Gitiles
Code Review Sign In
osm.etsi.org / osm / devops / a24433b555d3cf1e2ab1e048dcd7b89fe9af4fe7 / . / installers / charm / mon / src / charm.py
blob: 9ad49ada7f74efaf05a0b3b64b3db6c252478d23 [file] [log] [blame]
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]1#!/usr/bin/env python3
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]2# Copyright 2021 Canonical Ltd.
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]3#
4# Licensed under the Apache License, Version 2.0 (the "License"); you may
5# not use this file except in compliance with the License. You may obtain
6# a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13# License for the specific language governing permissions and limitations
14# under the License.
15#
16# For those usages not covered by the Apache License, Version 2.0 please
17# contact: legal@canonical.com
18#
19# To get in touch with the maintainers, please contact:
20# osm-charmers@lists.launchpad.net
21##
22
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]23# pylint: disable=E0213
24
25
David Garcia5d1ec6e2021-03-25 15:04:52 +0100[diff] [blame]26import base64
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]27import logging
David Garcia5d1ec6e2021-03-25 15:04:52 +0100[diff] [blame]28from typing import NoReturn, Optional
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]29
David Garciac753dc52021-03-17 15:28:47 +0100[diff] [blame]30
David Garcia4a0db7c2022-02-21 11:48:11 +0100[diff] [blame]31from charms.kafka_k8s.v0.kafka import KafkaEvents, KafkaRequires
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]32from ops.main import main
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]33from opslib.osm.charm import CharmedOsmBase, RelationsMissing
David Garciac753dc52021-03-17 15:28:47 +0100[diff] [blame]34from opslib.osm.interfaces.keystone import KeystoneClient
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]35from opslib.osm.interfaces.mongo import MongoClient
36from opslib.osm.interfaces.prometheus import PrometheusClient
David Garcia141d9352021-09-08 17:48:40 +0200[diff] [blame]37from opslib.osm.pod import (
38 ContainerV3Builder,
39 FilesV3Builder,
40 PodRestartPolicy,
41 PodSpecV3Builder,
42)
David Garciac753dc52021-03-17 15:28:47 +0100[diff] [blame]43from opslib.osm.validator import ModelValidator, validator
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]44
45
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]46logger = logging.getLogger(__name__)
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]47
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]48PORT = 8000
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]49
50
David Garcia5d1ec6e2021-03-25 15:04:52 +0100[diff] [blame]51def _check_certificate_data(name: str, content: str):
52 if not name or not content:
53 raise ValueError("certificate name and content must be a non-empty string")
54
55
56def _extract_certificates(certs_config: str):
57 certificates = {}
58 if certs_config:
59 cert_list = certs_config.split(",")
60 for cert in cert_list:
61 name, content = cert.split(":")
62 _check_certificate_data(name, content)
63 certificates[name] = content
64 return certificates
65
66
67def decode(content: str):
68 return base64.b64decode(content.encode("utf-8")).decode("utf-8")
69
70
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]71class ConfigModel(ModelValidator):
calvinosanc1a43a22f2021-03-08 15:20:07 +0100[diff] [blame]72 keystone_enabled: bool
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]73 vca_host: str
74 vca_user: str
David Garciac753dc52021-03-17 15:28:47 +0100[diff] [blame]75 vca_secret: str
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]76 vca_cacert: str
77 database_commonkey: str
sousaedu996a5602021-05-03 00:22:43 +0200[diff] [blame]78 mongodb_uri: Optional[str]
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]79 log_level: str
80 openstack_default_granularity: int
81 global_request_timeout: int
82 collector_interval: int
Guillermo Calvino5ec6be52022-11-17 11:54:31 +0100[diff] [blame]83 vm_infra_metrics: bool
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]84 evaluator_interval: int
85 grafana_url: str
86 grafana_user: str
87 grafana_password: str
David Garcia5d1ec6e2021-03-25 15:04:52 +0100[diff] [blame]88 certificates: Optional[str]
sousaedu0dc25b32021-08-30 16:33:33 +0100[diff] [blame]89 image_pull_policy: str
sousaedu540d9372021-09-29 01:53:30 +0100[diff] [blame]90 debug_mode: bool
91 security_context: bool
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]92
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]93 @validator("log_level")
94 def validate_log_level(cls, v):
95 if v not in {"INFO", "DEBUG"}:
96 raise ValueError("value must be INFO or DEBUG")
97 return v
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]98
David Garcia5d1ec6e2021-03-25 15:04:52 +0100[diff] [blame]99 @validator("certificates")
100 def validate_certificates(cls, v):
101 # Raises an exception if it cannot extract the certificates
102 _extract_certificates(v)
103 return v
104
sousaedu996a5602021-05-03 00:22:43 +0200[diff] [blame]105 @validator("mongodb_uri")
106 def validate_mongodb_uri(cls, v):
107 if v and not v.startswith("mongodb://"):
108 raise ValueError("mongodb_uri is not properly formed")
109 return v
110
sousaedu3ddbbd12021-08-24 19:57:24 +0100[diff] [blame]111 @validator("image_pull_policy")
112 def validate_image_pull_policy(cls, v):
113 values = {
114 "always": "Always",
115 "ifnotpresent": "IfNotPresent",
116 "never": "Never",
117 }
118 v = v.lower()
119 if v not in values.keys():
120 raise ValueError("value must be always, ifnotpresent or never")
121 return values[v]
122
David Garcia5d1ec6e2021-03-25 15:04:52 +0100[diff] [blame]123 @property
124 def certificates_dict(cls):
125 return _extract_certificates(cls.certificates) if cls.certificates else {}
126
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]127
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]128class MonCharm(CharmedOsmBase):
David Garcia4a0db7c2022-02-21 11:48:11 +0100[diff] [blame]129 on = KafkaEvents()
130
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]131 def __init__(self, *args) -> NoReturn:
David Garciad680be42021-08-17 11:03:55 +0200[diff] [blame]132 super().__init__(
133 *args,
134 oci_image="image",
David Garciad680be42021-08-17 11:03:55 +0200[diff] [blame]135 vscode_workspace=VSCODE_WORKSPACE,
136 )
David Garciacafe31e2021-11-18 16:45:05 +0100[diff] [blame]137 if self.config.get("debug_mode"):
138 self.enable_debug_mode(
139 pubkey=self.config.get("debug_pubkey"),
140 hostpaths={
141 "MON": {
142 "hostpath": self.config.get("debug_mon_local_path"),
143 "container-path": "/usr/lib/python3/dist-packages/osm_mon",
144 },
145 "N2VC": {
146 "hostpath": self.config.get("debug_n2vc_local_path"),
147 "container-path": "/usr/lib/python3/dist-packages/n2vc",
148 },
149 "osm_common": {
150 "hostpath": self.config.get("debug_common_local_path"),
151 "container-path": "/usr/lib/python3/dist-packages/osm_common",
152 },
153 },
154 )
David Garcia4a0db7c2022-02-21 11:48:11 +0100[diff] [blame]155 self.kafka = KafkaRequires(self)
156 self.framework.observe(self.on.kafka_available, self.configure_pod)
157 self.framework.observe(self.on.kafka_broken, self.configure_pod)
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]158
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]159 self.mongodb_client = MongoClient(self, "mongodb")
160 self.framework.observe(self.on["mongodb"].relation_changed, self.configure_pod)
161 self.framework.observe(self.on["mongodb"].relation_broken, self.configure_pod)
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]162
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]163 self.prometheus_client = PrometheusClient(self, "prometheus")
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]164 self.framework.observe(
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]165 self.on["prometheus"].relation_changed, self.configure_pod
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]166 )
167 self.framework.observe(
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]168 self.on["prometheus"].relation_broken, self.configure_pod
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]169 )
170
calvinosanc1a43a22f2021-03-08 15:20:07 +0100[diff] [blame]171 self.keystone_client = KeystoneClient(self, "keystone")
172 self.framework.observe(self.on["keystone"].relation_changed, self.configure_pod)
173 self.framework.observe(self.on["keystone"].relation_broken, self.configure_pod)
174
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]175 def _check_missing_dependencies(self, config: ConfigModel):
176 missing_relations = []
177
David Garcia4a0db7c2022-02-21 11:48:11 +0100[diff] [blame]178 if not self.kafka.host or not self.kafka.port:
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]179 missing_relations.append("kafka")
sousaedu996a5602021-05-03 00:22:43 +0200[diff] [blame]180 if not config.mongodb_uri and self.mongodb_client.is_missing_data_in_unit():
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]181 missing_relations.append("mongodb")
182 if self.prometheus_client.is_missing_data_in_app():
183 missing_relations.append("prometheus")
calvinosanc1a43a22f2021-03-08 15:20:07 +0100[diff] [blame]184 if config.keystone_enabled:
185 if self.keystone_client.is_missing_data_in_app():
186 missing_relations.append("keystone")
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]187
188 if missing_relations:
189 raise RelationsMissing(missing_relations)
190
David Garcia5d1ec6e2021-03-25 15:04:52 +0100[diff] [blame]191 def _build_cert_files(
192 self,
193 config: ConfigModel,
194 ):
195 cert_files_builder = FilesV3Builder()
196 for name, content in config.certificates_dict.items():
197 cert_files_builder.add_file(name, decode(content), mode=0o600)
198 return cert_files_builder.build()
199
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]200 def build_pod_spec(self, image_info):
201 # Validate config
202 config = ConfigModel(**dict(self.config))
sousaedu996a5602021-05-03 00:22:43 +0200[diff] [blame]203
204 if config.mongodb_uri and not self.mongodb_client.is_missing_data_in_unit():
205 raise Exception("Mongodb data cannot be provided via config and relation")
206
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]207 # Check relations
208 self._check_missing_dependencies(config)
sousaedu996a5602021-05-03 00:22:43 +0200[diff] [blame]209
sousaedu540d9372021-09-29 01:53:30 +0100[diff] [blame]210 security_context_enabled = (
211 config.security_context if not config.debug_mode else False
212 )
213
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]214 # Create Builder for the PodSpec
sousaedu540d9372021-09-29 01:53:30 +0100[diff] [blame]215 pod_spec_builder = PodSpecV3Builder(
216 enable_security_context=security_context_enabled
217 )
sousaedu996a5602021-05-03 00:22:43 +0200[diff] [blame]218
David Garcia141d9352021-09-08 17:48:40 +0200[diff] [blame]219 # Add secrets to the pod
220 mongodb_secret_name = f"{self.app.name}-mongodb-secret"
221 pod_spec_builder.add_secret(
222 mongodb_secret_name,
223 {
224 "uri": config.mongodb_uri or self.mongodb_client.connection_string,
225 "commonkey": config.database_commonkey,
226 },
227 )
228 grafana_secret_name = f"{self.app.name}-grafana-secret"
229 pod_spec_builder.add_secret(
230 grafana_secret_name,
231 {
232 "url": config.grafana_url,
233 "user": config.grafana_user,
234 "password": config.grafana_password,
235 },
236 )
237
238 vca_secret_name = f"{self.app.name}-vca-secret"
239 pod_spec_builder.add_secret(
240 vca_secret_name,
241 {
242 "host": config.vca_host,
243 "user": config.vca_user,
244 "secret": config.vca_secret,
245 "cacert": config.vca_cacert,
246 },
247 )
248
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]249 # Build Container
sousaedu3ddbbd12021-08-24 19:57:24 +0100[diff] [blame]250 container_builder = ContainerV3Builder(
sousaedu540d9372021-09-29 01:53:30 +0100[diff] [blame]251 self.app.name,
252 image_info,
253 config.image_pull_policy,
254 run_as_non_root=security_context_enabled,
sousaedu3ddbbd12021-08-24 19:57:24 +0100[diff] [blame]255 )
David Garcia5d1ec6e2021-03-25 15:04:52 +0100[diff] [blame]256 certs_files = self._build_cert_files(config)
sousaedu996a5602021-05-03 00:22:43 +0200[diff] [blame]257
David Garcia5d1ec6e2021-03-25 15:04:52 +0100[diff] [blame]258 if certs_files:
259 container_builder.add_volume_config("certs", "/certs", certs_files)
sousaedu996a5602021-05-03 00:22:43 +0200[diff] [blame]260
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]261 container_builder.add_port(name=self.app.name, port=PORT)
262 container_builder.add_envs(
263 {
264 # General configuration
265 "ALLOW_ANONYMOUS_LOGIN": "yes",
266 "OSMMON_OPENSTACK_DEFAULT_GRANULARITY": config.openstack_default_granularity,
267 "OSMMON_GLOBAL_REQUEST_TIMEOUT": config.global_request_timeout,
268 "OSMMON_GLOBAL_LOGLEVEL": config.log_level,
269 "OSMMON_COLLECTOR_INTERVAL": config.collector_interval,
Guillermo Calvino5ec6be52022-11-17 11:54:31 +0100[diff] [blame]270 "OSMMON_COLLECTOR_VM_INFRA_METRICS": config.vm_infra_metrics,
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]271 "OSMMON_EVALUATOR_INTERVAL": config.evaluator_interval,
272 # Kafka configuration
273 "OSMMON_MESSAGE_DRIVER": "kafka",
David Garcia4a0db7c2022-02-21 11:48:11 +0100[diff] [blame]274 "OSMMON_MESSAGE_HOST": self.kafka.host,
275 "OSMMON_MESSAGE_PORT": self.kafka.port,
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]276 # Database configuration
277 "OSMMON_DATABASE_DRIVER": "mongo",
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]278 # Prometheus configuration
279 "OSMMON_PROMETHEUS_URL": f"http://{self.prometheus_client.hostname}:{self.prometheus_client.port}",
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]280 }
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]281 )
David Garciade440ed2021-10-11 19:56:53 +0200[diff] [blame]282 prometheus_user = self.prometheus_client.user
283 prometheus_password = self.prometheus_client.password
284 if prometheus_user and prometheus_password:
285 container_builder.add_envs(
286 {
287 "OSMMON_PROMETHEUS_USER": prometheus_user,
288 "OSMMON_PROMETHEUS_PASSWORD": prometheus_password,
289 }
290 )
David Garcia141d9352021-09-08 17:48:40 +0200[diff] [blame]291 container_builder.add_secret_envs(
292 secret_name=mongodb_secret_name,
293 envs={
294 "OSMMON_DATABASE_URI": "uri",
295 "OSMMON_DATABASE_COMMONKEY": "commonkey",
296 },
297 )
298 container_builder.add_secret_envs(
299 secret_name=vca_secret_name,
300 envs={
301 "OSMMON_VCA_HOST": "host",
302 "OSMMON_VCA_USER": "user",
303 "OSMMON_VCA_SECRET": "secret",
304 "OSMMON_VCA_CACERT": "cacert",
305 },
306 )
307 container_builder.add_secret_envs(
308 secret_name=grafana_secret_name,
309 envs={
310 "OSMMON_GRAFANA_URL": "url",
311 "OSMMON_GRAFANA_USER": "user",
312 "OSMMON_GRAFANA_PASSWORD": "password",
313 },
314 )
calvinosanc1a43a22f2021-03-08 15:20:07 +0100[diff] [blame]315 if config.keystone_enabled:
David Garcia141d9352021-09-08 17:48:40 +0200[diff] [blame]316 keystone_secret_name = f"{self.app.name}-keystone-secret"
317 pod_spec_builder.add_secret(
318 keystone_secret_name,
calvinosanc1a43a22f2021-03-08 15:20:07 +0100[diff] [blame]319 {
David Garcia141d9352021-09-08 17:48:40 +0200[diff] [blame]320 "url": self.keystone_client.host,
321 "user_domain": self.keystone_client.user_domain_name,
322 "project_domain": self.keystone_client.project_domain_name,
323 "service_username": self.keystone_client.username,
324 "service_password": self.keystone_client.password,
325 "service_project": self.keystone_client.service,
326 },
327 )
328 container_builder.add_env("OSMMON_KEYSTONE_ENABLED", True)
329 container_builder.add_secret_envs(
330 secret_name=keystone_secret_name,
331 envs={
332 "OSMMON_KEYSTONE_URL": "url",
333 "OSMMON_KEYSTONE_DOMAIN_NAME": "user_domain",
334 "OSMMON_KEYSTONE_PROJECT_DOMAIN_NAME": "project_domain",
335 "OSMMON_KEYSTONE_SERVICE_USER": "service_username",
336 "OSMMON_KEYSTONE_SERVICE_PASSWORD": "service_password",
337 "OSMMON_KEYSTONE_SERVICE_PROJECT": "service_project",
338 },
calvinosanc1a43a22f2021-03-08 15:20:07 +0100[diff] [blame]339 )
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]340 container = container_builder.build()
sousaedu996a5602021-05-03 00:22:43 +0200[diff] [blame]341
David Garcia141d9352021-09-08 17:48:40 +0200[diff] [blame]342 # Add restart policy
343 restart_policy = PodRestartPolicy()
344 restart_policy.add_secrets()
345 pod_spec_builder.set_restart_policy(restart_policy)
346
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]347 # Add container to pod spec
348 pod_spec_builder.add_container(container)
sousaedu996a5602021-05-03 00:22:43 +0200[diff] [blame]349
David Garcia49379ce2021-02-24 13:48:22 +0100[diff] [blame]350 return pod_spec_builder.build()
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]351
352
David Garciad680be42021-08-17 11:03:55 +0200[diff] [blame]353VSCODE_WORKSPACE = {
354 "folders": [
355 {"path": "/usr/lib/python3/dist-packages/osm_mon"},
356 {"path": "/usr/lib/python3/dist-packages/osm_common"},
357 {"path": "/usr/lib/python3/dist-packages/n2vc"},
358 ],
359 "settings": {},
360 "launch": {
361 "version": "0.2.0",
362 "configurations": [
363 {
364 "name": "MON Server",
365 "type": "python",
366 "request": "launch",
367 "module": "osm_mon.cmd.mon_server",
368 "justMyCode": False,
369 },
370 {
371 "name": "MON evaluator",
372 "type": "python",
373 "request": "launch",
374 "module": "osm_mon.cmd.mon_evaluator",
375 "justMyCode": False,
376 },
377 {
378 "name": "MON collector",
379 "type": "python",
380 "request": "launch",
381 "module": "osm_mon.cmd.mon_collector",
382 "justMyCode": False,
383 },
384 {
385 "name": "MON dashboarder",
386 "type": "python",
387 "request": "launch",
388 "module": "osm_mon.cmd.mon_dashboarder",
389 "justMyCode": False,
390 },
391 ],
392 },
393}
sousaedu1dd4c0d2020-11-04 17:43:47 +0000[diff] [blame]394if __name__ == "__main__":
395 main(MonCharm)