In a converged architecture with storage and compute on the same
host, UFW can get in the way of tunneled traffic interpreting it as
INVALID. UFW makes solving this more difficult than it needs to be.
See http://northernmost.org/blog/gre-tunnels-and-ufw/index.html for
context.
This change updates /etc/ufw/before.rules to add GRE as an allowed
input.
Also, guarantee ufw is installed for LP #1763716
Please review and merge charm-helpers first:
https://github.com/juju/charm-helpers/pull/170
Change-Id: I789854c33e3af12f7412633dbf7c921beb0ed2b5
Closes-Bug: #1757564
Closes-Bug: #1763716
When adding an fstab entry for a loopback device use the explicit
loopback device name rather than the source image file. This prevents
a new loopback device being created implitcitly when mounting the
image.
The unit tests needed updating to reflect that the loopback
device name is used when creating mountpoint names rather than than
the name of the image file. This was pre-existing behaviour.
Change-Id: Ide074310bf7121f1179e0b5237dff6f3da88e24e
Closes-Bug: #1762390
In some cases juju 1.25 (with maas 1.9) may return a hostname in the
private-address field breaking the assumption that private-address will
always be an IP address. This patch uses get_host_ip() to assure an IP
address is given to ufw.
Change-Id: Ib99852c645517cf316adcd02d04428b248fc9724
Closes-Bug: 1747516
We need a new proposal that uses get_host_ip from charmhelpers.contrib.network.ip
Reference: https://review.openstack.org/#/c/542381/
This reverts commit 4896ac5b5b98f66cfe79c3945680ac0ac5dbb2bf.
Change-Id: Idd16369be776a10ac6332d7d8b2ce65f9f1ad972
In some cases juju 1.25 (with maas 1.9) may return a hostname in the
private-address field breaking the assumption that private-address will
always be an IP address. This patch uses socket.getaddrinfo() to assure
an IP address is given to ufw.
Change-Id: I99b0110beed6075164eb549ec2433071af699c04
Closes-Bug: 1747516
Ensure that only the swift-proxy units and swift-storage peers have
access to direct communication with swift storage daemons.
Charm-helpers sync to include ufw module and the ingress_address and
iter_units_for_relation_name functions.
Please review and merge first:
https://github.com/juju/charm-helpers/pull/35
Closes-Bug: #1727463
Change-Id: Id5677edbc40b0b891cbe66867d39d076a94c5436
When a new device is added to the ring we first try to
identify whether the device is already in the ring by
polling for an fs uuid. If the device has never been
used this is expected to fail so lets catch the error.
Also fixes log message.
Change-Id: I20354dedfa27a6b8dec92828cabb50a20d0d8838
Closes-Bug: 1567198
Do not change owner and permissions of already existing
devices in the setup_storage() function as this runs
during every config-changed hook invocation.
Change-Id: I21f23aee34d315ccb4df303527b4d791fc043f58
Closes-Bug: #1676728
- sync charmhelpers with fix-alpha helpers
- fix up code where the alpha comparisons are done
Change-Id: If253c8a18886630fcc7de4cfc2a91a15c2563eb5
Related-Bug: #1659575
Juju 2.0 provides support for display of the version of
an application deployed by a charm in juju status.
Insert the os_application_version_set function into the
existing assess_status function - this gets called after
all hook executions, and periodically after that, so any
changes in package versions due to normal system updates
will also be reflected in the status output.
This review also includes a resync of charm-helpers to
pickup hookenv and contrib.openstack support for this
feature.
Change-Id: I75009a66ce9c9d43e234f9c5acbb185ac4a66ba5
Juju 2.0 renames the environment variable JUJU_ENV_UUID
to JUJU_MODEL_UUID; use this environment variable as a
fallback if JUJU_ENV_UUID is not set to support Juju 2.0,
whilst continuing to provide support for Juju < 2.0.
Change-Id: I0e9ebbe59032e3d15864ee1f9bd49b404b339a3b
Closes-Bug: 1572575
Track devices that have been added to the ring and allow
devices to be added to the ring post-install (currently
only allowed within the install hook). Devices added to
the ring prior to this patch existing will be migrated
to the tracking store of devices to avoid conflicts.
Change-Id: Id268dc6369041a4d2db6f30a997dfa0c0d73b93f
Closes-Bug: 1383390
Resolve single unit deployment failure with default configuration;
update unit tests to ensure that mkdir is called for /srv/node.
Change-Id: Id5518a2144ec3bdc6341f6dfc85835ae342f490e
