[nova] Use ingress interface for nova-api

Use traefik ingress interface for nova-api and traefik_route interface for nova-spiceproxy. This will help in easy upgrades from bobcat where ingress relation is not changed and new relation need to be added during upgrade. Change-Id: I2b714e63a127595dfdf643612007cc50e440a452
2024-04-24 10:53:22 +05:30
parent 77d3882713
commit d7cb65765a
8 changed files with 24 additions and 86 deletions
--- a/charms/nova-k8s/metadata.yaml
+++ b/charms/nova-k8s/metadata.yaml
@@ -54,6 +54,13 @@ resources:
    upstream-source: ghcr.io/canonical/nova-consolidated:2024.1

 requires:
+  ingress-internal:
+    interface: ingress
+    optional: true
+    limit: 1
+  ingress-public:
+    interface: ingress
+    limit: 1
  traefik-route-internal:
    interface: traefik_route
    optional: true
--- a/charms/nova-k8s/src/charm.py
+++ b/charms/nova-k8s/src/charm.py
@@ -341,6 +341,7 @@ class NovaOperatorCharm(sunbeam_charm.OSBaseOperatorAPICharm):
        "cell-database",
        "amqp",
        "identity-service",
+        "ingress-public",
        "traefik-route-public",
    }

@@ -427,36 +428,6 @@ class NovaOperatorCharm(sunbeam_charm.OSBaseOperatorAPICharm):
        """Default port for service ingress."""
        return 8774

-    @property
-    def public_url(self) -> str:
-        """Url for accessing the public endpoint for nova service."""
-        if self.traefik_route_public and self.traefik_route_public.ready:
-            scheme = self.traefik_route_public.interface.scheme
-            external_host = self.traefik_route_public.interface.external_host
-            public_url = (
-                f"{scheme}://{external_host}/{self.model.name}"
-                f"-{NOVA_API_INGRESS_NAME}"
-            )
-            return self.add_explicit_port(public_url)
-        else:
-            return self.add_explicit_port(
-                self.service_url(self.public_ingress_address)
-            )
-
-    @property
-    def internal_url(self) -> str:
-        """Url for accessing the internal endpoint for nova service."""
-        if self.traefik_route_internal and self.traefik_route_internal.ready:
-            scheme = self.traefik_route_internal.interface.scheme
-            external_host = self.traefik_route_internal.interface.external_host
-            internal_url = (
-                f"{scheme}://{external_host}/{self.model.name}"
-                f"-{NOVA_API_INGRESS_NAME}"
-            )
-            return self.add_explicit_port(internal_url)
-        else:
-            return self.admin_url
-
    @property
    def nova_spiceproxy_public_url(self) -> str | None:
        """URL for accessing public endpoint for nova spiceproxy service."""
@@ -609,21 +580,6 @@ class NovaOperatorCharm(sunbeam_charm.OSBaseOperatorAPICharm):
        model = self.model.name
        router_cfg = {}
        # Add routers for both nova-api and nova-spiceproxy
-        router_cfg.update(
-            {
-                f"juju-{model}-{NOVA_API_INGRESS_NAME}-router": {
-                    "rule": f"PathPrefix(`/{model}-{NOVA_API_INGRESS_NAME}`)",
-                    "service": f"juju-{model}-{NOVA_API_INGRESS_NAME}-service",
-                    "entryPoints": ["web"],
-                },
-                f"juju-{model}-{NOVA_API_INGRESS_NAME}-router-tls": {
-                    "rule": f"PathPrefix(`/{model}-{NOVA_API_INGRESS_NAME}`)",
-                    "service": f"juju-{model}-{NOVA_API_INGRESS_NAME}-service",
-                    "entryPoints": ["websecure"],
-                    "tls": {},
-                },
-            }
-        )
        router_cfg.update(
            {
                f"juju-{model}-{NOVA_SPICEPROXY_INGRESS_NAME}-router": {
@@ -672,19 +628,12 @@ class NovaOperatorCharm(sunbeam_charm.OSBaseOperatorAPICharm):
        hosts = self.peers.get_all_unit_values(
            key="host", include_local_unit=True
        )
-        api_lb_servers = [
-            {"url": f"http://{host}:{self.default_public_ingress_port}"}
-            for host in hosts
-        ]
        spice_lb_servers = [
            {"url": f"http://{host}:{NOVA_SPICEPROXY_INGRESS_PORT}"}
            for host in hosts
        ]
        # Add services for heat-api and heat-api-cfn
        service_cfg = {
-            f"juju-{model}-{NOVA_API_INGRESS_NAME}-service": {
-                "loadBalancer": {"servers": api_lb_servers},
-            },
            f"juju-{model}-{NOVA_SPICEPROXY_INGRESS_NAME}-service": {
                "loadBalancer": {"servers": spice_lb_servers},
            },
@@ -753,16 +702,6 @@ class NovaOperatorCharm(sunbeam_charm.OSBaseOperatorAPICharm):
            logger.exception("Failed to discover hosts for cell1")
            raise

-    def _update_service_endpoints(self):
-        try:
-            if self.id_svc.update_service_endpoints:
-                logger.info(
-                    "Updating service endpoints after ingress relation changed"
-                )
-                self.id_svc.update_service_endpoints(self.service_endpoints)
-        except (AttributeError, KeyError):
-            pass
-
    def handle_traefik_ready(self, event: ops.framework.EventBase):
        """Handle Traefik route ready callback."""
        if not self.unit.is_leader():
@@ -777,18 +716,12 @@ class NovaOperatorCharm(sunbeam_charm.OSBaseOperatorAPICharm):
                config=self.traefik_config
            )

-            if self.traefik_route_public.ready:
-                self._update_service_endpoints()
-
        if self.traefik_route_internal:
            logger.debug("Sending traefik config for internal interface")
            self.traefik_route_internal.interface.submit_to_traefik(
                config=self.traefik_config
            )

-            if self.traefik_route_internal.ready:
-                self._update_service_endpoints()
-
    def get_cell_uuid(self, cell, fatal=True):
        """Returns the cell UUID from the name.

--- a/charms/nova-k8s/src/templates/nova-spiceproxy-forwarding.conf.j2
+++ b/charms/nova-k8s/src/templates/nova-spiceproxy-forwarding.conf.j2
@@ -1,15 +0,0 @@
-Listen 6182
-
-<VirtualHost *:6182>
-  ProxyPreserveHost On
-  ProxyRequests Off
-  {% if traefik_route_public and traefik_route_public.nova_spiceproxy_ingress_path -%}
-  ProxyPass {{ traefik_route_public.nova_spiceproxy_ingress_path }} http://localhost:6082/
-  ProxyPassReverse {{ traefik_route_public.nova_spiceproxy_ingress_path }} http://localhost:6082/
-  {% endif -%}
-  ProxyPass / http://localhost:6082/
-  ProxyPassReverse / http://localhost:6082/
-  ErrorLog {{ wsgi_config.error_log }}
-  CustomLog {{ wsgi_config.custom_log }} combined
-</VirtualHost>
-
--- a/charms/nova-k8s/src/templates/wsgi-nova-api.conf.j2
+++ b/charms/nova-k8s/src/templates/wsgi-nova-api.conf.j2
@@ -4,8 +4,8 @@ Listen {{ wsgi_nova_metadata.public_port }}
    WSGIDaemonProcess nova-api processes=4 threads=1 user={{ wsgi_config.user }} group={{ wsgi_config.group }} \
                      display-name=%{GROUP}
    WSGIProcessGroup nova-api
-    {% if traefik_route_public and traefik_route_public.nova_ingress_path -%}
-    WSGIScriptAlias {{ traefik_route_public.nova_ingress_path }} {{ wsgi_config.wsgi_public_script }}
+    {% if ingress_public and ingress_public.ingress_path -%}
+    WSGIScriptAlias {{ ingress_public.ingress_path }} {{ wsgi_config.wsgi_public_script }}
    {% endif -%}
    WSGIScriptAlias / {{ wsgi_config.wsgi_public_script }}
    WSGIApplicationGroup %{GLOBAL}
--- a/charms/nova-k8s/tests/unit/test_nova_charm.py
+++ b/charms/nova-k8s/tests/unit/test_nova_charm.py
@@ -82,6 +82,7 @@ class TestNovaOperatorCharm(test_utils.CharmTestCase):

    def add_complete_ingress_relation(self, harness: Harness) -> None:
        """Add complete traefik-route relations."""
+        test_utils.add_complete_ingress_relation(harness)
        harness.add_relation(
            "traefik-route-public",
            "nova",
--- a/common.sh
+++ b/common.sh
@@ -124,6 +124,14 @@ EXTERNAL_NEUTRON_LIBS=(
 	"certificate_transfer_interface"
 )

+EXTERNAL_NOVA_LIBS=(
+        "data_platform_libs"
+        "rabbitmq_k8s"
+        "traefik_k8s"
+        "traefik_route_k8s"
+        "certificate_transfer_interface"
+)
+
 EXTERNAL_OCTAVIA_LIBS=(
        "data_platform_libs"
        "traefik_k8s"
@@ -354,7 +362,7 @@ declare -A EXTERNAL_LIBS=(
        [keystone-ldap-k8s]=${NULL_ARRAY[@]}
        [magnum-k8s]=${EXTERNAL_AODH_LIBS[@]}
        [neutron-k8s]=${EXTERNAL_NEUTRON_LIBS[@]}
-        [nova-k8s]=${EXTERNAL_HEAT_LIBS[@]}
+        [nova-k8s]=${EXTERNAL_NOVA_LIBS[@]}
        [octavia-k8s]=${EXTERNAL_OCTAVIA_LIBS[@]}
        [openstack-exporter-k8s]=${EXTERNAL_OPENSTACK_EXPORTER_LIBS[@]}
        [openstack-hypervisor]=${EXTERNAL_OPENSTACK_HYPERVISOR_LIBS[@]}
--- a/tests/core/smoke.yaml.j2
+++ b/tests/core/smoke.yaml.j2
@@ -182,6 +182,8 @@ relations:
  - nova:amqp
 - - keystone:identity-service
  - nova:identity-service
+- - traefik:ingress
+  - nova:ingress-public
 - - traefik:traefik-route
  - nova:traefik-route-public
 - - keystone:send-ca-cert
--- a/tests/tempest/smoke.yaml.j2
+++ b/tests/tempest/smoke.yaml.j2
@@ -176,6 +176,8 @@ relations:
  - nova:amqp
 - - keystone:identity-service
  - nova:identity-service
+- - traefik:ingress
+  - nova:ingress-public
 - - traefik:traefik-route
  - nova:traefik-route-public
 - - keystone:send-ca-cert