openstack/charm-magnum
Code Issues Proposed changes

Add initial charm code

Browse Source 
Co-authored-by: Marius Oprin <moprin@cloudbasesolutions.com>
This commit is contained in:
Ionut Balutoiu 2021-02-26 12:16:24 +02:00
parent fb04f0f1fc
commit 6866c47cdd
34 changed files with 2297 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
.gitignore vendored Normal file
View File

@ -0,0 +1,15 @@
/build/
bin
.coverage
.testrepository
.tox
tags
*.sw[nop]
*.pyc
.unit-state.db
trusty/
xenial/
.stestr
__pycache__
func-results.json

4
.zuul.yaml Normal file
View File

@ -0,0 +1,4 @@
- project:
templates:
- openstack-python3-charm-jobs
- openstack-cover-jobs

26
requirements.txt Normal file
View File

@ -0,0 +1,26 @@
# This file is managed centrally by release-tools and should not be modified
# within individual charm repos. See the 'global' dir contents for available
# choices of *requirements.txt files for OpenStack Charms:
# https://github.com/openstack-charmers/release-tools
#
# NOTE(lourot): This might look like a duplication of test-requirements.txt but
# some tox targets use only test-requirements.txt whereas charm-build uses only
# requirements.txt
setuptools<50.0.0 # https://github.com/pypa/setuptools/commit/04e3df22df840c6bb244e9b27bc56750c44b7c85
# Build requirements
charm-tools>=2.4.4
# Workaround until https://github.com/juju/charm-tools/pull/589 gets
# published
keyring<21
simplejson
# Newer versions use keywords that didn't exist in python 3.5 yet (e.g.
# "ModuleNotFoundError")
# NOTE(lourot): This might look like a duplication of test-requirements.txt but
# some tox targets use only test-requirements.txt whereas charm-build uses only
# requirements.txt
importlib-metadata<3.0.0; python_version < '3.6'
importlib-resources<3.0.0; python_version < '3.6'

177
src/LICENSE Normal file
View File

@ -0,0 +1,177 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.

42
src/README.md Normal file
View File

@ -0,0 +1,42 @@
# Charm Magnum
Charm to deploy Magnum in a Canonical OpenStack deployment
## Build charm
```bash
export CHARM_BASE="$HOME/work/charms"
export JUJU_REPOSITORY="$CHARM_BASE/build"
export CHARM_INTERFACES_DIR="$CHARM_BASE/interfaces"
export CHARM_LAYERS_DIR="$CHARM_BASE/layers"
mkdir -p $JUJU_REPOSITORY
mkdir $CHARM_INTERFACES_DIR
mkdir $CHARM_LAYERS_DIR
git clone https://github.com/oprinmarius/magnum-charm
sudo snap install --classic charm
cd magnum-charm
charm build
```
You should now have a charm built in ```$JUJU_REPOSITORY/builds/charm-magnum```.
## Deploy charm
```bash
juju deploy $JUJU_REPOSITORY/builds/charm-magnum magnum --config openstack-origin="cloud:bionic-train"
juju add-relation magnum mysql
juju add-relation magnum rabbitmq-server
juju add-relation magnum:identity-service keystone:identity-service
```
After the charm is deployed and all relations have been established, you must run the ```domain-setup``` action to finalize the deployment. This action can be run on any unit.
```bash
juju run-action magnum/0 domain-setup
```

3
src/actions.yaml Normal file
View File

@ -0,0 +1,3 @@
domain-setup:
description:
Setup the keystone domain and user required for Magnum to operate.

37
src/actions/domain-setup Executable file
View File

@ -0,0 +1,37 @@
#!/bin/bash
set -e
if [ ! -e /root/openrc_v3 ]
then
juju-log "Openstack credentials not yet available"
exit 0
fi
. /root/openrc_v3
CFG_DOMAIN=`config-get trustee-domain`
CFG_USERNAME=`config-get trustee-admin`
DOMAIN=${CFG_DOMAIN:-magnum}
USERNAME=${CFG_USERNAME:-magnum_domain_admin}
OPENSTACK_CMD="/usr/bin/openstack"
MAGNUM_PASSWORD=$(leader-get magnum_password)
if [ -z $MAGNUM_PASSWORD ]
then
juju-log "magnum_password not set in leader data"
exit 0
fi
$OPENSTACK_CMD domain show $DOMAIN || {
$OPENSTACK_CMD domain create --description "Magnum trustee domain" $DOMAIN
}
$OPENSTACK_CMD user show --domain $DOMAIN $USERNAME || {
$OPENSTACK_CMD user create --domain $DOMAIN --password $MAGNUM_PASSWORD $USERNAME
}
$OPENSTACK_CMD role add --domain $DOMAIN --user-domain $DOMAIN --user $USERNAME admin || {
$OPENSTACK_CMD role add --domain $DOMAIN --user $USERNAME admin
}

60
src/config.yaml Normal file
View File

@ -0,0 +1,60 @@
options:
openstack-origin:
default: distro
type: string
description: |
Repository from which to install. May be one of the following:
distro (default), ppa:somecustom/ppa, a deb url sources entry,
or a supported Cloud Archive release pocket.
Supported Cloud Archive sources include: cloud:precise-folsom,
cloud:precise-folsom/updates, cloud:precise-folsom/staging,
cloud:precise-folsom/proposed.
Note that updating this setting to a source that is known to
provide a later version of OpenStack will trigger a software
upgrade.
rabbit-user:
default: magnum
type: string
description: Username used to access rabbitmq queue
rabbit-vhost:
default: openstack
type: string
description: Rabbitmq vhost
database-user:
default: magnum
type: string
description: Username for Magnum database access
database:
default: magnum
type: string
description: Database name for Magnum
debug:
default: False
type: boolean
description: Enable debug logging
verbose:
default: False
type: boolean
description: Enable verbose logging
region:
default: RegionOne
type: string
description: OpenStack Region
trustee-domain:
type: string
default: magnum
description: Domain used for COE
trustee-admin:
type: string
default: magnum_domain_admin
description: Domain admin for the trustee-domain
cert-manager-type:
type: string
default: barbican
description: |
Certificate Manager plugin. Use barbican in production. Requires barbican
to be present in your OpenStack deployment. Choices are:
* x509keypair
* barbican

279
src/icon.svg Normal file
View File

@ -0,0 +1,279 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
width="96"
height="96"
id="svg6517"
version="1.1"
inkscape:version="0.48+devel r12274"
sodipodi:docname="Juju_charm_icon_template.svg">
<defs
id="defs6519">
<linearGradient
inkscape:collect="always"
xlink:href="#Background"
id="linearGradient6461"
gradientUnits="userSpaceOnUse"
x1="0"
y1="970.29498"
x2="144"
y2="970.29498"
gradientTransform="matrix(0,-0.66666669,0.6660448,0,-866.25992,731.29077)" />
<linearGradient
id="Background">
<stop
id="stop4178"
offset="0"
style="stop-color:#b8b8b8;stop-opacity:1" />
<stop
id="stop4180"
offset="1"
style="stop-color:#c9c9c9;stop-opacity:1" />
</linearGradient>
<filter
style="color-interpolation-filters:sRGB;"
inkscape:label="Inner Shadow"
id="filter1121">
<feFlood
flood-opacity="0.59999999999999998"
flood-color="rgb(0,0,0)"
result="flood"
id="feFlood1123" />
<feComposite
in="flood"
in2="SourceGraphic"
operator="out"
result="composite1"
id="feComposite1125" />
<feGaussianBlur
in="composite1"
stdDeviation="1"
result="blur"
id="feGaussianBlur1127" />
<feOffset
dx="0"
dy="2"
result="offset"
id="feOffset1129" />
<feComposite
in="offset"
in2="SourceGraphic"
operator="atop"
result="composite2"
id="feComposite1131" />
</filter>
<filter
style="color-interpolation-filters:sRGB;"
inkscape:label="Drop Shadow"
id="filter950">
<feFlood
flood-opacity="0.25"
flood-color="rgb(0,0,0)"
result="flood"
id="feFlood952" />
<feComposite
in="flood"
in2="SourceGraphic"
operator="in"
result="composite1"
id="feComposite954" />
<feGaussianBlur
in="composite1"
stdDeviation="1"
result="blur"
id="feGaussianBlur956" />
<feOffset
dx="0"
dy="1"
result="offset"
id="feOffset958" />
<feComposite
in="SourceGraphic"
in2="offset"
operator="over"
result="composite2"
id="feComposite960" />
</filter>
<clipPath
clipPathUnits="userSpaceOnUse"
id="clipPath873">
<g
transform="matrix(0,-0.66666667,0.66604479,0,-258.25992,677.00001)"
id="g875"
inkscape:label="Layer 1"
style="fill:#ff00ff;fill-opacity:1;stroke:none;display:inline">
<path
style="fill:#ff00ff;fill-opacity:1;stroke:none;display:inline"
d="m 46.702703,898.22775 50.594594,0 C 138.16216,898.22775 144,904.06497 144,944.92583 l 0,50.73846 c 0,40.86071 -5.83784,46.69791 -46.702703,46.69791 l -50.594594,0 C 5.8378378,1042.3622 0,1036.525 0,995.66429 L 0,944.92583 C 0,904.06497 5.8378378,898.22775 46.702703,898.22775 Z"
id="path877"
inkscape:connector-curvature="0"
sodipodi:nodetypes="sssssssss" />
</g>
</clipPath>
<filter
inkscape:collect="always"
id="filter891"
inkscape:label="Badge Shadow">
<feGaussianBlur
inkscape:collect="always"
stdDeviation="0.71999962"
id="feGaussianBlur893" />
</filter>
</defs>
<sodipodi:namedview
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="4.0745362"
inkscape:cx="18.514671"
inkscape:cy="49.018169"
inkscape:document-units="px"
inkscape:current-layer="layer1"
showgrid="true"
fit-margin-top="0"
fit-margin-left="0"
fit-margin-right="0"
fit-margin-bottom="0"
inkscape:window-width="1920"
inkscape:window-height="1029"
inkscape:window-x="0"
inkscape:window-y="24"
inkscape:window-maximized="1"
showborder="true"
showguides="true"
inkscape:guide-bbox="true"
inkscape:showpageshadow="false">
<inkscape:grid
type="xygrid"
id="grid821" />
<sodipodi:guide
orientation="1,0"
position="16,48"
id="guide823" />
<sodipodi:guide
orientation="0,1"
position="64,80"
id="guide825" />
<sodipodi:guide
orientation="1,0"
position="80,40"
id="guide827" />
<sodipodi:guide
orientation="0,1"
position="64,16"
id="guide829" />
</sodipodi:namedview>
<metadata
id="metadata6522">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title></dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:label="BACKGROUND"
inkscape:groupmode="layer"
id="layer1"
transform="translate(268,-635.29076)"
style="display:inline">
<path
style="fill:url(#linearGradient6461);fill-opacity:1;stroke:none;display:inline;filter:url(#filter1121)"
d="m -268,700.15563 0,-33.72973 c 0,-27.24324 3.88785,-31.13513 31.10302,-31.13513 l 33.79408,0 c 27.21507,0 31.1029,3.89189 31.1029,31.13513 l 0,33.72973 c 0,27.24325 -3.88783,31.13514 -31.1029,31.13514 l -33.79408,0 C -264.11215,731.29077 -268,727.39888 -268,700.15563 Z"
id="path6455"
inkscape:connector-curvature="0"
sodipodi:nodetypes="sssssssss" />
</g>
<g
inkscape:groupmode="layer"
id="layer3"
inkscape:label="PLACE YOUR PICTOGRAM HERE"
style="display:inline" />
<g
inkscape:groupmode="layer"
id="layer2"
inkscape:label="BADGE"
style="display:none"
sodipodi:insensitive="true">
<g
style="display:inline"
transform="translate(-340.00001,-581)"
id="g4394"
clip-path="none">
<g
id="g855">
<g
inkscape:groupmode="maskhelper"
id="g870"
clip-path="url(#clipPath873)"
style="opacity:0.6;filter:url(#filter891)">
<path
transform="matrix(1.4999992,0,0,1.4999992,-29.999795,-237.54282)"
d="m 264,552.36218 a 12,12 0 1 1 -24,0 A 12,12 0 1 1 264,552.36218 Z"
sodipodi:ry="12"
sodipodi:rx="12"
sodipodi:cy="552.36218"
sodipodi:cx="252"
id="path844"
style="color:#000000;fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:4;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
sodipodi:type="arc" />
</g>
<g
id="g862">
<path
sodipodi:type="arc"
style="color:#000000;fill:#f5f5f5;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:4;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
id="path4398"
sodipodi:cx="252"
sodipodi:cy="552.36218"
sodipodi:rx="12"
sodipodi:ry="12"
d="m 264,552.36218 a 12,12 0 1 1 -24,0 A 12,12 0 1 1 264,552.36218 Z"
transform="matrix(1.4999992,0,0,1.4999992,-29.999795,-238.54282)" />
<path
transform="matrix(1.25,0,0,1.25,33,-100.45273)"
d="m 264,552.36218 a 12,12 0 1 1 -24,0 A 12,12 0 1 1 264,552.36218 Z"
sodipodi:ry="12"
sodipodi:rx="12"
sodipodi:cy="552.36218"
sodipodi:cx="252"
id="path4400"
style="color:#000000;fill:#dd4814;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:4;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
sodipodi:type="arc" />
<path
sodipodi:type="star"
style="color:#000000;fill:#f5f5f5;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:3;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
id="path4459"
sodipodi:sides="5"
sodipodi:cx="666.19574"
sodipodi:cy="589.50385"
sodipodi:r1="7.2431178"
sodipodi:r2="4.3458705"
sodipodi:arg1="1.0471976"
sodipodi:arg2="1.6755161"
inkscape:flatsided="false"
inkscape:rounded="0.1"
inkscape:randomized="0"
d="m 669.8173,595.77657 c -0.39132,0.22593 -3.62645,-1.90343 -4.07583,-1.95066 -0.44938,-0.0472 -4.05653,1.36297 -4.39232,1.06062 -0.3358,-0.30235 0.68963,-4.03715 0.59569,-4.47913 -0.0939,-0.44198 -2.5498,-3.43681 -2.36602,-3.8496 0.18379,-0.41279 4.05267,-0.59166 4.44398,-0.81759 0.39132,-0.22593 2.48067,-3.48704 2.93005,-3.4398 0.44938,0.0472 1.81505,3.67147 2.15084,3.97382 0.3358,0.30236 4.08294,1.2817 4.17689,1.72369 0.0939,0.44198 -2.9309,2.86076 -3.11469,3.27355 C 669.9821,591.68426 670.20862,595.55064 669.8173,595.77657 Z"
transform="matrix(1.511423,-0.16366377,0.16366377,1.511423,-755.37346,-191.93651)" />
</g>
</g>
</g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 9.6 KiB

11
src/layer.yaml Normal file
View File

@ -0,0 +1,11 @@
includes:
- layer:openstack-api
- layer:leadership
- interface:mysql-shared
- interface:rabbitmq
- interface:keystone
repo: https://github.com/oprinmarius/charm-magnum
options:
basic:
use_venv: true
include_system_packages: true

0
src/lib/__init__.py Normal file
View File

0
src/lib/charm/__init__.py Normal file
View File

0
src/lib/charm/openstack/__init__.py Normal file
View File

0
src/lib/charm/openstack/magnum/__init__.py Normal file
View File

148
src/lib/charm/openstack/magnum/magnum.py Normal file
View File

@ -0,0 +1,148 @@
from __future__ import absolute_import
import collections
import os
import charms.leadership as leadership
import charms_openstack.charm
import charms_openstack.adapters as adapters
import charms_openstack.ip as os_ip
import charmhelpers.core.host as ch_host
import charmhelpers.core.hookenv as ch_hookenv
PACKAGES = [
'magnum-api',
'magnum-conductor',
'python3-mysqldb',
'python3-magnumclient']
MAGNUM_DIR = '/etc/magnum/'
MAGNUM_CONF = os.path.join(MAGNUM_DIR, 'magnum.conf')
MAGNUM_PASTE_API = os.path.join(MAGNUM_DIR, 'api-paste.ini')
KEYSTONE_POLICY = os.path.join(MAGNUM_DIR, 'keystone_auth_default_policy.json')
POLICY = os.path.join(MAGNUM_DIR, 'policy.json')
MAGNUM_SERVICES = [
'magnum-api',
'magnum-conductor']
# select the default release function
charms_openstack.charm.use_defaults('charm.default-select-release')
@adapters.config_property
def magnum_password(arg):
passwd = leadership.leader_get("magnum_password")
if passwd:
return passwd
@adapters.config_property
def ca_file_path(arg):
file_path = os.path.join(
ch_host.CA_CERT_DIR, "{}.crt".format(ch_hookenv.service_name()))
if os.path.exists(file_path):
return file_path
return ''
def db_sync_done():
return MagnumCharm.singleton.db_sync_done()
def restart_all():
MagnumCharm.singleton.restart_all()
def db_sync():
MagnumCharm.singleton.db_sync()
def configure_ha_resources(hacluster):
MagnumCharm.singleton.configure_ha_resources(hacluster)
def assess_status():
MagnumCharm.singleton.assess_status()
def setup_endpoint(keystone):
charm = MagnumCharm.singleton
public_ep = '{}/v1'.format(charm.public_url)
internal_ep = '{}/v1'.format(charm.internal_url)
admin_ep = '{}/v1'.format(charm.admin_url)
keystone.register_endpoints(charm.service_type,
charm.region,
public_ep,
internal_ep,
admin_ep)
class MagnumCharm(charms_openstack.charm.HAOpenStackCharm):
abstract_class = False
release = 'ussuri'
name = 'magnum'
packages = PACKAGES
python_version = 3
api_ports = {
'magnum-api': {
os_ip.PUBLIC: 9511,
os_ip.ADMIN: 9511,
os_ip.INTERNAL: 9511,
}
}
service_type = 'magnum'
default_service = 'magnum-api'
services = MAGNUM_SERVICES
sync_cmd = ['magnum-db-manage', 'upgrade']
required_relations = [
'shared-db', 'amqp', 'identity-service']
restart_map = {
MAGNUM_CONF: services,
MAGNUM_PASTE_API: [default_service, ],
KEYSTONE_POLICY: services,
POLICY: services,
}
ha_resources = ['vips', 'haproxy']
# Package for release version detection
release_pkg = 'magnum-common'
# Package codename map for magnum-common
package_codenames = {
'magnum-common': collections.OrderedDict([
('10', 'ussuri'),
('11', 'victoria'),
]),
}
group = "magnum"
def get_amqp_credentials(self):
"""Provide the default amqp username and vhost as a tuple.
:returns (username, host): two strings to send to the amqp provider.
"""
return (self.config['rabbit-user'], self.config['rabbit-vhost'])
def get_database_setup(self):
return [
dict(
database=self.config['database'],
username=self.config['database-user'], )
]
@property
def local_address(self):
"""Return local address as provided by our ConfigurationClass."""
return self.configuration_class().local_address
@property
def local_unit_name(self):
"""Return local unit name as provided by our ConfigurationClass."""
return self.configuration_class().local_unit_name

22
src/metadata.yaml Normal file
View File

@ -0,0 +1,22 @@
name: magnum
summary: Openstack container component
maintainer: Oprin Marius Cristian <moprin@cloudbasesolutions.com>
description: |
Magnum is an OpenStack API service developed by the OpenStack Containers Team making
container orchestration engines such as Docker Swarm, Kubernetes, and Apache Mesos
available as first class resources in OpenStack. Magnum uses Heat to orchestrate an
OS image which contains Docker and Kubernetes and runs that image in either virtual
machines or bare metal in a cluster configuration.
tags:
- openstack
series:
- bionic
- focal
subordinate: false
requires:
shared-db:
interface: mysql-shared
amqp:
interface: rabbitmq
identity-service:
interface: keystone

0
src/reactive/__init__.py Normal file
View File

89
src/reactive/magnum_handlers.py Normal file
View File

@ -0,0 +1,89 @@
from __future__ import absolute_import
import binascii
import os
import charm.openstack.magnum.magnum as magnum # noqa
import charms.reactive as reactive
import charms.leadership as leadership
import charms_openstack.charm as charm
import charmhelpers.core.hookenv as hookenv
from charmhelpers.contrib.openstack import context
from charmhelpers.core import templating
# Use the charms.openstack defaults for common states and hooks
charm.use_defaults(
'charm.installed',
'amqp.connected',
'shared-db.connected',
'identity-service.available', # enables SSL support
'config.changed',
'update-status',
'upgrade-charm',
'certificates.available',
'cluster.available')
@reactive.when('shared-db.available')
@reactive.when('identity-service.available')
@reactive.when('amqp.available')
def render_config(*interfaces):
with charm.provide_charm_instance() as magnum_charm:
magnum_charm.render_with_interfaces(interfaces)
magnum_charm.assess_status()
reactive.set_state('config.complete')
@reactive.when('certificates.available')
@reactive.when('shared-db.available')
@reactive.when('identity-service.available')
@reactive.when('amqp.available')
def render_config_with_certs(amqp, keystone, shared_db, certs):
with charm.provide_charm_instance() as magnum_charm:
magnum_charm.configure_tls(certs)
magnum_charm.render_with_interfaces(
[amqp, keystone, shared_db, certs])
@reactive.when('identity-service.connected')
def setup_endpoint(keystone):
magnum.setup_endpoint(keystone)
magnum.assess_status()
@reactive.when_not('leadership.set.magnum_password')
@reactive.when('leadership.is_leader')
def generate_magnum_password():
passwd = binascii.b2a_hex(os.urandom(32)).decode()
leadership.leader_set({'magnum_password': passwd})
@reactive.when('leadership.set.magnum_password')
@reactive.when('leadership.is_leader')
@reactive.when('identity-service.available')
def write_openrc():
config = hookenv.config()
ctx = context.IdentityServiceContext()()
if not ctx:
return
ctx["region"] = config.get("region")
templating.render("openrc_v3", "/root/openrc_v3", ctx)
@reactive.when('config.complete')
@reactive.when_not('db.synced')
def run_db_migration():
with charm.provide_charm_instance() as magnum_charm:
magnum_charm.db_sync()
magnum_charm.restart_all()
magnum_charm.assess_status()
reactive.set_state('db.synced')
@reactive.when('ha.connected')
@reactive.when_not('ha.available')
def connect_cluster(hacluster):
with charm.provide_charm_instance() as magnum_charm:
magnum_charm.configure_ha_resources(hacluster)
magnum_charm.assess_status()

10
src/templates/openrc_v3 Normal file
View File

@ -0,0 +1,10 @@
# Service credentials for Keystone v3
export OS_REGION_NAME={{ region }}
export OS_PASSWORD={{ admin_password }}
export OS_AUTH_URL={{ auth_protocol }}://{{ auth_host }}:{{ auth_port }}/v3
export OS_USERNAME={{ admin_user }}
export OS_TENANT_NAME={{ admin_tenant_name }}
export OS_PROJECT_DOMAIN_NAME={{ admin_domain_name }}
export OS_USER_DOMAIN_NAME={{ admin_domain_name }}
export OS_PROJECT_NAME={{ admin_tenant_name }}
export OS_IDENTITY_API_VERSION=3

65
src/templates/parts/keystone-authtoken Normal file
View File

@ -0,0 +1,65 @@
{% if identity_service.auth_host -%}
{% if identity_service.api_version and identity_service.api_version == "3" %}
{% set auth_ver = "v3" %}
{% else %}
{% set auth_ver = "v2.0" %}
{% endif %}
[keystone_authtoken]
auth_version = {{auth_ver}}
www_authenticate_uri = {{ identity_service.service_protocol }}://{{ identity_service.service_host }}:{{ identity_service.service_port }}/{{auth_ver}}
auth_url = {{ identity_service.auth_protocol }}://{{ identity_service.auth_host }}:{{ identity_service.auth_port }}
auth_type = password
{% if identity_service.service_domain -%}
project_domain_name = {{ identity_service.service_domain }}
user_domain_name = {{ identity_service.service_domain }}
{% else %}
project_domain_name = default
user_domain_name = default
{% endif -%}
username = {{ identity_service.service_username }}
password = {{ identity_service.service_password }}
project_name = {{identity_service.service_tenant}}
admin_user = {{ identity_service.service_username }}
admin_password = {{ identity_service.service_password }}
admin_tenant_name = {{identity_service.service_tenant}}
{% if identity_service.signing_dir -%}
signing_dir = {{ identity_service.signing_dir }}
{% endif -%}
{% if options.use_memcache == true -%}
memcached_servers = {{ options.memcache_url }}
{% endif -%}
[keystone_auth]
auth_version = {{auth_ver}}
www_authenticate_uri = {{ identity_service.service_protocol }}://{{ identity_service.service_host }}:{{ identity_service.service_port }}/{{auth_ver}}
auth_url = {{ identity_service.auth_protocol }}://{{ identity_service.auth_host }}:{{ identity_service.auth_port }}
auth_type = password
{% if identity_service.service_domain -%}
project_domain_name = {{ identity_service.service_domain }}
user_domain_name = {{ identity_service.service_domain }}
{% else %}
project_domain_name = default
user_domain_name = default
{% endif -%}
username = {{ identity_service.service_username }}
password = {{ identity_service.service_password }}
project_name = {{identity_service.service_tenant}}
admin_user = {{ identity_service.service_username }}
admin_password = {{ identity_service.service_password }}
admin_tenant_name = {{identity_service.service_tenant}}
{% if identity_service.signing_dir -%}
signing_dir = {{ identity_service.signing_dir }}
{% endif -%}
{% if options.use_memcache == true -%}
memcached_servers = {{ options.memcache_url }}
{% endif -%}
{% endif -%}

28
src/templates/ussuri/api-paste.ini Normal file
View File

@ -0,0 +1,28 @@
[pipeline:main]
pipeline = cors healthcheck http_proxy_to_wsgi request_id osprofiler authtoken api_v1
[app:api_v1]
paste.app_factory = magnum.api.app:app_factory
[filter:authtoken]
acl_public_routes = /, /v1
paste.filter_factory = magnum.api.middleware.auth_token:AuthTokenMiddleware.factory
[filter:osprofiler]
paste.filter_factory = magnum.common.profiler:WsgiMiddleware.factory
[filter:request_id]
paste.filter_factory = oslo_middleware:RequestId.factory
[filter:cors]
paste.filter_factory = oslo_middleware.cors:filter_factory
oslo_config_project = magnum
[filter:healthcheck]
paste.filter_factory = oslo_middleware:Healthcheck.factory
backends = disable_by_file
disable_by_file_path = /etc/magnum/healthcheck_disable
[filter:http_proxy_to_wsgi]
paste.filter_factory = oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory
oslo_config_project = magnum

76
src/templates/ussuri/keystone_auth_default_policy.json Normal file
View File

@ -0,0 +1,76 @@
[
{
"users":{
"roles":[
"k8s_admin"
],
"projects":[
"$PROJECT_ID"
]
},
"resource_permissions":{
"*/*":[
"*"
]
},
"nonresource_permissions":{
"/healthz":[
"get",
"post"
]
}
},
{
"users":{
"roles":[
"k8s_developer"
],
"projects":[
"$PROJECT_ID"
]
},
"resource_permissions":{
"!kube-system/['apiServices', 'bindings', 'componentstatuses', 'configmaps', 'cronjobs', 'customResourceDefinitions', 'deployments', 'endpoints', 'events', 'horizontalPodAutoscalers', 'ingresses', 'initializerConfigurations', 'jobs', 'limitRanges', 'localSubjectAccessReviews', 'namespaces', 'networkPolicies', 'persistentVolumeClaims', 'persistentVolumes', 'podDisruptionBudgets', 'podPresets', 'podTemplates', 'pods', 'replicaSets', 'replicationControllers', 'resourceQuotas', 'secrets', 'selfSubjectAccessReviews', 'serviceAccounts', 'services', 'statefulSets', 'storageClasses', 'subjectAccessReviews', 'tokenReviews']":[
"*"
],
"*/['clusterrolebindings', 'clusterroles', 'rolebindings', 'roles', 'controllerrevisions', 'nodes', 'podSecurityPolicies']":[
"get",
"list",
"watch"
],
"*/['certificateSigningRequests']":[
"create",
"delete",
"get",
"list",
"watch",
"update"
]
}
},
{
"users":{
"roles":[
"k8s_viewer"
],
"projects":[
"$PROJECT_ID"
]
},
"resource_permissions":{
"!kube-system/['tokenReviews']":[
"*"
],
"!kube-system/['apiServices', 'bindings', 'componentstatuses', 'configmaps', 'cronjobs', 'customResourceDefinitions', 'deployments', 'endpoints', 'events', 'horizontalPodAutoscalers', 'ingresses', 'initializerConfigurations', 'jobs', 'limitRanges', 'localSubjectAccessReviews', 'namespaces', 'networkPolicies', 'persistentVolumeClaims', 'persistentVolumes', 'podDisruptionBudgets', 'podPresets', 'podTemplates', 'pods', 'replicaSets', 'replicationControllers', 'resourceQuotas', 'secrets', 'selfSubjectAccessReviews', 'serviceAccounts', 'services', 'statefulSets', 'storageClasses', 'subjectAccessReviews']":[
"get",
"list",
"watch"
],
"*/['clusterrolebindings', 'clusterroles', 'rolebindings', 'roles', 'controllerrevisions', 'nodes', 'podSecurityPolicies']":[
"get",
"list",
"watch"
]
}
}
]

89
src/templates/ussuri/magnum.conf Normal file
View File

@ -0,0 +1,89 @@
[DEFAULT]
debug = {{ options.debug }}
verbose = {{ options.verbose }}
pybasedir = /usr/lib/python3/dist-packages/magnum
bindir = /usr/bin
state_path = /var/lib/magnum
{% include "parts/section-transport-url" %}
{% include "parts/section-database" %}
{% include "parts/keystone-authtoken" %}
{% include "parts/section-oslo-messaging-rabbit" %}
{% include "parts/section-oslo-middleware" %}
[api]
host = {{ options.service_listen_info.magnum_api.ip }}
port = {{ options.service_listen_info.magnum_api.port }}
[barbican_client]
region_name = {{ options.region }}
[certificates]
cert_manager_type = {{ options.cert_manager_type }}
[cinder]
[cinder_client]
region_name = {{ options.region }}
[cluster]
[cluster_heat]
[cluster_template]
[conductor]
[cors]
[docker]
[docker_registry]
[drivers]
{%- if options.ca_file_path %}
openstack_ca_file = {{ options.ca_file_path }}
{%- endif %}
[glance_client]
[heat_client]
[magnum_client]
[matchmaker_redis]
[neutron_client]
[nova_client]
[oslo_concurrency]
lock_path = /var/lock/magnum
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
driver = messaging
[oslo_messaging_zmq]
[oslo_policy]
[profiler]
[quotas]
[trust]
trustee_domain_name = {{ options.trustee_domain }}
trustee_domain_admin_name = {{ options.trustee_admin }}
trustee_domain_admin_password = {{ options.magnum_password }}
[x509]

67
src/templates/ussuri/policy.json Normal file
View File

@ -0,0 +1,67 @@
{
"context_is_admin": "role:admin",
"admin_or_owner": "is_admin:True or project_id:%(project_id)s",
"admin_api": "rule:context_is_admin",
"admin_or_user": "is_admin:True or user_id:%(user_id)s",
"cluster_user": "user_id:%(trustee_user_id)s",
"deny_cluster_user": "not domain_id:%(trustee_domain_id)s",
"bay:create": "rule:deny_cluster_user",
"bay:delete": "rule:deny_cluster_user",
"bay:detail": "rule:deny_cluster_user",
"bay:get": "rule:deny_cluster_user",
"bay:get_all": "rule:deny_cluster_user",
"bay:update": "rule:deny_cluster_user",
"baymodel:create": "rule:deny_cluster_user",
"baymodel:delete": "rule:deny_cluster_user",
"baymodel:detail": "rule:deny_cluster_user",
"baymodel:get": "rule:deny_cluster_user",
"baymodel:get_all": "rule:deny_cluster_user",
"baymodel:update": "rule:deny_cluster_user",
"baymodel:publish": "rule:admin_api",
"certificate:create": "rule:admin_or_user or rule:cluster_user",
"certificate:get": "rule:admin_or_user or rule:cluster_user",
"certificate:rotate_ca": "rule:admin_or_owner",
"cluster:create": "rule:deny_cluster_user",
"cluster:delete": "rule:deny_cluster_user",
"cluster:delete_all_projects": "rule:admin_api",
"cluster:detail": "rule:deny_cluster_user",
"cluster:detail_all_projects": "rule:admin_api",
"cluster:get": "rule:deny_cluster_user",
"cluster:get_one_all_projects": "rule:admin_api",
"cluster:get_all": "rule:deny_cluster_user",
"cluster:get_all_all_projects": "rule:admin_api",
"cluster:update": "rule:deny_cluster_user",
"cluster:update_all_projects": "rule:admin_api",
"cluster:resize": "rule:deny_cluster_user",
"cluster:upgrade": "rule:deny_cluster_user",
"clustertemplate:create": "rule:deny_cluster_user",
"clustertemplate:delete": "rule:deny_cluster_user",
"clustertemplate:delete_all_projects": "rule:admin_api",
"clustertemplate:detail_all_projects": "rule:admin_api",
"clustertemplate:detail": "rule:deny_cluster_user",
"clustertemplate:get": "rule:deny_cluster_user",
"clustertemplate:get_one_all_projects": "rule:admin_api",
"clustertemplate:get_all": "rule:deny_cluster_user",
"clustertemplate:get_all_all_projects": "rule:admin_api",
"clustertemplate:update": "rule:deny_cluster_user",
"clustertemplate:update_all_projects": "rule:admin_api",
"clustertemplate:publish": "rule:admin_api",
"federation:create": "rule:deny_cluster_user",
"federation:delete": "rule:deny_cluster_user",
"federation:detail": "rule:deny_cluster_user",
"federation:get": "rule:deny_cluster_user",
"federation:get_all": "rule:deny_cluster_user",
"federation:update": "rule:deny_cluster_user",
"magnum-service:get_all": "rule:admin_api",
"quota:create": "rule:admin_api",
"quota:delete": "rule:admin_api",
"quota:get": "rule:admin_or_owner",
"quota:get_all": "rule:admin_api",
"quota:update": "rule:admin_api",
"stats:get_all": "rule:admin_or_owner",
"nodegroup:get": "rule:admin_or_owner",
"nodegroup:get_all": "rule:admin_or_owner",
"nodegroup:get_all_all_projects": "rule:admin_api",
"nodegroup:get_one_all_projects": "rule:admin_api"
}

15
src/test-requirements.txt Normal file
View File

@ -0,0 +1,15 @@
# This file is managed centrally by release-tools and should not be modified
# within individual charm repos. See the 'global' dir contents for available
# choices of *requirements.txt files for OpenStack Charms:
# https://github.com/openstack-charmers/release-tools
#
# pep8 requirements
charm-tools>=2.4.4
# Workaround until https://github.com/juju/charm-tools/pull/589 gets
# published
keyring<21
# Functional Test Requirements (let Zaza's dependencies solve all dependencies here!)
git+https://github.com/openstack-charmers/zaza.git#egg=zaza
git+https://github.com/openstack-charmers/zaza-openstack-tests.git#egg=zaza.openstack

265
src/tests/bundles/bionic-ussuri.yaml Normal file
View File

@ -0,0 +1,265 @@
variables:
openstack-origin: &openstack-origin cloud:bionic-ussuri
series: bionic
comment:
- 'machines section to decide order of deployment. database sooner = faster'
machines:
'0':
constraints: mem=3072M
'1':
'2':
'3':
'4':
'5':
'6':
'7':
# the following machines are for nova-compute which needs more memory
# for the instances.
'8':
constraints: mem=4096M cores=4
'9':
constraints: mem=4096M cores=4
'10':
'11':
'12':
'13':
applications:
percona-cluster:
charm: cs:~openstack-charmers-next/percona-cluster
num_units: 1
options:
source: *openstack-origin
max-connections: 1000
innodb-buffer-pool-size: 256M
to:
- '0'
rabbitmq-server:
charm: cs:~openstack-charmers-next/rabbitmq-server
num_units: 1
to:
- '1'
nova-cloud-controller:
charm: cs:~openstack-charmers-next/nova-cloud-controller
num_units: 1
options:
openstack-origin: *openstack-origin
network-manager: Neutron
to:
- '2'
neutron-api:
charm: cs:~openstack-charmers-next/neutron-api
num_units: 1
options:
manage-neutron-plugin-legacy-mode: true
neutron-plugin: ovs
openstack-origin: *openstack-origin
flat-network-providers: physnet1
neutron-security-groups: true
to:
- '3'
keystone:
charm: cs:~openstack-charmers-next/keystone
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '4'
neutron-gateway:
charm: cs:~openstack-charmers-next/neutron-gateway
num_units: 1
options:
openstack-origin: *openstack-origin
bridge-mappings: physnet1:br-ex
to:
- '5'
glance:
charm: cs:~openstack-charmers-next/glance
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '6'
neutron-openvswitch:
charm: cs:~openstack-charmers-next/neutron-openvswitch
placement:
charm: cs:~openstack-charmers-next/placement
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '7'
nova-compute:
charm: cs:~openstack-charmers-next/nova-compute
num_units: 2
storage:
ephemeral-device: '40G'
options:
openstack-origin: *openstack-origin
to:
- '8'
- '9'
vault:
charm: cs:~openstack-charmers-next/vault
num_units: 1
to:
- '10'
magnum:
charm: ../../../magnum
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '11'
heat:
charm: cs:~openstack-charmers-next/heat
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '12'
barbican:
charm: cs:~openstack-charmers-next/barbican
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '13'
relations:
- - 'nova-compute:image-service'
- 'glance:image-service'
- - 'nova-compute:amqp'
- 'rabbitmq-server:amqp'
- - 'nova-cloud-controller:shared-db'
- 'percona-cluster:shared-db'
- - 'nova-cloud-controller:identity-service'
- 'keystone:identity-service'
- - 'nova-cloud-controller:amqp'
- 'rabbitmq-server:amqp'
- - 'nova-cloud-controller:cloud-compute'
- 'nova-compute:cloud-compute'
- - 'nova-cloud-controller:image-service'
- 'glance:image-service'
- - 'keystone:shared-db'
- 'percona-cluster:shared-db'
- - 'glance:identity-service'
- 'keystone:identity-service'
- - 'glance:shared-db'
- 'percona-cluster:shared-db'
- - 'glance:amqp'
- 'rabbitmq-server:amqp'
- - 'neutron-gateway:amqp'
- 'rabbitmq-server:amqp'
- - 'nova-cloud-controller:quantum-network-service'
- 'neutron-gateway:quantum-network-service'
- - 'neutron-api:shared-db'
- 'percona-cluster:shared-db'
- - 'neutron-api:amqp'
- 'rabbitmq-server:amqp'
- - 'neutron-api:neutron-api'
- 'nova-cloud-controller:neutron-api'
- - 'neutron-api:identity-service'
- 'keystone:identity-service'
- - 'nova-compute:neutron-plugin'
- 'neutron-openvswitch:neutron-plugin'
- - 'rabbitmq-server:amqp'
- 'neutron-openvswitch:amqp'
- - 'placement:shared-db'
- 'percona-cluster:shared-db'
- - 'placement:identity-service'
- 'keystone:identity-service'
- - 'placement:placement'
- 'nova-cloud-controller:placement'
- - 'vault:shared-db'
- 'percona-cluster:shared-db'
- - 'vault:certificates'
- 'neutron-api:certificates'
- - 'vault:certificates'
- 'glance:certificates'
- - 'vault:certificates'
- 'keystone:certificates'
- - 'vault:certificates'
- 'nova-cloud-controller:certificates'
- - 'vault:certificates'
- 'placement:certificates'
- - 'magnum:shared-db'
- 'percona-cluster:shared-db'
- - 'magnum:amqp'
- 'rabbitmq-server:amqp'
- - 'magnum:identity-service'
- 'keystone:identity-service'
- - 'magnum:certificates'
- 'vault:certificates'
- - 'heat:amqp'
- 'rabbitmq-server:amqp'
- - 'heat:identity-service'
- 'keystone:identity-service'
- - 'heat:shared-db'
- 'percona-cluster:shared-db'
- - 'heat:certificates'
- 'vault:certificates'
- - 'barbican:amqp'
- 'rabbitmq-server:amqp'
- - 'barbican:identity-service'
- 'keystone:identity-service'
- - 'barbican:shared-db'
- 'percona-cluster:shared-db'
- - 'barbican:certificates'
- 'vault:certificates'

268
src/tests/bundles/focal-ussuri.yaml Normal file
View File

@ -0,0 +1,268 @@
variables:
openstack-origin: &openstack-origin distro
series: focal
comment:
- 'machines section to decide order of deployment. database sooner = faster'
machines:
'0':
constraints: mem=3072M
series: bionic
'1':
'2':
'3':
'4':
'5':
'6':
'7':
# the following machines are for nova-compute which needs more memory
# for the instances.
'8':
constraints: mem=4096M cores=4
'9':
constraints: mem=4096M cores=4
'10':
'11':
'12':
'13':
applications:
# TODO: This needs to be replaced with mysql-innodb-cluster + db routers,
# once https://bugs.launchpad.net/ubuntu/+source/magnum/+bug/1915734 is fixed.
percona-cluster:
charm: cs:~openstack-charmers-next/percona-cluster
num_units: 1
series: bionic
options:
max-connections: 1000
innodb-buffer-pool-size: 256M
to:
- '0'
rabbitmq-server:
charm: cs:~openstack-charmers-next/rabbitmq-server
num_units: 1
to:
- '1'
nova-cloud-controller:
charm: cs:~openstack-charmers-next/nova-cloud-controller
num_units: 1
options:
openstack-origin: *openstack-origin
network-manager: Neutron
to:
- '2'
neutron-api:
charm: cs:~openstack-charmers-next/neutron-api
num_units: 1
options:
manage-neutron-plugin-legacy-mode: true
neutron-plugin: ovs
openstack-origin: *openstack-origin
flat-network-providers: physnet1
neutron-security-groups: true
to:
- '3'
keystone:
charm: cs:~openstack-charmers-next/keystone
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '4'
neutron-gateway:
charm: cs:~openstack-charmers-next/neutron-gateway
num_units: 1
options:
openstack-origin: *openstack-origin
bridge-mappings: physnet1:br-ex
to:
- '5'
glance:
charm: cs:~openstack-charmers-next/glance
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '6'
neutron-openvswitch:
charm: cs:~openstack-charmers-next/neutron-openvswitch
placement:
charm: cs:~openstack-charmers-next/placement
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '7'
nova-compute:
charm: cs:~openstack-charmers-next/nova-compute
num_units: 2
storage:
ephemeral-device: '40G'
options:
openstack-origin: *openstack-origin
to:
- '8'
- '9'
vault:
charm: cs:~openstack-charmers-next/vault
num_units: 1
to:
- '10'
magnum:
charm: ../../../magnum
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '11'
heat:
charm: cs:~openstack-charmers-next/heat
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '12'
barbican:
charm: cs:~openstack-charmers-next/barbican
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '13'
relations:
- - 'nova-compute:image-service'
- 'glance:image-service'
- - 'nova-compute:amqp'
- 'rabbitmq-server:amqp'
- - 'nova-cloud-controller:shared-db'
- 'percona-cluster:shared-db'
- - 'nova-cloud-controller:identity-service'
- 'keystone:identity-service'
- - 'nova-cloud-controller:amqp'
- 'rabbitmq-server:amqp'
- - 'nova-cloud-controller:cloud-compute'
- 'nova-compute:cloud-compute'
- - 'nova-cloud-controller:image-service'
- 'glance:image-service'
- - 'keystone:shared-db'
- 'percona-cluster:shared-db'
- - 'glance:identity-service'
- 'keystone:identity-service'
- - 'glance:shared-db'
- 'percona-cluster:shared-db'
- - 'glance:amqp'
- 'rabbitmq-server:amqp'
- - 'neutron-gateway:amqp'
- 'rabbitmq-server:amqp'
- - 'nova-cloud-controller:quantum-network-service'
- 'neutron-gateway:quantum-network-service'
- - 'neutron-api:shared-db'
- 'percona-cluster:shared-db'
- - 'neutron-api:amqp'
- 'rabbitmq-server:amqp'
- - 'neutron-api:neutron-api'
- 'nova-cloud-controller:neutron-api'
- - 'neutron-api:identity-service'
- 'keystone:identity-service'
- - 'nova-compute:neutron-plugin'
- 'neutron-openvswitch:neutron-plugin'
- - 'rabbitmq-server:amqp'
- 'neutron-openvswitch:amqp'
- - 'placement:shared-db'
- 'percona-cluster:shared-db'
- - 'placement:identity-service'
- 'keystone:identity-service'
- - 'placement:placement'
- 'nova-cloud-controller:placement'
- - 'vault:shared-db'
- 'percona-cluster:shared-db'
- - 'vault:certificates'
- 'neutron-api:certificates'
- - 'vault:certificates'
- 'glance:certificates'
- - 'vault:certificates'
- 'keystone:certificates'
- - 'vault:certificates'
- 'nova-cloud-controller:certificates'
- - 'vault:certificates'
- 'placement:certificates'
- - 'magnum:shared-db'
- 'percona-cluster:shared-db'
- - 'magnum:amqp'
- 'rabbitmq-server:amqp'
- - 'magnum:identity-service'
- 'keystone:identity-service'
- - 'magnum:certificates'
- 'vault:certificates'
- - 'heat:amqp'
- 'rabbitmq-server:amqp'
- - 'heat:identity-service'
- 'keystone:identity-service'
- - 'heat:shared-db'
- 'percona-cluster:shared-db'
- - 'heat:certificates'
- 'vault:certificates'
- - 'barbican:amqp'
- 'rabbitmq-server:amqp'
- - 'barbican:identity-service'
- 'keystone:identity-service'
- - 'barbican:shared-db'
- 'percona-cluster:shared-db'
- - 'barbican:certificates'
- 'vault:certificates'

268
src/tests/bundles/focal-victoria.yaml Normal file
View File

@ -0,0 +1,268 @@
variables:
openstack-origin: &openstack-origin cloud:focal-victoria
series: focal
comment:
- 'machines section to decide order of deployment. database sooner = faster'
machines:
'0':
constraints: mem=3072M
series: bionic
'1':
'2':
'3':
'4':
'5':
'6':
'7':
# the following machines are for nova-compute which needs more memory
# for the instances.
'8':
constraints: mem=4096M cores=4
'9':
constraints: mem=4096M cores=4
'10':
'11':
'12':
'13':
applications:
# TODO: This needs to be replaced with mysql-innodb-cluster + db routers,
# once https://bugs.launchpad.net/ubuntu/+source/magnum/+bug/1915734 is fixed.
percona-cluster:
charm: cs:~openstack-charmers-next/percona-cluster
num_units: 1
series: bionic
options:
max-connections: 1000
innodb-buffer-pool-size: 256M
to:
- '0'
rabbitmq-server:
charm: cs:~openstack-charmers-next/rabbitmq-server
num_units: 1
to:
- '1'
nova-cloud-controller:
charm: cs:~openstack-charmers-next/nova-cloud-controller
num_units: 1
options:
openstack-origin: *openstack-origin
network-manager: Neutron
to:
- '2'
neutron-api:
charm: cs:~openstack-charmers-next/neutron-api
num_units: 1
options:
manage-neutron-plugin-legacy-mode: true
neutron-plugin: ovs
openstack-origin: *openstack-origin
flat-network-providers: physnet1
neutron-security-groups: true
to:
- '3'
keystone:
charm: cs:~openstack-charmers-next/keystone
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '4'
neutron-gateway:
charm: cs:~openstack-charmers-next/neutron-gateway
num_units: 1
options:
openstack-origin: *openstack-origin
bridge-mappings: physnet1:br-ex
to:
- '5'
glance:
charm: cs:~openstack-charmers-next/glance
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '6'
neutron-openvswitch:
charm: cs:~openstack-charmers-next/neutron-openvswitch
placement:
charm: cs:~openstack-charmers-next/placement
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '7'
nova-compute:
charm: cs:~openstack-charmers-next/nova-compute
num_units: 2
storage:
ephemeral-device: '40G'
options:
openstack-origin: *openstack-origin
to:
- '8'
- '9'
vault:
charm: cs:~openstack-charmers-next/vault
num_units: 1
to:
- '10'
magnum:
charm: ../../../magnum
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '11'
heat:
charm: cs:~openstack-charmers-next/heat
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '12'
barbican:
charm: cs:~openstack-charmers-next/barbican
num_units: 1
options:
openstack-origin: *openstack-origin
to:
- '13'
relations:
- - 'nova-compute:image-service'
- 'glance:image-service'
- - 'nova-compute:amqp'
- 'rabbitmq-server:amqp'
- - 'nova-cloud-controller:shared-db'
- 'percona-cluster:shared-db'
- - 'nova-cloud-controller:identity-service'
- 'keystone:identity-service'
- - 'nova-cloud-controller:amqp'
- 'rabbitmq-server:amqp'
- - 'nova-cloud-controller:cloud-compute'
- 'nova-compute:cloud-compute'
- - 'nova-cloud-controller:image-service'
- 'glance:image-service'
- - 'keystone:shared-db'
- 'percona-cluster:shared-db'
- - 'glance:identity-service'
- 'keystone:identity-service'
- - 'glance:shared-db'
- 'percona-cluster:shared-db'
- - 'glance:amqp'
- 'rabbitmq-server:amqp'
- - 'neutron-gateway:amqp'
- 'rabbitmq-server:amqp'
- - 'nova-cloud-controller:quantum-network-service'
- 'neutron-gateway:quantum-network-service'
- - 'neutron-api:shared-db'
- 'percona-cluster:shared-db'
- - 'neutron-api:amqp'
- 'rabbitmq-server:amqp'
- - 'neutron-api:neutron-api'
- 'nova-cloud-controller:neutron-api'
- - 'neutron-api:identity-service'
- 'keystone:identity-service'
- - 'nova-compute:neutron-plugin'
- 'neutron-openvswitch:neutron-plugin'
- - 'rabbitmq-server:amqp'
- 'neutron-openvswitch:amqp'
- - 'placement:shared-db'
- 'percona-cluster:shared-db'
- - 'placement:identity-service'
- 'keystone:identity-service'
- - 'placement:placement'
- 'nova-cloud-controller:placement'
- - 'vault:shared-db'
- 'percona-cluster:shared-db'
- - 'vault:certificates'
- 'neutron-api:certificates'
- - 'vault:certificates'
- 'glance:certificates'
- - 'vault:certificates'
- 'keystone:certificates'
- - 'vault:certificates'
- 'nova-cloud-controller:certificates'
- - 'vault:certificates'
- 'placement:certificates'
- - 'magnum:shared-db'
- 'percona-cluster:shared-db'
- - 'magnum:amqp'
- 'rabbitmq-server:amqp'
- - 'magnum:identity-service'
- 'keystone:identity-service'
- - 'magnum:certificates'
- 'vault:certificates'
- - 'heat:amqp'
- 'rabbitmq-server:amqp'
- - 'heat:identity-service'
- 'keystone:identity-service'
- - 'heat:shared-db'
- 'percona-cluster:shared-db'
- - 'heat:certificates'
- 'vault:certificates'
- - 'barbican:amqp'
- 'rabbitmq-server:amqp'
- - 'barbican:identity-service'
- 'keystone:identity-service'
- - 'barbican:shared-db'
- 'percona-cluster:shared-db'
- - 'barbican:certificates'
- 'vault:certificates'

25
src/tests/tests.yaml Normal file
View File

@ -0,0 +1,25 @@
charm_name: magnum
smoke_bundles:
- focal-victoria
gate_bundles:
- bionic-ussuri
- focal-ussuri
- focal-victoria
configure:
- zaza.openstack.charm_tests.vault.setup.auto_initialize
- zaza.openstack.charm_tests.glance.setup.add_cirros_image
- zaza.openstack.charm_tests.keystone.setup.add_demo_user
- zaza.openstack.charm_tests.neutron.setup.basic_overcloud_network
- zaza.openstack.charm_tests.nova.setup.create_flavors
- zaza.openstack.charm_tests.nova.setup.manage_ssh_key
tests:
- zaza.openstack.charm_tests.nova.tests.CirrosGuestCreateTest
target_deploy_status:
vault:
workload-status: blocked
workload-status-message: Vault needs to be initialized

61
src/tox.ini Normal file
View File

@ -0,0 +1,61 @@
# Source charm (with zaza): ./src/tox.ini
# This file is managed centrally by release-tools and should not be modified
# within individual charm repos. See the 'global' dir contents for available
# choices of tox.ini for OpenStack Charms:
# https://github.com/openstack-charmers/release-tools
[tox]
envlist = pep8
skipsdist = True
# NOTE: Avoid build/test env pollution by not enabling sitepackages.
sitepackages = False
# NOTE: Avoid false positives by not skipping missing interpreters.
skip_missing_interpreters = False
# NOTES:
# * We avoid the new dependency resolver by pinning pip < 20.3, see
# https://github.com/pypa/pip/issues/9187
# * Pinning dependencies requires tox >= 3.2.0, see
# https://tox.readthedocs.io/en/latest/config.html#conf-requires
# * It is also necessary to pin virtualenv as a newer virtualenv would still
# lead to fetching the latest pip in the func* tox targets, see
# https://stackoverflow.com/a/38133283
requires = pip < 20.3
virtualenv < 20.0
# NOTE: https://wiki.canonical.com/engineering/OpenStack/InstallLatestToxOnOsci
minversion = 3.2.0
[testenv]
setenv = VIRTUAL_ENV={envdir}
PYTHONHASHSEED=0
whitelist_externals = juju
passenv = HOME TERM CS_* OS_* TEST_*
deps = -r{toxinidir}/test-requirements.txt
install_command =
pip install {opts} {packages}
[testenv:pep8]
basepython = python3
commands = charm-proof
[testenv:func-noop]
basepython = python3
commands =
functest-run-suite --help
[testenv:func]
basepython = python3
commands =
functest-run-suite --keep-model
[testenv:func-smoke]
basepython = python3
commands =
functest-run-suite --keep-model --smoke
[testenv:func-target]
basepython = python3
commands =
functest-run-suite --keep-model --bundle {posargs}
[testenv:venv]
commands = {posargs}

3
src/wheelhouse.txt Normal file
View File

@ -0,0 +1,3 @@
git+https://opendev.org/openstack/charms.openstack.git#egg=charms.openstack
git+https://github.com/juju/charm-helpers.git#egg=charmhelpers

47
test-requirements.txt Normal file
View File

@ -0,0 +1,47 @@
# This file is managed centrally by release-tools and should not be modified
# within individual charm repos. See the 'global' dir contents for available
# choices of *requirements.txt files for OpenStack Charms:
# https://github.com/openstack-charmers/release-tools
#
setuptools<50.0.0 # https://github.com/pypa/setuptools/commit/04e3df22df840c6bb244e9b27bc56750c44b7c85
# Lint and unit test requirements
flake8>=2.2.4
stestr>=2.2.0
# Dependency of stestr. Workaround for
# https://github.com/mtreinish/stestr/issues/145
cliff<3.0.0
# Dependencies of stestr. Newer versions use keywords that didn't exist in
# python 3.5 yet (e.g. "ModuleNotFoundError")
importlib-metadata<3.0.0; python_version < '3.6'
importlib-resources<3.0.0; python_version < '3.6'
# Some Zuul nodes sometimes pull newer versions of these dependencies which
# dropped support for python 3.5:
osprofiler<2.7.0;python_version<'3.6'
stevedore<1.31.0;python_version<'3.6'
debtcollector<1.22.0;python_version<'3.6'
oslo.utils<=3.41.0;python_version<'3.6'
requests>=2.18.4
charms.reactive
# Newer mock seems to have some syntax which is newer than python3.5 (e.g.
# f'{something}'
mock>=1.2,<4.0.0; python_version < '3.6'
mock>=1.2; python_version >= '3.6'
nose>=1.3.7
coverage>=3.6
git+https://github.com/openstack/charms.openstack.git#egg=charms.openstack
#
# Revisit for removal / mock improvement:
netifaces # vault
psycopg2-binary # vault
tenacity # vault
pbr # vault
cryptography # vault, keystone-saml-mellon
lxml # keystone-saml-mellon
hvac # vault, barbican-vault

97
tox.ini Normal file
View File

@ -0,0 +1,97 @@
# Source charm: ./tox.ini
# This file is managed centrally by release-tools and should not be modified
# within individual charm repos. See the 'global' dir contents for available
# choices of tox.ini for OpenStack Charms:
# https://github.com/openstack-charmers/release-tools
[tox]
skipsdist = True
envlist = pep8,py3
# NOTE: Avoid build/test env pollution by not enabling sitepackages.
sitepackages = False
# NOTE: Avoid false positives by not skipping missing interpreters.
skip_missing_interpreters = False
[testenv]
setenv = VIRTUAL_ENV={envdir}
PYTHONHASHSEED=0
TERM=linux
LAYER_PATH={toxinidir}/layers
INTERFACE_PATH={toxinidir}/interfaces
JUJU_REPOSITORY={toxinidir}/build
passenv = http_proxy https_proxy INTERFACE_PATH LAYER_PATH JUJU_REPOSITORY
install_command =
pip install {opts} {packages}
deps =
-r{toxinidir}/requirements.txt
[testenv:build]
basepython = python3
commands =
charm-build --log-level DEBUG -o {toxinidir}/build src {posargs}
[testenv:py3]
basepython = python3
deps = -r{toxinidir}/test-requirements.txt
commands = stestr run --slowest {posargs}
[testenv:py35]
basepython = python3.5
deps = -r{toxinidir}/test-requirements.txt
commands = stestr run --slowest {posargs}
[testenv:py36]
basepython = python3.6
deps = -r{toxinidir}/test-requirements.txt
commands = stestr run --slowest {posargs}
[testenv:py37]
basepython = python3.7
deps = -r{toxinidir}/test-requirements.txt
commands = stestr run --slowest {posargs}
[testenv:py38]
basepython = python3.8
deps = -r{toxinidir}/test-requirements.txt
commands = stestr run --slowest {posargs}
[testenv:pep8]
basepython = python3
deps = -r{toxinidir}/test-requirements.txt
commands = flake8 {posargs} src unit_tests
[testenv:cover]
# Technique based heavily upon
# https://github.com/openstack/nova/blob/master/tox.ini
basepython = python3
deps = -r{toxinidir}/requirements.txt
-r{toxinidir}/test-requirements.txt
setenv =
{[testenv]setenv}
PYTHON=coverage run
commands =
coverage erase
stestr run --slowest {posargs}
coverage combine
coverage html -d cover
coverage xml -o cover/coverage.xml
coverage report
[coverage:run]
branch = True
concurrency = multiprocessing
parallel = True
source =
.
omit =
.tox/*
*/charmhelpers/*
unit_tests/*
[testenv:venv]
basepython = python3
commands = {posargs}
[flake8]
# E402 ignore necessary for path append before sys module import in actions
ignore = E402,W503,W504

0
unit_tests/__init__.py Normal file
View File