key=head) if key == 'DependsOn' or target.strict_dependency: deps += (self, target) else: self._add_dependencies(deps, key, value) elif isinstance(fragment, list): for item in fragment: self._add_dependencies(deps, head, item) def add_dependencies(self, deps): self._add_dependencies(deps, None, self.t) deps += (self, None) def required_by(self): ''' Returns a list of names of resources which directly require this resource as a dependency. ''' return list( [r.name for r in self.stack.dependencies.required_by(self)]) def keystone(self): return self.stack.clients.keystone() def nova(self, service_type='compute'): return self.stack.clients.nova(service_type) def swift(self): return self.stack.clients.swift() def neutron(self): return self.stack.clients.neutron() def cinder(self): return self.stack.clients.cinder() def ceilometer(self): return self.stack.clients.ceilometer() def _do_action(self, action, pre_func=None): ''' Perform a transition to a new state via a specified action action should be e.g self.CREATE, self.UPDATE etc, we set status based on this, the transistion is handled by calling the corresponding handle_* and check_*_complete functions Note pre_func is an optional function reference which will be called before the handle_<action> function If the resource does not declare a check_$action_complete function, we declare COMPLETE status as soon as the handle_$action call has finished, and if no handle_$action function is declared, then we do nothing, useful e.g if the resource requires no action for a given state transition ''' assert action in self.ACTIONS, 'Invalid action %s' % action try: self.state_set(action, self.IN_PROGRESS) action_l = action.lower() handle = getattr(self, 'handle_%s' % action_l, None) check = getattr(self, 'check_%s_complete' % action_l, None) if callable(pre_func): pre_func() handle_data = None if callable(handle): handle_data = handle() yield if callable(check): while not check(handle_data): yield except Exception as ex: logger.exception('%s : %s' % (action, str(self))) failure = exception.ResourceFailure(ex, self, action) self.state_set(action, self.FAILED, str(failure)) raise failure except: with excutils.save_and_reraise_exception(): try: self.state_set(action, self.FAILED, '%s aborted' % action) except Exception: logger.exception('Error marking resource as failed') else: self.state_set(action, self.COMPLETE) def create(self): ''' Create the resource. Subclasses should provide a handle_create() method to customise creation. ''' action = self.CREATE if (self.action, self.status) != (self.INIT, self.COMPLETE): exc = exception.Error('State %s invalid for create' % str(self.state)) raise exception.ResourceFailure(exc, self, action) logger.info('creating %s' % str(self)) # Re-resolve the template, since if the resource Ref's # the AWS::StackId pseudo parameter, it will change after # the parser.Stack is stored (which is after the resources # are __init__'d, but before they are create()'d) self.t = self.stack.resolve_static_data(self.json_snippet) self.properties = Properties(self.properties_schema, self.t.get('Properties', {}), self._resolve_runtime_data, self.name) return self._do_action(action, self.properties.validate) def update(self, after, before=None): ''' update the resource. Subclasses should provide a handle_update() method to customise update, the base-class handle_update will fail by default. ''' action = self.UPDATE if before is None: before = self.parsed_template() if (self.action, self.status) in ((self.CREATE, self.IN_PROGRESS), (self.UPDATE, self.IN_PROGRESS)): exc = Exception('Resource update already requested') raise exception.ResourceFailure(exc, self, action) logger.info('updating %s' % str(self)) try: self.state_set(action, self.IN_PROGRESS) properties = Properties(self.properties_schema, after.get('Properties', {}), self._resolve_runtime_data, self.name) properties.validate() tmpl_diff = self.update_template_diff(after, before) prop_diff = self.update_template_diff_properties(after, before) if callable(getattr(self, 'handle_update', None)): result = self.handle_update(after, tmpl_diff, prop_diff) except UpdateReplace: logger.debug("Resource %s update requires replacement" % self.name) raise except Exception as ex: logger.exception('update %s : %s' % (str(self), str(ex))) failure = exception.ResourceFailure(ex, self, action) self.state_set(action, self.FAILED, str(failure)) raise failure else: self.t = self.stack.resolve_static_data(after) self.state_set(action, self.COMPLETE) def suspend(self): ''' Suspend the resource. Subclasses should provide a handle_suspend() method to implement suspend ''' action = self.SUSPEND # Don't try to suspend the resource unless it's in a stable state if (self.action == self.DELETE or self.status != self.COMPLETE): exc = exception.Error('State %s invalid for suspend' % str(self.state)) raise exception.ResourceFailure(exc, self, action) logger.info('suspending %s' % str(self)) return self._do_action(action) def resume(self): ''' Resume the resource. Subclasses should provide a handle_resume() method to implement resume ''' action = self.RESUME # Can't resume a resource unless it's SUSPEND_COMPLETE if self.state != (self.SUSPEND, self.COMPLETE): exc = exception.Error('State %s invalid for resume' % str(self.state)) raise exception.ResourceFailure(exc, self, action) logger.info('resuming %s' % str(self)) return self._do_action(action) def physical_resource_name(self): if self.id is None: return None return '%s-%s-%s' % (self.stack.name, self.name, short_id.get_id(self.id)) def validate(self): logger.info('Validating %s' % str(self)) self.validate_deletion_policy(self.t) return self.properties.validate() @classmethod def validate_deletion_policy(cls, template): deletion_policy = template.get('DeletionPolicy', 'Delete') if deletion_policy not in ('Delete', 'Retain', 'Snapshot'): msg = 'Invalid DeletionPolicy %s' % deletion_policy raise exception.StackValidationFailed(message=msg) elif deletion_policy == 'Snapshot': if not callable(getattr(cls, 'handle_snapshot_delete', None)): msg = 'Snapshot DeletionPolicy not supported' raise exception.StackValidationFailed(message=msg) def delete(self): ''' Delete the resource. Subclasses should provide a handle_delete() method to customise deletion. ''' action = self.DELETE if (self.action, self.status) == (self.DELETE, self.COMPLETE): return # No need to delete if the resource has never been created if self.action == self.INIT: return initial_state = self.state logger.info('deleting %s' % str(self)) try: self.state_set(action, self.IN_PROGRESS) deletion_policy = self.t.get('DeletionPolicy', 'Delete') if deletion_policy == 'Delete': if callable(getattr(self, 'handle_delete', None)): self.handle_delete() elif deletion_policy == 'Snapshot': if callable(getattr(self, 'handle_snapshot_delete', None)): self.handle_snapshot_delete(initial_state) except Exception as ex: logger.exception('Delete %s', str(self)) failure = exception.ResourceFailure(ex, self, self.action) self.state_set(action, self.FAILED, str(failure)) raise failure except: with excutils.save_and_reraise_exception(): try: self.state_set(action, self.FAILED, 'Deletion aborted') except Exception: logger.exception('Error marking resource deletion failed') else: self.state_set(action, self.COMPLETE) def destroy(self): ''' Delete the resource and remove it from the database. ''' self.delete() if self.id is None: return try: db_api.resource_get(self.context, self.id).delete() except exception.NotFound: # Don't fail on delete if the db entry has # not been created yet. pass self.id = None def resource_id_set(self, inst): self.resource_id = inst if self.id is not None: try: rs = db_api.resource_get(self.context, self.id) rs.update_and_save({'nova_instance': self.resource_id}) except Exception as ex: logger.warn('db error %s' % str(ex)) def _store(self): '''Create the resource in the database.''' metadata = self.metadata try: rs = { 'action': self.action, 'status': self.status, 'status_reason': self.status_reason, 'stack_id': self.stack.id, 'nova_instance': self.resource_id, 'name': self.name, 'rsrc_metadata': metadata, 'stack_name': self.stack.name } new_rs = db_api.resource_create(self.context, rs) self.id = new_rs.id self.stack.updated_time = datetime.utcnow() except Exception as ex: logger.error('DB error %s' % str(ex)) def _add_event(self, action, status, reason): '''Add a state change event to the database.''' ev = event.Event(self.context, self.stack, action, status, reason, self.resource_id, self.properties, self.name, self.type()) try: ev.store() except Exception as ex: logger.error('DB error %s' % str(ex)) def _store_or_update(self, action, status, reason): self.action = action self.status = status self.status_reason = reason if self.id is not None: try: rs = db_api.resource_get(self.context, self.id) rs.update_and_save({ 'action': self.action, 'status': self.status, 'status_reason': reason, 'stack_id': self.stack.id, 'nova_instance': self.resource_id }) self.stack.updated_time = datetime.utcnow() except Exception as ex: logger.error('DB error %s' % str(ex)) # store resource in DB on transition to CREATE_IN_PROGRESS # all other transistions (other than to DELETE_COMPLETE) # should be handled by the update_and_save above.. elif (action, status) == (self.CREATE, self.IN_PROGRESS): self._store() def _resolve_attribute(self, name): """ Default implementation; should be overridden by resources that expose attributes :param name: The attribute to resolve :returns: the resource attribute named key """ # By default, no attributes resolve pass def state_reset(self): """ Reset state to (INIT, COMPLETE) """ self.action = self.INIT self.status = self.COMPLETE def state_set(self, action, status, reason="state changed"): if action not in self.ACTIONS: raise ValueError("Invalid action %s" % action) if status not in self.STATUSES: raise ValueError("Invalid status %s" % status) old_state = (self.action, self.status) new_state = (action, status) self._store_or_update(action, status, reason) if new_state != old_state: self._add_event(action, status, reason) @property def state(self): '''Returns state, tuple of action, status.''' return (self.action, self.status) def FnGetRefId(self): ''' http://docs.amazonwebservices.com/AWSCloudFormation/latest/UserGuide/\ intrinsic-function-reference-ref.html ''' if self.resource_id is not None: return unicode(self.resource_id) else: return unicode(self.name) def FnGetAtt(self, key): ''' http://docs.amazonwebservices.com/AWSCloudFormation/latest/UserGuide/\ intrinsic-function-reference-getatt.html ''' try: return self.attributes[key] except KeyError: raise exception.InvalidTemplateAttribute(resource=self.name, key=key) def FnBase64(self, data): ''' http://docs.amazonwebservices.com/AWSCloudFormation/latest/UserGuide/\ intrinsic-function-reference-base64.html ''' return base64.b64encode(data) def signal(self, details=None): ''' signal the resource. Subclasses should provide a handle_signal() method to implement the signal, the base-class raise an exception if no handler is implemented. ''' try: if self.action in (self.SUSPEND, self.DELETE): msg = 'Cannot signal resource during %s' % self.action raise Exception(msg) if not callable(getattr(self, 'handle_signal', None)): msg = 'Resource %s is not able to receive a signal' % str(self) raise Exception(msg) self._add_event('signal', self.status, details) self.handle_signal(details) except Exception as ex: logger.exception('signal %s : %s' % (str(self), str(ex))) failure = exception.ResourceFailure(ex, self) raise failure def handle_update(self, json_snippet=None, tmpl_diff=None, prop_diff=None): raise UpdateReplace(self.name) def metadata_update(self, new_metadata=None): ''' No-op for resources which don't explicitly override this method ''' if new_metadata: logger.warning("Resource %s does not implement metadata update" % self.name) @classmethod def resource_to_template(cls, resource_type): ''' :param resource_type: The resource type to be displayed in the template :param explode_nested: True if a resource's nested properties schema should be resolved. :returns: A template where the resource's properties_schema is mapped as parameters, and the resource's attributes_schema is mapped as outputs ''' (parameters, properties) = (Properties.schema_to_parameters_and_properties( cls.properties_schema)) resource_name = cls.__name__ return { 'Parameters': parameters, 'Resources': { resource_name: { 'Type': resource_type, 'Properties': properties } }, 'Outputs': Attributes.as_outputs(resource_name, cls) }
class Stack(object): ACTIONS = (CREATE, DELETE, UPDATE, ROLLBACK) = ('CREATE', 'DELETE', 'UPDATE', 'ROLLBACK') CREATE_IN_PROGRESS = 'CREATE_IN_PROGRESS' CREATE_FAILED = 'CREATE_FAILED' CREATE_COMPLETE = 'CREATE_COMPLETE' DELETE_IN_PROGRESS = 'DELETE_IN_PROGRESS' DELETE_FAILED = 'DELETE_FAILED' DELETE_COMPLETE = 'DELETE_COMPLETE' UPDATE_IN_PROGRESS = 'UPDATE_IN_PROGRESS' UPDATE_COMPLETE = 'UPDATE_COMPLETE' UPDATE_FAILED = 'UPDATE_FAILED' ROLLBACK_IN_PROGRESS = 'ROLLBACK_IN_PROGRESS' ROLLBACK_COMPLETE = 'ROLLBACK_COMPLETE' ROLLBACK_FAILED = 'ROLLBACK_FAILED' created_time = timestamp.Timestamp(db_api.stack_get, 'created_at') updated_time = timestamp.Timestamp(db_api.stack_get, 'updated_at') def __init__(self, context, stack_name, tmpl, parameters=None, stack_id=None, state=None, state_description='', timeout_mins=60, resolve_data=True, disable_rollback=True): ''' Initialise from a context, name, Template object and (optionally) Parameters object. The database ID may also be initialised, if the stack is already in the database. ''' if re.match("[a-zA-Z][a-zA-Z0-9_.-]*$", stack_name) is None: raise ValueError( _("Invalid stack name %s" % stack_name + ", must contain only alphanumeric or " + "\"_-.\" characters, must start with alpha")) self.id = stack_id self.context = context self.clients = Clients(context) self.t = tmpl self.name = stack_name self.state = state self.state_description = state_description self.timeout_mins = timeout_mins self.disable_rollback = disable_rollback if parameters is None: parameters = Parameters(self.name, self.t) self.parameters = parameters self._set_param_stackid() if resolve_data: self.outputs = self.resolve_static_data(self.t[template.OUTPUTS]) else: self.outputs = {} template_resources = self.t[template.RESOURCES] self.resources = dict((name, resource.Resource(name, data, self)) for (name, data) in template_resources.items()) self.dependencies = self._get_dependencies(self.resources.itervalues()) def _set_param_stackid(self): ''' Update self.parameters with the current ARN which is then provided via the Parameters class as the AWS::StackId pseudo parameter ''' # This can fail if constructor called without a valid context, # as it is in many tests try: stack_arn = self.identifier().arn() except (AttributeError, ValueError, TypeError): logger.warning("Unable to set parameters StackId identifier") else: self.parameters.set_stack_id(stack_arn) @staticmethod def _get_dependencies(resources): '''Return the dependency graph for a list of resources''' deps = dependencies.Dependencies() for resource in resources: resource.add_dependencies(deps) return deps @classmethod def load(cls, context, stack_id=None, stack=None, resolve_data=True): '''Retrieve a Stack from the database''' if stack is None: stack = db_api.stack_get(context, stack_id) if stack is None: message = 'No stack exists with id "%s"' % str(stack_id) raise exception.NotFound(message) template = Template.load(context, stack.raw_template_id) params = Parameters(stack.name, template, stack.parameters) stack = cls(context, stack.name, template, params, stack.id, stack.status, stack.status_reason, stack.timeout, resolve_data, stack.disable_rollback) return stack def store(self, owner=None): ''' Store the stack in the database and return its ID If self.id is set, we update the existing stack ''' new_creds = db_api.user_creds_create(self.context) s = { 'name': self.name, 'raw_template_id': self.t.store(self.context), 'parameters': self.parameters.user_parameters(), 'owner_id': owner and owner.id, 'user_creds_id': new_creds.id, 'username': self.context.username, 'tenant': self.context.tenant_id, 'status': self.state, 'status_reason': self.state_description, 'timeout': self.timeout_mins, 'disable_rollback': self.disable_rollback, } if self.id: db_api.stack_update(self.context, self.id, s) else: new_s = db_api.stack_create(self.context, s) self.id = new_s.id self._set_param_stackid() return self.id def identifier(self): ''' Return an identifier for this stack. ''' return identifier.HeatIdentifier(self.context.tenant_id, self.name, self.id) def __iter__(self): ''' Return an iterator over this template's resources in the order that they should be started. ''' return iter(self.dependencies) def __reversed__(self): ''' Return an iterator over this template's resources in the order that they should be stopped. ''' return reversed(self.dependencies) def __len__(self): '''Return the number of resources''' return len(self.resources) def __getitem__(self, key): '''Get the resource with the specified name.''' return self.resources[key] def __setitem__(self, key, value): '''Set the resource with the specified name to a specific value''' self.resources[key] = value def __contains__(self, key): '''Determine whether the stack contains the specified resource''' return key in self.resources def keys(self): '''Return a list of resource keys for the stack''' return self.resources.keys() def __str__(self): '''Return a human-readable string representation of the stack''' return 'Stack "%s"' % self.name def resource_by_refid(self, refid): ''' Return the resource in this stack with the specified refid, or None if not found ''' for r in self.resources.values(): if r.state in (r.CREATE_IN_PROGRESS, r.CREATE_COMPLETE, r.UPDATE_IN_PROGRESS, r.UPDATE_COMPLETE) and r.FnGetRefId() == refid: return r def validate(self): ''' http://docs.amazonwebservices.com/AWSCloudFormation/latest/\ APIReference/API_ValidateTemplate.html ''' # TODO(sdake) Should return line number of invalid reference for res in self: try: result = res.validate() except Exception as ex: logger.exception(ex) raise StackValidationFailed(message=str(ex)) if result: raise StackValidationFailed(message=result) def state_set(self, new_status, reason): '''Update the stack state in the database''' self.state = new_status self.state_description = reason if self.id is None: return stack = db_api.stack_get(self.context, self.id) stack.update_and_save({'status': new_status, 'status_reason': reason}) def create(self): ''' Create the stack and all of the resources. Creation will fail if it exceeds the specified timeout. The default is 60 minutes, set in the constructor ''' self.state_set(self.CREATE_IN_PROGRESS, 'Stack creation started') stack_status = self.CREATE_COMPLETE reason = 'Stack successfully created' res = None with eventlet.Timeout(self.timeout_mins * 60) as tmo: try: for res in self: if stack_status != self.CREATE_FAILED: result = res.create() if result: stack_status = self.CREATE_FAILED reason = 'Resource %s failed with: %s' % (str(res), result) else: res.state_set(res.CREATE_FAILED, 'Stack creation aborted') except eventlet.Timeout as t: if t is tmo: stack_status = self.CREATE_FAILED reason = 'Timed out waiting for %s' % str(res) else: # not my timeout raise self.state_set(stack_status, reason) if stack_status == self.CREATE_FAILED and not self.disable_rollback: self.delete(action=self.ROLLBACK) def update(self, newstack, action=UPDATE): ''' Compare the current stack with newstack, and where necessary create/update/delete the resources until this stack aligns with newstack. Note update of existing stack resources depends on update being implemented in the underlying resource types Update will fail if it exceeds the specified timeout. The default is 60 minutes, set in the constructor ''' if action not in (self.UPDATE, self.ROLLBACK): logger.error("Unexpected action %s passed to update!" % action) self.state_set(self.UPDATE_FAILED, "Invalid action %s" % action) return if self.state not in (self.CREATE_COMPLETE, self.UPDATE_COMPLETE, self.ROLLBACK_COMPLETE): if (action == self.ROLLBACK and self.state == self.UPDATE_IN_PROGRESS): logger.debug("Starting update rollback for %s" % self.name) else: if action == self.UPDATE: self.state_set(self.UPDATE_FAILED, 'State invalid for update') else: self.state_set(self.ROLLBACK_FAILED, 'State invalid for rollback') return if action == self.UPDATE: self.state_set(self.UPDATE_IN_PROGRESS, 'Stack update started') else: self.state_set(self.ROLLBACK_IN_PROGRESS, 'Stack rollback started') # cache all the resources runtime data. for r in self: r.cache_template() # Now make the resources match the new stack definition with eventlet.Timeout(self.timeout_mins * 60) as tmo: try: # First delete any resources which are not in newstack for res in reversed(self): if not res.name in newstack.keys(): logger.debug("resource %s not found in updated stack" % res.name + " definition, deleting") result = res.destroy() if result: logger.error("Failed to remove %s : %s" % (res.name, result)) raise exception.ResourceUpdateFailed( resource_name=res.name) else: del self.resources[res.name] self.dependencies = self._get_dependencies( self.resources.itervalues()) # Then create any which are defined in newstack but not self for res in newstack: if not res.name in self.keys(): logger.debug("resource %s not found in current stack" % res.name + " definition, adding") res.stack = self self[res.name] = res self.dependencies = self._get_dependencies( self.resources.itervalues()) result = self[res.name].create() if result: logger.error("Failed to add %s : %s" % (res.name, result)) raise exception.ResourceUpdateFailed( resource_name=res.name) # Now (the hard part :) update existing resources # The Resource base class allows equality-test of resources, # based on the parsed template snippet for the resource. # If this test fails, we call the underlying resource.update # # FIXME : Implement proper update logic for the resources # AWS define three update strategies, applied depending # on the resource and what is being updated within a # resource : # - Update with no interruption # - Update with some interruption # - Update requires replacement # # Currently all resource have a default handle_update method # which returns "requires replacement" (res.UPDATE_REPLACE) for res in newstack: # Compare resolved pre/post update resource snippets, # note the new resource snippet is resolved in the context # of the existing stack (which is the stack being updated) old_snippet = self[res.name].parsed_template(cached=True) new_snippet = self.resolve_runtime_data(res.t) if old_snippet != new_snippet: # Can fail if underlying resource class does not # implement update logic or update requires replacement retval = self[res.name].update(new_snippet) if retval == self[res.name].UPDATE_COMPLETE: logger.info("Resource %s for stack %s updated" % (res.name, self.name)) elif retval == self[res.name].UPDATE_REPLACE: logger.info("Resource %s for stack %s" % (res.name, self.name) + " update requires replacement") # Resource requires replacement for update result = self[res.name].destroy() if result: logger.error("Failed to delete %s : %s" % (res.name, result)) raise exception.ResourceUpdateFailed( resource_name=res.name) else: res.stack = self self[res.name] = res self.dependencies = self._get_dependencies( self.resources.itervalues()) result = self[res.name].create() if result: logger.error("Failed to create %s : %s" % (res.name, result)) raise exception.ResourceUpdateFailed( resource_name=res.name) else: logger.error("Failed to %s %s" % (action, res.name)) raise exception.ResourceUpdateFailed( resource_name=res.name) if action == self.UPDATE: stack_status = self.UPDATE_COMPLETE reason = 'Stack successfully updated' else: stack_status = self.ROLLBACK_COMPLETE reason = 'Stack rollback completed' except eventlet.Timeout as t: if t is tmo: stack_status = self.UPDATE_FAILED reason = 'Timed out waiting for %s' % str(res) else: # not my timeout raise except exception.ResourceUpdateFailed as e: reason = str(e) or "Error : %s" % type(e) if action == self.UPDATE: stack_status = self.UPDATE_FAILED # If rollback is enabled, we do another update, with the # existing template, so we roll back to the original state # Note - ensure nothing after the "flip the template..." # section above can raise ResourceUpdateFailed or this # will not work ;) if self.disable_rollback: stack_status = self.UPDATE_FAILED else: oldstack = Stack(self.context, self.name, self.t, self.parameters) self.update(oldstack, action=self.ROLLBACK) return else: stack_status = self.ROLLBACK_FAILED self.state_set(stack_status, reason) # flip the template & parameters to the newstack values # Note we do this on success and failure, so the current # stack resources are stored, even if one is in a failed # state (otherwise we won't remove them on delete) self.t = newstack.t self.parameters = newstack.parameters template_outputs = self.t[template.OUTPUTS] self.outputs = self.resolve_static_data(template_outputs) self.store() def delete(self, action=DELETE): ''' Delete all of the resources, and then the stack itself. The action parameter is used to differentiate between a user initiated delete and an automatic stack rollback after a failed create, which amount to the same thing, but the states are recorded differently. ''' if action == self.DELETE: self.state_set(self.DELETE_IN_PROGRESS, 'Stack deletion started') elif action == self.ROLLBACK: self.state_set(self.ROLLBACK_IN_PROGRESS, 'Stack rollback started') else: logger.error("Unexpected action %s passed to delete!" % action) self.state_set(self.DELETE_FAILED, "Invalid action %s" % action) return failures = [] for res in reversed(self): result = res.destroy() if result: logger.error('Failed to delete %s error: %s' % (str(res), result)) failures.append(str(res)) if failures: if action == self.DELETE: self.state_set(self.DELETE_FAILED, 'Failed to delete ' + ', '.join(failures)) elif action == self.ROLLBACK: self.state_set(self.ROLLBACK_FAILED, 'Failed to rollback ' + ', '.join(failures)) else: if action == self.DELETE: self.state_set(self.DELETE_COMPLETE, 'Deleted successfully') elif action == self.ROLLBACK: self.state_set(self.ROLLBACK_COMPLETE, 'Rollback completed') db_api.stack_delete(self.context, self.id) def output(self, key): ''' Get the value of the specified stack output. ''' value = self.outputs[key].get('Value', '') return self.resolve_runtime_data(value) def restart_resource(self, resource_name): ''' stop resource_name and all that depend on it start resource_name and all that depend on it ''' deps = self.dependencies[self[resource_name]] failed = False for res in reversed(deps): try: res.destroy() except Exception as ex: failed = True logger.error('delete: %s' % str(ex)) for res in deps: if not failed: try: res.create() except Exception as ex: logger.exception('create') failed = True else: res.state_set(res.CREATE_FAILED, 'Resource restart aborted') # TODO(asalkeld) if any of this fails we Should # restart the whole stack def resolve_static_data(self, snippet): return resolve_static_data(self.t, self.parameters, snippet) def resolve_runtime_data(self, snippet): return resolve_runtime_data(self.t, self.resources, snippet)
class WatchRule(object): WATCH_STATES = ( ALARM, NORMAL, NODATA, SUSPENDED, CEILOMETER_CONTROLLED, ) = ( rpc_api.WATCH_STATE_ALARM, rpc_api.WATCH_STATE_OK, rpc_api.WATCH_STATE_NODATA, rpc_api.WATCH_STATE_SUSPENDED, rpc_api.WATCH_STATE_CEILOMETER_CONTROLLED, ) ACTION_MAP = { ALARM: 'AlarmActions', NORMAL: 'OKActions', NODATA: 'InsufficientDataActions' } created_at = timestamp.Timestamp(watch_rule_objects.WatchRule.get_by_id, 'created_at') updated_at = timestamp.Timestamp(watch_rule_objects.WatchRule.get_by_id, 'updated_at') def __init__(self, context, watch_name, rule, stack_id=None, state=NODATA, wid=None, watch_data=None, last_evaluated=timeutils.utcnow()): self.context = context self.now = timeutils.utcnow() self.name = watch_name self.state = state self.rule = rule self.stack_id = stack_id period = 0 if 'Period' in rule: period = int(rule['Period']) elif 'period' in rule: period = int(rule['period']) self.timeperiod = datetime.timedelta(seconds=period) self.id = wid self.watch_data = watch_data or [] self.last_evaluated = last_evaluated @classmethod def load(cls, context, watch_name=None, watch=None): """Load the watchrule object. Loading object either by name or via an existing DB object. """ if watch is None: try: watch = watch_rule_objects.WatchRule.get_by_name( context, watch_name) except Exception as ex: LOG.warn( _LW('WatchRule.load (%(watch_name)s) db error ' '%(ex)s'), { 'watch_name': watch_name, 'ex': ex }) if watch is None: raise exception.WatchRuleNotFound(watch_name=watch_name) else: return cls(context=context, watch_name=watch.name, rule=watch.rule, stack_id=watch.stack_id, state=watch.state, wid=watch.id, watch_data=watch.watch_data, last_evaluated=watch.last_evaluated) def store(self): """Store the watchrule in the database and return its ID. If self.id is set, we update the existing rule. """ wr_values = { 'name': self.name, 'rule': self.rule, 'state': self.state, 'stack_id': self.stack_id } if not self.id: wr = watch_rule_objects.WatchRule.create(self.context, wr_values) self.id = wr.id else: watch_rule_objects.WatchRule.update_by_id(self.context, self.id, wr_values) def destroy(self): """Delete the watchrule from the database.""" if self.id: watch_rule_objects.WatchRule.delete(self.context, self.id) def do_data_cmp(self, data, threshold): op = self.rule['ComparisonOperator'] if op == 'GreaterThanThreshold': return data > threshold elif op == 'GreaterThanOrEqualToThreshold': return data >= threshold elif op == 'LessThanThreshold': return data < threshold elif op == 'LessThanOrEqualToThreshold': return data <= threshold else: return False def do_Maximum(self): data = 0 have_data = False for d in self.watch_data: if d.created_at < self.now - self.timeperiod: continue if not have_data: data = float(d.data[self.rule['MetricName']]['Value']) have_data = True if float(d.data[self.rule['MetricName']]['Value']) > data: data = float(d.data[self.rule['MetricName']]['Value']) if not have_data: return self.NODATA if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def do_Minimum(self): data = 0 have_data = False for d in self.watch_data: if d.created_at < self.now - self.timeperiod: continue if not have_data: data = float(d.data[self.rule['MetricName']]['Value']) have_data = True elif float(d.data[self.rule['MetricName']]['Value']) < data: data = float(d.data[self.rule['MetricName']]['Value']) if not have_data: return self.NODATA if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def do_SampleCount(self): """Count all samples within the specified period.""" data = 0 for d in self.watch_data: if d.created_at < self.now - self.timeperiod: continue data = data + 1 if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def do_Average(self): data = 0 samples = 0 for d in self.watch_data: if d.created_at < self.now - self.timeperiod: continue samples = samples + 1 data = data + float(d.data[self.rule['MetricName']]['Value']) if samples == 0: return self.NODATA data = data / samples if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def do_Sum(self): data = 0 for d in self.watch_data: if d.created_at < self.now - self.timeperiod: LOG.debug('ignoring %s' % str(d.data)) continue data = data + float(d.data[self.rule['MetricName']]['Value']) if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def get_alarm_state(self): fn = getattr(self, 'do_%s' % self.rule['Statistic']) return fn() def evaluate(self): if self.state in [self.CEILOMETER_CONTROLLED, self.SUSPENDED]: return [] # has enough time progressed to run the rule self.now = timeutils.utcnow() if self.now < (self.last_evaluated + self.timeperiod): return [] return self.run_rule() def get_details(self): return {'alarm': self.name, 'state': self.state} def run_rule(self): new_state = self.get_alarm_state() actions = self.rule_actions(new_state) self.state = new_state self.last_evaluated = self.now self.store() return actions def rule_actions(self, new_state): LOG.info( _LI('WATCH: stack:%(stack)s, watch_name:%(watch_name)s, ' 'new_state:%(new_state)s'), { 'stack': self.stack_id, 'watch_name': self.name, 'new_state': new_state }) actions = [] if self.ACTION_MAP[new_state] not in self.rule: LOG.info(_LI('no action for new state %s'), new_state) else: s = stack_object.Stack.get_by_id(self.context, self.stack_id, eager_load=True) stk = stack.Stack.load(self.context, stack=s) if (stk.action != stk.DELETE and stk.status == stk.COMPLETE): for refid in self.rule[self.ACTION_MAP[new_state]]: actions.append(stk.resource_by_refid(refid).signal) else: LOG.warn(_LW("Could not process watch state %s for stack"), new_state) return actions def _to_ceilometer(self, data): clients = self.context.clients sample = {} sample['counter_type'] = 'gauge' for k, d in iter(data.items()): if k == 'Namespace': continue sample['counter_name'] = k sample['counter_volume'] = d['Value'] sample['counter_unit'] = d['Unit'] dims = d.get('Dimensions', {}) if isinstance(dims, list): dims = dims[0] sample['resource_metadata'] = dims sample['resource_id'] = dims.get('InstanceId') LOG.debug('new sample:%(k)s data:%(sample)s' % { 'k': k, 'sample': sample }) clients.client('ceilometer').samples.create(**sample) def create_watch_data(self, data): if self.state == self.CEILOMETER_CONTROLLED: # this is a short term measure for those that have cfn-push-stats # within their templates, but want to use Ceilometer alarms. self._to_ceilometer(data) return if self.state == self.SUSPENDED: LOG.debug('Ignoring metric data for %s, SUSPENDED state' % self.name) return [] if self.rule['MetricName'] not in data: # Our simplified cloudwatch implementation only expects a single # Metric associated with each alarm, but some cfn-push-stats # options, e.g --haproxy try to push multiple metrics when we # actually only care about one (the one we're alarming on) # so just ignore any data which doesn't contain MetricName LOG.debug('Ignoring metric data (only accept %(metric)s) ' ': %(data)s' % { 'metric': self.rule['MetricName'], 'data': data }) return watch_data = {'data': data, 'watch_rule_id': self.id} wd = watch_data_objects.WatchData.create(self.context, watch_data) LOG.debug('new watch:%(name)s data:%(data)s' % { 'name': self.name, 'data': str(wd.data) }) def state_set(self, state): """Persistently store the watch state.""" if state not in self.WATCH_STATES: raise ValueError(_("Invalid watch state %s") % state) self.state = state self.store() def set_watch_state(self, state): """Temporarily set the watch state. :returns: list of functions to be scheduled in the stack ThreadGroup for the specified state. """ if state not in self.WATCH_STATES: raise ValueError(_('Unknown watch state %s') % state) actions = [] if state != self.state: actions = self.rule_actions(state) if actions: LOG.debug("Overriding state %(self_state)s for watch " "%(name)s with %(state)s" % { 'self_state': self.state, 'name': self.name, 'state': state }) else: LOG.warn( _LW("Unable to override state %(state)s for " "watch %(name)s"), { 'state': self.state, 'name': self.name }) return actions
class Resource(object): # Status strings CREATE_IN_PROGRESS = 'IN_PROGRESS' CREATE_FAILED = 'CREATE_FAILED' CREATE_COMPLETE = 'CREATE_COMPLETE' DELETE_IN_PROGRESS = 'DELETE_IN_PROGRESS' DELETE_FAILED = 'DELETE_FAILED' DELETE_COMPLETE = 'DELETE_COMPLETE' UPDATE_IN_PROGRESS = 'UPDATE_IN_PROGRESS' UPDATE_FAILED = 'UPDATE_FAILED' UPDATE_COMPLETE = 'UPDATE_COMPLETE' # If True, this resource must be created before it can be referenced. strict_dependency = True created_time = timestamp.Timestamp(db_api.resource_get, 'created_at') updated_time = timestamp.Timestamp(db_api.resource_get, 'updated_at') metadata = Metadata() # Resource implementation set this to the subset of template keys # which are supported for handle_update, used by update_template_diff update_allowed_keys = () # Resource implementation set this to the subset of resource properties # supported for handle_update, used by update_template_diff_properties update_allowed_properties = () def __new__(cls, name, json, stack): '''Create a new Resource of the appropriate class for its type.''' if cls != Resource: # Call is already for a subclass, so pass it through return super(Resource, cls).__new__(cls) # Select the correct subclass to instantiate ResourceClass = get_class(json['Type']) return ResourceClass(name, json, stack) def __init__(self, name, json_snippet, stack): if '/' in name: raise ValueError(_('Resource name may not contain "/"')) self.stack = stack self.context = stack.context self.name = name self.json_snippet = json_snippet self.t = stack.resolve_static_data(json_snippet) self.cached_t = None self.properties = Properties(self.properties_schema, self.t.get('Properties', {}), self.stack.resolve_runtime_data, self.name) resource = db_api.resource_get_by_name_and_stack( self.context, name, stack.id) if resource: self.resource_id = resource.nova_instance self.state = resource.state self.state_description = resource.state_description self.id = resource.id else: self.resource_id = None self.state = None self.state_description = '' self.id = None def __eq__(self, other): '''Allow == comparison of two resources.''' # For the purposes of comparison, we declare two resource objects # equal if their names and parsed_templates are the same if isinstance(other, Resource): return (self.name == other.name) and (self.parsed_template() == other.parsed_template()) return NotImplemented def __ne__(self, other): '''Allow != comparison of two resources.''' result = self.__eq__(other) if result is NotImplemented: return result return not result def type(self): return self.t['Type'] def identifier(self): '''Return an identifier for this resource.''' return identifier.ResourceIdentifier(resource_name=self.name, **self.stack.identifier()) def parsed_template(self, section=None, default={}, cached=False): ''' Return the parsed template data for the resource. May be limited to only one section of the data, in which case a default value may also be supplied. ''' if cached and self.cached_t: t = self.cached_t else: t = self.t if section is None: template = t else: template = t.get(section, default) return self.stack.resolve_runtime_data(template) def cache_template(self): ''' make a cache of the resource's parsed template this can then be used via parsed_template(cached=True) ''' self.cached_t = self.stack.resolve_runtime_data(self.t) def update_template_diff(self, json_snippet=None): ''' Returns the difference between json_template and self.t If something has been removed in json_snippet which exists in self.t we set it to None. If any keys have changed which are not in update_allowed_keys, raises UpdateReplace if the differing keys are not in update_allowed_keys ''' update_allowed_set = set(self.update_allowed_keys) # Create a set containing the keys in both current and update template current_template = self.parsed_template(cached=True) template_keys = set(current_template.keys()) new_template = self.stack.resolve_runtime_data(json_snippet) template_keys.update(set(new_template.keys())) # Create a set of keys which differ (or are missing/added) changed_keys_set = set([ k for k in template_keys if current_template.get(k) != new_template.get(k) ]) if not changed_keys_set.issubset(update_allowed_set): badkeys = changed_keys_set - update_allowed_set raise UpdateReplace(self.name) return dict((k, new_template.get(k)) for k in changed_keys_set) def update_template_diff_properties(self, json_snippet=None): ''' Returns the changed Properties between json_template and self.t If a property has been removed in json_snippet which exists in self.t we set it to None. If any properties have changed which are not in update_allowed_properties, raises UpdateReplace if the modified properties are not in the update_allowed_properties ''' update_allowed_set = set(self.update_allowed_properties) # Create a set containing the keys in both current and update template tmpl = self.parsed_template(cached=True) current_properties = tmpl.get('Properties', {}) template_properties = set(current_properties.keys()) updated_properties = json_snippet.get('Properties', {}) template_properties.update(set(updated_properties.keys())) # Create a set of keys which differ (or are missing/added) changed_properties_set = set( k for k in template_properties if current_properties.get(k) != updated_properties.get(k)) if not changed_properties_set.issubset(update_allowed_set): raise UpdateReplace(self.name) return dict( (k, updated_properties.get(k)) for k in changed_properties_set) def __str__(self): return '%s "%s"' % (self.__class__.__name__, self.name) def _add_dependencies(self, deps, head, fragment): if isinstance(fragment, dict): for key, value in fragment.items(): if key in ('DependsOn', 'Ref', 'Fn::GetAtt'): if key == 'Fn::GetAtt': value, head = value try: target = self.stack.resources[value] except KeyError: raise exception.InvalidTemplateReference( resource=value, key=head) if key == 'DependsOn' or target.strict_dependency: deps += (self, target) else: self._add_dependencies(deps, key, value) elif isinstance(fragment, list): for item in fragment: self._add_dependencies(deps, head, item) def add_dependencies(self, deps): self._add_dependencies(deps, None, self.t) deps += (self, None) def keystone(self): return self.stack.clients.keystone() def nova(self, service_type='compute'): return self.stack.clients.nova(service_type) def swift(self): return self.stack.clients.swift() def quantum(self): return self.stack.clients.quantum() def cinder(self): return self.stack.clients.cinder() def create(self): ''' Create the resource. Subclasses should provide a handle_create() method to customise creation. ''' assert self.state is None, 'Resource create requested in invalid state' logger.info('creating %s' % str(self)) # Re-resolve the template, since if the resource Ref's # the AWS::StackId pseudo parameter, it will change after # the parser.Stack is stored (which is after the resources # are __init__'d, but before they are create()'d) self.t = self.stack.resolve_static_data(self.json_snippet) self.properties = Properties(self.properties_schema, self.t.get('Properties', {}), self.stack.resolve_runtime_data, self.name) try: self.properties.validate() self.state_set(self.CREATE_IN_PROGRESS) create_data = None if callable(getattr(self, 'handle_create', None)): create_data = self.handle_create() yield while not self.check_create_complete(create_data): yield except greenlet.GreenletExit: # Older versions of greenlet erroneously had GreenletExit inherit # from Exception instead of BaseException with excutils.save_and_reraise_exception(): try: self.state_set(self.CREATE_FAILED, 'Creation aborted') except Exception: logger.exception('Error marking resource as failed') except Exception as ex: logger.exception('create %s', str(self)) failure = exception.ResourceFailure(ex) self.state_set(self.CREATE_FAILED, str(failure)) raise failure except: with excutils.save_and_reraise_exception(): try: self.state_set(self.CREATE_FAILED, 'Creation aborted') except Exception: logger.exception('Error marking resource as failed') else: self.state_set(self.CREATE_COMPLETE) def check_create_complete(self, create_data): ''' Check if the resource is active (ready to move to the CREATE_COMPLETE state). By default this happens as soon as the handle_create() method has completed successfully, but subclasses may customise this by overriding this function. The return value of handle_create() is passed in to this function each time it is called. ''' return True def update(self, json_snippet=None): ''' update the resource. Subclasses should provide a handle_update() method to customise update, the base-class handle_update will fail by default. ''' assert json_snippet is not None, 'Must specify update json snippet' if self.state in (self.CREATE_IN_PROGRESS, self.UPDATE_IN_PROGRESS): raise exception.ResourceFailure( Exception('Resource update already requested')) logger.info('updating %s' % str(self)) try: self.state_set(self.UPDATE_IN_PROGRESS) properties = Properties(self.properties_schema, json_snippet.get('Properties', {}), self.stack.resolve_runtime_data, self.name) properties.validate() tmpl_diff = self.update_template_diff(json_snippet) prop_diff = self.update_template_diff_properties(json_snippet) if callable(getattr(self, 'handle_update', None)): result = self.handle_update(json_snippet, tmpl_diff, prop_diff) except UpdateReplace: logger.debug("Resource %s update requires replacement" % self.name) raise except Exception as ex: logger.exception('update %s : %s' % (str(self), str(ex))) failure = exception.ResourceFailure(ex) self.state_set(self.UPDATE_FAILED, str(failure)) raise failure else: self.t = self.stack.resolve_static_data(json_snippet) self.state_set(self.UPDATE_COMPLETE) def physical_resource_name(self): return '%s-%s' % (self.stack.name, self.name) def validate(self): logger.info('Validating %s' % str(self)) self.validate_deletion_policy(self.t) return self.properties.validate() @classmethod def validate_deletion_policy(cls, template): deletion_policy = template.get('DeletionPolicy', 'Delete') if deletion_policy not in ('Delete', 'Retain', 'Snapshot'): msg = 'Invalid DeletionPolicy %s' % deletion_policy raise exception.StackValidationFailed(message=msg) elif deletion_policy == 'Snapshot': if not callable(getattr(cls, 'handle_snapshot_delete', None)): msg = 'Snapshot DeletionPolicy not supported' raise exception.StackValidationFailed(message=msg) def delete(self): ''' Delete the resource. Subclasses should provide a handle_delete() method to customise deletion. ''' if self.state == self.DELETE_COMPLETE: return if self.state == self.DELETE_IN_PROGRESS: raise exception.Error('Resource deletion already in progress') # No need to delete if the resource has never been created if self.state is None: return initial_state = self.state logger.info('deleting %s' % str(self)) try: self.state_set(self.DELETE_IN_PROGRESS) deletion_policy = self.t.get('DeletionPolicy', 'Delete') if deletion_policy == 'Delete': if callable(getattr(self, 'handle_delete', None)): self.handle_delete() elif deletion_policy == 'Snapshot': if callable(getattr(self, 'handle_snapshot_delete', None)): self.handle_snapshot_delete(initial_state) except Exception as ex: logger.exception('Delete %s', str(self)) failure = exception.ResourceFailure(ex) self.state_set(self.DELETE_FAILED, str(failure)) raise failure except: with excutils.save_and_reraise_exception(): try: self.state_set(self.DELETE_FAILED, 'Deletion aborted') except Exception: logger.exception('Error marking resource deletion failed') else: self.state_set(self.DELETE_COMPLETE) def destroy(self): ''' Delete the resource and remove it from the database. ''' self.delete() if self.id is None: return try: db_api.resource_get(self.context, self.id).delete() except exception.NotFound: # Don't fail on delete if the db entry has # not been created yet. pass self.id = None def resource_id_set(self, inst): self.resource_id = inst if self.id is not None: try: rs = db_api.resource_get(self.context, self.id) rs.update_and_save({'nova_instance': self.resource_id}) except Exception as ex: logger.warn('db error %s' % str(ex)) def _store(self): '''Create the resource in the database.''' try: rs = { 'state': self.state, 'stack_id': self.stack.id, 'nova_instance': self.resource_id, 'name': self.name, 'rsrc_metadata': self.metadata, 'stack_name': self.stack.name } new_rs = db_api.resource_create(self.context, rs) self.id = new_rs.id self.stack.updated_time = datetime.utcnow() except Exception as ex: logger.error('DB error %s' % str(ex)) def _add_event(self, new_state, reason): '''Add a state change event to the database.''' ev = event.Event(self.context, self.stack, self, new_state, reason, self.resource_id, self.properties) try: ev.store() except Exception as ex: logger.error('DB error %s' % str(ex)) def _store_or_update(self, new_state, reason): self.state = new_state self.state_description = reason if self.id is not None: try: rs = db_api.resource_get(self.context, self.id) rs.update_and_save({ 'state': self.state, 'state_description': reason, 'nova_instance': self.resource_id }) self.stack.updated_time = datetime.utcnow() except Exception as ex: logger.error('DB error %s' % str(ex)) # store resource in DB on transition to CREATE_IN_PROGRESS # all other transistions (other than to DELETE_COMPLETE) # should be handled by the update_and_save above.. elif new_state == self.CREATE_IN_PROGRESS: self._store() def state_set(self, new_state, reason="state changed"): old_state = self.state self._store_or_update(new_state, reason) if new_state != old_state: self._add_event(new_state, reason) def FnGetRefId(self): ''' http://docs.amazonwebservices.com/AWSCloudFormation/latest/UserGuide/\ intrinsic-function-reference-ref.html ''' if self.resource_id is not None: return unicode(self.resource_id) else: return unicode(self.name) def FnGetAtt(self, key): ''' http://docs.amazonwebservices.com/AWSCloudFormation/latest/UserGuide/\ intrinsic-function-reference-getatt.html ''' return unicode(self.name) def FnBase64(self, data): ''' http://docs.amazonwebservices.com/AWSCloudFormation/latest/UserGuide/\ intrinsic-function-reference-base64.html ''' return base64.b64encode(data) def handle_update(self, json_snippet=None, tmpl_diff=None, prop_diff=None): raise UpdateReplace(self.name) def metadata_update(self, new_metadata=None): ''' No-op for resources which don't explicitly override this method ''' if new_metadata: logger.warning("Resource %s does not implement metadata update" % self.name)
class WatchRule(object): WATCH_STATES = (ALARM, NORMAL, NODATA) = ('ALARM', 'NORMAL', 'NODATA') ACTION_MAP = { ALARM: 'AlarmActions', NORMAL: 'OKActions', NODATA: 'InsufficientDataActions' } created_at = timestamp.Timestamp(db_api.watch_rule_get, 'created_at') updated_at = timestamp.Timestamp(db_api.watch_rule_get, 'updated_at') def __init__(self, context, watch_name, rule, stack_id=None, state=NORMAL, wid=None, watch_data=[], last_evaluated=timeutils.utcnow()): self.context = context self.now = timeutils.utcnow() self.name = watch_name self.state = state self.rule = rule self.stack_id = stack_id self.timeperiod = datetime.timedelta(seconds=int(rule['Period'])) self.id = wid self.watch_data = watch_data self.last_evaluated = last_evaluated @classmethod def load(cls, context, watch_name=None, watch=None): ''' Load the watchrule object, either by name or via an existing DB object ''' if watch == None: try: watch = db_api.watch_rule_get_by_name(context, watch_name) except Exception as ex: logger.warn('WatchRule.load (%s) db error %s' % (watch_name, str(ex))) if watch == None: raise AttributeError('Unknown watch name %s' % watch_name) else: return cls(context=context, watch_name=watch.name, rule=watch.rule, stack_id=watch.stack_id, state=watch.state, wid=watch.id, watch_data=watch.watch_data, last_evaluated=watch.last_evaluated) def store(self): ''' Store the watchrule in the database and return its ID If self.id is set, we update the existing rule ''' wr_values = { 'name': self.name, 'rule': self.rule, 'state': self.state, 'stack_id': self.stack_id } if not self.id: wr = db_api.watch_rule_create(self.context, wr_values) self.id = wr.id else: db_api.watch_rule_update(self.context, self.id, wr_values) def do_data_cmp(self, data, threshold): op = self.rule['ComparisonOperator'] if op == 'GreaterThanThreshold': return data > threshold elif op == 'GreaterThanOrEqualToThreshold': return data >= threshold elif op == 'LessThanThreshold': return data < threshold elif op == 'LessThanOrEqualToThreshold': return data <= threshold else: return False def do_Maximum(self): data = 0 have_data = False for d in self.watch_data: if d.created_at < self.now - self.timeperiod: continue if not have_data: data = float(d.data[self.rule['MetricName']]['Value']) have_data = True if float(d.data[self.rule['MetricName']]['Value']) > data: data = float(d.data[self.rule['MetricName']]['Value']) if not have_data: return self.NODATA if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def do_Minimum(self): data = 0 have_data = False for d in self.watch_data: if d.created_at < self.now - self.timeperiod: continue if not have_data: data = float(d.data[self.rule['MetricName']]['Value']) have_data = True elif float(d.data[self.rule['MetricName']]['Value']) < data: data = float(d.data[self.rule['MetricName']]['Value']) if not have_data: return self.NODATA if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def do_SampleCount(self): ''' count all samples within the specified period ''' data = 0 for d in self.watch_data: if d.created_at < self.now - self.timeperiod: continue data = data + 1 if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def do_Average(self): data = 0 samples = 0 for d in self.watch_data: if d.created_at < self.now - self.timeperiod: continue samples = samples + 1 data = data + float(d.data[self.rule['MetricName']]['Value']) if samples == 0: return self.NODATA data = data / samples if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def do_Sum(self): data = 0 for d in self.watch_data: if d.created_at < self.now - self.timeperiod: logger.debug('ignoring %s' % str(d.data)) continue data = data + float(d.data[self.rule['MetricName']]['Value']) if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def get_alarm_state(self): fn = getattr(self, 'do_%s' % self.rule['Statistic']) return fn() def evaluate(self): # has enough time progressed to run the rule self.now = timeutils.utcnow() if self.now < (self.last_evaluated + self.timeperiod): return self.run_rule() def run_rule(self): new_state = self.get_alarm_state() if new_state != self.state: if self.rule_action(new_state): self.state = new_state self.last_evaluated = self.now self.store() def rule_action(self, new_state): logger.warn('WATCH: stack:%s, watch_name:%s %s', self.stack_id, self.name, new_state) actioned = False if not self.ACTION_MAP[new_state] in self.rule: logger.info('no action for new state %s', new_state) actioned = True else: s = db_api.stack_get(self.context, self.stack_id) if s and s.status in (parser.Stack.CREATE_COMPLETE, parser.Stack.UPDATE_COMPLETE): stack = parser.Stack.load(self.context, stack=s) for a in self.rule[self.ACTION_MAP[new_state]]: greenpool.spawn_n(stack[a].alarm) actioned = True else: logger.warning("Could not process watch state %s for stack" % new_state) return actioned def create_watch_data(self, data): if not self.rule['MetricName'] in data: logger.warn('new data has incorrect metric:%s' % (self.rule['MetricName'])) raise AttributeError('MetricName %s missing' % self.rule['MetricName']) watch_data = {'data': data, 'watch_rule_id': self.id} wd = db_api.watch_data_create(None, watch_data) logger.debug('new watch:%s data:%s' % (self.name, str(wd.data))) if self.rule['Statistic'] == 'SampleCount': self.run_rule() def set_watch_state(self, state): ''' Temporarily set the watch state ''' if state not in self.WATCH_STATES: raise AttributeError('Unknown watch state %s' % state) if state != self.state: if self.rule_action(state): logger.debug("Overriding state %s for watch %s with %s" % (self.state, self.name, state)) else: logger.warning("Unable to override state %s for watch %s" % (self.state, self.name))
class Resource(object): ACTIONS = (INIT, CREATE, DELETE, UPDATE, ROLLBACK, SUSPEND, RESUME, ADOPT) = ('INIT', 'CREATE', 'DELETE', 'UPDATE', 'ROLLBACK', 'SUSPEND', 'RESUME', 'ADOPT') STATUSES = (IN_PROGRESS, FAILED, COMPLETE) = ('IN_PROGRESS', 'FAILED', 'COMPLETE') # If True, this resource must be created before it can be referenced. strict_dependency = True created_time = timestamp.Timestamp(db_api.resource_get, 'created_at') updated_time = timestamp.Timestamp(db_api.resource_get, 'updated_at') _metadata = Metadata() # Resource implementation set this to the subset of template keys # which are supported for handle_update, used by update_template_diff update_allowed_keys = () # Resource implementation set this to the subset of resource properties # supported for handle_update, used by update_template_diff_properties update_allowed_properties = () # Resource implementations set this to the name: description dictionary # that describes the appropriate resource attributes attributes_schema = {} # If True, this resource may perform authenticated API requests # throughout its lifecycle requires_deferred_auth = False # Limit to apply to physical_resource_name() size reduction algorithm. # If set to None no limit will be applied. physical_resource_name_limit = 255 support_status = SupportStatus() def __new__(cls, name, json, stack): '''Create a new Resource of the appropriate class for its type.''' if cls != Resource: # Call is already for a subclass, so pass it through return super(Resource, cls).__new__(cls) # Select the correct subclass to instantiate ResourceClass = stack.env.get_class(json.get('Type'), resource_name=name) return ResourceClass(name, json, stack) def __init__(self, name, json_snippet, stack): if '/' in name: raise ValueError(_('Resource name may not contain "/"')) self.stack = stack self.context = stack.context self.name = name self.json_snippet = json_snippet self.t = stack.resolve_static_data(json_snippet) self.properties = Properties(self.properties_schema, self.t.get('Properties', {}), self._resolve_runtime_data, self.name) self.attributes = Attributes(self.name, self.attributes_schema, self._resolve_attribute) if stack.id: resource = db_api.resource_get_by_name_and_stack( self.context, name, stack.id) else: resource = None if resource: self.resource_id = resource.nova_instance self.action = resource.action self.status = resource.status self.status_reason = resource.status_reason self.id = resource.id self.data = resource.data else: self.resource_id = None # if the stack is being deleted, assume we've already been deleted if stack.action == stack.DELETE: self.action = self.DELETE else: self.action = self.INIT self.status = self.COMPLETE self.status_reason = '' self.id = None self.data = [] def __eq__(self, other): '''Allow == comparison of two resources.''' # For the purposes of comparison, we declare two resource objects # equal if their names and parsed_templates are the same if isinstance(other, Resource): return (self.name == other.name) and (self.parsed_template() == other.parsed_template()) return NotImplemented def __ne__(self, other): '''Allow != comparison of two resources.''' result = self.__eq__(other) if result is NotImplemented: return result return not result @property def metadata(self): return self._metadata @metadata.setter def metadata(self, metadata): self._metadata = metadata def type(self): return self.t['Type'] def _resolve_runtime_data(self, snippet): return self.stack.resolve_runtime_data(snippet) def has_interface(self, resource_type): """Check to see if this resource is either mapped to resource_type or is a "resource_type". """ if self.type() == resource_type: return True ri = self.stack.env.get_resource_info(self.type(), self.name) return ri.name == resource_type def implementation_signature(self): ''' Return a tuple defining the implementation. This should be broken down into a definition and an implementation version. ''' return (self.__class__.__name__, self.support_status.version) def identifier(self): '''Return an identifier for this resource.''' return identifier.ResourceIdentifier(resource_name=self.name, **self.stack.identifier()) def parsed_template(self, section=None, default={}): ''' Return the parsed template data for the resource. May be limited to only one section of the data, in which case a default value may also be supplied. ''' if section is None: template = self.t else: template = self.t.get(section, default) return self._resolve_runtime_data(template) def update_template_diff(self, after, before): ''' Returns the difference between the before and after json snippets. If something has been removed in after which exists in before we set it to None. If any keys have changed which are not in update_allowed_keys, raises UpdateReplace if the differing keys are not in update_allowed_keys ''' update_allowed_set = set(self.update_allowed_keys) # Create a set containing the keys in both current and update template template_keys = set(before.keys()) template_keys.update(set(after.keys())) # Create a set of keys which differ (or are missing/added) changed_keys_set = set( [k for k in template_keys if before.get(k) != after.get(k)]) if not changed_keys_set.issubset(update_allowed_set): raise UpdateReplace(self.name) return dict((k, after.get(k)) for k in changed_keys_set) def update_template_diff_properties(self, after, before): ''' Returns the changed Properties between the before and after json snippets. If a property has been removed in after which exists in before we set it to None. If any properties have changed which are not in update_allowed_properties, raises UpdateReplace if the modified properties are not in the update_allowed_properties ''' update_allowed_set = set(self.update_allowed_properties) for (psk, psv) in self.properties.props.iteritems(): if psv.update_allowed(): update_allowed_set.add(psk) # Create a set containing the keys in both current and update template current_properties = before.get('Properties', {}) template_properties = set(current_properties.keys()) updated_properties = after.get('Properties', {}) template_properties.update(set(updated_properties.keys())) # Create a set of keys which differ (or are missing/added) changed_properties_set = set( k for k in template_properties if current_properties.get(k) != updated_properties.get(k)) if not changed_properties_set.issubset(update_allowed_set): raise UpdateReplace(self.name) return dict( (k, updated_properties.get(k)) for k in changed_properties_set) def __str__(self): if self.stack.id: if self.resource_id: return '%s "%s" [%s] %s' % (self.__class__.__name__, self.name, self.resource_id, str(self.stack)) return '%s "%s" %s' % (self.__class__.__name__, self.name, str(self.stack)) return '%s "%s"' % (self.__class__.__name__, self.name) def _add_dependencies(self, deps, path, fragment): if isinstance(fragment, dict): for key, value in fragment.items(): if key in ('DependsOn', 'Ref', 'Fn::GetAtt', 'get_attr', 'get_resource'): if key in ('Fn::GetAtt', 'get_attr'): res_name = value[0] res_list = [res_name] elif key == 'DependsOn' and isinstance(value, list): res_list = value else: res_list = [value] for res in res_list: try: target = self.stack[res] except KeyError: raise exception.InvalidTemplateReference( resource=res, key=path) if key == 'DependsOn' or target.strict_dependency: deps += (self, target) else: self._add_dependencies(deps, '%s.%s' % (path, key), value) elif isinstance(fragment, list): for index, item in enumerate(fragment): self._add_dependencies(deps, '%s[%d]' % (path, index), item) def add_dependencies(self, deps): self._add_dependencies(deps, self.name, self.t) deps += (self, None) def required_by(self): ''' Returns a list of names of resources which directly require this resource as a dependency. ''' return list( [r.name for r in self.stack.dependencies.required_by(self)]) def keystone(self): return self.stack.clients.keystone() def nova(self, service_type='compute'): return self.stack.clients.nova(service_type) def swift(self): return self.stack.clients.swift() def neutron(self): return self.stack.clients.neutron() def cinder(self): return self.stack.clients.cinder() def trove(self): return self.stack.clients.trove() def ceilometer(self): return self.stack.clients.ceilometer() def heat(self): return self.stack.clients.heat() def _do_action(self, action, pre_func=None, resource_data=None): ''' Perform a transition to a new state via a specified action action should be e.g self.CREATE, self.UPDATE etc, we set status based on this, the transistion is handled by calling the corresponding handle_* and check_*_complete functions Note pre_func is an optional function reference which will be called before the handle_<action> function If the resource does not declare a check_$action_complete function, we declare COMPLETE status as soon as the handle_$action call has finished, and if no handle_$action function is declared, then we do nothing, useful e.g if the resource requires no action for a given state transition ''' assert action in self.ACTIONS, 'Invalid action %s' % action try: self.state_set(action, self.IN_PROGRESS) action_l = action.lower() handle = getattr(self, 'handle_%s' % action_l, None) check = getattr(self, 'check_%s_complete' % action_l, None) if callable(pre_func): pre_func() handle_data = None if callable(handle): handle_data = (handle(resource_data) if resource_data else handle()) yield if callable(check): while not check(handle_data): yield except Exception as ex: logger.exception('%s : %s' % (action, str(self))) failure = exception.ResourceFailure(ex, self, action) self.state_set(action, self.FAILED, str(failure)) raise failure except: with excutils.save_and_reraise_exception(): try: self.state_set(action, self.FAILED, '%s aborted' % action) except Exception: logger.exception(_('Error marking resource as failed')) else: self.state_set(action, self.COMPLETE) def create(self): ''' Create the resource. Subclasses should provide a handle_create() method to customise creation. ''' action = self.CREATE if (self.action, self.status) != (self.INIT, self.COMPLETE): exc = exception.Error( _('State %s invalid for create') % str(self.state)) raise exception.ResourceFailure(exc, self, action) logger.info('creating %s' % str(self)) # Re-resolve the template, since if the resource Ref's # the StackId pseudo parameter, it will change after # the parser.Stack is stored (which is after the resources # are __init__'d, but before they are create()'d) self.t = self.stack.resolve_static_data(self.json_snippet) self.properties = Properties(self.properties_schema, self.t.get('Properties', {}), self._resolve_runtime_data, self.name) return self._do_action(action, self.properties.validate) def set_deletion_policy(self, policy): self.t['DeletionPolicy'] = policy def get_abandon_data(self): return { 'name': self.name, 'resource_id': self.resource_id, 'type': self.type(), 'action': self.action, 'status': self.status, 'metadata': self.metadata, 'resource_data': dict((r.key, r.value) for r in db_api.resource_data_get_all(self)) } def adopt(self, resource_data): ''' Adopt the existing resource. Resource subclasses can provide a handle_adopt() method to customise adopt. ''' return self._do_action(self.ADOPT, resource_data=resource_data) def handle_adopt(self, resource_data=None): resource_id, data, metadata = self._get_resource_info(resource_data) if not resource_id: exc = Exception(_('Resource ID was not provided.')) failure = exception.ResourceFailure(exc, self) raise failure # set resource id self.resource_id_set(resource_id) # save the resource data if data and isinstance(data, dict): for key, value in data.iteritems(): db_api.resource_data_set(self, key, value) # save the resource metadata self.metadata = metadata def _get_resource_info(self, resource_data): if not resource_data: return None, None, None return (resource_data.get('resource_id'), resource_data.get('resource_data'), resource_data.get('metadata')) def update(self, after, before=None, prev_resource=None): ''' update the resource. Subclasses should provide a handle_update() method to customise update, the base-class handle_update will fail by default. ''' action = self.UPDATE (cur_class_def, cur_ver) = self.implementation_signature() prev_ver = cur_ver if prev_resource is not None: (prev_class_def, prev_ver) = prev_resource.implementation_signature() if prev_class_def != cur_class_def: raise UpdateReplace(self.name) if before is None: before = self.parsed_template() if prev_ver == cur_ver and before == after: return if (self.action, self.status) in ((self.CREATE, self.IN_PROGRESS), (self.UPDATE, self.IN_PROGRESS), (self.ADOPT, self.IN_PROGRESS)): exc = Exception(_('Resource update already requested')) raise exception.ResourceFailure(exc, self, action) logger.info('updating %s' % str(self)) try: self.state_set(action, self.IN_PROGRESS) properties = Properties(self.properties_schema, after.get('Properties', {}), self._resolve_runtime_data, self.name) properties.validate() tmpl_diff = self.update_template_diff(after, before) prop_diff = self.update_template_diff_properties(after, before) if callable(getattr(self, 'handle_update', None)): handle_data = self.handle_update(after, tmpl_diff, prop_diff) yield if callable(getattr(self, 'check_update_complete', None)): while not self.check_update_complete(handle_data): yield except UpdateReplace: with excutils.save_and_reraise_exception(): logger.debug( _("Resource %s update requires replacement") % self.name) except Exception as ex: logger.exception('update %s : %s' % (str(self), str(ex))) failure = exception.ResourceFailure(ex, self, action) self.state_set(action, self.FAILED, str(failure)) raise failure else: self.t = self.stack.resolve_static_data(after) self.state_set(action, self.COMPLETE) def suspend(self): ''' Suspend the resource. Subclasses should provide a handle_suspend() method to implement suspend ''' action = self.SUSPEND # Don't try to suspend the resource unless it's in a stable state if (self.action == self.DELETE or self.status != self.COMPLETE): exc = exception.Error( _('State %s invalid for suspend') % str(self.state)) raise exception.ResourceFailure(exc, self, action) logger.info(_('suspending %s') % str(self)) return self._do_action(action) def resume(self): ''' Resume the resource. Subclasses should provide a handle_resume() method to implement resume ''' action = self.RESUME # Can't resume a resource unless it's SUSPEND_COMPLETE if self.state != (self.SUSPEND, self.COMPLETE): exc = exception.Error( _('State %s invalid for resume') % str(self.state)) raise exception.ResourceFailure(exc, self, action) logger.info(_('resuming %s') % str(self)) return self._do_action(action) def physical_resource_name(self): if self.id is None: return None name = '%s-%s-%s' % (self.stack.name, self.name, short_id.get_id(self.id)) if self.physical_resource_name_limit: name = self.reduce_physical_resource_name( name, self.physical_resource_name_limit) return name @staticmethod def reduce_physical_resource_name(name, limit): ''' Reduce length of physical resource name to a limit. The reduced name will consist of the following: * the first 2 characters of the name * a hyphen * the end of the name, truncated on the left to bring the name length within the limit :param name: The name to reduce the length of :param limit: The max length limit :returns: A name whose length is less than or equal to the limit ''' if len(name) <= limit: return name if limit < 4: raise ValueError(_('limit cannot be less than 4')) postfix_length = limit - 3 return name[0:2] + '-' + name[-postfix_length:] def validate(self): logger.info(_('Validating %s') % str(self)) self.validate_deletion_policy(self.t) return self.properties.validate() @classmethod def validate_deletion_policy(cls, template): deletion_policy = template.get('DeletionPolicy', DELETE) if deletion_policy not in DELETION_POLICY: msg = _('Invalid DeletionPolicy %s') % deletion_policy raise exception.StackValidationFailed(message=msg) elif deletion_policy == SNAPSHOT: if not callable(getattr(cls, 'handle_snapshot_delete', None)): msg = _('Snapshot DeletionPolicy not supported') raise exception.StackValidationFailed(message=msg) def delete(self): ''' Delete the resource. Subclasses should provide a handle_delete() method to customise deletion. ''' action = self.DELETE if (self.action, self.status) == (self.DELETE, self.COMPLETE): return # No need to delete if the resource has never been created if self.action == self.INIT: return initial_state = self.state logger.info(_('deleting %s') % str(self)) try: self.state_set(action, self.IN_PROGRESS) deletion_policy = self.t.get('DeletionPolicy', DELETE) handle_data = None if deletion_policy == DELETE: if callable(getattr(self, 'handle_delete', None)): handle_data = self.handle_delete() yield elif deletion_policy == SNAPSHOT: if callable(getattr(self, 'handle_snapshot_delete', None)): handle_data = self.handle_snapshot_delete(initial_state) yield if (deletion_policy != RETAIN and callable( getattr(self, 'check_delete_complete', None))): while not self.check_delete_complete(handle_data): yield except Exception as ex: logger.exception(_('Delete %s'), str(self)) failure = exception.ResourceFailure(ex, self, self.action) self.state_set(action, self.FAILED, str(failure)) raise failure except: with excutils.save_and_reraise_exception(): try: self.state_set(action, self.FAILED, 'Deletion aborted') except Exception: logger.exception( _('Error marking resource deletion ' 'failed')) else: self.state_set(action, self.COMPLETE) @scheduler.wrappertask def destroy(self): ''' Delete the resource and remove it from the database. ''' yield self.delete() if self.id is None: return try: db_api.resource_get(self.context, self.id).delete() except exception.NotFound: # Don't fail on delete if the db entry has # not been created yet. pass self.id = None def resource_id_set(self, inst): self.resource_id = inst if self.id is not None: try: rs = db_api.resource_get(self.context, self.id) rs.update_and_save({'nova_instance': self.resource_id}) except Exception as ex: logger.warn(_('db error %s') % str(ex)) def _store(self): '''Create the resource in the database.''' metadata = self.metadata try: rs = { 'action': self.action, 'status': self.status, 'status_reason': self.status_reason, 'stack_id': self.stack.id, 'nova_instance': self.resource_id, 'name': self.name, 'rsrc_metadata': metadata, 'stack_name': self.stack.name } new_rs = db_api.resource_create(self.context, rs) self.id = new_rs.id self.stack.updated_time = datetime.utcnow() except Exception as ex: logger.error(_('DB error %s') % str(ex)) def _add_event(self, action, status, reason): '''Add a state change event to the database.''' ev = event.Event(self.context, self.stack, action, status, reason, self.resource_id, self.properties, self.name, self.type()) try: ev.store() except Exception as ex: logger.error(_('DB error %s') % str(ex)) def _store_or_update(self, action, status, reason): self.action = action self.status = status self.status_reason = reason if self.id is not None: try: rs = db_api.resource_get(self.context, self.id) rs.update_and_save({ 'action': self.action, 'status': self.status, 'status_reason': reason, 'stack_id': self.stack.id, 'nova_instance': self.resource_id }) self.stack.updated_time = datetime.utcnow() except Exception as ex: logger.error(_('DB error %s') % str(ex)) # store resource in DB on transition to CREATE_IN_PROGRESS # all other transistions (other than to DELETE_COMPLETE) # should be handled by the update_and_save above.. elif (action, status) in [(self.CREATE, self.IN_PROGRESS), (self.ADOPT, self.IN_PROGRESS)]: self._store() def _resolve_attribute(self, name): """ Default implementation; should be overridden by resources that expose attributes :param name: The attribute to resolve :returns: the resource attribute named key """ # By default, no attributes resolve pass def state_reset(self): """ Reset state to (INIT, COMPLETE) """ self.action = self.INIT self.status = self.COMPLETE def state_set(self, action, status, reason="state changed"): if action not in self.ACTIONS: raise ValueError(_("Invalid action %s") % action) if status not in self.STATUSES: raise ValueError(_("Invalid status %s") % status) old_state = (self.action, self.status) new_state = (action, status) self._store_or_update(action, status, reason) if new_state != old_state: self._add_event(action, status, reason) @property def state(self): '''Returns state, tuple of action, status.''' return (self.action, self.status) def FnGetRefId(self): ''' For the intrinsic function Ref. :results: the id or name of the resource. ''' if self.resource_id is not None: return unicode(self.resource_id) else: return unicode(self.name) def FnGetAtt(self, key): ''' For the intrinsic function Fn::GetAtt. :param key: the attribute key. :returns: the attribute value. ''' try: return self.attributes[key] except KeyError: raise exception.InvalidTemplateAttribute(resource=self.name, key=key) def FnBase64(self, data): ''' For the instrinsic function Fn::Base64. :param data: the input data. :returns: the Base64 representation of the input data. ''' return base64.b64encode(data) def signal(self, details=None): ''' signal the resource. Subclasses should provide a handle_signal() method to implement the signal, the base-class raise an exception if no handler is implemented. ''' def get_string_details(): if details is None: return 'No signal details provided' if isinstance(details, basestring): return details if isinstance(details, dict): if all(k in details for k in ('previous', 'current', 'reason')): # this is from Ceilometer. auto = '%(previous)s to %(current)s (%(reason)s)' % details return 'alarm state changed from %s' % auto elif 'state' in details: # this is from watchrule return 'alarm state changed to %(state)s' % details return 'Unknown' try: if self.action in (self.SUSPEND, self.DELETE): msg = _('Cannot signal resource during %s') % self.action raise Exception(msg) if not callable(getattr(self, 'handle_signal', None)): msg = (_('Resource %s is not able to receive a signal') % str(self)) raise Exception(msg) self._add_event('signal', self.status, get_string_details()) self.handle_signal(details) except Exception as ex: logger.exception( _('signal %(name)s : %(msg)s') % { 'name': str(self), 'msg': str(ex) }) failure = exception.ResourceFailure(ex, self) raise failure def handle_update(self, json_snippet=None, tmpl_diff=None, prop_diff=None): raise UpdateReplace(self.name) def metadata_update(self, new_metadata=None): ''' No-op for resources which don't explicitly override this method ''' if new_metadata: logger.warning( _("Resource %s does not implement metadata update") % self.name) @classmethod def resource_to_template(cls, resource_type): ''' :param resource_type: The resource type to be displayed in the template :returns: A template where the resource's properties_schema is mapped as parameters, and the resource's attributes_schema is mapped as outputs ''' (parameters, properties) = (Properties.schema_to_parameters_and_properties( cls.properties_schema)) resource_name = cls.__name__ return { 'HeatTemplateFormatVersion': '2012-12-12', 'Parameters': parameters, 'Resources': { resource_name: { 'Type': resource_type, 'Properties': properties } }, 'Outputs': Attributes.as_outputs(resource_name, cls) }
class WatchRule(object): WATCH_STATES = ( ALARM, NORMAL, NODATA ) = ( rpc_api.WATCH_STATE_ALARM, rpc_api.WATCH_STATE_OK, rpc_api.WATCH_STATE_NODATA ) ACTION_MAP = {ALARM: 'AlarmActions', NORMAL: 'OKActions', NODATA: 'InsufficientDataActions'} created_at = timestamp.Timestamp(db_api.watch_rule_get, 'created_at') updated_at = timestamp.Timestamp(db_api.watch_rule_get, 'updated_at') def __init__(self, context, watch_name, rule, stack_id=None, state=NODATA, wid=None, watch_data=[], last_evaluated=timeutils.utcnow()): self.context = context self.now = timeutils.utcnow() self.name = watch_name self.state = state self.rule = rule self.stack_id = stack_id self.timeperiod = datetime.timedelta(seconds=int(rule['Period'])) self.id = wid self.watch_data = watch_data self.last_evaluated = last_evaluated @classmethod def load(cls, context, watch_name=None, watch=None): ''' Load the watchrule object, either by name or via an existing DB object ''' if watch is None: try: watch = db_api.watch_rule_get_by_name(context, watch_name) except Exception as ex: logger.warn('WatchRule.load (%s) db error %s' % (watch_name, str(ex))) if watch is None: raise exception.WatchRuleNotFound(watch_name=watch_name) else: return cls(context=context, watch_name=watch.name, rule=watch.rule, stack_id=watch.stack_id, state=watch.state, wid=watch.id, watch_data=watch.watch_data, last_evaluated=watch.last_evaluated) def store(self): ''' Store the watchrule in the database and return its ID If self.id is set, we update the existing rule ''' wr_values = { 'name': self.name, 'rule': self.rule, 'state': self.state, 'stack_id': self.stack_id } if not self.id: wr = db_api.watch_rule_create(self.context, wr_values) self.id = wr.id else: db_api.watch_rule_update(self.context, self.id, wr_values) def do_data_cmp(self, data, threshold): op = self.rule['ComparisonOperator'] if op == 'GreaterThanThreshold': return data > threshold elif op == 'GreaterThanOrEqualToThreshold': return data >= threshold elif op == 'LessThanThreshold': return data < threshold elif op == 'LessThanOrEqualToThreshold': return data <= threshold else: return False def do_Maximum(self): data = 0 have_data = False for d in self.watch_data: if d.created_at < self.now - self.timeperiod: continue if not have_data: data = float(d.data[self.rule['MetricName']]['Value']) have_data = True if float(d.data[self.rule['MetricName']]['Value']) > data: data = float(d.data[self.rule['MetricName']]['Value']) if not have_data: return self.NODATA if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def do_Minimum(self): data = 0 have_data = False for d in self.watch_data: if d.created_at < self.now - self.timeperiod: continue if not have_data: data = float(d.data[self.rule['MetricName']]['Value']) have_data = True elif float(d.data[self.rule['MetricName']]['Value']) < data: data = float(d.data[self.rule['MetricName']]['Value']) if not have_data: return self.NODATA if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def do_SampleCount(self): ''' count all samples within the specified period ''' data = 0 for d in self.watch_data: if d.created_at < self.now - self.timeperiod: continue data = data + 1 if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def do_Average(self): data = 0 samples = 0 for d in self.watch_data: if d.created_at < self.now - self.timeperiod: continue samples = samples + 1 data = data + float(d.data[self.rule['MetricName']]['Value']) if samples == 0: return self.NODATA data = data / samples if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def do_Sum(self): data = 0 for d in self.watch_data: if d.created_at < self.now - self.timeperiod: logger.debug('ignoring %s' % str(d.data)) continue data = data + float(d.data[self.rule['MetricName']]['Value']) if self.do_data_cmp(data, float(self.rule['Threshold'])): return self.ALARM else: return self.NORMAL def get_alarm_state(self): fn = getattr(self, 'do_%s' % self.rule['Statistic']) return fn() def evaluate(self): # has enough time progressed to run the rule self.now = timeutils.utcnow() if self.now < (self.last_evaluated + self.timeperiod): return [] return self.run_rule() def run_rule(self): new_state = self.get_alarm_state() actions = [] if new_state != self.state: actions = self.rule_actions(new_state) self.state = new_state self.last_evaluated = self.now self.store() return actions def rule_actions(self, new_state): logger.info('WATCH: stack:%s, watch_name:%s %s', self.stack_id, self.name, new_state) actions = [] if self.ACTION_MAP[new_state] not in self.rule: logger.info('no action for new state %s', new_state) else: s = db_api.stack_get(self.context, self.stack_id) if s and s.status in (parser.Stack.CREATE_COMPLETE, parser.Stack.UPDATE_COMPLETE): stack = parser.Stack.load(self.context, stack=s) for a in self.rule[self.ACTION_MAP[new_state]]: actions.append(stack[a].alarm) else: logger.warning("Could not process watch state %s for stack" % new_state) return actions def create_watch_data(self, data): if self.rule['MetricName'] not in data: # Our simplified cloudwatch implementation only expects a single # Metric associated with each alarm, but some cfn-push-stats # options, e.g --haproxy try to push multiple metrics when we # actually only care about one (the one we're alarming on) # so just ignore any data which doesn't contain MetricName logger.debug('Ignoring metric data (only accept %s) : %s' % (self.rule['MetricName'], data)) return watch_data = { 'data': data, 'watch_rule_id': self.id } wd = db_api.watch_data_create(None, watch_data) logger.debug('new watch:%s data:%s' % (self.name, str(wd.data))) def set_watch_state(self, state): ''' Temporarily set the watch state, returns list of functions to be scheduled in the stack ThreadGroup for the specified state ''' if state not in self.WATCH_STATES: raise ValueError('Unknown watch state %s' % state) actions = [] if state != self.state: actions = self.rule_actions(state) if actions: logger.debug("Overriding state %s for watch %s with %s" % (self.state, self.name, state)) else: logger.warning("Unable to override state %s for watch %s" % (self.state, self.name)) return actions
class Stack(object): ACTIONS = (CREATE, DELETE, UPDATE, ROLLBACK, SUSPEND, RESUME) = ('CREATE', 'DELETE', 'UPDATE', 'ROLLBACK', 'SUSPEND', 'RESUME') STATUSES = (IN_PROGRESS, FAILED, COMPLETE) = ('IN_PROGRESS', 'FAILED', 'COMPLETE') created_time = timestamp.Timestamp( functools.partial(db_api.stack_get, show_deleted=True), 'created_at') updated_time = timestamp.Timestamp( functools.partial(db_api.stack_get, show_deleted=True), 'updated_at') _zones = None def __init__(self, context, stack_name, tmpl, env=None, stack_id=None, action=None, status=None, status_reason='', timeout_mins=60, resolve_data=True, disable_rollback=True, parent_resource=None, owner_id=None): ''' Initialise from a context, name, Template object and (optionally) Environment object. The database ID may also be initialised, if the stack is already in the database. ''' if re.match("[a-zA-Z][a-zA-Z0-9_.-]*$", stack_name) is None: raise ValueError( _('Invalid stack name %s' ' must contain only alphanumeric or ' '\"_-.\" characters, must start with alpha') % stack_name) self.id = stack_id self.owner_id = owner_id self.context = context self.clients = Clients(context) self.t = tmpl self.name = stack_name self.action = action self.status = status self.status_reason = status_reason self.timeout_mins = timeout_mins self.disable_rollback = disable_rollback self.parent_resource = parent_resource resources.initialise() self.env = env or environment.Environment({}) self.parameters = Parameters(self.name, self.t, user_params=self.env.params) self._set_param_stackid() if resolve_data: self.outputs = self.resolve_static_data(self.t[template.OUTPUTS]) else: self.outputs = {} template_resources = self.t[template.RESOURCES] self.resources = dict((name, resource.Resource(name, data, self)) for (name, data) in template_resources.items()) self.dependencies = self._get_dependencies(self.resources.itervalues()) def _set_param_stackid(self): ''' Update self.parameters with the current ARN which is then provided via the Parameters class as the AWS::StackId pseudo parameter ''' # This can fail if constructor called without a valid context, # as it is in many tests try: stack_arn = self.identifier().arn() except (AttributeError, ValueError, TypeError): logger.warning("Unable to set parameters StackId identifier") else: self.parameters.set_stack_id(stack_arn) @staticmethod def _get_dependencies(resources): '''Return the dependency graph for a list of resources.''' deps = dependencies.Dependencies() for resource in resources: resource.add_dependencies(deps) return deps @classmethod def load(cls, context, stack_id=None, stack=None, resolve_data=True, parent_resource=None, show_deleted=True): '''Retrieve a Stack from the database.''' if stack is None: stack = db_api.stack_get(context, stack_id, show_deleted=show_deleted) if stack is None: message = 'No stack exists with id "%s"' % str(stack_id) raise exception.NotFound(message) template = Template.load(context, stack.raw_template_id) env = environment.Environment(stack.parameters) stack = cls(context, stack.name, template, env, stack.id, stack.action, stack.status, stack.status_reason, stack.timeout, resolve_data, stack.disable_rollback, parent_resource, owner_id=stack.owner_id) return stack def store(self): ''' Store the stack in the database and return its ID If self.id is set, we update the existing stack ''' new_creds = db_api.user_creds_create(self.context) s = { 'name': self.name, 'raw_template_id': self.t.store(self.context), 'parameters': self.env.user_env_as_dict(), 'owner_id': self.owner_id, 'user_creds_id': new_creds.id, 'username': self.context.username, 'tenant': self.context.tenant_id, 'action': self.action, 'status': self.status, 'status_reason': self.status_reason, 'timeout': self.timeout_mins, 'disable_rollback': self.disable_rollback, } if self.id: db_api.stack_update(self.context, self.id, s) else: new_s = db_api.stack_create(self.context, s) self.id = new_s.id self._set_param_stackid() return self.id def identifier(self): ''' Return an identifier for this stack. ''' return identifier.HeatIdentifier(self.context.tenant_id, self.name, self.id) def __iter__(self): ''' Return an iterator over this template's resources in the order that they should be started. ''' return iter(self.dependencies) def __reversed__(self): ''' Return an iterator over this template's resources in the order that they should be stopped. ''' return reversed(self.dependencies) def __len__(self): '''Return the number of resources.''' return len(self.resources) def __getitem__(self, key): '''Get the resource with the specified name.''' return self.resources[key] def __setitem__(self, key, value): '''Set the resource with the specified name to a specific value.''' self.resources[key] = value def __contains__(self, key): '''Determine whether the stack contains the specified resource.''' return key in self.resources def keys(self): '''Return a list of resource keys for the stack.''' return self.resources.keys() def __str__(self): '''Return a human-readable string representation of the stack.''' return 'Stack "%s"' % self.name def resource_by_refid(self, refid): ''' Return the resource in this stack with the specified refid, or None if not found ''' for r in self.resources.values(): if r.state in ((r.CREATE, r.IN_PROGRESS), (r.CREATE, r.COMPLETE), (r.UPDATE, r.IN_PROGRESS), (r.UPDATE, r.COMPLETE)) and r.FnGetRefId() == refid: return r def validate(self): ''' http://docs.amazonwebservices.com/AWSCloudFormation/latest/\ APIReference/API_ValidateTemplate.html ''' # TODO(sdake) Should return line number of invalid reference # Check duplicate names between parameters and resources dup_names = set(self.parameters.keys()) & set(self.resources.keys()) if dup_names: logger.debug("Duplicate names %s" % dup_names) raise StackValidationFailed(message="Duplicate names %s" % dup_names) for res in self: try: result = res.validate() except ServerError as ex: logger.exception(ex) raise ex except Exception as ex: logger.exception(ex) raise StackValidationFailed(message=str(ex)) if result: raise StackValidationFailed(message=result) def state_set(self, action, status, reason): '''Update the stack state in the database.''' if action not in self.ACTIONS: raise ValueError("Invalid action %s" % action) if status not in self.STATUSES: raise ValueError("Invalid status %s" % status) self.action = action self.status = status self.status_reason = reason if self.id is None: return stack = db_api.stack_get(self.context, self.id) stack.update_and_save({ 'action': action, 'status': status, 'status_reason': reason }) @property def state(self): '''Returns state, tuple of action, status.''' return (self.action, self.status) def timeout_secs(self): ''' Return the stack creation timeout in seconds, or None if no timeout should be used. ''' if self.timeout_mins is None: return None return self.timeout_mins * 60 def create(self): ''' Create the stack and all of the resources. ''' def rollback(): if not self.disable_rollback and self.state == (self.CREATE, self.FAILED): self.delete(action=self.ROLLBACK) creator = scheduler.TaskRunner(self.stack_task, action=self.CREATE, reverse=False, post_func=rollback) creator(timeout=self.timeout_secs()) @scheduler.wrappertask def stack_task(self, action, reverse=False, post_func=None): ''' A task to perform an action on the stack and all of the resources in forward or reverse dependency order as specfifed by reverse ''' self.state_set(action, self.IN_PROGRESS, 'Stack %s started' % action) stack_status = self.COMPLETE reason = 'Stack %s completed successfully' % action.lower() res = None def resource_action(r): # Find e.g resource.create and call it action_l = action.lower() handle = getattr(r, '%s' % action_l) return handle() action_task = scheduler.DependencyTaskGroup(self.dependencies, resource_action, reverse) try: yield action_task() except exception.ResourceFailure as ex: stack_status = self.FAILED reason = 'Resource %s failed: %s' % (action.lower(), str(ex)) except scheduler.Timeout: stack_status = self.FAILED reason = '%s timed out' % action.title() self.state_set(action, stack_status, reason) if callable(post_func): post_func() def update(self, newstack, action=UPDATE): ''' Compare the current stack with newstack, and where necessary create/update/delete the resources until this stack aligns with newstack. Note update of existing stack resources depends on update being implemented in the underlying resource types Update will fail if it exceeds the specified timeout. The default is 60 minutes, set in the constructor ''' if action not in (self.UPDATE, self.ROLLBACK): logger.error("Unexpected action %s passed to update!" % action) self.state_set(self.UPDATE, self.FAILED, "Invalid action %s" % action) return if self.status != self.COMPLETE: if (action == self.ROLLBACK and self.state == (self.UPDATE, self.IN_PROGRESS)): logger.debug("Starting update rollback for %s" % self.name) else: self.state_set(action, self.FAILED, 'State invalid for %s' % action) return self.state_set(self.UPDATE, self.IN_PROGRESS, 'Stack %s started' % action) oldstack = Stack(self.context, self.name, self.t, self.env) try: update_task = update.StackUpdate(self, newstack, oldstack) updater = scheduler.TaskRunner(update_task) self.env = newstack.env self.parameters = newstack.parameters try: updater(timeout=self.timeout_secs()) finally: cur_deps = self._get_dependencies(self.resources.itervalues()) self.dependencies = cur_deps if action == self.UPDATE: reason = 'Stack successfully updated' else: reason = 'Stack rollback completed' stack_status = self.COMPLETE except scheduler.Timeout: stack_status = self.FAILED reason = 'Timed out' except exception.ResourceFailure as e: reason = str(e) stack_status = self.FAILED if action == self.UPDATE: # If rollback is enabled, we do another update, with the # existing template, so we roll back to the original state if not self.disable_rollback: self.update(oldstack, action=self.ROLLBACK) return self.state_set(action, stack_status, reason) # flip the template to the newstack values # Note we do this on success and failure, so the current # stack resources are stored, even if one is in a failed # state (otherwise we won't remove them on delete) self.t = newstack.t template_outputs = self.t[template.OUTPUTS] self.outputs = self.resolve_static_data(template_outputs) self.store() def delete(self, action=DELETE): ''' Delete all of the resources, and then the stack itself. The action parameter is used to differentiate between a user initiated delete and an automatic stack rollback after a failed create, which amount to the same thing, but the states are recorded differently. ''' if action not in (self.DELETE, self.ROLLBACK): logger.error("Unexpected action %s passed to delete!" % action) self.state_set(self.DELETE, self.FAILED, "Invalid action %s" % action) return self.state_set(action, self.IN_PROGRESS, 'Stack %s started' % action) failures = [] for res in reversed(self): try: res.destroy() except exception.ResourceFailure as ex: logger.error('Failed to delete %s error: %s' % (str(res), str(ex))) failures.append(str(res)) if failures: self.state_set(action, self.FAILED, 'Failed to %s : %s' % (action, ', '.join(failures))) else: self.state_set(action, self.COMPLETE, '%s completed' % action) db_api.stack_delete(self.context, self.id) self.id = None def suspend(self): ''' Suspend the stack, which invokes handle_suspend for all stack resources waits for all resources to become SUSPEND_COMPLETE then declares the stack SUSPEND_COMPLETE. Note the default implementation for all resources is to do nothing other than move to SUSPEND_COMPLETE, so the resources must implement handle_suspend for this to have any effect. ''' sus_task = scheduler.TaskRunner(self.stack_task, action=self.SUSPEND, reverse=True) sus_task(timeout=self.timeout_secs()) def resume(self): ''' Resume the stack, which invokes handle_resume for all stack resources waits for all resources to become RESUME_COMPLETE then declares the stack RESUME_COMPLETE. Note the default implementation for all resources is to do nothing other than move to RESUME_COMPLETE, so the resources must implement handle_resume for this to have any effect. ''' sus_task = scheduler.TaskRunner(self.stack_task, action=self.RESUME, reverse=False) sus_task(timeout=self.timeout_secs()) def output(self, key): ''' Get the value of the specified stack output. ''' value = self.outputs[key].get('Value', '') return self.resolve_runtime_data(value) def restart_resource(self, resource_name): ''' stop resource_name and all that depend on it start resource_name and all that depend on it ''' deps = self.dependencies[self[resource_name]] failed = False for res in reversed(deps): try: res.destroy() except exception.ResourceFailure as ex: failed = True logger.error('delete: %s' % str(ex)) for res in deps: if not failed: try: res.state_reset() scheduler.TaskRunner(res.create)() except exception.ResourceFailure as ex: logger.exception('create') failed = True else: res.state_set(res.CREATE, res.FAILED, 'Resource restart aborted') # TODO(asalkeld) if any of this fails we Should # restart the whole stack def get_availability_zones(self): if self._zones is None: self._zones = [ zone.zoneName for zone in self.clients.nova().availability_zones.list( detailed=False) ] return self._zones def resolve_static_data(self, snippet): return resolve_static_data(self.t, self, self.parameters, snippet) def resolve_runtime_data(self, snippet): return resolve_runtime_data(self.t, self.resources, snippet)
class Stack(collections.Mapping): ACTIONS = (CREATE, DELETE, UPDATE, ROLLBACK, SUSPEND, RESUME, ADOPT ) = ('CREATE', 'DELETE', 'UPDATE', 'ROLLBACK', 'SUSPEND', 'RESUME', 'ADOPT') STATUSES = (IN_PROGRESS, FAILED, COMPLETE ) = ('IN_PROGRESS', 'FAILED', 'COMPLETE') created_time = timestamp.Timestamp(functools.partial(db_api.stack_get, show_deleted=True), 'created_at') updated_time = timestamp.Timestamp(functools.partial(db_api.stack_get, show_deleted=True), 'updated_at') _zones = None def __init__(self, context, stack_name, tmpl, env=None, stack_id=None, action=None, status=None, status_reason='', timeout_mins=60, resolve_data=True, disable_rollback=True, parent_resource=None, owner_id=None, adopt_stack_data=None): ''' Initialise from a context, name, Template object and (optionally) Environment object. The database ID may also be initialised, if the stack is already in the database. ''' if owner_id is None: if re.match("[a-zA-Z][a-zA-Z0-9_.-]*$", stack_name) is None: raise ValueError(_('Invalid stack name %s' ' must contain only alphanumeric or ' '\"_-.\" characters, must start with alpha' ) % stack_name) self.id = stack_id self.owner_id = owner_id self.context = context self.clients = Clients(context) self.t = tmpl self.name = stack_name self.action = action self.status = status self.status_reason = status_reason self.timeout_mins = timeout_mins self.disable_rollback = disable_rollback self.parent_resource = parent_resource self._resources = None self._dependencies = None self._access_allowed_handlers = {} self.adopt_stack_data = adopt_stack_data resources.initialise() self.env = env or environment.Environment({}) self.parameters = self.t.parameters(self.identifier(), user_params=self.env.params) self._set_param_stackid() if resolve_data: self.outputs = self.resolve_static_data(self.t[self.t.OUTPUTS]) else: self.outputs = {} @property def resources(self): if self._resources is None: template_resources = self.t[self.t.RESOURCES] self._resources = dict((name, resource.Resource(name, data, self)) for (name, data) in template_resources.items()) return self._resources @property def dependencies(self): if self._dependencies is None: self._dependencies = self._get_dependencies( self.resources.itervalues()) return self._dependencies def reset_dependencies(self): self._dependencies = None @property def root_stack(self): ''' Return the root stack if this is nested (otherwise return self). ''' if (self.parent_resource and self.parent_resource.stack): return self.parent_resource.stack.root_stack return self def total_resources(self): ''' Return the total number of resources in a stack, including nested stacks below. ''' def total_nested(res): get_nested = getattr(res, 'nested', None) if callable(get_nested): nested_stack = get_nested() if nested_stack is not None: return nested_stack.total_resources() return 0 return len(self) + sum(total_nested(res) for res in self.itervalues()) def _set_param_stackid(self): ''' Update self.parameters with the current ARN which is then provided via the Parameters class as the StackId pseudo parameter ''' if not self.parameters.set_stack_id(self.identifier()): logger.warning(_("Unable to set parameters StackId identifier")) @staticmethod def _get_dependencies(resources): '''Return the dependency graph for a list of resources.''' deps = dependencies.Dependencies() for resource in resources: resource.add_dependencies(deps) return deps @classmethod def load(cls, context, stack_id=None, stack=None, resolve_data=True, parent_resource=None, show_deleted=True): '''Retrieve a Stack from the database.''' if stack is None: stack = db_api.stack_get(context, stack_id, show_deleted=show_deleted) if stack is None: message = _('No stack exists with id "%s"') % str(stack_id) raise exception.NotFound(message) template = Template.load(context, stack.raw_template_id) env = environment.Environment(stack.parameters) stack = cls(context, stack.name, template, env, stack.id, stack.action, stack.status, stack.status_reason, stack.timeout, resolve_data, stack.disable_rollback, parent_resource, owner_id=stack.owner_id) return stack def store(self, backup=False): ''' Store the stack in the database and return its ID If self.id is set, we update the existing stack ''' s = { 'name': self._backup_name() if backup else self.name, 'raw_template_id': self.t.store(self.context), 'parameters': self.env.user_env_as_dict(), 'owner_id': self.owner_id, 'username': self.context.username, 'tenant': self.context.tenant_id, 'action': self.action, 'status': self.status, 'status_reason': self.status_reason, 'timeout': self.timeout_mins, 'disable_rollback': self.disable_rollback, } if self.id: db_api.stack_update(self.context, self.id, s) else: # Create a context containing a trust_id and trustor_user_id # if trusts are enabled if cfg.CONF.deferred_auth_method == 'trusts': trust_context = self.clients.keystone().create_trust_context() new_creds = db_api.user_creds_create(trust_context) else: new_creds = db_api.user_creds_create(self.context) s['user_creds_id'] = new_creds.id new_s = db_api.stack_create(self.context, s) self.id = new_s.id self._set_param_stackid() return self.id def _backup_name(self): return '%s*' % self.name def identifier(self): ''' Return an identifier for this stack. ''' return identifier.HeatIdentifier(self.context.tenant_id, self.name, self.id) def __iter__(self): ''' Return an iterator over the resource names. ''' return iter(self.resources) def __len__(self): '''Return the number of resources.''' return len(self.resources) def __getitem__(self, key): '''Get the resource with the specified name.''' return self.resources[key] def __setitem__(self, key, resource): '''Set the resource with the specified name to a specific value.''' resource.stack = self self.resources[key] = resource def __delitem__(self, key): '''Remove the resource with the specified name.''' del self.resources[key] def __contains__(self, key): '''Determine whether the stack contains the specified resource.''' return key in self.resources def __eq__(self, other): ''' Compare two Stacks for equality. Stacks are considered equal only if they are identical. ''' return self is other def __str__(self): '''Return a human-readable string representation of the stack.''' return 'Stack "%s" [%s]' % (self.name, self.id) def resource_by_refid(self, refid): ''' Return the resource in this stack with the specified refid, or None if not found ''' for r in self.values(): if r.state in ( (r.CREATE, r.IN_PROGRESS), (r.CREATE, r.COMPLETE), (r.RESUME, r.IN_PROGRESS), (r.RESUME, r.COMPLETE), (r.UPDATE, r.IN_PROGRESS), (r.UPDATE, r.COMPLETE)) and r.FnGetRefId() == refid: return r def register_access_allowed_handler(self, credential_id, handler): ''' Register a function which determines whether the credentials with a give ID can have access to a named resource. ''' assert callable(handler), 'Handler is not callable' self._access_allowed_handlers[credential_id] = handler def access_allowed(self, credential_id, resource_name): ''' Returns True if the credential_id is authorised to access the resource with the specified resource_name. ''' if not self.resources: # this also triggers lazy-loading of resources # so is required for register_access_allowed_handler # to be called return False handler = self._access_allowed_handlers.get(credential_id) return handler and handler(resource_name) def validate(self): ''' Validates the template. ''' # TODO(sdake) Should return line number of invalid reference # Check duplicate names between parameters and resources dup_names = set(self.parameters.keys()) & set(self.keys()) if dup_names: logger.debug(_("Duplicate names %s") % dup_names) raise StackValidationFailed(message=_("Duplicate names %s") % dup_names) for res in self.dependencies: try: result = res.validate() except exception.Error as ex: logger.exception(ex) raise ex except Exception as ex: logger.exception(ex) raise StackValidationFailed(message=strutils.safe_decode( six.text_type(ex))) if result: raise StackValidationFailed(message=result) def requires_deferred_auth(self): ''' Returns whether this stack may need to perform API requests during its lifecycle using the configured deferred authentication method. ''' return any(res.requires_deferred_auth for res in self.values()) def state_set(self, action, status, reason): '''Update the stack state in the database.''' if action not in self.ACTIONS: raise ValueError(_("Invalid action %s") % action) if status not in self.STATUSES: raise ValueError(_("Invalid status %s") % status) self.action = action self.status = status self.status_reason = reason if self.id is None: return stack = db_api.stack_get(self.context, self.id) if stack is not None: stack.update_and_save({'action': action, 'status': status, 'status_reason': reason}) notification.send(self) @property def state(self): '''Returns state, tuple of action, status.''' return (self.action, self.status) def timeout_secs(self): ''' Return the stack creation timeout in seconds, or None if no timeout should be used. ''' if self.timeout_mins is None: return None return self.timeout_mins * 60 def create(self): ''' Create the stack and all of the resources. ''' def rollback(): if not self.disable_rollback and self.state == (self.CREATE, self.FAILED): self.delete(action=self.ROLLBACK) creator = scheduler.TaskRunner(self.stack_task, action=self.CREATE, reverse=False, post_func=rollback) creator(timeout=self.timeout_secs()) def _adopt_kwargs(self, resource): data = self.adopt_stack_data if not data or not data.get('resources'): return {'resource_data': None} return {'resource_data': data['resources'].get(resource.name)} @scheduler.wrappertask def stack_task(self, action, reverse=False, post_func=None): ''' A task to perform an action on the stack and all of the resources in forward or reverse dependency order as specfifed by reverse ''' self.state_set(action, self.IN_PROGRESS, 'Stack %s started' % action) stack_status = self.COMPLETE reason = 'Stack %s completed successfully' % action.lower() def resource_action(r): # Find e.g resource.create and call it action_l = action.lower() handle = getattr(r, '%s' % action_l) # If a local _$action_kwargs function exists, call it to get the # action specific argument list, otherwise an empty arg list handle_kwargs = getattr(self, '_%s_kwargs' % action_l, lambda x: {}) return handle(**handle_kwargs(r)) action_task = scheduler.DependencyTaskGroup(self.dependencies, resource_action, reverse) try: yield action_task() except exception.ResourceFailure as ex: stack_status = self.FAILED reason = 'Resource %s failed: %s' % (action.lower(), str(ex)) except scheduler.Timeout: stack_status = self.FAILED reason = '%s timed out' % action.title() self.state_set(action, stack_status, reason) if callable(post_func): post_func() def _backup_stack(self, create_if_missing=True): ''' Get a Stack containing any in-progress resources from the previous stack state prior to an update. ''' s = db_api.stack_get_by_name_and_owner_id(self.context, self._backup_name(), owner_id=self.id) if s is not None: logger.debug(_('Loaded existing backup stack')) return self.load(self.context, stack=s) elif create_if_missing: templ = Template.load(self.context, self.t.id) templ.files = copy.deepcopy(self.t.files) prev = type(self)(self.context, self.name, templ, self.env, owner_id=self.id) prev.store(backup=True) logger.debug(_('Created new backup stack')) return prev else: return None def adopt(self): ''' Adopt a stack (create stack with all the existing resources). ''' def rollback(): if not self.disable_rollback and self.state == (self.ADOPT, self.FAILED): self.delete(action=self.ROLLBACK) creator = scheduler.TaskRunner( self.stack_task, action=self.ADOPT, reverse=False, post_func=rollback) creator(timeout=self.timeout_secs()) def update(self, newstack): ''' Compare the current stack with newstack, and where necessary create/update/delete the resources until this stack aligns with newstack. Note update of existing stack resources depends on update being implemented in the underlying resource types Update will fail if it exceeds the specified timeout. The default is 60 minutes, set in the constructor ''' updater = scheduler.TaskRunner(self.update_task, newstack) updater() @scheduler.wrappertask def update_task(self, newstack, action=UPDATE): if action not in (self.UPDATE, self.ROLLBACK): logger.error(_("Unexpected action %s passed to update!") % action) self.state_set(self.UPDATE, self.FAILED, "Invalid action %s" % action) return if self.status != self.COMPLETE: if (action == self.ROLLBACK and self.state == (self.UPDATE, self.IN_PROGRESS)): logger.debug(_("Starting update rollback for %s") % self.name) else: self.state_set(action, self.FAILED, 'State invalid for %s' % action) return self.state_set(self.UPDATE, self.IN_PROGRESS, 'Stack %s started' % action) oldstack = Stack(self.context, self.name, self.t, self.env) backup_stack = self._backup_stack() try: update_task = update.StackUpdate(self, newstack, backup_stack, rollback=action == self.ROLLBACK) updater = scheduler.TaskRunner(update_task) self.env = newstack.env self.parameters = newstack.parameters self.t.files = newstack.t.files self._set_param_stackid() try: updater.start(timeout=self.timeout_secs()) yield while not updater.step(): yield finally: self.reset_dependencies() if action == self.UPDATE: reason = 'Stack successfully updated' else: reason = 'Stack rollback completed' stack_status = self.COMPLETE except scheduler.Timeout: stack_status = self.FAILED reason = 'Timed out' except exception.ResourceFailure as e: reason = str(e) stack_status = self.FAILED if action == self.UPDATE: # If rollback is enabled, we do another update, with the # existing template, so we roll back to the original state if not self.disable_rollback: yield self.update_task(oldstack, action=self.ROLLBACK) return else: logger.debug(_('Deleting backup stack')) backup_stack.delete(backup=True) self.state_set(action, stack_status, reason) # flip the template to the newstack values # Note we do this on success and failure, so the current # stack resources are stored, even if one is in a failed # state (otherwise we won't remove them on delete) self.t = newstack.t template_outputs = self.t[self.t.OUTPUTS] self.outputs = self.resolve_static_data(template_outputs) self.store() def delete(self, action=DELETE, backup=False): ''' Delete all of the resources, and then the stack itself. The action parameter is used to differentiate between a user initiated delete and an automatic stack rollback after a failed create, which amount to the same thing, but the states are recorded differently. ''' if action not in (self.DELETE, self.ROLLBACK): logger.error(_("Unexpected action %s passed to delete!") % action) self.state_set(self.DELETE, self.FAILED, "Invalid action %s" % action) return stack_status = self.COMPLETE reason = 'Stack %s completed successfully' % action.lower() self.state_set(action, self.IN_PROGRESS, 'Stack %s started' % action) backup_stack = self._backup_stack(False) if backup_stack is not None: backup_stack.delete(backup=True) if backup_stack.status != backup_stack.COMPLETE: errs = backup_stack.status_reason failure = 'Error deleting backup resources: %s' % errs self.state_set(action, self.FAILED, 'Failed to %s : %s' % (action, failure)) return action_task = scheduler.DependencyTaskGroup(self.dependencies, resource.Resource.destroy, reverse=True) try: scheduler.TaskRunner(action_task)(timeout=self.timeout_secs()) except exception.ResourceFailure as ex: stack_status = self.FAILED reason = 'Resource %s failed: %s' % (action.lower(), str(ex)) except scheduler.Timeout: stack_status = self.FAILED reason = '%s timed out' % action.title() if stack_status != self.FAILED and not backup: # If we created a trust, delete it stack = db_api.stack_get(self.context, self.id) user_creds = db_api.user_creds_get(stack.user_creds_id) trust_id = user_creds.get('trust_id') if trust_id: try: self.clients.keystone().delete_trust(trust_id) except Exception as ex: logger.exception(ex) stack_status = self.FAILED reason = "Error deleting trust: %s" % str(ex) self.state_set(action, stack_status, reason) if stack_status != self.FAILED: # delete the stack db_api.stack_delete(self.context, self.id) self.id = None def suspend(self): ''' Suspend the stack, which invokes handle_suspend for all stack resources waits for all resources to become SUSPEND_COMPLETE then declares the stack SUSPEND_COMPLETE. Note the default implementation for all resources is to do nothing other than move to SUSPEND_COMPLETE, so the resources must implement handle_suspend for this to have any effect. ''' sus_task = scheduler.TaskRunner(self.stack_task, action=self.SUSPEND, reverse=True) sus_task(timeout=self.timeout_secs()) def resume(self): ''' Resume the stack, which invokes handle_resume for all stack resources waits for all resources to become RESUME_COMPLETE then declares the stack RESUME_COMPLETE. Note the default implementation for all resources is to do nothing other than move to RESUME_COMPLETE, so the resources must implement handle_resume for this to have any effect. ''' sus_task = scheduler.TaskRunner(self.stack_task, action=self.RESUME, reverse=False) sus_task(timeout=self.timeout_secs()) def output(self, key): ''' Get the value of the specified stack output. ''' value = self.outputs[key].get('Value', '') return self.resolve_runtime_data(value) def restart_resource(self, resource_name): ''' stop resource_name and all that depend on it start resource_name and all that depend on it ''' deps = self.dependencies[self[resource_name]] failed = False for res in reversed(deps): try: scheduler.TaskRunner(res.destroy)() except exception.ResourceFailure as ex: failed = True logger.error(_('delete: %s') % str(ex)) for res in deps: if not failed: try: res.state_reset() scheduler.TaskRunner(res.create)() except exception.ResourceFailure as ex: logger.exception(_('create')) failed = True else: res.state_set(res.CREATE, res.FAILED, 'Resource restart aborted') # TODO(asalkeld) if any of this fails we Should # restart the whole stack def get_availability_zones(self): if self._zones is None: self._zones = [ zone.zoneName for zone in self.clients.nova().availability_zones.list(detailed=False)] return self._zones def set_deletion_policy(self, policy): for res in self.resources.values(): res.set_deletion_policy(policy) def get_abandon_data(self): return { 'name': self.name, 'id': self.id, 'action': self.action, 'status': self.status, 'template': self.t.t, 'resources': dict((res.name, res.get_abandon_data()) for res in self.resources.values()) } def resolve_static_data(self, snippet): return resolve_static_data(self.t, self, self.parameters, snippet) def resolve_runtime_data(self, snippet): return resolve_runtime_data(self.t, self.resources, snippet)
class Stack(object): CREATE_IN_PROGRESS = 'CREATE_IN_PROGRESS' CREATE_FAILED = 'CREATE_FAILED' CREATE_COMPLETE = 'CREATE_COMPLETE' DELETE_IN_PROGRESS = 'DELETE_IN_PROGRESS' DELETE_FAILED = 'DELETE_FAILED' DELETE_COMPLETE = 'DELETE_COMPLETE' UPDATE_IN_PROGRESS = 'UPDATE_IN_PROGRESS' UPDATE_COMPLETE = 'UPDATE_COMPLETE' UPDATE_FAILED = 'UPDATE_FAILED' created_time = timestamp.Timestamp(db_api.stack_get, 'created_at') updated_time = timestamp.Timestamp(db_api.stack_get, 'updated_at') def __init__(self, context, stack_name, template, parameters=None, stack_id=None, state=None, state_description='', timeout_mins=60): ''' Initialise from a context, name, Template object and (optionally) Parameters object. The database ID may also be initialised, if the stack is already in the database. ''' self.id = stack_id self.context = context self.t = template self.name = stack_name self.state = state self.state_description = state_description self.timeout_mins = timeout_mins if parameters is None: parameters = Parameters(stack_name, template) self.parameters = parameters self.outputs = self.resolve_static_data(self.t[OUTPUTS]) self.resources = dict((name, resources.Resource(name, data, self)) for (name, data) in self.t[RESOURCES].items()) self.dependencies = self._get_dependencies(self.resources.itervalues()) @staticmethod def _get_dependencies(resources): '''Return the dependency graph for a list of resources''' deps = dependencies.Dependencies() for resource in resources: resource.add_dependencies(deps) return deps @classmethod def load(cls, context, stack_id): '''Retrieve a Stack from the database''' s = db_api.stack_get(context, stack_id) if s is None: message = 'No stack exists with id "%s"' % str(stack_id) raise exception.NotFound(message) template = Template.load(context, s.raw_template_id) params = Parameters(s.name, template, s.parameters) stack = cls(context, s.name, template, params, stack_id, s.status, s.status_reason, s.timeout) return stack def store(self, owner=None): ''' Store the stack in the database and return its ID If self.id is set, we update the existing stack ''' new_creds = db_api.user_creds_create(self.context.to_dict()) s = { 'name': self.name, 'raw_template_id': self.t.store(), 'parameters': self.parameters.user_parameters(), 'owner_id': owner and owner.id, 'user_creds_id': new_creds.id, 'username': self.context.username, 'tenant': self.context.tenant_id, 'status': self.state, 'status_reason': self.state_description, 'timeout': self.timeout_mins, } if self.id: db_api.stack_update(self.context, self.id, s) else: new_s = db_api.stack_create(self.context, s) self.id = new_s.id return self.id def identifier(self): ''' Return an identifier for this stack. ''' return identifier.HeatIdentifier(self.context.tenant_id, self.name, self.id) def __iter__(self): ''' Return an iterator over this template's resources in the order that they should be started. ''' return iter(self.dependencies) def __reversed__(self): ''' Return an iterator over this template's resources in the order that they should be stopped. ''' return reversed(self.dependencies) def __len__(self): '''Return the number of resources''' return len(self.resources) def __getitem__(self, key): '''Get the resource with the specified name.''' return self.resources[key] def __setitem__(self, key, value): '''Set the resource with the specified name to a specific value''' self.resources[key] = value def __contains__(self, key): '''Determine whether the stack contains the specified resource''' return key in self.resources def keys(self): '''Return a list of resource keys for the stack''' return self.resources.keys() def __str__(self): '''Return a human-readable string representation of the stack''' return 'Stack "%s"' % self.name def validate(self): ''' http://docs.amazonwebservices.com/AWSCloudFormation/latest/\ APIReference/API_ValidateTemplate.html ''' # TODO(sdake) Should return line number of invalid reference for res in self: try: result = res.validate() except Exception as ex: logger.exception('validate') result = str(ex) if result: err_str = 'Malformed Query Response %s' % result response = {'Description': err_str, 'Parameters': []} return response def format_param(p): return { 'NoEcho': 'false', 'ParameterKey': p, 'Description': self.parameters.get_attr(p, 'Description'), 'DefaultValue': self.parameters.get_attr(p, 'Default') } response = { 'Description': 'Successfully validated', 'Parameters': [format_param(p) for p in self.parameters] } return response def state_set(self, new_status, reason): '''Update the stack state in the database''' self.state = new_status self.state_description = reason if self.id is None: return stack = db_api.stack_get(self.context, self.id) stack.update_and_save({'status': new_status, 'status_reason': reason}) def create(self): ''' Create the stack and all of the resources. Creation will fail if it exceeds the specified timeout. The default is 60 minutes, set in the constructor ''' self.state_set(self.CREATE_IN_PROGRESS, 'Stack creation started') stack_status = self.CREATE_COMPLETE reason = 'Stack successfully created' res = None with eventlet.Timeout(self.timeout_mins * 60) as tmo: try: for res in self: if stack_status != self.CREATE_FAILED: result = res.create() if result: stack_status = self.CREATE_FAILED reason = 'Resource %s failed with: %s' % (str(res), result) else: res.state_set(res.CREATE_FAILED, 'Stack creation aborted') except eventlet.Timeout as t: if t is tmo: stack_status = self.CREATE_FAILED reason = 'Timed out waiting for %s' % str(res) else: # not my timeout raise self.state_set(stack_status, reason) def update(self, newstack): ''' Compare the current stack with newstack, and where necessary create/update/delete the resources until this stack aligns with newstack. Note update of existing stack resources depends on update being implemented in the underlying resource types Update will fail if it exceeds the specified timeout. The default is 60 minutes, set in the constructor ''' if self.state not in (self.CREATE_COMPLETE, self.UPDATE_COMPLETE): self.state_set(self.UPDATE_FAILED, 'State invalid for update') return else: self.state_set(self.UPDATE_IN_PROGRESS, 'Stack update started') # Now make the resources match the new stack definition failures = [] with eventlet.Timeout(self.timeout_mins * 60) as tmo: try: for res in self: res.calculate_properties() # First delete any resources which are not in newstack for res in reversed(self): if not res.name in newstack.keys(): logger.debug("resource %s not found in updated stack" % res.name + " definition, deleting") result = res.destroy() if result: failures.append('Resource %s delete failed' % res.name) else: del self.resources[res.name] # Then create any which are defined in newstack but not self for res in newstack: if not res.name in self.keys(): logger.debug("resource %s not found in current stack" % res.name + " definition, adding") res.stack = self self[res.name] = res result = self[res.name].create() if result: failures.append('Resource %s create failed' % res.name) # Now (the hard part :) update existing resources # The Resource base class allows equality-test of resources, # based on the parsed template snippet for the resource. # If this test fails, we call the underlying resource.update # # FIXME : Implement proper update logic for the resources # AWS define three update strategies, applied depending # on the resource and what is being updated within a # resource : # - Update with no interruption # - Update with some interruption # - Update requires replacement # # Currently all resource have a default handle_update method # which returns "requires replacement" (res.UPDATE_REPLACE) for res in newstack: if self[res.name] != res: # Can fail if underlying resource class does not # implement update logic or update requires replacement retval = self[res.name].update(res.parsed_template()) if retval == self[res.name].UPDATE_REPLACE: logger.info("Resource %s for stack %s" % (res.name, self.name) + " update requires replacement") # Resource requires replacement for update result = self[res.name].destroy() if result: failures.append('Resource %s delete failed' % res.name) else: res.stack = self self[res.name] = res result = self[res.name].create() if result: failures.append( 'Resource %s create failed' % res.name) else: logger.warning("Cannot update resource %s," % res.name + " reason %s" % retval) failures.append('Resource %s update failed' % res.name) # Set stack status values if not failures: # flip the template & parameters to the newstack values self.t = newstack.t self.parameters = newstack.parameters self.outputs = self.resolve_static_data(self.t[OUTPUTS]) self.dependencies = self._get_dependencies( self.resources.itervalues()) self.store() stack_status = self.UPDATE_COMPLETE reason = 'Stack successfully updated' else: stack_status = self.UPDATE_FAILED reason = ",".join(failures) except eventlet.Timeout as t: if t is tmo: stack_status = self.UPDATE_FAILED reason = 'Timed out waiting for %s' % str(res) else: # not my timeout raise self.state_set(stack_status, reason) def delete(self): ''' Delete all of the resources, and then the stack itself. ''' self.state_set(self.DELETE_IN_PROGRESS, 'Stack deletion started') for res in self: res.calculate_properties() failures = [] for res in reversed(self): result = res.destroy() if result: logger.error('Failed to delete %s error: %s' % (str(res), result)) failures.append(str(res)) if failures: self.state_set(self.DELETE_FAILED, 'Failed to delete ' + ', '.join(failures)) else: self.state_set(self.DELETE_COMPLETE, 'Deleted successfully') db_api.stack_delete(self.context, self.id) def output(self, key): ''' Get the value of the specified stack output. ''' value = self.outputs[key].get('Value', '') return self.resolve_runtime_data(value) def restart_resource(self, resource_name): ''' stop resource_name and all that depend on it start resource_name and all that depend on it ''' deps = self.dependencies[self[resource_name]] failed = False for res in self: res.calculate_properties() for res in reversed(deps): try: res.destroy() except Exception as ex: failed = True logger.error('delete: %s' % str(ex)) for res in deps: if not failed: try: res.create() except Exception as ex: logger.exception('create') failed = True else: res.state_set(res.CREATE_FAILED, 'Resource restart aborted') # TODO(asalkeld) if any of this fails we Should # restart the whole stack def resolve_static_data(self, snippet): return resolve_static_data(self.t, self.parameters, snippet) def resolve_runtime_data(self, snippet): return resolve_runtime_data(self.t, self.resources, snippet)
class Resource(object): # Status strings CREATE_IN_PROGRESS = 'IN_PROGRESS' CREATE_FAILED = 'CREATE_FAILED' CREATE_COMPLETE = 'CREATE_COMPLETE' DELETE_IN_PROGRESS = 'DELETE_IN_PROGRESS' DELETE_FAILED = 'DELETE_FAILED' DELETE_COMPLETE = 'DELETE_COMPLETE' UPDATE_IN_PROGRESS = 'UPDATE_IN_PROGRESS' UPDATE_FAILED = 'UPDATE_FAILED' UPDATE_COMPLETE = 'UPDATE_COMPLETE' # Status values, returned from subclasses to indicate update method UPDATE_REPLACE = 'UPDATE_REPLACE' UPDATE_INTERRUPTION = 'UPDATE_INTERRUPTION' UPDATE_NO_INTERRUPTION = 'UPDATE_NO_INTERRUPTION' UPDATE_NOT_IMPLEMENTED = 'UPDATE_NOT_IMPLEMENTED' # If True, this resource must be created before it can be referenced. strict_dependency = True created_time = timestamp.Timestamp(db_api.resource_get, 'created_at') updated_time = timestamp.Timestamp(db_api.resource_get, 'updated_at') metadata = Metadata() def __new__(cls, name, json, stack): '''Create a new Resource of the appropriate class for its type.''' if cls != Resource: # Call is already for a subclass, so pass it through return super(Resource, cls).__new__(cls) # Select the correct subclass to instantiate from heat.engine.resources import register ResourceClass = register.get_class(json['Type']) or GenericResource return ResourceClass(name, json, stack) def __init__(self, name, json_snippet, stack): self.references = [] self.stack = stack self.context = stack.context self.name = name self.t = stack.resolve_static_data(json_snippet) self.properties = checkeddict.Properties(name, self.properties_schema) resource = db_api.resource_get_by_name_and_stack( self.context, name, stack.id) if resource: self.instance_id = resource.nova_instance self.state = resource.state self.state_description = resource.state_description self.id = resource.id else: self.instance_id = None self.state = None self.state_description = '' self.id = None self._nova = {} self._keystone = None self._swift = None def __eq__(self, other): '''Allow == comparison of two resources''' # For the purposes of comparison, we declare two resource objects # equal if their parsed_templates are the same if isinstance(other, Resource): return self.parsed_template() == other.parsed_template() return NotImplemented def __ne__(self, other): '''Allow != comparison of two resources''' result = self.__eq__(other) if result is NotImplemented: return result return not result def parsed_template(self, section=None, default={}): ''' Return the parsed template data for the resource. May be limited to only one section of the data, in which case a default value may also be supplied. ''' if section is None: template = self.t else: template = self.t.get(section, default) return self.stack.resolve_runtime_data(template) def __str__(self): return '%s "%s"' % (self.__class__.__name__, self.name) def _add_dependencies(self, deps, fragment): if isinstance(fragment, dict): for key, value in fragment.items(): if key in ('DependsOn', 'Ref'): target = self.stack.resources[value] if key == 'DependsOn' or target.strict_dependency: deps += (self, target) elif key != 'Fn::GetAtt': self._add_dependencies(deps, value) elif isinstance(fragment, list): for item in fragment: self._add_dependencies(deps, item) def add_dependencies(self, deps): self._add_dependencies(deps, self.t) deps += (self, None) def keystone(self): if self._keystone: return self._keystone con = self.context args = { 'auth_url': con.auth_url, } if con.password is not None: args['username'] = con.username args['password'] = con.password args['tenant_name'] = con.tenant args['tenant_id'] = con.tenant_id elif con.auth_token is not None: args['username'] = con.service_user args['password'] = con.service_password args['tenant_name'] = con.service_tenant args['token'] = con.auth_token else: logger.error("Keystone connection failed, no password or " + "auth_token!") return None client = kc.Client(**args) client.authenticate() self._keystone = client return self._keystone def nova(self, service_type='compute'): if service_type in self._nova: return self._nova[service_type] con = self.context args = { 'project_id': con.tenant, 'auth_url': con.auth_url, 'service_type': service_type, } if con.password is not None: args['username'] = con.username args['api_key'] = con.password elif con.auth_token is not None: args['username'] = con.service_user args['api_key'] = con.service_password args['project_id'] = con.service_tenant args['proxy_token'] = con.auth_token args['proxy_tenant_id'] = con.tenant_id else: logger.error("Nova connection failed, no password or auth_token!") return None client = None try: # Workaround for issues with python-keyring, need no_cache=True # ref https://bugs.launchpad.net/python-novaclient/+bug/1020238 # TODO(shardy): May be able to remove when the bug above is fixed client = nc.Client(no_cache=True, **args) client.authenticate() self._nova[service_type] = client except TypeError: # for compatibility with essex, which doesn't have no_cache=True # TODO(shardy): remove when we no longer support essex client = nc.Client(**args) client.authenticate() self._nova[service_type] = client return client def swift(self): if swiftclient_present == False: return None if self._swift: return self._swift con = self.context args = {'auth_version': '2'} if con.password is not None: args['user'] = con.username args['key'] = con.password args['authurl'] = con.auth_url args['tenant_name'] = con.tenant elif con.auth_token is not None: args['user'] = None args['key'] = None args['authurl'] = None args['preauthtoken'] = con.auth_token # Lookup endpoint for object-store service type service_type = 'object-store' endpoints = self.keystone().service_catalog.get_endpoints( service_type=service_type) if len(endpoints[service_type]) == 1: args['preauthurl'] = endpoints[service_type][0]['publicURL'] else: logger.error("No endpoint found for %s service type" % service_type) return None else: logger.error("Swift connection failed, no password or " + "auth_token!") return None self._swift = swiftclient.Connection(**args) return self._swift def calculate_properties(self): for p, v in self.parsed_template('Properties').items(): self.properties[p] = v def create(self): ''' Create the resource. Subclasses should provide a handle_create() method to customise creation. ''' if self.state in (self.CREATE_IN_PROGRESS, self.CREATE_COMPLETE): return 'Resource creation already requested' logger.info('creating %s' % str(self)) try: self.calculate_properties() self.properties.validate() self.state_set(self.CREATE_IN_PROGRESS) if callable(getattr(self, 'handle_create', None)): self.handle_create() except Exception as ex: logger.exception('create %s', str(self)) self.state_set(self.CREATE_FAILED, str(ex)) return str(ex) else: self.state_set(self.CREATE_COMPLETE) def update(self, json_snippet=None): ''' update the resource. Subclasses should provide a handle_update() method to customise update, the base-class handle_update will fail by default. ''' if self.state in (self.CREATE_IN_PROGRESS, self.UPDATE_IN_PROGRESS): return 'Resource update already requested' if not json_snippet: return 'Must specify json snippet for resource update!' logger.info('updating %s' % str(self)) result = self.UPDATE_NOT_IMPLEMENTED try: self.state_set(self.UPDATE_IN_PROGRESS) self.t = self.stack.resolve_static_data(json_snippet) self.properties = checkeddict.Properties(self.name, self.properties_schema) self.calculate_properties() self.properties.validate() if callable(getattr(self, 'handle_update', None)): result = self.handle_update() except Exception as ex: logger.exception('update %s : %s' % (str(self), str(ex))) self.state_set(self.UPDATE_FAILED, str(ex)) return str(ex) else: # If resource was updated (with or without interruption), # then we set the resource to UPDATE_COMPLETE if not result == self.UPDATE_REPLACE: self.state_set(self.UPDATE_COMPLETE) return result def physical_resource_name(self): return '%s.%s' % (self.stack.name, self.name) def physical_resource_name_find(self, resource_name): if resource_name in self.stack: return '%s.%s' % (self.stack.name, resource_name) else: raise IndexError('no such resource') def validate(self): logger.info('Validating %s' % str(self)) try: self.calculate_properties() except ValueError as ex: return str(ex) return self.properties.validate() def delete(self): ''' Delete the resource. Subclasses should provide a handle_delete() method to customise deletion. ''' if self.state == self.DELETE_COMPLETE: return if self.state == self.DELETE_IN_PROGRESS: return 'Resource deletion already in progress' logger.info('deleting %s (inst:%s db_id:%s)' % (str(self), self.instance_id, str(self.id))) self.state_set(self.DELETE_IN_PROGRESS) try: if callable(getattr(self, 'handle_delete', None)): self.handle_delete() except Exception as ex: logger.exception('Delete %s', str(self)) self.state_set(self.DELETE_FAILED, str(ex)) return str(ex) self.state_set(self.DELETE_COMPLETE) def destroy(self): ''' Delete the resource and remove it from the database. ''' result = self.delete() if result: return result if self.id is None: return try: db_api.resource_get(self.context, self.id).delete() except exception.NotFound: # Don't fail on delete if the db entry has # not been created yet. pass except Exception as ex: logger.exception('Delete %s from DB' % str(self)) return str(ex) self.id = None def instance_id_set(self, inst): self.instance_id = inst if self.id is not None: try: rs = db_api.resource_get(self.stack.context, self.id) rs.update_and_save({'nova_instance': self.instance_id}) except Exception as ex: logger.warn('db error %s' % str(ex)) def _store(self): '''Create the resource in the database''' try: rs = { 'state': self.state, 'stack_id': self.stack.id, 'nova_instance': self.instance_id, 'name': self.name, 'rsrc_metadata': self.metadata, 'stack_name': self.stack.name } new_rs = db_api.resource_create(self.context, rs) self.id = new_rs.id self.stack.updated_time = datetime.utcnow() except Exception as ex: logger.error('DB error %s' % str(ex)) def _add_event(self, new_state, reason): '''Add a state change event to the database''' self.calculate_properties() ev = { 'logical_resource_id': self.name, 'physical_resource_id': self.instance_id, 'stack_id': self.stack.id, 'stack_name': self.stack.name, 'resource_status': new_state, 'name': new_state, 'resource_status_reason': reason, 'resource_type': self.t['Type'], 'resource_properties': dict(self.properties) } try: db_api.event_create(self.context, ev) except Exception as ex: logger.error('DB error %s' % str(ex)) def state_set(self, new_state, reason="state changed"): self.state, old_state = new_state, self.state self.state_description = reason if self.id is not None: try: rs = db_api.resource_get(self.context, self.id) rs.update_and_save({ 'state': self.state, 'state_description': reason, 'nova_instance': self.instance_id }) self.stack.updated_time = datetime.utcnow() except Exception as ex: logger.error('DB error %s' % str(ex)) # store resource in DB on transition to CREATE_IN_PROGRESS # all other transistions (other than to DELETE_COMPLETE) # should be handled by the update_and_save above.. elif new_state == self.CREATE_IN_PROGRESS: self._store() if new_state != old_state: self._add_event(new_state, reason) def FnGetRefId(self): ''' http://docs.amazonwebservices.com/AWSCloudFormation/latest/UserGuide/\ intrinsic-function-reference-ref.html ''' if self.instance_id is not None: return unicode(self.instance_id) else: return unicode(self.name) def FnGetAtt(self, key): ''' http://docs.amazonwebservices.com/AWSCloudFormation/latest/UserGuide/\ intrinsic-function-reference-getatt.html ''' return unicode(self.name) def FnBase64(self, data): ''' http://docs.amazonwebservices.com/AWSCloudFormation/latest/UserGuide/\ intrinsic-function-reference-base64.html ''' return base64.b64encode(data) def handle_update(self): raise NotImplementedError("Update not implemented for Resource %s" % type(self))