Enable SSL termination for nova-placement-api
determine_ports() was not adding the nova-placement-api port to the ports list because it is run under the apache2 service. This fix enables determine_ports() to get 'nova-placement-api' from the list of services rather than 'apache2', allowing it to determine the port that nova-placement-api uses. Also enable tests/gate-basic-xenial-ocata in this commit. Change-Id: I8113e911272ee671026bace9f6e0e8c4ce072e6b
This commit is contained in:
parent
86e59d7457
commit
7dd8357b06
@ -321,10 +321,14 @@ SERIAL_CONSOLE = {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
def resource_map(return_services=True):
|
def resource_map(actual_services=True):
|
||||||
'''
|
'''
|
||||||
Dynamically generate a map of resources that will be managed for a single
|
Dynamically generate a map of resources that will be managed for a single
|
||||||
hook execution.
|
hook execution.
|
||||||
|
|
||||||
|
:param actual_services: Whether to return the actual services that run on a
|
||||||
|
unit (ie. apache2) or the services defined in BASE_SERVICES
|
||||||
|
(ie.nova-placement-api).
|
||||||
'''
|
'''
|
||||||
resource_map = deepcopy(BASE_RESOURCE_MAP)
|
resource_map = deepcopy(BASE_RESOURCE_MAP)
|
||||||
|
|
||||||
@ -367,7 +371,7 @@ def resource_map(return_services=True):
|
|||||||
'contexts': [context.MemcacheContext()],
|
'contexts': [context.MemcacheContext()],
|
||||||
'services': ['memcached']}
|
'services': ['memcached']}
|
||||||
|
|
||||||
if return_services and placement_api_enabled():
|
if actual_services and placement_api_enabled():
|
||||||
for cfile in resource_map:
|
for cfile in resource_map:
|
||||||
svcs = resource_map[cfile]['services']
|
svcs = resource_map[cfile]['services']
|
||||||
if 'nova-placement-api' in svcs:
|
if 'nova-placement-api' in svcs:
|
||||||
@ -399,9 +403,17 @@ def register_configs(release=None):
|
|||||||
return configs
|
return configs
|
||||||
|
|
||||||
|
|
||||||
def restart_map():
|
def restart_map(actual_services=True):
|
||||||
return OrderedDict([(cfg, v['services'])
|
'''
|
||||||
for cfg, v in resource_map().iteritems()
|
Constructs a restart map of config files and corresponding services
|
||||||
|
|
||||||
|
:param actual_services: Whether to return the actual services that run on a
|
||||||
|
unit (ie. apache2) or the services defined in BASE_SERVICES
|
||||||
|
(ie.nova-placement-api).
|
||||||
|
'''
|
||||||
|
return OrderedDict(
|
||||||
|
[(cfg, v['services'])
|
||||||
|
for cfg, v in resource_map(actual_services).iteritems()
|
||||||
if v['services']])
|
if v['services']])
|
||||||
|
|
||||||
|
|
||||||
@ -416,7 +428,7 @@ def services():
|
|||||||
def determine_ports():
|
def determine_ports():
|
||||||
'''Assemble a list of API ports for services we are managing'''
|
'''Assemble a list of API ports for services we are managing'''
|
||||||
ports = []
|
ports = []
|
||||||
for services in restart_map().values():
|
for services in restart_map(actual_services=False).values():
|
||||||
for svc in services:
|
for svc in services:
|
||||||
try:
|
try:
|
||||||
ports.append(API_PORTS[svc])
|
ports.append(API_PORTS[svc])
|
||||||
@ -453,7 +465,7 @@ def console_attributes(attr, proto=None):
|
|||||||
def determine_packages():
|
def determine_packages():
|
||||||
# currently all packages match service names
|
# currently all packages match service names
|
||||||
packages = deepcopy(BASE_PACKAGES)
|
packages = deepcopy(BASE_PACKAGES)
|
||||||
for v in resource_map(return_services=False).values():
|
for v in resource_map(actual_services=False).values():
|
||||||
packages.extend(v['services'])
|
packages.extend(v['services'])
|
||||||
if console_attributes('packages'):
|
if console_attributes('packages'):
|
||||||
packages.extend(console_attributes('packages'))
|
packages.extend(console_attributes('packages'))
|
||||||
|
@ -11,13 +11,13 @@ requests==2.6.0
|
|||||||
# Liberty client lower constraints
|
# Liberty client lower constraints
|
||||||
amulet>=1.14.3,<2.0
|
amulet>=1.14.3,<2.0
|
||||||
bundletester>=0.6.1,<1.0
|
bundletester>=0.6.1,<1.0
|
||||||
python-ceilometerclient>=1.5.0,<2.0
|
python-ceilometerclient>=1.5.0
|
||||||
python-cinderclient>=1.4.0,<2.0
|
python-cinderclient>=1.4.0
|
||||||
python-glanceclient>=1.1.0,<2.0
|
python-glanceclient>=1.1.0
|
||||||
python-heatclient>=0.8.0,<1.0
|
python-heatclient>=0.8.0
|
||||||
python-novaclient>=2.30.1,<3.0
|
python-novaclient>=2.30.1
|
||||||
python-openstackclient>=1.7.0,<2.0
|
python-openstackclient>=1.7.0
|
||||||
python-swiftclient>=2.6.0,<3.0
|
python-swiftclient>=2.6.0
|
||||||
pika>=0.10.0,<1.0
|
pika>=0.10.0,<1.0
|
||||||
distro-info
|
distro-info
|
||||||
# END: Amulet OpenStack Charm Helper Requirements
|
# END: Amulet OpenStack Charm Helper Requirements
|
||||||
|
@ -90,6 +90,13 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||||||
{'name': 'glance'},
|
{'name': 'glance'},
|
||||||
{'name': 'percona-cluster', 'constraints': {'mem': '3072M'}},
|
{'name': 'percona-cluster', 'constraints': {'mem': '3072M'}},
|
||||||
]
|
]
|
||||||
|
if self._get_openstack_release() >= self.xenial_ocata:
|
||||||
|
other_ocata_services = [
|
||||||
|
{'name': 'neutron-gateway'},
|
||||||
|
{'name': 'neutron-api'},
|
||||||
|
{'name': 'neutron-openvswitch'},
|
||||||
|
]
|
||||||
|
other_services += other_ocata_services
|
||||||
super(NovaCCBasicDeployment, self)._add_services(this_service,
|
super(NovaCCBasicDeployment, self)._add_services(this_service,
|
||||||
other_services)
|
other_services)
|
||||||
|
|
||||||
@ -109,8 +116,22 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||||||
'keystone:shared-db': 'percona-cluster:shared-db',
|
'keystone:shared-db': 'percona-cluster:shared-db',
|
||||||
'glance:identity-service': 'keystone:identity-service',
|
'glance:identity-service': 'keystone:identity-service',
|
||||||
'glance:shared-db': 'percona-cluster:shared-db',
|
'glance:shared-db': 'percona-cluster:shared-db',
|
||||||
'glance:amqp': 'rabbitmq-server:amqp'
|
'glance:amqp': 'rabbitmq-server:amqp',
|
||||||
}
|
}
|
||||||
|
if self._get_openstack_release() >= self.xenial_ocata:
|
||||||
|
ocata_relations = {
|
||||||
|
'neutron-gateway:amqp': 'rabbitmq-server:amqp',
|
||||||
|
'nova-cloud-controller:quantum-network-service':
|
||||||
|
'neutron-gateway:quantum-network-service',
|
||||||
|
'neutron-api:shared-db': 'percona-cluster:shared-db',
|
||||||
|
'neutron-api:amqp': 'rabbitmq-server:amqp',
|
||||||
|
'neutron-api:neutron-api': 'nova-cloud-controller:neutron-api',
|
||||||
|
'neutron-api:identity-service': 'keystone:identity-service',
|
||||||
|
'nova-compute:neutron-plugin': 'neutron-openvswitch:'
|
||||||
|
'neutron-plugin',
|
||||||
|
'rabbitmq-server:amqp': 'neutron-openvswitch:amqp',
|
||||||
|
}
|
||||||
|
relations.update(ocata_relations)
|
||||||
super(NovaCCBasicDeployment, self)._add_relations(relations)
|
super(NovaCCBasicDeployment, self)._add_relations(relations)
|
||||||
|
|
||||||
def _configure_services(self):
|
def _configure_services(self):
|
||||||
@ -159,6 +180,9 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||||||
nova_cc_config['api-rate-limit-rules'] = \
|
nova_cc_config['api-rate-limit-rules'] = \
|
||||||
"( POST, '*', .*, 9999, MINUTE );"
|
"( POST, '*', .*, 9999, MINUTE );"
|
||||||
|
|
||||||
|
if self._get_openstack_release() >= self.xenial_ocata:
|
||||||
|
nova_cc_config['network-manager'] = 'Neutron'
|
||||||
|
|
||||||
keystone_config = {'admin-password': 'openstack',
|
keystone_config = {'admin-password': 'openstack',
|
||||||
'admin-token': 'ubuntutesting'}
|
'admin-token': 'ubuntutesting'}
|
||||||
|
|
||||||
@ -259,6 +283,10 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||||||
if self._get_openstack_release() >= self.trusty_liberty:
|
if self._get_openstack_release() >= self.trusty_liberty:
|
||||||
services[self.keystone_sentry] = ['apache2']
|
services[self.keystone_sentry] = ['apache2']
|
||||||
|
|
||||||
|
if self._get_openstack_release() >= self.xenial_ocata:
|
||||||
|
services[self.nova_compute_sentry].remove('nova-network')
|
||||||
|
services[self.nova_compute_sentry].remove('nova-api')
|
||||||
|
|
||||||
ret = u.validate_services_by_name(services)
|
ret = u.validate_services_by_name(services)
|
||||||
if ret:
|
if ret:
|
||||||
amulet.raise_status(amulet.FAIL, msg=ret)
|
amulet.raise_status(amulet.FAIL, msg=ret)
|
||||||
@ -423,6 +451,13 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||||||
expected['ec2_region'] = 'RegionOne'
|
expected['ec2_region'] = 'RegionOne'
|
||||||
expected['ec2_service'] = 'ec2'
|
expected['ec2_service'] = 'ec2'
|
||||||
|
|
||||||
|
if self._get_openstack_release() >= self.xenial_ocata:
|
||||||
|
expected['placement_service'] = 'placement'
|
||||||
|
expected['placement_internal_url'] = u.valid_url
|
||||||
|
expected['placement_public_url'] = u.valid_url
|
||||||
|
expected['placement_admin_url'] = u.valid_url
|
||||||
|
expected['placement_region'] = 'RegionOne'
|
||||||
|
|
||||||
ret = u.validate_relation_data(unit, relation, expected)
|
ret = u.validate_relation_data(unit, relation, expected)
|
||||||
if ret:
|
if ret:
|
||||||
message = u.relation_error('nova-cc identity-service', ret)
|
message = u.relation_error('nova-cc identity-service', ret)
|
||||||
@ -451,6 +486,9 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||||||
if self._get_openstack_release() >= self.trusty_kilo:
|
if self._get_openstack_release() >= self.trusty_kilo:
|
||||||
expected['service_username'] = 'nova'
|
expected['service_username'] = 'nova'
|
||||||
|
|
||||||
|
if self._get_openstack_release() >= self.xenial_ocata:
|
||||||
|
expected['service_username'] = 'placement_nova'
|
||||||
|
|
||||||
ret = u.validate_relation_data(unit, relation, expected)
|
ret = u.validate_relation_data(unit, relation, expected)
|
||||||
if ret:
|
if ret:
|
||||||
message = u.relation_error('keystone identity-service', ret)
|
message = u.relation_error('keystone identity-service', ret)
|
||||||
@ -502,6 +540,8 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||||||
'private-address': u.valid_ip,
|
'private-address': u.valid_ip,
|
||||||
'restart_trigger': u.not_null
|
'restart_trigger': u.not_null
|
||||||
}
|
}
|
||||||
|
if self._get_openstack_release() >= self.xenial_ocata:
|
||||||
|
expected['network_manager'] = 'neutron'
|
||||||
|
|
||||||
ret = u.validate_relation_data(unit, relation, expected)
|
ret = u.validate_relation_data(unit, relation, expected)
|
||||||
if ret:
|
if ret:
|
||||||
@ -706,6 +746,10 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||||||
'enabled_apis': 'osapi_compute,metadata',
|
'enabled_apis': 'osapi_compute,metadata',
|
||||||
})
|
})
|
||||||
|
|
||||||
|
if self._get_openstack_release() >= self.xenial_ocata:
|
||||||
|
expected['DEFAULT']['use_neutron'] = 'True'
|
||||||
|
del expected['DEFAULT']['network_manager']
|
||||||
|
|
||||||
for section, pairs in expected.iteritems():
|
for section, pairs in expected.iteritems():
|
||||||
ret = u.validate_config_data(unit, conf, section, pairs)
|
ret = u.validate_config_data(unit, conf, section, pairs)
|
||||||
if ret:
|
if ret:
|
||||||
|
@ -32,6 +32,7 @@ from keystoneclient.v3 import client as keystone_client_v3
|
|||||||
from novaclient import exceptions
|
from novaclient import exceptions
|
||||||
|
|
||||||
import novaclient.client as nova_client
|
import novaclient.client as nova_client
|
||||||
|
import novaclient
|
||||||
import pika
|
import pika
|
||||||
import swiftclient
|
import swiftclient
|
||||||
|
|
||||||
@ -434,6 +435,11 @@ class OpenStackAmuletUtils(AmuletUtils):
|
|||||||
self.log.debug('Authenticating nova user ({})...'.format(user))
|
self.log.debug('Authenticating nova user ({})...'.format(user))
|
||||||
ep = keystone.service_catalog.url_for(service_type='identity',
|
ep = keystone.service_catalog.url_for(service_type='identity',
|
||||||
endpoint_type='publicURL')
|
endpoint_type='publicURL')
|
||||||
|
if novaclient.__version__[0] >= "7":
|
||||||
|
return nova_client.Client(NOVA_CLIENT_VERSION,
|
||||||
|
username=user, password=password,
|
||||||
|
project_name=tenant, auth_url=ep)
|
||||||
|
else:
|
||||||
return nova_client.Client(NOVA_CLIENT_VERSION,
|
return nova_client.Client(NOVA_CLIENT_VERSION,
|
||||||
username=user, api_key=password,
|
username=user, api_key=password,
|
||||||
project_id=tenant, auth_url=ep)
|
project_id=tenant, auth_url=ep)
|
||||||
|
0
tests/gate-basic-xenial-ocata
Normal file → Executable file
0
tests/gate-basic-xenial-ocata
Normal file → Executable file
@ -115,7 +115,7 @@ RESTART_MAP_ICEHOUSE = OrderedDict([
|
|||||||
('/etc/haproxy/haproxy.cfg', ['haproxy']),
|
('/etc/haproxy/haproxy.cfg', ['haproxy']),
|
||||||
('/etc/apache2/sites-available/openstack_https_frontend', ['apache2']),
|
('/etc/apache2/sites-available/openstack_https_frontend', ['apache2']),
|
||||||
])
|
])
|
||||||
RESTART_MAP_OCATA = OrderedDict([
|
RESTART_MAP_OCATA_ACTUAL = OrderedDict([
|
||||||
('/etc/nova/nova.conf', [
|
('/etc/nova/nova.conf', [
|
||||||
'nova-api-ec2', 'nova-api-os-compute', 'nova-objectstore',
|
'nova-api-ec2', 'nova-api-os-compute', 'nova-objectstore',
|
||||||
'nova-cert', 'nova-scheduler', 'nova-conductor', 'apache2'
|
'nova-cert', 'nova-scheduler', 'nova-conductor', 'apache2'
|
||||||
@ -127,6 +127,17 @@ RESTART_MAP_OCATA = OrderedDict([
|
|||||||
('/etc/apache2/sites-available/openstack_https_frontend', ['apache2']),
|
('/etc/apache2/sites-available/openstack_https_frontend', ['apache2']),
|
||||||
('/etc/apache2/sites-enabled/wsgi-openstack-api.conf', ['apache2']),
|
('/etc/apache2/sites-enabled/wsgi-openstack-api.conf', ['apache2']),
|
||||||
])
|
])
|
||||||
|
RESTART_MAP_OCATA_BASE = OrderedDict([
|
||||||
|
('/etc/nova/nova.conf', [
|
||||||
|
'nova-api-ec2', 'nova-api-os-compute', 'nova-placement-api',
|
||||||
|
'nova-objectstore', 'nova-cert', 'nova-scheduler', 'nova-conductor'
|
||||||
|
]),
|
||||||
|
('/etc/nova/api-paste.ini', [
|
||||||
|
'nova-api-ec2', 'nova-api-os-compute', 'nova-placement-api'
|
||||||
|
]),
|
||||||
|
('/etc/haproxy/haproxy.cfg', ['haproxy']),
|
||||||
|
('/etc/apache2/sites-available/openstack_https_frontend', ['apache2'])
|
||||||
|
])
|
||||||
|
|
||||||
|
|
||||||
DPKG_OPTS = [
|
DPKG_OPTS = [
|
||||||
@ -267,7 +278,7 @@ class NovaCCUtilsTests(CharmTestCase):
|
|||||||
@patch('charmhelpers.contrib.openstack.neutron.os_release')
|
@patch('charmhelpers.contrib.openstack.neutron.os_release')
|
||||||
@patch('os.path.exists')
|
@patch('os.path.exists')
|
||||||
@patch('charmhelpers.contrib.openstack.context.SubordinateConfigContext')
|
@patch('charmhelpers.contrib.openstack.context.SubordinateConfigContext')
|
||||||
def test_restart_map_api_before_frontends_ocata(self, subcontext,
|
def test_restart_map_api_actual_ocata(self, subcontext,
|
||||||
_exists, _os_release):
|
_exists, _os_release):
|
||||||
_os_release.return_value = 'ocata'
|
_os_release.return_value = 'ocata'
|
||||||
self.os_release.return_value = 'ocata'
|
self.os_release.return_value = 'ocata'
|
||||||
@ -276,7 +287,21 @@ class NovaCCUtilsTests(CharmTestCase):
|
|||||||
self._resource_map()
|
self._resource_map()
|
||||||
_map = utils.restart_map()
|
_map = utils.restart_map()
|
||||||
self.assertIsInstance(_map, OrderedDict)
|
self.assertIsInstance(_map, OrderedDict)
|
||||||
self.assertEquals(_map, RESTART_MAP_OCATA)
|
self.assertEquals(_map, RESTART_MAP_OCATA_ACTUAL)
|
||||||
|
|
||||||
|
@patch('charmhelpers.contrib.openstack.neutron.os_release')
|
||||||
|
@patch('os.path.exists')
|
||||||
|
@patch('charmhelpers.contrib.openstack.context.SubordinateConfigContext')
|
||||||
|
def test_restart_map_api_ocata_base(self, subcontext,
|
||||||
|
_exists, _os_release):
|
||||||
|
_os_release.return_value = 'ocata'
|
||||||
|
self.os_release.return_value = 'ocata'
|
||||||
|
_exists.return_value = False
|
||||||
|
self.enable_memcache.return_value = False
|
||||||
|
self._resource_map()
|
||||||
|
_map = utils.restart_map(actual_services=False)
|
||||||
|
self.assertIsInstance(_map, OrderedDict)
|
||||||
|
self.assertEquals(_map, RESTART_MAP_OCATA_BASE)
|
||||||
|
|
||||||
@patch('charmhelpers.contrib.openstack.context.SubordinateConfigContext')
|
@patch('charmhelpers.contrib.openstack.context.SubordinateConfigContext')
|
||||||
@patch('os.path.exists')
|
@patch('os.path.exists')
|
||||||
|
Loading…
Reference in New Issue
Block a user