openstack/charm-neutron-gateway
Code Issues Proposed changes

Merge ssl-everywhere branch

Browse Source
This commit is contained in:
James Page 2014-03-27 11:20:28 +00:00
commit 3032a55352
11 changed files with 59 additions and 113 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
config.yaml
View File

@ -65,3 +65,11 @@ options:
within the cloud. This is useful in deployments where its not
possible to increase MTU on switches and physical servers to
accomodate the packet overhead of using GRE tunnels.
database-user:
default: nova
type: string
description: Username for database access
database:
default: nova
type: string
description: Database name

62
hooks/quantum_contexts.py
View File

@ -19,7 +19,7 @@ from charmhelpers.fetch import (
)
from charmhelpers.contrib.openstack.context import (
OSContextGenerator,
context_complete
context_complete,
)
from charmhelpers.contrib.openstack.utils import (
get_os_codename_install_source
@ -85,29 +85,22 @@ class NetworkServiceContext(OSContextGenerator):
def __call__(self):
for rid in relation_ids('quantum-network-service'):
for unit in related_units(rid):
rdata = relation_get(rid=rid, unit=unit)
ctxt = {
'keystone_host': relation_get('keystone_host',
rid=rid, unit=unit),
'service_port': relation_get('service_port', rid=rid,
unit=unit),
'auth_port': relation_get('auth_port', rid=rid, unit=unit),
'service_tenant': relation_get('service_tenant',
rid=rid, unit=unit),
'service_username': relation_get('service_username',
rid=rid, unit=unit),
'service_password': relation_get('service_password',
rid=rid, unit=unit),
'quantum_host': relation_get('quantum_host',
rid=rid, unit=unit),
'quantum_port': relation_get('quantum_port',
rid=rid, unit=unit),
'quantum_url': relation_get('quantum_url',
rid=rid, unit=unit),
'region': relation_get('region',
rid=rid, unit=unit),
# XXX: Hard-coded http.
'service_protocol': 'http',
'auth_protocol': 'http',
'keystone_host': rdata.get('keystone_host'),
'service_port': rdata.get('service_port'),
'auth_port': rdata.get('auth_port'),
'service_tenant': rdata.get('service_tenant'),
'service_username': rdata.get('service_username'),
'service_password': rdata.get('service_password'),
'quantum_host': rdata.get('quantum_host'),
'quantum_port': rdata.get('quantum_port'),
'quantum_url': rdata.get('quantum_url'),
'region': rdata.get('region'),
'service_protocol':
rdata.get('service_protocol') or 'http',
'auth_protocol':
rdata.get('auth_protocol') or 'http',
}
if context_complete(ctxt):
return ctxt
@ -166,29 +159,6 @@ class QuantumGatewayContext(OSContextGenerator):
return ctxt
class QuantumSharedDBContext(OSContextGenerator):
interfaces = ['shared-db']
def __call__(self):
for rid in relation_ids('shared-db'):
for unit in related_units(rid):
ctxt = {
'database_host': relation_get('db_host', rid=rid,
unit=unit),
'quantum_db': QUANTUM_DB,
'quantum_user': DB_USER,
'quantum_password': relation_get('quantum_password',
rid=rid, unit=unit),
'nova_db': NOVA_DB,
'nova_user': NOVA_DB_USER,
'nova_password': relation_get('nova_password', rid=rid,
unit=unit)
}
if context_complete(ctxt):
return ctxt
return {}
@cached
def get_host_ip(hostname=None):
try:

25
hooks/quantum_hooks.py
View File

@ -45,10 +45,6 @@ from quantum_utils import (
reassign_agent_resources,
stop_services
)
from quantum_contexts import (
DB_USER, QUANTUM_DB,
NOVA_DB_USER, NOVA_DB,
)
hooks = Hooks()
CONFIGS = register_configs()
@ -78,6 +74,11 @@ def install():
def config_changed():
if openstack_upgrade_available(get_common_package()):
do_openstack_upgrade(CONFIGS)
# Re-run joined hooks as config might have changed
for r_id in relation_ids('shared-db'):
db_joined(relation_id=r_id)
for r_id in relation_ids('amqp'):
amqp_joined(relation_id=r_id)
if valid_plugin():
CONFIGS.write_all()
configure_ovs()
@ -88,22 +89,16 @@ def config_changed():
@hooks.hook('upgrade-charm')
def upgrade_charm():
# NOTE(jamespage): Deal with changes to rabbitmq configuration for
# common virtual host across services
for r_id in relation_ids('amqp'):
amqp_joined(relation_id=r_id)
install()
config_changed()
@hooks.hook('shared-db-relation-joined')
def db_joined():
relation_set(quantum_username=DB_USER,
quantum_database=QUANTUM_DB,
quantum_hostname=unit_get('private-address'),
nova_username=NOVA_DB_USER,
nova_database=NOVA_DB,
nova_hostname=unit_get('private-address'))
def db_joined(relation_id=None):
relation_set(username=config('database-user'),
database=config('database'),
hostname=unit_get('private-address'),
relation_id=relation_id)
@hooks.hook('amqp-relation-joined')

29
hooks/quantum_utils.py
View File

@ -40,7 +40,6 @@ from quantum_contexts import (
QuantumGatewayContext,
NetworkServiceContext,
L3AgentContext,
QuantumSharedDBContext,
ExternalPortContext,
)
@ -48,6 +47,8 @@ from quantum_contexts import (
def valid_plugin():
return config('plugin') in CORE_PLUGIN[networking_name()]
QUANTUM_CONF_DIR = '/etc/quantum'
QUANTUM_OVS_PLUGIN_CONF = \
"/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini"
QUANTUM_NVP_PLUGIN_CONF = \
@ -57,6 +58,8 @@ QUANTUM_PLUGIN_CONF = {
NVP: QUANTUM_NVP_PLUGIN_CONF
}
NEUTRON_CONF_DIR = '/etc/neutron'
NEUTRON_OVS_PLUGIN_CONF = \
"/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini"
NEUTRON_ML2_PLUGIN_CONF = \
@ -148,12 +151,13 @@ NEUTRON_DNSMASQ_CONF = "/etc/neutron/dnsmasq.conf"
NEUTRON_METADATA_AGENT_CONF = "/etc/neutron/metadata_agent.ini"
NEUTRON_METERING_AGENT_CONF = "/etc/neutron/metering_agent.ini"
NOVA_CONF_DIR = '/etc/nova'
NOVA_CONF = "/etc/nova/nova.conf"
NOVA_CONFIG_FILES = {
NOVA_CONF: {
'hook_contexts': [context.AMQPContext(),
QuantumSharedDBContext(),
'hook_contexts': [context.AMQPContext(ssl_dir=NOVA_CONF_DIR),
context.SharedDBContext(ssl_dir=NOVA_CONF_DIR),
NetworkServiceContext(),
QuantumGatewayContext()],
'services': ['nova-api-metadata']
@ -192,7 +196,7 @@ NEUTRON_SHARED_CONFIG_FILES.update(NOVA_CONFIG_FILES)
QUANTUM_OVS_CONFIG_FILES = {
QUANTUM_CONF: {
'hook_contexts': [context.AMQPContext(),
'hook_contexts': [context.AMQPContext(ssl_dir=QUANTUM_CONF_DIR),
QuantumGatewayContext()],
'services': ['quantum-l3-agent',
'quantum-dhcp-agent',
@ -204,10 +208,8 @@ QUANTUM_OVS_CONFIG_FILES = {
QuantumGatewayContext()],
'services': ['quantum-l3-agent']
},
# TODO: Check to see if this is actually required
QUANTUM_OVS_PLUGIN_CONF: {
'hook_contexts': [QuantumSharedDBContext(),
QuantumGatewayContext()],
'hook_contexts': [QuantumGatewayContext()],
'services': ['quantum-plugin-openvswitch-agent']
},
EXT_PORT_CONF: {
@ -219,7 +221,7 @@ QUANTUM_OVS_CONFIG_FILES.update(QUANTUM_SHARED_CONFIG_FILES)
NEUTRON_OVS_CONFIG_FILES = {
NEUTRON_CONF: {
'hook_contexts': [context.AMQPContext(),
'hook_contexts': [context.AMQPContext(ssl_dir=NEUTRON_CONF_DIR),
QuantumGatewayContext()],
'services': ['neutron-l3-agent',
'neutron-dhcp-agent',
@ -237,10 +239,8 @@ NEUTRON_OVS_CONFIG_FILES = {
'hook_contexts': [QuantumGatewayContext()],
'services': ['neutron-metering-agent']
},
# TODO: Check to see if this is actually required
NEUTRON_OVS_PLUGIN_CONF: {
'hook_contexts': [QuantumSharedDBContext(),
QuantumGatewayContext()],
'hook_contexts': [QuantumGatewayContext()],
'services': ['neutron-plugin-openvswitch-agent']
},
NEUTRON_ML2_PLUGIN_CONF: {
@ -256,7 +256,7 @@ NEUTRON_OVS_CONFIG_FILES.update(NEUTRON_SHARED_CONFIG_FILES)
QUANTUM_NVP_CONFIG_FILES = {
QUANTUM_CONF: {
'hook_contexts': [context.AMQPContext()],
'hook_contexts': [context.AMQPContext(ssl_dir=QUANTUM_CONF_DIR)],
'services': ['quantum-dhcp-agent', 'quantum-metadata-agent']
},
}
@ -264,7 +264,7 @@ QUANTUM_NVP_CONFIG_FILES.update(QUANTUM_SHARED_CONFIG_FILES)
NEUTRON_NVP_CONFIG_FILES = {
NEUTRON_CONF: {
'hook_contexts': [context.AMQPContext()],
'hook_contexts': [context.AMQPContext(ssl_dir=NEUTRON_CONF_DIR)],
'services': ['neutron-dhcp-agent', 'neutron-metadata-agent']
},
}
@ -354,8 +354,7 @@ def reassign_agent_resources():
''' Try to import neutronclient instead for havana+ '''
from neutronclient.v2_0 import client
# TODO: Fixup for https keystone
auth_url = 'http://%(keystone_host)s:%(auth_port)s/v2.0' % env
auth_url = '%(auth_protocol)s://%(keystone_host)s:%(auth_port)s/v2.0' % env
quantum = client.Client(username=env['service_username'],
password=env['service_password'],
tenant_name=env['service_tenant'],

2
templates/folsom/nova.conf
View File

@ -7,7 +7,7 @@ verbose=True
api_paste_config=/etc/nova/api-paste.ini
enabled_apis=metadata
multi_host=True
sql_connection=mysql://{{ nova_user }}:{{ nova_password }}@{{ database_host }}/{{ nova_db }}
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
quantum_metadata_proxy_shared_secret={{ shared_secret }}
service_quantum_metadata_proxy=True
# Access to message bus

2
templates/folsom/ovs_quantum_plugin.ini
View File

@ -1,6 +1,4 @@
[DATABASE]
sql_connection = mysql://{{ quantum_user }}:{{ quantum_password }}@{{ database_host }}/{{ quantum_db }}?charset=utf8
reconnect_interval = 2
[OVS]
local_ip = {{ local_ip }}
tenant_network_type = gre

2
templates/havana/nova.conf
View File

@ -7,7 +7,7 @@ verbose= {{ verbose }}
api_paste_config=/etc/nova/api-paste.ini
enabled_apis=metadata
multi_host=True
sql_connection=mysql://{{ nova_user }}:{{ nova_password }}@{{ database_host }}/{{ nova_db }}
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
neutron_metadata_proxy_shared_secret={{ shared_secret }}
service_neutron_metadata_proxy=True
# Access to message bus

2
templates/havana/ovs_neutron_plugin.ini
View File

@ -1,6 +1,4 @@
[DATABASE]
sql_connection = mysql://{{ quantum_user }}:{{ quantum_password }}@{{ database_host }}/{{ quantum_db }}?charset=utf8
reconnect_interval = 2
[OVS]
local_ip = {{ local_ip }}
tenant_network_type = gre

21
unit_tests/test_quantum_contexts.py
View File

@ -77,27 +77,6 @@ class _TestQuantumContext(CharmTestCase):
self.assertEquals(self.context(), self.data_result)
class TestQuantumSharedDBContext(_TestQuantumContext):
def setUp(self):
super(TestQuantumSharedDBContext, self).setUp()
self.context = quantum_contexts.QuantumSharedDBContext()
self.test_relation.set(
{'db_host': '10.5.0.1',
'nova_password': 'novapass',
'quantum_password': 'quantumpass'}
)
self.data_result = {
'database_host': '10.5.0.1',
'nova_user': 'nova',
'nova_password': 'novapass',
'nova_db': 'nova',
'quantum_user': 'quantum',
'quantum_password': 'quantumpass',
'quantum_db': 'quantum'
}
class TestNetworkServiceContext(_TestQuantumContext):
def setUp(self):

16
unit_tests/test_quantum_hooks.py
View File

@ -1,4 +1,6 @@
from mock import MagicMock, patch, call
import charmhelpers.core.hookenv as hookenv
hookenv.config = MagicMock()
import quantum_utils as utils
_register_configs = utils.register_configs
_restart_map = utils.restart_map
@ -53,6 +55,7 @@ class TestQuantumHooks(CharmTestCase):
self.test_config.set('plugin', 'ovs')
self.lsb_release.return_value = {'DISTRIB_CODENAME': 'precise'}
self.b64decode.side_effect = passthrough
hookenv.config.side_effect = self.test_config.get
def _call_hook(self, hookname):
hooks.hooks.execute([
@ -107,23 +110,18 @@ class TestQuantumHooks(CharmTestCase):
def test_upgrade_charm(self):
_install = self.patch('install')
_config_changed = self.patch('config_changed')
_amqp_joined = self.patch('amqp_joined')
self.relation_ids.return_value = ['amqp:0']
self._call_hook('upgrade-charm')
self.assertTrue(_install.called)
self.assertTrue(_config_changed.called)
_amqp_joined.assert_called_with(relation_id='amqp:0')
def test_db_joined(self):
self.unit_get.return_value = 'myhostname'
self._call_hook('shared-db-relation-joined')
self.relation_set.assert_called_with(
quantum_username='quantum',
quantum_database='quantum',
quantum_hostname='myhostname',
nova_username='nova',
nova_database='nova',
nova_hostname='myhostname',
username='nova',
database='nova',
hostname='myhostname',
relation_id=None
)
def test_amqp_joined(self):

3
unit_tests/test_quantum_utils.py
View File

@ -260,7 +260,8 @@ network_context = {
'service_tenant': 'baz',
'region': 'foo-bar',
'keystone_host': 'keystone',
'auth_port': 5000
'auth_port': 5000,
'auth_protocol': 'https'
}