Move creation of libvirt secret out of context and into a utility helper.

2013-09-03 17:16:15 -07:00
parent bb0d741f3f
commit 6577d259de
5 changed files with 31 additions and 20 deletions
--- a/hooks/charmhelpers/contrib/openstack/context.py
+++ b/hooks/charmhelpers/contrib/openstack/context.py
@@ -187,7 +187,7 @@ class CephContext(OSContextGenerator):
        '''This generates context for /etc/ceph/ceph.conf templates'''
        if not relation_ids('ceph'):
            return {}
-        log('Generating tmeplate context for ceph')
+        log('Generating template context for ceph')
        mon_hosts = []
        auth = None
        key = None
@@ -203,12 +203,13 @@ class CephContext(OSContextGenerator):
            'auth': auth,
            'key': key,
        }
-        if not context_complete(ctxt):
-            return {}

        if not os.path.isdir('/etc/ceph'):
            os.mkdir('/etc/ceph')

+        if not context_complete(ctxt):
+            return {}
+
        ensure_packages(['ceph-common'])

        return ctxt
--- a/hooks/nova_compute_context.py
+++ b/hooks/nova_compute_context.py
@@ -1,4 +1,3 @@
-import os
 import socket

 from subprocess import check_call, check_output
@@ -109,16 +108,6 @@ class NovaComputeVirtContext(context.OSContextGenerator):


 class NovaComputeCephContext(context.CephContext):
-    def libvirt_ceph(self, key):
-        if not os.path.isfile('/etc/ceph/secret.xml'):
-            return
-        # create secret for libvirt usage.
-        cmd = ['virsh', 'secret-define', '--file', '/etc/ceph/secret.xml']
-        check_call(cmd)
-        cmd = ['virsh', 'secret-set-value', '--secret', CEPH_SECRET_UUID,
-               '--base64', key]
-        check_call(cmd)
-
    def __call__(self):
        ctxt = super(NovaComputeCephContext, self).__call__()
        if not ctxt:
@@ -132,11 +121,6 @@ class NovaComputeCephContext(context.CephContext):
        ctxt['rbd_secret_uuid'] = CEPH_SECRET_UUID
        ctxt['rbd_pool'] = 'nova'

-        # Ensure required hypervisor-specific config.
-        # Current supported libvirt flavors.  Extend?
-        if config('virt-type') in ['kvm', 'qemu', 'lxc']:
-            self.libvirt_ceph(ctxt['key'])
-
        return ctxt


--- a/hooks/nova_compute_hooks.py
+++ b/hooks/nova_compute_hooks.py
@@ -1,6 +1,5 @@
 #!/usr/bin/python

-import os
 import sys

 from charmhelpers.core.hookenv import (
@@ -8,6 +7,7 @@ from charmhelpers.core.hookenv import (
    config,
    log,
    relation_ids,
+    relation_get,
    relation_set,
    service_name,
    unit_get,
@@ -29,6 +29,7 @@ from charmhelpers.contrib.openstack.utils import (
 from charmhelpers.contrib.openstack.neutron import neutron_plugin_attribute

 from nova_compute_utils import (
+    create_libvirt_secret,
    determine_packages,
    import_authorized_keys,
    import_keystone_ca_cert,
@@ -42,6 +43,8 @@ from nova_compute_utils import (
    register_configs,
 )

+from nova_compute_context import CEPH_SECRET_UUID
+
 from misc_utils import (
    ensure_ceph_keyring,
 )
@@ -174,6 +177,13 @@ def ceph_changed():
    CONFIGS.write('/etc/ceph/secret.xml')
    CONFIGS.write('/etc/nova/nova.conf')

+    # With some refactoring, this can move into NovaComputeCephContext
+    # and allow easily extended to support other compute flavors.
+    if config('virt-type') in ['kvm', 'qemu', 'lxc']:
+        create_libvirt_secret(secret_file='/etc/ceph/secret.xml',
+                              secret_uuid=CEPH_SECRET_UUID,
+                              key=relation_get('key'))
+

@hooks.hook('amqp-relation-broken',
            'ceph-relation-broken',
--- a/hooks/nova_compute_utils.py
+++ b/hooks/nova_compute_utils.py
@@ -13,6 +13,7 @@ from charmhelpers.core.hookenv import (
    related_units,
    relation_ids,
    relation_get,
+    DEBUG,
 )

 from charmhelpers.contrib.openstack.neutron import neutron_plugin_attribute
@@ -349,3 +350,16 @@ def import_keystone_ca_cert():
    with open(CA_CERT_PATH, 'wb') as out:
        out.write(b64decode(ca_cert))
    check_call(['update-ca-certificates'])
+
+
+def create_libvirt_secret(secret_file, secret_uuid, key):
+    if secret_uuid in check_output(['virsh', 'secret-list']):
+        log('Libvirt secret already exists for uuid %s.' % secret_uuid,
+            level=DEBUG)
+        return
+    log('Defining new libvirt secret for uuid %s.' % secret_uuid)
+    cmd = ['virsh', 'secret-define', '--file', '/etc/ceph/secret.xml']
+    check_call(cmd)
+    cmd = ['virsh', 'secret-set-value', '--secret', secret_uuid,
+           '--base64', key]
+    check_call(cmd)
--- a/unit_tests/test_nova_compute_hooks.py
+++ b/unit_tests/test_nova_compute_hooks.py
@@ -20,6 +20,7 @@ TO_PATCH = [
    'Hooks',
    'config',
    'log',
+    'relation_get',
    'relation_ids',
    'relation_set',
    'service_name',
@@ -34,6 +35,7 @@ TO_PATCH = [
    'openstack_upgrade_available',
    # nova_compute_utils
    #'PACKAGES',
+    'create_libvirt_secret',
    'restart_map',
    'determine_packages',
    'import_authorized_keys',