The issue was the original commit had a bug (using the wrong variable),
and also that there were no tests to verify the functionality. This
patchset fixes the bug and adds tests to verify the contract.
Change-Id: Ia8b5580132c5a592461a57fb514994ab64a9ed42
Closes-Bug: #1805128
On charm upgrade the charm may switch to py3 packages. If so, ensure
the old py2 packages are purged. If the purge occurs then restart
services.
Change-Id: I984a227b3fe12a0086c926ae69c27d6e4d9741d3
Closes-Bug: 1803451
The keystone_ca_cert_b64 function retrieved the CA cert from a file
before encoding it but it was passing a str to the b64encode which
requires a bytes-like object.
Change-Id: Iafaf5916b04746eb045fcd3dfe9676a80c88b464
Some major changes:
* the charm has been rebased (from a Python perspective) to be rooted in
the charm directory. This is a single root.
* Imports have been changed so that the don't add lots of imports to the
namespace of the module doing the import.
* The code that used to run at module import time has been made lazy
such that it only has to run if the relevant functions are called.
This includes restart_on_change parameters, the harden function and
the parameters to the guard_map. Appropriate changes will be
submitted to charm-helpers.
* Several tests had to be re-written as (incorrect) mocking meant that
text fixtures didn't actually match what the code was doing. Thus,
the tests were meaningless.
* This has had a net positive impact on the unit tests wrt to importing
modules and mocking.
Change-Id: Id07d9d1caaa9b29453a63c2e49ba831071e9457f
Drop python-six from the list of packages to install/purge on
upgrade to py3 workload execution.
This was a legacy requirement in obsolete packaging versions
of Nova.
Purging six has the side effect of removing crmsh from the unit
in clustered deployments.
Change-Id: I9dfe7b031562c8f3e85445486ba16b3c7b2465ca
In a cells deployment its possible that the top-level
nova-cloud-controller will have no compute nodes associated with it.
This change fixes the work load status in that scenario.
There is also a drive by fix to return empty contexts for the cell
db and amqp contexts if the relation do not yet exists.
Change-Id: Ia8eeccb6794dd016185eb0cfb05339b76cef9348
This change adds relations necessary for registering a compute cell
with the superconductor. For a cell to be registered this charm
must have relations with the compute cells conductor, database and
message queue. Only when all these relations are complete can the
registration happen. Below are major changes included in this PR.
* Add nova-cell-api relation for communicating with the
nova-cell-conductor
* Add shared-db-cell relation for communicating with the
a compute cells database.
* Add amqp-cell relation for communicating with the
a compute cells message queue.
* Add methods for registering cells with the
superconductors database.
* Charm helper sync
Change-Id: Ic6ddc29426319b98b147c29031f60485fccc513f
Switch package install to Python 3 for OpenStack Rocky or later.
When upgrading, remove any python-* packages that were explicitly
installated and then autoremove --purge any dependencies that are
no longer required.
Change-Id: I87ee4a0a854f88b931093f6245a3a1057bf56c57
Add a service for handling nova metadata api services. This was
previously handled by the neutron-gateway and still is for
deployemnts up to and including Pike, For the neutron metadata
service and the nova service to communicate they need a shared
secret. To achieve this, the change includes:
* A charmhelper sync to get support for multiple wsgi vhosts
* Rendering new wsgi vhost and corresponding haproxy config.
* Setting a shared-secret down the relation with the neutron
gateway.
* Remove fragile keystone authtoken checks as they are failing
after a ch sync and any issues will be caught by the instance
launch functional test.
Change-Id: I5ad15ba782cb87b6fdb3c0941a6482d201670bff
OpenSSH will lowercase any hostname; ensure that hostnames
for known_host entries are also lower case avoiding any
authenticity of host type issues during live migration and
resize operators.
Change-Id: Ie5ab0774b49fc0d753ff1c26eb041f1ceb35e8fb
Closes-Bug: 1628216
Replace charm custom init control functions with `service_pause`
and `service_resume` functions from charm-helpers.
Change-Id: I235af30a19294316f65fba0e13fe10ae50164a42
Closes-Bug: #1765215
Sync in the charm-helpers to use the new VolumeAPIContext object
in order to determine the volume catalog info to use in the
configuration file.
This is simply an alternative implementation for commit 16ae06bf
which separates the concerns for volume endpoint context and
internal endpoint context.
Change-Id: I187bc8ef5644a59dc5a0b5f7ad66774812a78b78
Related-Bug: #1733566
map_instances only needs to be run during the transition from
Newton to Ocata to map existing instances into a cell. All
new Ocata instances will be automatically mapped to a call.
This change limits the slow running map_instances command to
just run for upgrades to Ocata
Change-Id: Ic2e2df530504284d28cfcab26a71d211342203fa
Closes-Bug: #1743357
nova-manage map_instances maps all instances into a cell in batches
of 50 if max-count is not set. Setting max-count causes the script
to run a single batch of size max-count. The return code of the
script shows if there are still more to do. This change runs
map_instances repeatedly with a batch size of 50000 while rc is 1
and then exists cleanly when a rc 0 is recieved.
Change-Id: Id1184778a5ae94bb3b57348b10d12077b093d6dd
Partial-Bug: #1742115
Add an action for moving stale data to shadow tables using
nova-manage *1. This will speed up other operations such as
map_instances which no longer need to work against stale
data.
*1 https://docs.openstack.org/nova/pike/cli/nova-manage.html
Change-Id: I03f3d641b50cfc6f02262edb0f714ba6e9566775
Partial-Bug: #1742115
Drop support for deployment from Git repositories, as deprecated
in the 17.02 charm release. This feature is unmaintained and has
no known users.
Change-Id: I2fe15b648d485e5b03965a00dee6324669ebe9fa
Remove postgresql DB support; This feature is untested as part
of the charms, is not in use and was deprecated as part of
the 1708 charms release.
Change-Id: I866559f519ace3476e0cc85661d99e5f5491227d
Support for the ZeroMQ messaging driver has bit-rotted over
the last few years across the OpenStack charms; drop support
for ZMQ inline with deprecation notices issued in 17.02 charm
release.
Change-Id: I39e464b289c9df842ca73e64c7576ba0531963ae
volumev2 api is deprecated for >= Pike so switch
internal endpoint to v3 for Pike onwards.
Change-Id: Icb9861efbd650b079f507ca585818e95921dc42a
Partial-Bug: 1733566
Update all nova-manage commands to use subprocess.check_output()
and log subprocess.CalledProcessError.output on failure. This
will help capture nova-manage error details on first failure.
Specify cell1 uuid on discover_hosts call. This doesn't change
behavior, it is just more explicit and useful if we move to
multiple cells in the future.
Introduce an is_cellv2_init_ready() function that uses contexts to
check if cells_v2 is ready to initialize. This cleans up the
corresponding TODOs.
Move checks for cell v2 init readiness to update_cell_db_if_ready(),
also cleaning up corresponding TODOs.
Change-Id: I313edce84d3d249031e020a4fbb4baf216c01ddb
Related-Bug: 1720846
Ensure that the os_release cache is cleared during the openstack
upgrade process, ensuring that package list and configuration
options are correctly set for the new OpenStack version.
Ensure that map_instances gets run on upgrade. This updates the
nova_api.instance_mappings table with pre-existing instances.
Change-Id: Idfcdc48c25b24d0cc9ded3eda2bc4d13d3b04f6d
Closes-Bug: 1715624
determine_endpoints was failing to recognize the new OS release after an
upgrade. Specifically newton --> ocata failed to register the
placement api.
Reset os_release after an upgrade.
Change-Id: I04ae30aea435c8c39f58d1a814d070a057bb5ce0
Closes-Bug: #1715505
nova-cert was deprecated @ newton, and only supports ec2 services
which we dropped in the charms @ liberty so remove installation
and configuration of this service for >= newton.
Change-Id: I6d0ed6a1e058f38cb5d556a34b6f4299bf6d2055
The config.yaml file suggests None as one
of the possible values of the directive console-access-protocol,
this is wrongly evaluated as a string in the console_attributes
function, which causes the charm to install the pacemaker
resource even when is not required (console-access-protocol = None).
Change-Id: I367b7fd813e044bc6eedca687e837e8adab2dd40
Closes-Bug: #1697693
Depends-On: I98ebbf9f2c7582fae5f466dfc1d224bf66e38a24
Signed-off-by: Jorge Niedbalski <jorge.niedbalski@canonical.com>
When using the nova-cloud-controller charm in HA with the config
option single-nova-consoleauth set to true, its expected for the
nova-consoleauth service to be run in just a single unit at the time.
The service management (start/stop) is performed by pacemaker in
accordance with the cluster health using the OCF resource agent[0].
Its required for the service to be disabled by default on upstart (trusty)
or systemd (>=xenial).
This change disables the service by using the service_pause
charmhelpers call which considers both cases (upstart/systemd) when
the ha relation is present and the single-nova-consoleauth option is
used.
Also, this change fixes LP: #1660244 (Services not running that should be:
nova-consoleauth) by removing it from the resource_map when
ha + single-nova-consoleauth is used.
[0] https://github.com/openstack/openstack-resource-agents/blob/master/ocf/nova-consoleauth
Closes-Bug: #1693629
Closes-Bug: #1660244
Change-Id: Iaffe0456cceb42ee124cb8881d3379d78cac0f3a
Signed-off-by: Jorge Niedbalski <jorge.niedbalski@canonical.com>
- sync charmhelpers with fix-alpha helpers
- fix up code where the alpha comparisons are done
- fix tests which assumed mocks would just work on os_release()
Change-Id: I48b4853ed343bd3188c16f2bc432b4ca0badc473
Related-Bug: #1659575
determine_ports() was not adding the nova-placement-api port to the
ports list because it is run under the apache2 service. This fix
enables determine_ports() to get 'nova-placement-api' from the list
of services rather than 'apache2', allowing it to determine the port
that nova-placement-api uses.
Also enable tests/gate-basic-xenial-ocata in this commit.
Change-Id: I8113e911272ee671026bace9f6e0e8c4ce072e6b
A minimal cells v2 setup is required in Ocata, which includes the
following databases:
1. An API database (named nova_api)
2. A special cell0 database (named cell0)
3. A "cell1" database (named nova - we're using the nova db as cell1)
The order of nova-manage commands is also updated in this commit.
The 'nova-manage api_db sync' must occur first because 'nova-manage
cell_v2' commands use the API database. 'nova-manage db sync' must
then be run after the 'nova-manage cell_v2' commands.
Finally, 'nova-manage cell_v2 discover_hosts' must be run whenever a
new compute node is introduced to add the host to cell1.
This commit includes a sync of charm-helpers to pick up AMQPContext
updates for transport_url.
Change-Id: Ia6f36ca8a360dc8490e9f41b62d499fa4d73d0b9
This change installs the nova-placement-api, runs it under
mod_wsgi with apache2, updates nova.conf accordingly, and
registers its endpoints.
Change-Id: I4af4afa591cf68964e6146ca0ca0c51d1ddb8a64
This reverts commit ec2579a8448281cdf1154018c0a56c9d4b174e36.
We are not quite ready for fine grained RBAC for service
accounts.
Change-Id: I210685d7b9036abb191073d512f8a65ebff30613
Closes-Bug: 1655028
do_openstack_upgrade() assumes that a cloud archive repository
will be used to upgrade the unit, this is not true for environments
where a mirror is used or a PPA.
Change-Id: I96a20e926f42dc5df4ddb3cb7ac5428b882711e8
Closes-Bug: #1646884
With the release of 4.2.0 of keystonemiddleware using the
in-process token cache is no longer recommended. It is recommended
that a memcache backend to store tokens is used instead,
This installs and configures memcache and configures neutron-server
to use memcache for token caching.
http://docs.openstack.org/releasenotes/keystonemiddleware/mitaka.html#id2
Change-Id: I747d107d28474d545e4a3612a927d46cae34e6b6
Role check is scoped to the configured service project and access
is granted to os_compute_api:servers:detail:get_all_tenants.
This change is required to allow Ceilometer to operate using a
non-Admin user.
Change-Id: I17729e2089cc658588eaea93f8de5051369e5dff
Closes-Bug: 1636098
It's possible that the get_hostname call use when resolving the
full hostname of a IP address may return None in the event that
a hostname cannot be resolved via DNS.
Ensure that None values are not added to the list of hostnames
to validated for SSH key configuration.
Change-Id: I910224f9c22b7e0b8e53faddc64e3715389cc691
Closes-Bug: 1641614
There is no guarantee short hostnames will be DNS resolvable. Test
first before adding to the compute hosts list.
Change-Id: Ieddf098f97ebdfdf9074016998308e2887532d25
Juju 2.0 provides support for display of the version of
an application deployed by a charm in juju status.
Insert the os_application_version_set function into the
existing assess_status function - this gets called after
all hook executions, and periodically after that, so any
changes in package versions due to normal system updates
will also be reflected in the status output.
This review also includes a resync of charm-helpers to
pickup hookenv and contrib.openstack support for this
feature.
Change-Id: I8c1d6b9b6d42bcc357d764ec1bd04a36e9982f57
Support access to instances via optionally enabled serial console
feature provided in Nova.
Seria console access is enabled using a new config flag; this flag
plus the required base_url for the nova-serialproxy are also passed
over the cloud-compute relation for use in nova-compute units.
This is only supported in OpenStack Juno or later, and replaces
the standard output to the nova console-log.
Change-Id: I3bfcca88bd6147be337e6d770db7348170b914e6
For OpenStack >= Liberty EC2 and objectstore services aren't installed and
deprecated, but there is no way to disable it, this patch adds a way to
permanently disable and enable them
Change-Id: Ie78ba5af1d953e8ebed9195202522ff73efcde9f
Closes-Bug: #1533255
Use os_release() instead of get_os_codename_install_source() to
determine the OpenStack release in resolve_services(). This is
needed when deploying from source because it checks both
openstack-origin and openstack-origin-git when determining the
release.
Change-Id: I39a61fc4394967bd70af493f6a69fe9d428274b1
systemd is used instead of upstart by default since Ubuntu 15.10
(Wily). This adds systemd init file support for nova services
that are deployed from source.
Change-Id: Ie71aed8c1f28204d5fbd735d51cea6d77977a637
All contributors to this charm have agreed to the switch
from GPL v3 to Apache 2.0; switch to Apache-2.0 license
as agreed so we can move forward with official project status.
Change-Id: I20448e0370138e103a00c7fcf0f49949c82d33a9
openstack-origin-git currently only supports YAML that specifies
the git repositories to deploy from.
This adds support for default openstack-origin-git values. The
default values supported are: icehouse, kilo, liberty, mitaka,
and master. For example: openstack-origin-git=master
Change-Id: I6b737272deed067c2f71dbd36b201aea884265ee
