After changing the charm runtime to Python 3, some imports are failing
on check_swift_storage.py. This can be fixed by explicitly imporgin the
modules inside the package, instead of just importing the package.
Change-Id: I746071042b669a1725744d4e32ea733eb40b309a
Closes-bug: #1822334
This patchset implements a logic to put UUIDS of storage devices in the
fstab instead of device names.
Change-Id: I2170c54b25ac9b3faacb3fd0b2889d86c531395f
Closes-Bug: 1729478
Add new secrets-storage relation to vault, supporting the
use of block device encryption using dm-crypt/vaultlocker.
Prepared devices are now recorded in the local unit kv
store; this information is used to provide a list of
configured block devices to the swift-proxy charm,
rather than the previous best guess provided by
determine_block_devices. This allows us to use the
dm-crypt device name, rather than the underlying
block device.
Encrypted block devices are unlocked on boot using
vaultlocker-decrypt systemd units (enabled by vaultlocker);
/etc/fstab entries for such devices make use of a
x-systemd.requires option to ensure that the block device
is unlocked prior to attempting to mount it.
Add new storage binding to allow charm to be used with
Juju storage.
Add new ephemeral-unmount configuration option to allow
cloud ephemeral storage to be used for testing purposes;
update functional testing to use this option. The behaviour
of 'overwrite' was changed to accomodate the use of
encrypted block devices.
Change-Id: I9b3f8cd2de412ee96e0139dba4d4abdf998ecaf2
In a converged architecture with storage and compute on the same
host, UFW can get in the way of tunneled traffic interpreting it as
INVALID. UFW makes solving this more difficult than it needs to be.
See http://northernmost.org/blog/gre-tunnels-and-ufw/index.html for
context.
This change updates /etc/ufw/before.rules to add GRE as an allowed
input.
Also, guarantee ufw is installed for LP #1763716
Please review and merge charm-helpers first:
https://github.com/juju/charm-helpers/pull/170
Change-Id: I789854c33e3af12f7412633dbf7c921beb0ed2b5
Closes-Bug: #1757564
Closes-Bug: #1763716
Following OpenStack Style Guidelines:
[1] http://docs.openstack.org/developer/hacking/#unit-tests-and-assertraises
[H203] Unit test assertions tend to give better messages for more specific
assertions. As a result, assertIsNone(...) is preferred over
assertEqual(None, ...) and assertIs(..., None)
Change-Id: Ib5dcf2f389dd76f99d87ad22268695f2a702e6b3
When adding an fstab entry for a loopback device use the explicit
loopback device name rather than the source image file. This prevents
a new loopback device being created implitcitly when mounting the
image.
The unit tests needed updating to reflect that the loopback
device name is used when creating mountpoint names rather than than
the name of the image file. This was pre-existing behaviour.
Change-Id: Ide074310bf7121f1179e0b5237dff6f3da88e24e
Closes-Bug: #1762390
In some cases juju 1.25 (with maas 1.9) may return a hostname in the
private-address field breaking the assumption that private-address will
always be an IP address. This patch uses get_host_ip() to assure an IP
address is given to ufw.
Change-Id: Ib99852c645517cf316adcd02d04428b248fc9724
Closes-Bug: 1747516
We need a new proposal that uses get_host_ip from charmhelpers.contrib.network.ip
Reference: https://review.openstack.org/#/c/542381/
This reverts commit 4896ac5b5b98f66cfe79c3945680ac0ac5dbb2bf.
Change-Id: Idd16369be776a10ac6332d7d8b2ce65f9f1ad972
In some cases juju 1.25 (with maas 1.9) may return a hostname in the
private-address field breaking the assumption that private-address will
always be an IP address. This patch uses socket.getaddrinfo() to assure
an IP address is given to ufw.
Change-Id: I99b0110beed6075164eb549ec2433071af699c04
Closes-Bug: 1747516
Ensure that only the swift-proxy units and swift-storage peers have
access to direct communication with swift storage daemons.
Charm-helpers sync to include ufw module and the ingress_address and
iter_units_for_relation_name functions.
Please review and merge first:
https://github.com/juju/charm-helpers/pull/35
Closes-Bug: #1727463
Change-Id: Id5677edbc40b0b891cbe66867d39d076a94c5436
By default, statsd metrics can be sent by the swift account,
container and object storage services for diagnostic and
monitoring purposes, but are disabled by default. This change exposes
charm config settings that allow it to be enabled by setting
'statsd_host' to a non-empty value. 'statsd_port' and
'statsd_sample_rate' are also supported for changing the destination
port and rate at which metrics are collected.
Closes-Bug: #1729770
Change-Id: If1bf3ced8a9ed07af81f352eb0263659d147e3aa
Resolve correct private-address for use on the swift-storage
relation, supporting 'prefer-ipv6' as well as Juju 2.0 network
spaces.
Change-Id: I3ee111c6abdd028c2c29e80dceb99178443da45a
Closes-Bug: 1697491
When a new device is added to the ring we first try to
identify whether the device is already in the ring by
polling for an fs uuid. If the device has never been
used this is expected to fail so lets catch the error.
Also fixes log message.
Change-Id: I20354dedfa27a6b8dec92828cabb50a20d0d8838
Closes-Bug: 1567198
Adds the rsync_timeout option to to object-server.conf, so we can adjust
it away from the default of 900s.
If there are a number of large partitions needing replication,
occasionally one needs to adjust the timeout in order to allow the rsync
to complete rather than timeout and retry.
Change-Id: I2d895741cb0528836a675deb6399005a5bf59ab5
Closes-bug: 1702039
Do not change owner and permissions of already existing
devices in the setup_storage() function as this runs
during every config-changed hook invocation.
Change-Id: I21f23aee34d315ccb4df303527b4d791fc043f58
Closes-Bug: #1676728
The method assertEquals has been deprecated since python 2.7.
http://docs.python.org/2/library/unittest.html#deprecated-aliases
Also in Python 3, a deprecated warning is raised when using assertEquals
therefore we should use assertEqual instead.
Change-Id: If7a404da609eb3cae22627f3b9d71292b8865674
Closes-Bug: #1218185
Juju 2.0 provides support for display of the version of
an application deployed by a charm in juju status.
Insert the os_application_version_set function into the
existing assess_status function - this gets called after
all hook executions, and periodically after that, so any
changes in package versions due to normal system updates
will also be reflected in the status output.
This review also includes a resync of charm-helpers to
pickup hookenv and contrib.openstack support for this
feature.
Change-Id: I75009a66ce9c9d43e234f9c5acbb185ac4a66ba5
All contributions to this charm where made under Canonical
copyright; switch to Apache-2.0 license as agreed so we
can move forward with official project status.
Change-Id: I97206ee8be76220cb0937a09be3230432e04535a
Juju 2.0 renames the environment variable JUJU_ENV_UUID
to JUJU_MODEL_UUID; use this environment variable as a
fallback if JUJU_ENV_UUID is not set to support Juju 2.0,
whilst continuing to provide support for Juju < 2.0.
Change-Id: I0e9ebbe59032e3d15864ee1f9bd49b404b339a3b
Closes-Bug: 1572575
If the charm code is passed symlinks to block devices (as is often the
case with newer MAAS substrate versions), resolve links before
attempting to use the block device for storage.
Charmhelpers were updated as well.
Testing done:
- Unit tests pass
- Tests pass
- Multiple Openstack Autopilot deployments pass
Change-Id: If966239502d0752c86e46f3f0aee96f43828aa08
Closes-Bug: 1577408
Signed-off-by: Chris Glass <chris.glass@canonical.com>
Add charmhelpers.contrib.hardening and calls to install,
config-changed, upgrade-charm and update-status hooks.
Also add new config option to allow one or more hardening
modules to be applied at runtime.
Change-Id: If0d1e10b58ed506e0aca659f30120b8d5c96c04f
Track devices that have been added to the ring and allow
devices to be added to the ring post-install (currently
only allowed within the install hook). Devices added to
the ring prior to this patch existing will be migrated
to the tracking store of devices to avoid conflicts.
Change-Id: Id268dc6369041a4d2db6f30a997dfa0c0d73b93f
Closes-Bug: 1383390
Resolve single unit deployment failure with default configuration;
update unit tests to ensure that mkdir is called for /srv/node.
Change-Id: Id5518a2144ec3bdc6341f6dfc85835ae342f490e
