def config_changed_postupgrade(): # Ensure ssl dir exists and is unison-accessible ensure_ssl_dir() check_call(['chmod', '-R', 'g+wrx', '/var/lib/keystone/']) ensure_ssl_dirs() save_script_rc() configure_https() update_nrpe_config() CONFIGS.write_all() if is_pki_enabled(): initialise_pki() update_all_identity_relation_units() for rid in relation_ids('identity-admin'): admin_relation_changed(rid) # Ensure sync request is sent out (needed for any/all ssl change) send_ssl_sync_request() for r_id in relation_ids('ha'): ha_joined(relation_id=r_id)
def config_changed_postupgrade(): # Ensure ssl dir exists and is unison-accessible ensure_ssl_dir() check_call(['chmod', '-R', 'g+wrx', '/var/lib/keystone/']) ensure_ssl_dirs() save_script_rc() if run_in_apache(): # Need to ensure mod_wsgi is installed and apache2 is reloaded # immediatly as charm querys its local keystone before restart # decorator can fire apt_install(filter_installed_packages(determine_packages())) # when deployed from source, init scripts aren't installed if not git_install_requested(): service_pause('keystone') CONFIGS.write(WSGI_KEYSTONE_CONF) if not is_unit_paused_set(): restart_pid_check('apache2') configure_https() open_port(config('service-port')) update_nrpe_config() CONFIGS.write_all() initialise_pki() update_all_identity_relation_units() # Ensure sync request is sent out (needed for any/all ssl change) send_ssl_sync_request() for r_id in relation_ids('ha'): ha_joined(relation_id=r_id)
def config_changed_postupgrade(): # Ensure ssl dir exists and is unison-accessible ensure_ssl_dir() check_call(['chmod', '-R', 'g+wrx', '/var/lib/keystone/']) ensure_ssl_dirs() save_script_rc() if run_in_apache(): # Need to ensure mod_wsgi is installed and apache2 is reloaded # immediatly as charm querys its local keystone before restart # decorator can fire apt_install(filter_installed_packages(determine_packages())) service_pause('keystone') CONFIGS.write(WSGI_KEYSTONE_CONF) restart_pid_check('apache2') configure_https() open_port(config('service-port')) update_nrpe_config() CONFIGS.write_all() initialise_pki() update_all_identity_relation_units() # Ensure sync request is sent out (needed for any/all ssl change) send_ssl_sync_request() for r_id in relation_ids('ha'): ha_joined(relation_id=r_id)
def config_changed_postupgrade(): # Ensure ssl dir exists and is unison-accessible ensure_ssl_dir() check_call(["chmod", "-R", "g+wrx", "/var/lib/keystone/"]) ensure_ssl_dirs() save_script_rc() if run_in_apache(): # Need to ensure mod_wsgi is installed and apache2 is reloaded # immediatly as charm querys its local keystone before restart # decorator can fire apt_install(filter_installed_packages(determine_packages())) # when deployed from source, init scripts aren't installed if not git_install_requested(): service_pause("keystone") CONFIGS.write(WSGI_KEYSTONE_API_CONF) if not is_unit_paused_set(): restart_pid_check("apache2") configure_https() open_port(config("service-port")) update_nrpe_config() CONFIGS.write_all() initialise_pki() update_all_identity_relation_units() # Ensure sync request is sent out (needed for any/all ssl change) send_ssl_sync_request() for r_id in relation_ids("ha"): ha_joined(relation_id=r_id)
def config_changed_postupgrade(): # Ensure ssl dir exists and is unison-accessible ensure_ssl_dir() if not snap_install_requested(): check_call(['chmod', '-R', 'g+wrx', '/var/lib/keystone/']) ensure_ssl_dirs() save_script_rc() release = os_release('keystone') if run_in_apache(release=release): # Need to ensure mod_wsgi is installed and apache2 is reloaded # immediatly as charm querys its local keystone before restart # decorator can fire apt_install(filter_installed_packages(determine_packages())) # when deployed from source, init scripts aren't installed service_pause('keystone') disable_unused_apache_sites() if WSGI_KEYSTONE_API_CONF in CONFIGS.templates: CONFIGS.write(WSGI_KEYSTONE_API_CONF) if not is_unit_paused_set(): restart_pid_check('apache2') if enable_memcache(release=release): # If charm or OpenStack have been upgraded then the list of required # packages may have changed so ensure they are installed. apt_install(filter_installed_packages(determine_packages())) configure_https() open_port(config('service-port')) update_nrpe_config() CONFIGS.write_all() if snap_install_requested() and not is_unit_paused_set(): service_restart('snap.keystone.*') initialise_pki() update_all_identity_relation_units() update_all_domain_backends() update_all_fid_backends() # Ensure sync request is sent out (needed for any/all ssl change) send_ssl_sync_request() for r_id in relation_ids('ha'): ha_joined(relation_id=r_id)
def config_changed(): if config('prefer-ipv6'): status_set('maintenance', 'configuring ipv6') setup_ipv6() sync_db_with_multi_ipv6_addresses(config('database'), config('database-user')) unison.ensure_user(user=SSH_USER, group='juju_keystone') unison.ensure_user(user=SSH_USER, group='keystone') homedir = unison.get_homedir(SSH_USER) if not os.path.isdir(homedir): mkdir(homedir, SSH_USER, 'juju_keystone', 0o775) if git_install_requested(): if config_value_changed('openstack-origin-git'): status_set('maintenance', 'Running Git install') git_install(config('openstack-origin-git')) elif not config('action-managed-upgrade'): if openstack_upgrade_available('keystone'): status_set('maintenance', 'Running openstack upgrade') do_openstack_upgrade(configs=CONFIGS) # Ensure ssl dir exists and is unison-accessible ensure_ssl_dir() check_call(['chmod', '-R', 'g+wrx', '/var/lib/keystone/']) ensure_ssl_dirs() save_script_rc() configure_https() update_nrpe_config() CONFIGS.write_all() if is_pki_enabled(): initialise_pki() update_all_identity_relation_units() for rid in relation_ids('identity-admin'): admin_relation_changed(rid) # Ensure sync request is sent out (needed for any/all ssl change) send_ssl_sync_request() for r_id in relation_ids('ha'): ha_joined(relation_id=r_id)
def config_changed_postupgrade(): # Ensure ssl dir exists and is unison-accessible ensure_ssl_dir() if not snap_install_requested(): check_call(['chmod', '-R', 'g+wrx', '/var/lib/keystone/']) ensure_ssl_dirs() save_script_rc() if run_in_apache(): # Need to ensure mod_wsgi is installed and apache2 is reloaded # immediatly as charm querys its local keystone before restart # decorator can fire apt_install(filter_installed_packages(determine_packages())) # when deployed from source, init scripts aren't installed if not git_install_requested(): service_pause('keystone') if snap_install_requested(): service_pause('snap.keystone.uwsgi') service_pause('snap.keystone.nginx') else: disable_unused_apache_sites() CONFIGS.write(WSGI_KEYSTONE_API_CONF) if not is_unit_paused_set(): restart_pid_check('apache2') # NOTE(coreycb): Need to add https support for snap with nginx if not snap_install_requested(): configure_https() open_port(config('service-port')) if not snap_install_requested(): update_nrpe_config() CONFIGS.write_all() # NOTE(coreycb): Can dropp check once snap has alias support and # drops privileges. if not snap_install_requested(): initialise_pki() update_all_identity_relation_units() update_all_domain_backends() # Ensure sync request is sent out (needed for any/all ssl change) send_ssl_sync_request() for r_id in relation_ids('ha'): ha_joined(relation_id=r_id)