Charm: precise/nova-cloud-controller
Revision: 166
Hook: shared-db-relation-changed
#!/bin/bash -e
CHARM_DIR=$(dirname $0)
arg0=$(basename $0)
if [[ -e $CHARM_DIR/nova-cloud-controller-common ]] ; then
. $CHARM_DIR/nova-cloud-controller-common
else
juju-log "ERROR: Could not load nova-cloud-controller-common from $CHARM_DIR"
fi
function install_hook {
juju-log "$CHARM: Installing nova packages"
apt-get -y install python-software-properties || exit 1
configure_install_source "$(config-get openstack-origin)"
apt-get update || exit 1
DEBIAN_FRONTEND=noninteractive apt-get -y \
install --no-install-recommends $PACKAGES || exit 1
configure_network_manager $NET_MANAGER
# Configure any flags specified in deployment config
set_config_flags
# Open up the various API endpoints
# EC2
open-port 8773
# osapi-compute
open-port 8774
# object-store / s3
open-port 3333
# Quantum API if configured
if [ "$NET_MANAGER" == "Quantum" ]; then
open-port 9696
fi
# Helpers for creating external and tenant networks
cp files/create_ext_net.py /usr/bin/quantum-ext-net
cp files/create_tenant_net.py /usr/bin/quantum-tenant-net
service_ctl all stop
}
function upgrade_charm {
install_hook
service_ctl all start
}
function config_changed {
# Determine whether or not we should do an upgrade, based on whether or not
# the version offered in openstack-origin is greater than what is installed.
local install_src=$(config-get openstack-origin)
local cur=$(get_os_codename_package "nova-common")
local available=$(get_os_codename_install_source "$install_src")
if dpkg --compare-versions $(get_os_version_codename "$cur") lt \
$(get_os_version_codename "$available") ; then
juju-log "$CHARM: Upgrading OpenStack release: $cur -> $available."
do_openstack_upgrade "$install_src" $PACKAGES
fi
set_config_flags
if [ "$NET_MANAGER" == "Quantum" ]; then
configure_quantum_networking
fi
service_ctl all restart
}
function amqp_joined {
# we request a username on the rabbit queue
# and store it in nova.conf. our response is its IP + PASSWD
# but we configure that in _changed
local rabbit_user=$(config-get rabbit-user)
local rabbit_vhost=$(config-get rabbit-vhost)
juju-log "$CHARM - amqp_joined: requesting credentials for $rabbit_user"
relation-set username=$rabbit_user
relation-set vhost=$rabbit_vhost
}
function amqp_changed {
# server creates our credentials and tells us where
# to connect. for now, using default vhost '/'
local rabbit_host=$(relation-get private-address)
local rabbit_password=$(relation-get password)
if [[ -z $rabbit_host ]] || \
[[ -z $rabbit_password ]] ; then
juju-log "$CHARM - amqp_changed: rabbit_host||rabbit_password not set."
exit 0
fi
local rabbit_user=$(config-get rabbit-user)
local rabbit_vhost=$(config-get rabbit-vhost)
juju-log "$CHARM - amqp_changed: Setting rabbit config in nova.conf: " \
"$rabbit_user@$rabbit_host/$rabbit_vhost"
set_or_update rabbit_host $rabbit_host
set_or_update rabbit_userid $rabbit_user
set_or_update rabbit_password $rabbit_password
set_or_update rabbit_virtual_host $rabbit_vhost
if [ "$(config-get network-manager)" == "Quantum" ]; then
set_or_update rabbit_host "$rabbit_host" "$QUANTUM_CONF"
set_or_update rabbit_userid "$rabbit_user" "$QUANTUM_CONF"
set_or_update rabbit_password "$rabbit_password" "$QUANTUM_CONF"
set_or_update rabbit_virtual_host "$rabbit_vhost" "$QUANTUM_CONF"
fi
service_ctl all restart
}
function db_joined {
# tell mysql provider which database we want. it will create it and give us
# credentials
local nova_db=$(config-get nova-db)
local db_user=$(config-get db-user)
local hostname=$(unit-get private-address)
juju-log "$CHARM - db_joined: requesting database access to $nova_db for "\
"$db_user@$hostname"
relation-set nova_database=$nova_db nova_username=$db_user nova_hostname=$hostname
if [ "$NET_MANAGER" == "Quantum" ]; then
relation-set quantum_database=quantum quantum_username=quantum quantum_hostname=$hostname
fi
}
function db_changed {
local db_host=`relation-get private-address`
local db_password=`relation-get nova_password`
if [[ -z $db_host ]] || [[ -z $db_password ]] ; then
juju-log "$CHARM - db_changed: db_host||db_password set, will retry."
exit 0
fi
local nova_db=$(config-get nova-db)
local db_user=$(config-get db-user)
juju-log "$CHARM - db_changed: Configuring nova.conf for access to $nova_db"
set_or_update sql_connection "mysql://$db_user:$db_password@$db_host/$nova_db"
if [ "$NET_MANAGER" == "Quantum" ]; then
local quantum_db_password=`relation-get quantum_password`
set_or_update sql_connection "mysql://quantum:$quantum_db_password@$db_host/quantum?charset=utf8" \
$QUANTUM_PLUGIN_CONF "DATABASE"
fi
service_ctl all stop
/usr/bin/nova-manage db sync
service_ctl all start
if [ "$NET_MANAGER" == "Quantum" ]; then
configure_quantum_networking
fi
trigger_remote_service_restarts
}
function image-service_changed {
local api_server=$(relation-get glance-api-server)
[[ -z $api_server ]] &&
juju-log "$CHARM - image-service_changed: Peer not ready?" && exit 0
set_or_update glance_api_servers $api_server
set_or_update image_service "nova.image.glance.GlanceImageService"
service_ctl all restart
}
function keystone_joined {
# we need to get two entries into keystone's catalog, nova + ec2
# group, them by prepending $service_ to each setting. the keystone
# charm will assemble settings into corresponding catalog entries
nova_url="http://$(unit-get private-address):8774/v1.1/\$(tenant_id)s"
ec2_url="http://$(unit-get private-address):8773/services/Cloud"
s3_url="http://$(unit-get private-address):3333"
# these are the default endpoints
relation-set nova_service="nova" \
nova_region="RegionOne" \
nova_public_url="$nova_url" \
nova_admin_url="$nova_url" \
nova_internal_url="$nova_url" \
ec2_service="ec2" \
ec2_region="RegionOne" \
ec2_public_url="$ec2_url" \
ec2_admin_url="$ec2_url" \
ec2_internal_url="$ec2_url" \
s3_service="s3" \
s3_region="RegionOne" \
s3_public_url="$s3_url" \
s3_admin_url="$s3_url" \
s3_internal_url="$s3_url"
if [ "$(config-get network-manager)" == "Quantum" ]; then
quantum_url="http://$(unit-get private-address):9696"
relation-set quantum_service="quantum" \
quantum_region="RegionOne" \
quantum_public_url="$quantum_url" \
quantum_admin_url="$quantum_url" \
quantum_internal_url="$quantum_url"
fi
# tack on an endpoint for nova-volume a relation exists.
if [[ -n "$(relation-ids nova-volume-service)" ]] ; then
nova_vol_url="http://$(unit-get private-address):8776/v1/\$(tenant_id)s"
relation-set nova-volume_service="nova-volume" \
nova-volume_region="RegionOne" \
nova-volume_public_url="$nova_vol_url" \
nova-volume_admin_url="$nova_vol_url" \
nova-volume_internal_url="$nova_vol_url"
fi
}
function keystone_changed {
token=$(relation-get admin_token)
service_port=$(relation-get service_port)
auth_port=$(relation-get auth_port)
service_username=$(relation-get service_username)
service_password=$(relation-get service_password)
service_tenant=$(relation-get service_tenant)
[[ -z "$token" ]] || [[ -z "$service_port" ]] || [[ -z "$auth_port" ]] ||
[[ -z "$service_username" ]] || [[ -z "$service_password" ]] ||
[[ -z "$service_tenant" ]] &&
juju-log "$CHARM - keystone_changed: Peer not ready" && exit 0
[[ "$token" == "-1" ]] &&
juju-log "$CHARM - keystone_changed: admin token error" && exit 1
# No need to update paste deploy pipelines, just set a flag in nova.conf
set_or_update "auth_strategy" "keystone"
# Update keystone authentication configuration
keystone_host=$(relation-get private-address)
set_or_update "keystone_ec2_url" "http://$keystone_host:5000/v2.0/ec2tokens"
if grep -q use_deprecated_auth $NOVA_CONF ; then
juju-log "$CHARM - keystone_changed: Disabling '--use_deprecated_auth"
sed -i '/--use_deprecated_auth/d' $NOVA_CONF
fi
# update keystone authtoken settings accordingly
set_or_update "service_host" "$keystone_host" "$API_CONF"
set_or_update "service_port" "$service_port" "$API_CONF"
set_or_update "auth_host" "$keystone_host" "$API_CONF"
set_or_update "auth_port" "$auth_port" "$API_CONF"
set_or_update "auth_uri" "http://$keystone_host:$service_port/" "$API_CONF"
set_or_update "admin_token" "$token" "$API_CONF"
set_or_update "admin_tenant_name" "$service_tenant" "$API_CONF"
set_or_update "admin_user" "$service_username" "$API_CONF"
set_or_update "admin_password" "$service_password" "$API_CONF"
if [ "$NET_MANAGER" == "Quantum" ]; then
# Configure Nova for quantum
keystone_url="http://${keystone_host}:${auth_port}/v2.0"
set_or_update "quantum_url" "http://$(unit-get private-address):9696"
set_or_update "quantum_admin_tenant_name" "${service_tenant}"
set_or_update "quantum_admin_username" "${service_username}"
set_or_update "quantum_admin_password" "${service_password}"
set_or_update "quantum_admin_auth_url" "${keystone_url}"
# Configure API server for quantum
set_or_update "admin_tenant_name" "$service_tenant" "$QUANTUM_API_CONF" "filter:authtoken"
set_or_update "admin_user" "$service_username" "$QUANTUM_API_CONF" "filter:authtoken"
set_or_update "admin_password" "$service_password" "$QUANTUM_API_CONF" "filter:authtoken"
set_or_update "auth_host" "$keystone_host" "$QUANTUM_API_CONF" "filter:authtoken"
set_or_update "auth_port" "$auth_port" "$QUANTUM_API_CONF" "filter:authtoken"
# Save a local copy of the credentials for later use
cat > /etc/quantum/novarc << EOF
export OS_USERNAME=${service_username}
export OS_PASSWORD=${service_password}
export OS_TENANT_NAME=${service_tenant}
export OS_AUTH_URL=${keystone_url}
EOF
fi
service_ctl all restart
if [ "$NET_MANAGER" == "Quantum" ]; then
configure_quantum_networking
# ripple out changes to identity to connected services
# which use cloud-controller as source of information for
# keystone
r_ids="$(relation-ids cloud-compute) $(relation-ids quantum-network-service)"
for id in $r_ids ; do
relation-set -r $id \
keystone_host=$keystone_host \
auth_port=$auth_port \
service_port=$service_port \
service_username=$service_username \
service_password=$service_password \
service_tenant=$service_tenant
done
fi
}
volume_joined() {
local svc=""
case "$arg0" in
"cinder-volume-service-relation-joined") svc="cinder" ;;
"nova-volume-service-relation-joined") svc="nova-volume" ;;
*) svc="nova-volume" ;;
esac
configure_volume_service "$svc"
service_ctl all restart
# The nova-volume API can be hosted here alongside the other
# nova API services, but there needs to be a new endpoint
# configured in keystone.
if [[ "$svc" == "nova-volume" ]] ; then
apt-get -y install nova-api-os-volume
local nova_vol_url="http://$(unit-get private-address):8776/v1/\$(tenant_id)s"
local r_ids=$(relation-ids identity-service)
for id in $r_ids ; do
juju-log "$CHARM: Registering new endpoint for nova-volume API on "\
"existing identity-service relation: $id"
nova_vol_url="http://$(unit-get private-address):8776/v1/\$(tenant_id)s"
relation-set -r $id nova-volume_service="nova-volume" \
nova-volume_region="RegionOne" \
nova-volume_public_url="$nova_vol_url" \
nova-volume_admin_url="$nova_vol_url" \
nova-volume_internal_url="$nova_vol_url"
done
fi
if [[ "$svc" == "cinder" ]] ; then
# Compute nodes need to be notified to set their volume
# driver accordingly.
r_ids=$(relation-ids cloud-compute)
for id in $r_ids ; do
relation-set -r $id volume_service="cinder"
done
fi
}
compute_joined() {
relation-set network_manager=$(config-get network-manager)
relation-set ec2_host=$(unit-get private-address)
if [ "$NET_MANAGER" == "Quantum" ]; then
rids=$(relation-ids identity-service)
for rid in $rids; do
for unit in $(relation-list -r $rid); do
keystone_host=$(relation-get -r $rid auth_host $unit)
if [ -n "$keystone_host" ]; then
relation-set \
keystone_host=$keystone_host \
auth_port=$(relation-get -r $rid auth_port $unit) \
service_port=$(relation-get -r $rid service_port $unit) \
service_username=$(relation-get -r $rid service_username $unit) \
service_password=$(relation-get -r $rid service_password $unit) \
service_tenant=$(relation-get -r $rid service_tenant $unit)
fi
done
done
relation-set quantum_host=$(unit-get private-address)
relation-set quantum_plugin=$(config-get quantum-plugin)
fi
# Compute's volume driver is dependent on volume service deployed.
local r_ids=$(relation-ids cinder-volume-service)
if [[ -n "$r_ids" ]] ; then
relation-set volume_service="cinder"
else
relation-set volume_service="nova-volume"
fi
}
quantum_joined() {
# Tell quantum service about keystone
rids=$(relation-ids identity-service)
for rid in $rids; do
for unit in $(relation-list -r $rid); do
keystone_host=$(relation-get -r $rid auth_host $unit)
if [ -n "$keystone_host" ]; then
relation-set \
keystone_host=$keystone_host \
auth_port=$(relation-get -r $rid auth_port $unit) \
service_port=$(relation-get -r $rid service_port $unit) \
service_username=$(relation-get -r $rid service_username $unit) \
service_password=$(relation-get -r $rid service_password $unit) \
service_tenant=$(relation-get -r $rid service_tenant $unit)
fi
done
done
relation-set quantum_host=$(unit-get private-address)
relation-set quantum_plugin=$(config-get quantum-plugin)
}
arg0=$(basename $0)
case $arg0 in
"start"|"stop") service_ctl all $arg0 ;;
"install") install_hook ;;
"config-changed") config_changed ;;
"upgrade-charm") upgrade_charm ;;
"amqp-relation-joined") amqp_joined ;;
"amqp-relation-changed") amqp_changed ;;
"shared-db-relation-joined") db_joined ;;
"shared-db-relation-changed") db_changed ;;
"image-service-relation-joined") exit 0 ;;
"image-service-relation-changed") image-service_changed ;;
"identity-service-relation-joined") keystone_joined ;;
"identity-service-relation-changed") keystone_changed ;;
"cinder-volume-service-relation-joined") volume_joined ;;
"nova-volume-service-relation-joined") volume_joined ;;
"cloud-compute-relation-joined") compute_joined ;;
"quantum-network-service-relation-joined") quantum_joined ;;
*) exit 0 ;;
esac