def _test_generate_certificates(self, expected_ca_name, mock_cluster, mock_generate_ca_cert, mock_generate_client_cert): expected_ca_password = '******' expected_ca_cert = { 'private_key': 'ca_private_key', 'certificate': 'ca_certificate'} expected_cert_ref = 'cert_ref' expected_ca_cert_ref = 'ca-cert-ref' mock_generate_ca_cert.return_value = (expected_ca_cert_ref, expected_ca_cert, expected_ca_password) mock_generate_client_cert.return_value = expected_cert_ref cert_manager.generate_certificates_to_cluster(mock_cluster) self.assertEqual(expected_ca_cert_ref, mock_cluster.ca_cert_ref) self.assertEqual(expected_cert_ref, mock_cluster.magnum_cert_ref) mock_generate_ca_cert.assert_called_once_with(expected_ca_name, context=None) mock_generate_client_cert.assert_called_once_with( expected_ca_name, expected_ca_cert, expected_ca_password, context=None)
def _test_generate_certificates(self, expected_ca_name, mock_cluster, mock_generate_ca_cert, mock_generate_client_cert): expected_ca_password = '******' expected_ca_cert = { 'private_key': 'ca_private_key', 'certificate': 'ca_certificate' } expected_cert_ref = 'cert_ref' expected_ca_cert_ref = 'ca-cert-ref' mock_generate_ca_cert.return_value = (expected_ca_cert_ref, expected_ca_cert, expected_ca_password) mock_generate_client_cert.return_value = expected_cert_ref cert_manager.generate_certificates_to_cluster(mock_cluster) self.assertEqual(expected_ca_cert_ref, mock_cluster.ca_cert_ref) self.assertEqual(expected_cert_ref, mock_cluster.magnum_cert_ref) mock_generate_ca_cert.assert_called_with(expected_ca_name, context=None) mock_generate_client_cert.assert_called_once_with(expected_ca_name, expected_ca_cert, expected_ca_password, context=None)
def cluster_create(self, context, cluster, create_timeout): LOG.debug('cluster_heat cluster_create') osc = clients.OpenStackClients(context) try: # Create trustee/trust and set them to cluster trust_manager.create_trustee_and_trust(osc, cluster) # Generate certificate and set the cert reference to cluster cert_manager.generate_certificates_to_cluster(cluster, context=context) conductor_utils.notify_about_cluster_operation( context, taxonomy.ACTION_CREATE, taxonomy.OUTCOME_PENDING) created_stack = _create_stack(context, osc, cluster, create_timeout) except Exception as e: cluster.status = fields.ClusterStatus.CREATE_FAILED cluster.status_reason = six.text_type(e) cluster.create() conductor_utils.notify_about_cluster_operation( context, taxonomy.ACTION_CREATE, taxonomy.OUTCOME_FAILURE) if isinstance(e, exc.HTTPBadRequest): e = exception.InvalidParameterValue(message=six.text_type(e)) raise e raise cluster.stack_id = created_stack['stack']['id'] cluster.status = fields.ClusterStatus.CREATE_IN_PROGRESS cluster.create() self._poll_and_check(osc, cluster) return cluster
def bay_create(self, context, bay, bay_create_timeout): LOG.debug('bay_heat bay_create') osc = clients.OpenStackClients(context) try: # Create trustee/trust and set them to bay trust_manager.create_trustee_and_trust(osc, bay) # Generate certificate and set the cert reference to bay cert_manager.generate_certificates_to_cluster(bay, context=context) conductor_utils.notify_about_bay_operation( context, taxonomy.ACTION_CREATE, taxonomy.OUTCOME_PENDING) created_stack = _create_stack(context, osc, bay, bay_create_timeout) except Exception as e: cert_manager.delete_certificates_from_cluster(bay, context=context) trust_manager.delete_trustee_and_trust(osc, context, bay) conductor_utils.notify_about_bay_operation( context, taxonomy.ACTION_CREATE, taxonomy.OUTCOME_FAILURE) if isinstance(e, exc.HTTPBadRequest): e = exception.InvalidParameterValue(message=six.text_type(e)) raise e raise bay.stack_id = created_stack['stack']['id'] bay.status = bay_status.CREATE_IN_PROGRESS bay.create() self._poll_and_check(osc, bay) return bay
def cluster_create(self, context, cluster, master_count, node_count, create_timeout): LOG.debug('cluster_heat cluster_create') osc = clients.OpenStackClients(context) cluster.status = fields.ClusterStatus.CREATE_IN_PROGRESS cluster.status_reason = None cluster.create() # Master nodegroup master_ng = conductor_utils._get_nodegroup_object(context, cluster, master_count, is_master=True) master_ng.create() # Minion nodegroup minion_ng = conductor_utils._get_nodegroup_object(context, cluster, node_count, is_master=False) minion_ng.create() try: # Create trustee/trust and set them to cluster trust_manager.create_trustee_and_trust(osc, cluster) # Generate certificate and set the cert reference to cluster cert_manager.generate_certificates_to_cluster(cluster, context=context) conductor_utils.notify_about_cluster_operation( context, taxonomy.ACTION_CREATE, taxonomy.OUTCOME_PENDING, cluster) # Get driver cluster_driver = driver.Driver.get_driver_for_cluster( context, cluster) # Create cluster cluster_driver.create_cluster(context, cluster, create_timeout) cluster.save() for ng in cluster.nodegroups: ng.stack_id = cluster.stack_id ng.save() except Exception as e: cluster.status = fields.ClusterStatus.CREATE_FAILED cluster.status_reason = six.text_type(e) cluster.save() conductor_utils.notify_about_cluster_operation( context, taxonomy.ACTION_CREATE, taxonomy.OUTCOME_FAILURE, cluster) if isinstance(e, exc.HTTPBadRequest): e = exception.InvalidParameterValue(message=six.text_type(e)) raise e raise return cluster
def cluster_create(self, context, cluster, master_count, node_count, create_timeout): LOG.debug('cluster_heat cluster_create') osc = clients.OpenStackClients(context) cluster.status = fields.ClusterStatus.CREATE_IN_PROGRESS cluster.status_reason = None cluster.create() # Master nodegroup master_ng = conductor_utils._get_nodegroup_object( context, cluster, master_count, is_master=True) master_ng.create() # Minion nodegroup minion_ng = conductor_utils._get_nodegroup_object( context, cluster, node_count, is_master=False) minion_ng.create() try: # Create trustee/trust and set them to cluster trust_manager.create_trustee_and_trust(osc, cluster) # Generate certificate and set the cert reference to cluster cert_manager.generate_certificates_to_cluster(cluster, context=context) conductor_utils.notify_about_cluster_operation( context, taxonomy.ACTION_CREATE, taxonomy.OUTCOME_PENDING) # Get driver cluster_driver = driver.Driver.get_driver_for_cluster(context, cluster) # Create cluster cluster_driver.create_cluster(context, cluster, create_timeout) cluster.save() except Exception as e: cluster.status = fields.ClusterStatus.CREATE_FAILED cluster.status_reason = six.text_type(e) cluster.save() conductor_utils.notify_about_cluster_operation( context, taxonomy.ACTION_CREATE, taxonomy.OUTCOME_FAILURE) if isinstance(e, exc.HTTPBadRequest): e = exception.InvalidParameterValue(message=six.text_type(e)) raise e raise return cluster
def rotate_ca_certificate(self, context, cluster): LOG.info('start rotate_ca_certificate for cluster: %s', cluster.uuid) allow_update_status = (fields.ClusterStatus.CREATE_COMPLETE, fields.ClusterStatus.UPDATE_COMPLETE, fields.ClusterStatus.RESUME_COMPLETE, fields.ClusterStatus.RESTORE_COMPLETE, fields.ClusterStatus.ROLLBACK_COMPLETE, fields.ClusterStatus.SNAPSHOT_COMPLETE, fields.ClusterStatus.CHECK_COMPLETE, fields.ClusterStatus.ADOPT_COMPLETE) if cluster.status not in allow_update_status: conductor_utils.notify_about_cluster_operation( context, taxonomy.ACTION_UPDATE, taxonomy.OUTCOME_FAILURE, cluster) operation = _('Updating a cluster when status is ' '"%s"') % cluster.status raise exception.NotSupported(operation=operation) try: # re-generate the ca certs cert_manager.generate_certificates_to_cluster(cluster, context=context) cluster_driver = driver.Driver.get_driver_for_cluster( context, cluster) cluster_driver.rotate_ca_certificate(context, cluster) cluster.status = fields.ClusterStatus.UPDATE_IN_PROGRESS cluster.status_reason = None except Exception as e: cluster.status = fields.ClusterStatus.UPDATE_FAILED cluster.status_reason = six.text_type(e) cluster.save() conductor_utils.notify_about_cluster_operation( context, taxonomy.ACTION_UPDATE, taxonomy.OUTCOME_FAILURE, cluster) if isinstance(e, exc.HTTPBadRequest): e = exception.InvalidParameterValue(message=six.text_type(e)) raise e raise cluster.save() return cluster
def cluster_create(self, context, cluster, create_timeout): LOG.debug('cluster_heat cluster_create') osc = clients.OpenStackClients(context) try: # Create trustee/trust and set them to cluster trust_manager.create_trustee_and_trust(osc, cluster) # Generate certificate and set the cert reference to cluster cert_manager.generate_certificates_to_cluster(cluster, context=context) conductor_utils.notify_about_cluster_operation( context, taxonomy.ACTION_CREATE, taxonomy.OUTCOME_PENDING) # Get driver ct = conductor_utils.retrieve_cluster_template(context, cluster) cluster_driver = driver.Driver.get_driver(ct.server_type, ct.cluster_distro, ct.coe) # Create cluster created_stack = cluster_driver.create_stack(context, osc, cluster, create_timeout) except Exception as e: cluster.status = fields.ClusterStatus.CREATE_FAILED cluster.status_reason = six.text_type(e) cluster.create() conductor_utils.notify_about_cluster_operation( context, taxonomy.ACTION_CREATE, taxonomy.OUTCOME_FAILURE) if isinstance(e, exc.HTTPBadRequest): e = exception.InvalidParameterValue(message=six.text_type(e)) raise e raise cluster.stack_id = created_stack['stack']['id'] cluster.status = fields.ClusterStatus.CREATE_IN_PROGRESS cluster.create() self._poll_and_check(osc, cluster, cluster_driver) return cluster