Enhanced pause/resume with gated restarts - 2

This contains a fix against the original change id: Ie0c5e0249bde0839345ad66f7400522754aa91ca which broke keystone. Otherwise, the fix is the same: The existing pause/resume functionality is enhanced with changed charm-helpers support to chech that the services really are stopped and that paused units really stay paused. The restart_on_change decorator is gated such that if the unit is 'paused' then the service is not accidentally started. Change-Id: I6a828676be11338266845e822be087d734944da0
2016-03-02 11:04:09 +00:00
parent 1f081a98ea
commit 5be8433751
9 changed files with 132 additions and 28 deletions
--- a/6
+++ b/6
@@ -2,14 +2,12 @@
 PYTHON := /usr/bin/env python

 lint:
-	@flake8 --exclude hooks/charmhelpers,tests/charmhelpers \
-        actions hooks unit_tests tests
-	@charm proof
+	@tox -e pep8

 test:
 	@# Bundletester expects unit tests here.
 	@echo Starting unit tests...
-	@$(PYTHON) /usr/bin/nosetests -v --nologcapture --with-coverage unit_tests
+	@tox -e py27

 functional_test:
 	@echo Starting Amulet tests...
--- a/charmhelpers/contrib/openstack/amulet/utils.py
+++ b/charmhelpers/contrib/openstack/amulet/utils.py
@@ -27,7 +27,11 @@ import cinderclient.v1.client as cinder_client
 import glanceclient.v1.client as glance_client
 import heatclient.v1.client as heat_client
 import keystoneclient.v2_0 as keystone_client
-import novaclient.v1_1.client as nova_client
+from keystoneclient.auth.identity import v3 as keystone_id_v3
+from keystoneclient import session as keystone_session
+from keystoneclient.v3 import client as keystone_client_v3
+
+import novaclient.client as nova_client
 import pika
 import swiftclient

@@ -38,6 +42,8 @@ from charmhelpers.contrib.amulet.utils import (
 DEBUG = logging.DEBUG
 ERROR = logging.ERROR

+NOVA_CLIENT_VERSION = "2"
+

 class OpenStackAmuletUtils(AmuletUtils):
    """OpenStack amulet utilities.
@@ -139,7 +145,7 @@ class OpenStackAmuletUtils(AmuletUtils):
                return "role {} does not exist".format(e['name'])
        return ret

-    def validate_user_data(self, expected, actual):
+    def validate_user_data(self, expected, actual, api_version=None):
        """Validate user data.

           Validate a list of actual user data vs a list of expected user
@@ -150,10 +156,15 @@ class OpenStackAmuletUtils(AmuletUtils):
        for e in expected:
            found = False
            for act in actual:
-                a = {'enabled': act.enabled, 'name': act.name,
-                     'email': act.email, 'tenantId': act.tenantId,
-                     'id': act.id}
-                if e['name'] == a['name']:
+                if e['name'] == act.name:
+                    a = {'enabled': act.enabled, 'name': act.name,
+                         'email': act.email, 'id': act.id}
+                    if api_version == 3:
+                        a['default_project_id'] = getattr(act,
+                                                          'default_project_id',
+                                                          'none')
+                    else:
+                        a['tenantId'] = act.tenantId
                    found = True
                    ret = self._validate_dict_data(e, a)
                    if ret:
@@ -188,15 +199,30 @@ class OpenStackAmuletUtils(AmuletUtils):
        return cinder_client.Client(username, password, tenant, ept)

    def authenticate_keystone_admin(self, keystone_sentry, user, password,
-                                    tenant):
+                                    tenant=None, api_version=None,
+                                    keystone_ip=None):
        """Authenticates admin user with the keystone admin endpoint."""
        self.log.debug('Authenticating keystone admin...')
        unit = keystone_sentry
-        service_ip = unit.relation('shared-db',
-                                   'mysql:shared-db')['private-address']
-        ep = "http://{}:35357/v2.0".format(service_ip.strip().decode('utf-8'))
-        return keystone_client.Client(username=user, password=password,
-                                      tenant_name=tenant, auth_url=ep)
+        if not keystone_ip:
+            keystone_ip = unit.relation('shared-db',
+                                        'mysql:shared-db')['private-address']
+        base_ep = "http://{}:35357".format(keystone_ip.strip().decode('utf-8'))
+        if not api_version or api_version == 2:
+            ep = base_ep + "/v2.0"
+            return keystone_client.Client(username=user, password=password,
+                                          tenant_name=tenant, auth_url=ep)
+        else:
+            ep = base_ep + "/v3"
+            auth = keystone_id_v3.Password(
+                user_domain_name='admin_domain',
+                username=user,
+                password=password,
+                domain_name='admin_domain',
+                auth_url=ep,
+            )
+            sess = keystone_session.Session(auth=auth)
+            return keystone_client_v3.Client(session=sess)

    def authenticate_keystone_user(self, keystone, user, password, tenant):
        """Authenticates a regular user with the keystone public endpoint."""
@@ -225,7 +251,8 @@ class OpenStackAmuletUtils(AmuletUtils):
        self.log.debug('Authenticating nova user ({})...'.format(user))
        ep = keystone.service_catalog.url_for(service_type='identity',
                                              endpoint_type='publicURL')
-        return nova_client.Client(username=user, api_key=password,
+        return nova_client.Client(NOVA_CLIENT_VERSION,
+                                  username=user, api_key=password,
                                  project_id=tenant, auth_url=ep)

    def authenticate_swift_user(self, keystone, user, password, tenant):
--- a/charmhelpers/contrib/openstack/utils.py
+++ b/charmhelpers/contrib/openstack/utils.py
@@ -137,7 +137,7 @@ SWIFT_CODENAMES = OrderedDict([
    ('liberty',
        ['2.3.0', '2.4.0', '2.5.0']),
    ('mitaka',
-        ['2.5.0']),
+        ['2.5.0', '2.6.0']),
 ])

 # >= Liberty version->codename mapping
--- a/charmhelpers/contrib/storage/linux/ceph.py
+++ b/charmhelpers/contrib/storage/linux/ceph.py
@@ -173,7 +173,7 @@ class Pool(object):
        elif mode == 'writeback':
            check_call(['ceph', '--id', self.service, 'osd', 'tier', 'cache-mode', cache_pool, 'forward'])
            # Flush the cache and wait for it to return
-            check_call(['ceph', '--id', self.service, '-p', cache_pool, 'cache-flush-evict-all'])
+            check_call(['rados', '--id', self.service, '-p', cache_pool, 'cache-flush-evict-all'])
            check_call(['ceph', '--id', self.service, 'osd', 'tier', 'remove-overlay', self.name])
            check_call(['ceph', '--id', self.service, 'osd', 'tier', 'remove', self.name, cache_pool])

@@ -271,7 +271,7 @@ def get_mon_map(service):
    try:
        mon_status = check_output(
            ['ceph', '--id', service,
-             'ceph', 'mon_status', '--format=json'])
+             'mon_status', '--format=json'])
        try:
            return json.loads(mon_status)
        except ValueError as v:
@@ -321,7 +321,7 @@ def monitor_key_delete(service, key):
    try:
        check_output(
            ['ceph', '--id', service,
-             'ceph', 'config-key', 'del', str(key)])
+             'config-key', 'del', str(key)])
    except CalledProcessError as e:
        log("Monitor config-key put failed with message: {}".format(
            e.output))
@@ -339,7 +339,7 @@ def monitor_key_set(service, key, value):
    try:
        check_output(
            ['ceph', '--id', service,
-             'ceph', 'config-key', 'put', str(key), str(value)])
+             'config-key', 'put', str(key), str(value)])
    except CalledProcessError as e:
        log("Monitor config-key put failed with message: {}".format(
            e.output))
@@ -356,7 +356,7 @@ def monitor_key_get(service, key):
    try:
        output = check_output(
            ['ceph', '--id', service,
-             'ceph', 'config-key', 'get', str(key)])
+             'config-key', 'get', str(key)])
        return output
    except CalledProcessError as e:
        log("Monitor config-key get failed with message: {}".format(
--- a/charmhelpers/core/hookenv.py
+++ b/charmhelpers/core/hookenv.py
@@ -912,6 +912,24 @@ def payload_status_set(klass, pid, status):
    subprocess.check_call(cmd)


+@translate_exc(from_exc=OSError, to_exc=NotImplementedError)
+def resource_get(name):
+    """used to fetch the resource path of the given name.
+
+    <name> must match a name of defined resource in metadata.yaml
+
+    returns either a path or False if resource not available
+    """
+    if not name:
+        return False
+
+    cmd = ['resource-get', name]
+    try:
+        return subprocess.check_output(cmd).decode('UTF-8')
+    except subprocess.CalledProcessError:
+        return False
+
+
@cached
 def juju_version():
    """Full version string (eg. '1.23.3.1-trusty-amd64')"""
--- a/hooks/keystone_utils.py
+++ b/hooks/keystone_utils.py
@@ -2024,6 +2024,16 @@ def assess_status_func(configs):
        services=services(), ports=determine_ports())


+def get_admin_domain_id():
+    domain_id = None
+    if os.path.isfile(STORED_ADMIN_DOMAIN_ID):
+        log("Loading stored domain id from %s" % STORED_ADMIN_DOMAIN_ID,
+            level=INFO)
+        with open(STORED_ADMIN_DOMAIN_ID, 'r') as fd:
+            domain_id = fd.readline().strip('\n')
+    return domain_id
+
+
 def pause_unit_helper(configs):
    """Helper function to pause a unit, and then call assess_status(...) in
    effect, so that the status is correctly updated.
--- a/tests/charmhelpers/contrib/openstack/amulet/utils.py
+++ b/tests/charmhelpers/contrib/openstack/amulet/utils.py
@@ -31,7 +31,7 @@ from keystoneclient.auth.identity import v3 as keystone_id_v3
 from keystoneclient import session as keystone_session
 from keystoneclient.v3 import client as keystone_client_v3

-import novaclient.v1_1.client as nova_client
+import novaclient.client as nova_client
 import pika
 import swiftclient

@@ -42,6 +42,8 @@ from charmhelpers.contrib.amulet.utils import (
 DEBUG = logging.DEBUG
 ERROR = logging.ERROR

+NOVA_CLIENT_VERSION = "2"
+

 class OpenStackAmuletUtils(AmuletUtils):
    """OpenStack amulet utilities.
@@ -157,12 +159,12 @@ class OpenStackAmuletUtils(AmuletUtils):
                if e['name'] == act.name:
                    a = {'enabled': act.enabled, 'name': act.name,
                         'email': act.email, 'id': act.id}
-                    if api_version == 2:
-                        a['tenantId'] = act.tenantId
-                    else:
+                    if api_version == 3:
                        a['default_project_id'] = getattr(act,
                                                          'default_project_id',
                                                          'none')
+                    else:
+                        a['tenantId'] = act.tenantId
                    found = True
                    ret = self._validate_dict_data(e, a)
                    if ret:
@@ -249,7 +251,8 @@ class OpenStackAmuletUtils(AmuletUtils):
        self.log.debug('Authenticating nova user ({})...'.format(user))
        ep = keystone.service_catalog.url_for(service_type='identity',
                                              endpoint_type='publicURL')
-        return nova_client.Client(username=user, api_key=password,
+        return nova_client.Client(NOVA_CLIENT_VERSION,
+                                  username=user, api_key=password,
                                  project_id=tenant, auth_url=ep)

    def authenticate_swift_user(self, keystone, user, password, tenant):
--- a/tests/charmhelpers/core/hookenv.py
+++ b/tests/charmhelpers/core/hookenv.py
@@ -912,6 +912,24 @@ def payload_status_set(klass, pid, status):
    subprocess.check_call(cmd)


+@translate_exc(from_exc=OSError, to_exc=NotImplementedError)
+def resource_get(name):
+    """used to fetch the resource path of the given name.
+
+    <name> must match a name of defined resource in metadata.yaml
+
+    returns either a path or False if resource not available
+    """
+    if not name:
+        return False
+
+    cmd = ['resource-get', name]
+    try:
+        return subprocess.check_output(cmd).decode('UTF-8')
+    except subprocess.CalledProcessError:
+        return False
+
+
@cached
 def juju_version():
    """Full version string (eg. '1.23.3.1-trusty-amd64')"""
@@ -976,3 +994,16 @@ def _run_atexit():
    for callback, args, kwargs in reversed(_atexit):
        callback(*args, **kwargs)
    del _atexit[:]
+
+
+@translate_exc(from_exc=OSError, to_exc=NotImplementedError)
+def network_get_primary_address(binding):
+    '''
+    Retrieve the primary network address for a named binding
+
+    :param binding: string. The name of a relation of extra-binding
+    :return: string. The primary IP address for the named binding
+    :raise: NotImplementedError if run on Juju < 2.0
+    '''
+    cmd = ['network-get', '--primary-address', binding]
+    return subprocess.check_output(cmd).strip()
--- a/unit_tests/test_keystone_utils.py
+++ b/unit_tests/test_keystone_utils.py
@@ -734,6 +734,23 @@ class TestKeystoneUtils(CharmTestCase):
        utils.delete_service_entry('bob', 'bill')
        mock_keystone.api.services.delete.assert_called_with('sid1')

+    @patch('os.path.isfile')
+    def test_get_admin_domain_id(self, isfile_mock):
+        isfile_mock.return_value = False
+        x = utils.get_admin_domain_id()
+        assert x is None
+        from sys import version_info
+        if version_info.major == 2:
+            import __builtin__ as builtins
+        else:
+            import builtins
+        from mock import mock_open
+        with patch.object(builtins, 'open', mock_open(
+                read_data="some_data\n")):
+            isfile_mock.return_value = True
+            x = utils.get_admin_domain_id()
+            self.assertEquals(x, 'some_data')
+
    def test_assess_status(self):
        with patch.object(utils, 'assess_status_func') as asf:
            callee = MagicMock()