Cache calls to ceph get_named_key

Change-Id: Iccc1d4a3ef116e9edb4d3047f40993fa6107718e
2022-09-28 15:00:14 -04:00 · 2022-09-28 15:00:14 -04:00 · becd07a584
parent a7f16a76f8
commit becd07a584
2 changed files with 41 additions and 20 deletions
--- a/charms_ceph/utils.py
+++ b/charms_ceph/utils.py
@ -1217,26 +1217,11 @@ def get_named_key(name, caps=None, pool_list=None):
    :returns: Returns a cephx key
    """
    key_name = 'client.{}'.format(name)
-    try:
-        # Does the key already exist?
-        output = str(subprocess.check_output(
-            [
-                'sudo',
-                '-u', ceph_user(),
-                'ceph',
-                '--name', 'mon.',
-                '--keyring',
-                '/var/lib/ceph/mon/ceph-{}/keyring'.format(
-                    socket.gethostname()
-                ),
-                'auth',
-                'get',
-                key_name,
-            ]).decode('UTF-8')).strip()
-        return parse_key(output)
-    except subprocess.CalledProcessError:
-        # Couldn't get the key, time to create it!
-        log("Creating new key for {}".format(name), level=DEBUG)
+    key = ceph_auth_get(key_name)
+    if key:
+        return key
+
+    log("Creating new key for {}".format(name), level=DEBUG)
    caps = caps or _default_caps
    cmd = [
        "sudo",
@ -1259,6 +1244,7 @@ def get_named_key(name, caps=None, pool_list=None):
                pools = " ".join(['pool={0}'.format(i) for i in pool_list])
                subcaps[0] = subcaps[0] + " " + pools
        cmd.extend([subsystem, '; '.join(subcaps)])
+    ceph_auth_get.cache_clear()

    log("Calling check_output: {}".format(cmd), level=DEBUG)
    return parse_key(str(subprocess
@ -1267,6 +1253,30 @@ def get_named_key(name, caps=None, pool_list=None):
                     .strip())  # IGNORE:E1103


+@functools.lru_cache()
+def ceph_auth_get(key_name):
+    try:
+        # Does the key already exist?
+        output = str(subprocess.check_output(
+            [
+                'sudo',
+                '-u', ceph_user(),
+                'ceph',
+                '--name', 'mon.',
+                '--keyring',
+                '/var/lib/ceph/mon/ceph-{}/keyring'.format(
+                    socket.gethostname()
+                ),
+                'auth',
+                'get',
+                key_name,
+            ]).decode('UTF-8')).strip()
+        return parse_key(output)
+    except subprocess.CalledProcessError:
+        # Couldn't get the key
+        pass
+
+
 def upgrade_key_caps(key, caps, pool_list=None):
    """Upgrade key to have capabilities caps"""
    if not is_leader():
--- a/unit_tests/test_utils.py
+++ b/unit_tests/test_utils.py
@ -570,6 +570,17 @@ class CephTestCase(unittest.TestCase):
                  'mon', ('allow r; allow command "osd blacklist"'
                          '; allow command "osd blocklist"'),
                  'osd', 'allow rwx'])])
+        mock_check_output.reset_mock()
+        mock_check_output.side_effect = [b'key=test']
+        utils.get_named_key(name="rgw001")
+        mock_check_output.assert_called_once_with([
+            'sudo', '-u', 'ceph', 'ceph', '--name',
+            'mon.', '--keyring',
+            '/var/lib/ceph/mon/ceph-osd001/keyring',
+            'auth', 'get', 'client.rgw001'])
+        mock_check_output.reset_mock()
+        utils.get_named_key(name="rgw001")
+        mock_check_output.assert_not_called()

    def test_parse_key_with_caps_existing_key(self):
        expected = "AQCm7aVYQFXXFhAAj0WIeqcag88DKOvY4UKR/g=="