X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FN2VC.git;a=blobdiff_plain;f=n2vc%2Fn2vc_juju_conn.py;h=eed2f30eafcc794dfb1dba11533576258a151b3e;hp=71ff06a100291f90b28b333f79fb7654ff53a69c;hb=f643c1359c1edbe8bb851ce935416e534b234e74;hpb=32b3812aaf09482ed9eb2b4492525bfccad3d0d2 diff --git a/n2vc/n2vc_juju_conn.py b/n2vc/n2vc_juju_conn.py index 71ff06a..eed2f30 100644 --- a/n2vc/n2vc_juju_conn.py +++ b/n2vc/n2vc_juju_conn.py @@ -21,33 +21,22 @@ ## import asyncio -import base64 -import binascii import logging -import os -import re -import time - -from juju.action import Action -from juju.application import Application -from juju.client import client -from juju.controller import Controller -from juju.errors import JujuAPIError -from juju.machine import Machine -from juju.model import Model + +from n2vc.config import EnvironConfig from n2vc.exceptions import ( N2VCBadArgumentsException, N2VCException, N2VCConnectionException, N2VCExecutionException, - N2VCInvalidCertificate, - N2VCNotFound, + # N2VCNotFound, MethodNotImplemented, ) -from n2vc.juju_observer import JujuModelObserver from n2vc.n2vc_conn import N2VCConnector from n2vc.n2vc_conn import obj_to_dict, obj_to_yaml -from n2vc.provisioner import AsyncSSHProvisioner +from n2vc.libjuju import Libjuju +from n2vc.store import MotorStore +from n2vc.vca.connection import get_connection class N2VCJujuConnector(N2VCConnector): @@ -59,6 +48,7 @@ class N2VCJujuConnector(N2VCConnector): """ BUILT_IN_CLOUDS = ["localhost", "microk8s"] + libjuju = None def __init__( self, @@ -66,12 +56,16 @@ class N2VCJujuConnector(N2VCConnector): fs: object, log: object = None, loop: object = None, - url: str = "127.0.0.1:17070", - username: str = "admin", - vca_config: dict = None, on_update_db=None, ): - """Initialize juju N2VC connector + """ + Constructor + + :param: db: Database object from osm_common + :param: fs: Filesystem object from osm_common + :param: log: Logger + :param: loop: Asyncio loop + :param: on_update_db: Callback function to be called for updating the database. """ # parent class constructor @@ -81,9 +75,6 @@ class N2VCJujuConnector(N2VCConnector): fs=fs, log=log, loop=loop, - url=url, - username=username, - vca_config=vca_config, on_update_db=on_update_db, ) @@ -94,123 +85,29 @@ class N2VCJujuConnector(N2VCConnector): self.log.info("Initializing N2VC juju connector...") - """ - ############################################################## - # check arguments - ############################################################## - """ - - # juju URL - if url is None: - raise N2VCBadArgumentsException("Argument url is mandatory", ["url"]) - url_parts = url.split(":") - if len(url_parts) != 2: - raise N2VCBadArgumentsException( - "Argument url: bad format (localhost:port) -> {}".format(url), ["url"] - ) - self.hostname = url_parts[0] - try: - self.port = int(url_parts[1]) - except ValueError: - raise N2VCBadArgumentsException( - "url port must be a number -> {}".format(url), ["url"] - ) - - # juju USERNAME - if username is None: - raise N2VCBadArgumentsException( - "Argument username is mandatory", ["username"] - ) - - # juju CONFIGURATION - if vca_config is None: - raise N2VCBadArgumentsException( - "Argument vca_config is mandatory", ["vca_config"] - ) - - if "secret" in vca_config: - self.secret = vca_config["secret"] - else: - raise N2VCBadArgumentsException( - "Argument vca_config.secret is mandatory", ["vca_config.secret"] - ) - - # pubkey of juju client in osm machine: ~/.local/share/juju/ssh/juju_id_rsa.pub - # if exists, it will be written in lcm container: _create_juju_public_key() - if "public_key" in vca_config: - self.public_key = vca_config["public_key"] - else: - self.public_key = None - - # TODO: Verify ca_cert is valid before using. VCA will crash - # if the ca_cert isn't formatted correctly. - def base64_to_cacert(b64string): - """Convert the base64-encoded string containing the VCA CACERT. - - The input string.... - - """ - try: - cacert = base64.b64decode(b64string).decode("utf-8") - - cacert = re.sub(r"\\n", r"\n", cacert,) - except binascii.Error as e: - self.log.debug("Caught binascii.Error: {}".format(e)) - raise N2VCInvalidCertificate(message="Invalid CA Certificate") - - return cacert - - self.ca_cert = vca_config.get("ca_cert") - if self.ca_cert: - self.ca_cert = base64_to_cacert(vca_config["ca_cert"]) - - if "api_proxy" in vca_config: - self.api_proxy = vca_config["api_proxy"] - self.log.debug( - "api_proxy for native charms configured: {}".format(self.api_proxy) - ) - else: - self.warning( - "api_proxy is not configured. Support for native charms is disabled" - ) - - if "enable_os_upgrade" in vca_config: - self.enable_os_upgrade = vca_config["enable_os_upgrade"] - else: - self.enable_os_upgrade = True - - if "apt_mirror" in vca_config: - self.apt_mirror = vca_config["apt_mirror"] - else: - self.apt_mirror = None - - self.cloud = vca_config.get("cloud") - # self.log.debug('Arguments have been checked') - - # juju data - self.controller = None # it will be filled when connect to juju - self.juju_models = {} # model objects for every model_name - self.juju_observers = {} # model observers for every model_name - self._connecting = ( - False # while connecting to juju (to avoid duplicate connections) - ) - self._authenticated = ( - False # it will be True when juju connection be stablished - ) - self._creating_model = False # True during model creation - - # create juju pub key file in lcm container at - # ./local/share/juju/ssh/juju_id_rsa.pub - self._create_juju_public_key() + db_uri = EnvironConfig(prefixes=["OSMLCM_", "OSMMON_"]).get("database_uri") + self._store = MotorStore(db_uri) + self.loading_libjuju = asyncio.Lock(loop=self.loop) self.log.info("N2VC juju connector initialized") - async def get_status(self, namespace: str, yaml_format: bool = True): + async def get_status( + self, namespace: str, yaml_format: bool = True, vca_id: str = None + ): + """ + Get status from all juju models from a VCA - # self.log.info('Getting NS status. namespace: {}'.format(namespace)) + :param namespace: we obtain ns from namespace + :param yaml_format: returns a yaml string + :param: vca_id: VCA ID from which the status will be retrieved. + """ + # TODO: Review where is this function used. It is not optimal at all to get the status + # from all the juju models of a particular VCA. Additionally, these models might + # not have been deployed by OSM, in that case we are getting information from + # deployments outside of OSM's scope. - if not self._authenticated: - await self._juju_login() + # self.log.info('Getting NS status. namespace: {}'.format(namespace)) + libjuju = await self._get_libjuju(vca_id) _nsi_id, ns_id, _vnf_id, _vdu_id, _vdu_count = self._get_namespace_components( namespace=namespace @@ -222,16 +119,45 @@ class N2VCJujuConnector(N2VCConnector): self.log.error(msg) raise N2VCBadArgumentsException(msg, ["namespace"]) - # get juju model (create model if needed) - model = await self._juju_get_model(model_name=model_name) + status = {} + models = await libjuju.list_models(contains=ns_id) - status = await model.get_status() + for m in models: + status[m] = await libjuju.get_model_status(m) if yaml_format: return obj_to_yaml(status) else: return obj_to_dict(status) + async def update_vca_status(self, vcastatus: dict, vca_id: str = None): + """ + Add all configs, actions, executed actions of all applications in a model to vcastatus dict. + + :param vcastatus: dict containing vcaStatus + :param: vca_id: VCA ID + + :return: None + """ + try: + libjuju = await self._get_libjuju(vca_id) + for model_name in vcastatus: + # Adding executed actions + vcastatus[model_name][ + "executedActions" + ] = await libjuju.get_executed_actions(model_name) + for application in vcastatus[model_name]["applications"]: + # Adding application actions + vcastatus[model_name]["applications"][application][ + "actions" + ] = await libjuju.get_actions(application, model_name) + # Adding application configs + vcastatus[model_name]["applications"][application][ + "configs" + ] = await libjuju.get_application_configs(model_name, application) + except Exception as e: + self.log.debug("Error in updating vca status: {}".format(str(e))) + async def create_execution_environment( self, namespace: str, @@ -239,16 +165,34 @@ class N2VCJujuConnector(N2VCConnector): reuse_ee_id: str = None, progress_timeout: float = None, total_timeout: float = None, + vca_id: str = None, ) -> (str, dict): + """ + Create an Execution Environment. Returns when it is created or raises an + exception on failing + + :param: namespace: Contains a dot separate string. + LCM will use: []...[-] + :param: db_dict: where to write to database when the status changes. + It contains a dictionary with {collection: str, filter: {}, path: str}, + e.g. {collection: "nsrs", filter: {_id: , path: + "_admin.deployed.VCA.3"} + :param: reuse_ee_id: ee id from an older execution. It allows us to reuse an + older environment + :param: progress_timeout: Progress timeout + :param: total_timeout: Total timeout + :param: vca_id: VCA ID + + :returns: id of the new execution environment and credentials for it + (credentials can contains hostname, username, etc depending on underlying cloud) + """ self.log.info( "Creating execution environment. namespace: {}, reuse_ee_id: {}".format( namespace, reuse_ee_id ) ) - - if not self._authenticated: - await self._juju_login() + libjuju = await self._get_libjuju(vca_id) machine_id = None if reuse_ee_id: @@ -276,30 +220,39 @@ class N2VCJujuConnector(N2VCConnector): # create or reuse a new juju machine try: - machine = await self._juju_create_machine( + if not await libjuju.model_exists(model_name): + await libjuju.add_model( + model_name, + libjuju.vca_connection.lxd_cloud, + ) + machine, new = await libjuju.create_machine( model_name=model_name, - application_name=application_name, machine_id=machine_id, db_dict=db_dict, progress_timeout=progress_timeout, total_timeout=total_timeout, ) + # id for the execution environment + ee_id = N2VCJujuConnector._build_ee_id( + model_name=model_name, + application_name=application_name, + machine_id=str(machine.entity_id), + ) + self.log.debug("ee_id: {}".format(ee_id)) + + if new: + # write ee_id in database + self._write_ee_id_db(db_dict=db_dict, ee_id=ee_id) + except Exception as e: message = "Error creating machine on juju: {}".format(e) self.log.error(message) raise N2VCException(message=message) - # id for the execution environment - ee_id = N2VCJujuConnector._build_ee_id( - model_name=model_name, - application_name=application_name, - machine_id=str(machine.entity_id), - ) - self.log.debug("ee_id: {}".format(ee_id)) - # new machine credentials - credentials = dict() - credentials["hostname"] = machine.dns_name + credentials = { + "hostname": machine.dns_name, + } self.log.info( "Execution environment created. ee_id: {}, credentials: {}".format( @@ -316,16 +269,34 @@ class N2VCJujuConnector(N2VCConnector): db_dict: dict, progress_timeout: float = None, total_timeout: float = None, + vca_id: str = None, ) -> str: - - if not self._authenticated: - await self._juju_login() - + """ + Register an existing execution environment at the VCA + + :param: namespace: Contains a dot separate string. + LCM will use: []...[-] + :param: credentials: credentials to access the existing execution environment + (it can contains hostname, username, path to private key, + etc depending on underlying cloud) + :param: db_dict: where to write to database when the status changes. + It contains a dictionary with {collection: str, filter: {}, path: str}, + e.g. {collection: "nsrs", filter: {_id: , path: + "_admin.deployed.VCA.3"} + :param: reuse_ee_id: ee id from an older execution. It allows us to reuse an + older environment + :param: progress_timeout: Progress timeout + :param: total_timeout: Total timeout + :param: vca_id: VCA ID + + :returns: id of the execution environment + """ self.log.info( "Registering execution environment. namespace={}, credentials={}".format( namespace, credentials ) ) + libjuju = await self._get_libjuju(vca_id) if credentials is None: raise N2VCBadArgumentsException( @@ -360,7 +331,12 @@ class N2VCJujuConnector(N2VCConnector): # register machine on juju try: - machine_id = await self._juju_provision_machine( + if not await libjuju.model_exists(model_name): + await libjuju.add_model( + model_name, + libjuju.vca_connection.lxd_cloud, + ) + machine_id = await libjuju.provision_machine( model_name=model_name, hostname=hostname, username=username, @@ -396,7 +372,30 @@ class N2VCJujuConnector(N2VCConnector): progress_timeout: float = None, total_timeout: float = None, config: dict = None, + num_units: int = 1, + vca_id: str = None, ): + """ + Install the software inside the execution environment identified by ee_id + + :param: ee_id: the id of the execution environment returned by + create_execution_environment or register_execution_environment + :param: artifact_path: where to locate the artifacts (parent folder) using + the self.fs + the final artifact path will be a combination of this + artifact_path and additional string from the config_dict + (e.g. charm name) + :param: db_dict: where to write into database when the status changes. + It contains a dict with + {collection: , filter: {}, path: }, + e.g. {collection: "nsrs", filter: + {_id: , path: "_admin.deployed.VCA.3"} + :param: progress_timeout: Progress timeout + :param: total_timeout: Total timeout + :param: config: Dictionary with deployment config information. + :param: num_units: Number of units to deploy of a particular charm. + :param: vca_id: VCA ID + """ self.log.info( ( @@ -404,9 +403,7 @@ class N2VCJujuConnector(N2VCConnector): "artifact path: {}, db_dict: {}" ).format(ee_id, artifact_path, db_dict) ) - - if not self._authenticated: - await self._juju_login() + libjuju = await self._get_libjuju(vca_id) # check arguments if ee_id is None or len(ee_id) == 0: @@ -456,15 +453,16 @@ class N2VCJujuConnector(N2VCConnector): full_path = self.fs.path + "/" + artifact_path try: - await self._juju_deploy_charm( + await libjuju.deploy_charm( model_name=model_name, application_name=application_name, - charm_path=full_path, + path=full_path, machine_id=machine_id, db_dict=db_dict, progress_timeout=progress_timeout, total_timeout=total_timeout, config=config, + num_units=num_units, ) except Exception as e: raise N2VCException( @@ -473,22 +471,135 @@ class N2VCJujuConnector(N2VCConnector): self.log.info("Configuration sw installed") + async def install_k8s_proxy_charm( + self, + charm_name: str, + namespace: str, + artifact_path: str, + db_dict: dict, + progress_timeout: float = None, + total_timeout: float = None, + config: dict = None, + vca_id: str = None, + ) -> str: + """ + Install a k8s proxy charm + + :param charm_name: Name of the charm being deployed + :param namespace: collection of all the uuids related to the charm. + :param str artifact_path: where to locate the artifacts (parent folder) using + the self.fs + the final artifact path will be a combination of this artifact_path and + additional string from the config_dict (e.g. charm name) + :param dict db_dict: where to write into database when the status changes. + It contains a dict with + {collection: , filter: {}, path: }, + e.g. {collection: "nsrs", filter: + {_id: , path: "_admin.deployed.VCA.3"} + :param: progress_timeout: Progress timeout + :param: total_timeout: Total timeout + :param config: Dictionary with additional configuration + :param vca_id: VCA ID + + :returns ee_id: execution environment id. + """ + self.log.info( + "Installing k8s proxy charm: {}, artifact path: {}, db_dict: {}".format( + charm_name, artifact_path, db_dict + ) + ) + libjuju = await self._get_libjuju(vca_id) + + if artifact_path is None or len(artifact_path) == 0: + raise N2VCBadArgumentsException( + message="artifact_path is mandatory", bad_args=["artifact_path"] + ) + if db_dict is None: + raise N2VCBadArgumentsException( + message="db_dict is mandatory", bad_args=["db_dict"] + ) + + # remove // in charm path + while artifact_path.find("//") >= 0: + artifact_path = artifact_path.replace("//", "/") + + # check charm path + if not self.fs.file_exists(artifact_path, mode="dir"): + msg = "artifact path does not exist: {}".format(artifact_path) + raise N2VCBadArgumentsException(message=msg, bad_args=["artifact_path"]) + + if artifact_path.startswith("/"): + full_path = self.fs.path + artifact_path + else: + full_path = self.fs.path + "/" + artifact_path + + _, ns_id, _, _, _ = self._get_namespace_components(namespace=namespace) + model_name = "{}-k8s".format(ns_id) + if not await libjuju.model_exists(model_name): + await libjuju.add_model( + model_name, + libjuju.vca_connection.k8s_cloud, + ) + application_name = self._get_application_name(namespace) + + try: + await libjuju.deploy_charm( + model_name=model_name, + application_name=application_name, + path=full_path, + machine_id=None, + db_dict=db_dict, + progress_timeout=progress_timeout, + total_timeout=total_timeout, + config=config, + ) + except Exception as e: + raise N2VCException(message="Error deploying charm: {}".format(e)) + + self.log.info("K8s proxy charm installed") + ee_id = N2VCJujuConnector._build_ee_id( + model_name=model_name, + application_name=application_name, + machine_id="k8s", + ) + + self._write_ee_id_db(db_dict=db_dict, ee_id=ee_id) + + return ee_id + async def get_ee_ssh_public__key( self, ee_id: str, db_dict: dict, progress_timeout: float = None, total_timeout: float = None, + vca_id: str = None, ) -> str: + """ + Get Execution environment ssh public key + + :param: ee_id: the id of the execution environment returned by + create_execution_environment or register_execution_environment + :param: db_dict: where to write into database when the status changes. + It contains a dict with + {collection: , filter: {}, path: }, + e.g. {collection: "nsrs", filter: + {_id: , path: "_admin.deployed.VCA.3"} + :param: progress_timeout: Progress timeout + :param: total_timeout: Total timeout + :param vca_id: VCA ID + :returns: public key of the execution environment + For the case of juju proxy charm ssh-layered, it is the one + returned by 'get-ssh-public-key' primitive. + It raises a N2VC exception if fails + """ self.log.info( ( "Generating priv/pub key pair and get pub key on ee_id: {}, db_dict: {}" ).format(ee_id, db_dict) ) - - if not self._authenticated: - await self._juju_login() + libjuju = await self._get_libjuju(vca_id) # check arguments if ee_id is None or len(ee_id) == 0: @@ -525,9 +636,11 @@ class N2VCJujuConnector(N2VCConnector): output = None + application_name = N2VCJujuConnector._format_app_name(application_name) + # execute action: generate-ssh-key try: - output, _status = await self._juju_execute_action( + output, _status = await libjuju.execute_action( model_name=model_name, application_name=application_name, action_name="generate-ssh-key", @@ -544,7 +657,7 @@ class N2VCJujuConnector(N2VCConnector): # execute action: get-ssh-public-key try: - output, _status = await self._juju_execute_action( + output, _status = await libjuju.execute_action( model_name=model_name, application_name=application_name, action_name="get-ssh-public-key", @@ -555,20 +668,49 @@ class N2VCJujuConnector(N2VCConnector): except Exception as e: msg = "Cannot execute action get-ssh-public-key: {}\n".format(e) self.log.info(msg) - raise N2VCException(msg) + raise N2VCExecutionException(e, primitive_name="get-ssh-public-key") # return public key if exists return output["pubkey"] if "pubkey" in output else output + async def get_metrics( + self, model_name: str, application_name: str, vca_id: str = None + ) -> dict: + """ + Get metrics from application + + :param: model_name: Model name + :param: application_name: Application name + :param: vca_id: VCA ID + + :return: Dictionary with obtained metrics + """ + libjuju = await self._get_libjuju(vca_id) + return await libjuju.get_metrics(model_name, application_name) + async def add_relation( - self, ee_id_1: str, ee_id_2: str, endpoint_1: str, endpoint_2: str + self, + ee_id_1: str, + ee_id_2: str, + endpoint_1: str, + endpoint_2: str, + vca_id: str = None, ): + """ + Add relation between two charmed endpoints + :param: ee_id_1: The id of the first execution environment + :param: ee_id_2: The id of the second execution environment + :param: endpoint_1: The endpoint in the first execution environment + :param: endpoint_2: The endpoint in the second execution environment + :param: vca_id: VCA ID + """ self.log.debug( "adding new relation between {} and {}, endpoints: {}, {}".format( ee_id_1, ee_id_2, endpoint_1, endpoint_2 ) ) + libjuju = await self._get_libjuju(vca_id) # check arguments if not ee_id_1: @@ -588,9 +730,6 @@ class N2VCJujuConnector(N2VCConnector): self.log.error(message) raise N2VCBadArgumentsException(message=message, bad_args=["endpoint_2"]) - if not self._authenticated: - await self._juju_login() - # get the model, the applications and the machines from the ee_id's model_1, app_1, _machine_1 = self._get_ee_id_components(ee_id_1) model_2, app_2, _machine_2 = self._get_ee_id_components(ee_id_2) @@ -605,12 +744,10 @@ class N2VCJujuConnector(N2VCConnector): # add juju relations between two applications try: - await self._juju_add_relation( + await libjuju.add_relation( model_name=model_1, - application_name_1=app_1, - application_name_2=app_2, - relation_1=endpoint_1, - relation_2=endpoint_2, + endpoint_1="{}:{}".format(app_1, endpoint_1), + endpoint_2="{}:{}".format(app_2, endpoint_2), ) except Exception as e: message = "Error adding relation between {} and {}: {}".format( @@ -620,26 +757,34 @@ class N2VCJujuConnector(N2VCConnector): raise N2VCException(message=message) async def remove_relation(self): - if not self._authenticated: - await self._juju_login() # TODO self.log.info("Method not implemented yet") raise MethodNotImplemented() async def deregister_execution_environments(self): - if not self._authenticated: - await self._juju_login() - # TODO self.log.info("Method not implemented yet") raise MethodNotImplemented() async def delete_namespace( - self, namespace: str, db_dict: dict = None, total_timeout: float = None + self, + namespace: str, + db_dict: dict = None, + total_timeout: float = None, + vca_id: str = None, ): + """ + Remove a network scenario and its execution environments + :param: namespace: []. + :param: db_dict: where to write into database when the status changes. + It contains a dict with + {collection: , filter: {}, path: }, + e.g. {collection: "nsrs", filter: + {_id: , path: "_admin.deployed.VCA.3"} + :param: total_timeout: Total timeout + :param: vca_id: VCA ID + """ self.log.info("Deleting namespace={}".format(namespace)) - - if not self._authenticated: - await self._juju_login() + libjuju = await self._get_libjuju(vca_id) # check arguments if namespace is None: @@ -652,11 +797,11 @@ class N2VCJujuConnector(N2VCConnector): ) if ns_id is not None: try: - await self._juju_destroy_model( - model_name=ns_id, total_timeout=total_timeout - ) - except N2VCNotFound: - raise + models = await libjuju.list_models(contains=ns_id) + for model in models: + await libjuju.destroy_model( + model_name=model, total_timeout=total_timeout + ) except Exception as e: raise N2VCException( message="Error deleting namespace {} : {}".format(namespace, e) @@ -669,12 +814,27 @@ class N2VCJujuConnector(N2VCConnector): self.log.info("Namespace {} deleted".format(namespace)) async def delete_execution_environment( - self, ee_id: str, db_dict: dict = None, total_timeout: float = None + self, + ee_id: str, + db_dict: dict = None, + total_timeout: float = None, + scaling_in: bool = False, + vca_id: str = None, ): + """ + Delete an execution environment + :param str ee_id: id of the execution environment to delete + :param dict db_dict: where to write into database when the status changes. + It contains a dict with + {collection: , filter: {}, path: }, + e.g. {collection: "nsrs", filter: + {_id: , path: "_admin.deployed.VCA.3"} + :param: total_timeout: Total timeout + :param: scaling_in: Boolean to indicate if is it a scaling in operation + :param: vca_id: VCA ID + """ self.log.info("Deleting execution environment ee_id={}".format(ee_id)) - - if not self._authenticated: - await self._juju_login() + libjuju = await self._get_libjuju(vca_id) # check arguments if ee_id is None: @@ -685,12 +845,21 @@ class N2VCJujuConnector(N2VCConnector): model_name, application_name, _machine_id = self._get_ee_id_components( ee_id=ee_id ) - - # destroy the application try: - await self._juju_destroy_application( - model_name=model_name, application_name=application_name - ) + if not scaling_in: + # destroy the model + # TODO: should this be removed? + await libjuju.destroy_model( + model_name=model_name, + total_timeout=total_timeout, + ) + else: + # destroy the application + await libjuju.destroy_application( + model_name=model_name, + application_name=application_name, + total_timeout=total_timeout, + ) except Exception as e: raise N2VCException( message=( @@ -698,18 +867,6 @@ class N2VCJujuConnector(N2VCConnector): ).format(ee_id, application_name, e) ) - # destroy the machine - # try: - # await self._juju_destroy_machine( - # model_name=model_name, - # machine_id=machine_id, - # total_timeout=total_timeout - # ) - # except Exception as e: - # raise N2VCException( - # message='Error deleting execution environment {} (machine {}) : {}' - # .format(ee_id, machine_id, e)) - self.log.info("Execution environment {} deleted".format(ee_id)) async def exec_primitive( @@ -720,16 +877,34 @@ class N2VCJujuConnector(N2VCConnector): db_dict: dict = None, progress_timeout: float = None, total_timeout: float = None, + vca_id: str = None, ) -> str: + """ + Execute a primitive in the execution environment + + :param: ee_id: the one returned by create_execution_environment or + register_execution_environment + :param: primitive_name: must be one defined in the software. There is one + called 'config', where, for the proxy case, the 'credentials' of VM are + provided + :param: params_dict: parameters of the action + :param: db_dict: where to write into database when the status changes. + It contains a dict with + {collection: , filter: {}, path: }, + e.g. {collection: "nsrs", filter: + {_id: , path: "_admin.deployed.VCA.3"} + :param: progress_timeout: Progress timeout + :param: total_timeout: Total timeout + :param: vca_id: VCA ID + :returns str: primitive result, if ok. It raises exceptions in case of fail + """ self.log.info( "Executing primitive: {} on ee: {}, params: {}".format( primitive_name, ee_id, params_dict ) ) - - if not self._authenticated: - await self._juju_login() + libjuju = await self._get_libjuju(vca_id) # check arguments if ee_id is None or len(ee_id) == 0: @@ -760,14 +935,58 @@ class N2VCJujuConnector(N2VCConnector): if primitive_name == "config": # Special case: config primitive try: - await self._juju_configure_application( + await libjuju.configure_application( model_name=model_name, application_name=application_name, config=params_dict, - db_dict=db_dict, - progress_timeout=progress_timeout, - total_timeout=total_timeout, ) + actions = await libjuju.get_actions( + application_name=application_name, + model_name=model_name, + ) + self.log.debug( + "Application {} has these actions: {}".format( + application_name, actions + ) + ) + if "verify-ssh-credentials" in actions: + # execute verify-credentials + num_retries = 20 + retry_timeout = 15.0 + for _ in range(num_retries): + try: + self.log.debug("Executing action verify-ssh-credentials...") + output, ok = await libjuju.execute_action( + model_name=model_name, + application_name=application_name, + action_name="verify-ssh-credentials", + db_dict=db_dict, + progress_timeout=progress_timeout, + total_timeout=total_timeout, + ) + + if ok == "failed": + self.log.debug( + "Error executing verify-ssh-credentials: {}. Retrying..." + ) + await asyncio.sleep(retry_timeout) + + continue + self.log.debug("Result: {}, output: {}".format(ok, output)) + break + except asyncio.CancelledError: + raise + else: + self.log.error( + "Error executing verify-ssh-credentials after {} retries. ".format( + num_retries + ) + ) + else: + msg = "Action verify-ssh-credentials does not exist in application {}".format( + application_name + ) + self.log.debug(msg=msg) except Exception as e: self.log.error("Error configuring juju application: {}".format(e)) raise N2VCExecutionException( @@ -779,7 +998,7 @@ class N2VCJujuConnector(N2VCConnector): return "CONFIG OK" else: try: - output, status = await self._juju_execute_action( + output, status = await libjuju.execute_action( model_name=model_name, application_name=application_name, action_name=primitive_name, @@ -803,16 +1022,53 @@ class N2VCJujuConnector(N2VCConnector): primitive_name=primitive_name, ) - async def disconnect(self): + async def disconnect(self, vca_id: str = None): + """ + Disconnect from VCA + + :param: vca_id: VCA ID + """ self.log.info("closing juju N2VC...") - await self._juju_logout() + libjuju = await self._get_libjuju(vca_id) + try: + await libjuju.disconnect() + except Exception as e: + raise N2VCConnectionException( + message="Error disconnecting controller: {}".format(e), + url=libjuju.vca_connection.data.endpoints, + ) """ - #################################################################################### - ################################### P R I V A T E ################################## - #################################################################################### +#################################################################################### +################################### P R I V A T E ################################## +#################################################################################### """ + async def _get_libjuju(self, vca_id: str = None) -> Libjuju: + """ + Get libjuju object + + :param: vca_id: VCA ID + If None, get a libjuju object with a Connection to the default VCA + Else, geta libjuju object with a Connection to the specified VCA + """ + if not vca_id: + while self.loading_libjuju.locked(): + await asyncio.sleep(0.1) + if not self.libjuju: + async with self.loading_libjuju: + vca_connection = await get_connection(self._store) + self.libjuju = Libjuju(vca_connection, loop=self.loop, log=self.log) + return self.libjuju + else: + vca_connection = await get_connection(self._store, vca_id) + return Libjuju( + vca_connection, + loop=self.loop, + log=self.log, + n2vc=self, + ) + def _write_ee_id_db(self, db_dict: dict, ee_id: str): # write ee_id to database: _admin.deployed.VCA.x @@ -900,747 +1156,6 @@ class N2VCJujuConnector(N2VCConnector): return N2VCJujuConnector._format_app_name(application_name) - async def _juju_create_machine( - self, - model_name: str, - application_name: str, - machine_id: str = None, - db_dict: dict = None, - progress_timeout: float = None, - total_timeout: float = None, - ) -> Machine: - - self.log.debug( - "creating machine in model: {}, existing machine id: {}".format( - model_name, machine_id - ) - ) - - # get juju model and observer (create model if needed) - model = await self._juju_get_model(model_name=model_name) - observer = self.juju_observers[model_name] - - # find machine id in model - machine = None - if machine_id is not None: - self.log.debug("Finding existing machine id {} in model".format(machine_id)) - # get juju existing machines in the model - existing_machines = await model.get_machines() - if machine_id in existing_machines: - self.log.debug( - "Machine id {} found in model (reusing it)".format(machine_id) - ) - machine = model.machines[machine_id] - - if machine is None: - self.log.debug("Creating a new machine in juju...") - # machine does not exist, create it and wait for it - machine = await model.add_machine( - spec=None, constraints=None, disks=None, series="xenial" - ) - - # register machine with observer - observer.register_machine(machine=machine, db_dict=db_dict) - - # id for the execution environment - ee_id = N2VCJujuConnector._build_ee_id( - model_name=model_name, - application_name=application_name, - machine_id=str(machine.entity_id), - ) - - # write ee_id in database - self._write_ee_id_db(db_dict=db_dict, ee_id=ee_id) - - # wait for machine creation - await observer.wait_for_machine( - machine_id=str(machine.entity_id), - progress_timeout=progress_timeout, - total_timeout=total_timeout, - ) - - else: - - self.log.debug("Reusing old machine pending") - - # register machine with observer - observer.register_machine(machine=machine, db_dict=db_dict) - - # machine does exist, but it is in creation process (pending), wait for - # create finalisation - await observer.wait_for_machine( - machine_id=machine.entity_id, - progress_timeout=progress_timeout, - total_timeout=total_timeout, - ) - - self.log.debug("Machine ready at " + str(machine.dns_name)) - return machine - - async def _juju_provision_machine( - self, - model_name: str, - hostname: str, - username: str, - private_key_path: str, - db_dict: dict = None, - progress_timeout: float = None, - total_timeout: float = None, - ) -> str: - - if not self.api_proxy: - msg = "Cannot provision machine: api_proxy is not defined" - self.log.error(msg=msg) - raise N2VCException(message=msg) - - self.log.debug( - "provisioning machine. model: {}, hostname: {}, username: {}".format( - model_name, hostname, username - ) - ) - - if not self._authenticated: - await self._juju_login() - - # get juju model and observer - model = await self._juju_get_model(model_name=model_name) - observer = self.juju_observers[model_name] - - # TODO check if machine is already provisioned - machine_list = await model.get_machines() - - provisioner = AsyncSSHProvisioner( - host=hostname, - user=username, - private_key_path=private_key_path, - log=self.log, - ) - - params = None - try: - params = await provisioner.provision_machine() - except Exception as ex: - msg = "Exception provisioning machine: {}".format(ex) - self.log.error(msg) - raise N2VCException(message=msg) - - params.jobs = ["JobHostUnits"] - - connection = model.connection() - - # Submit the request. - self.log.debug("Adding machine to model") - client_facade = client.ClientFacade.from_connection(connection) - results = await client_facade.AddMachines(params=[params]) - error = results.machines[0].error - if error: - msg = "Error adding machine: {}}".format(error.message) - self.log.error(msg=msg) - raise ValueError(msg) - - machine_id = results.machines[0].machine - - # Need to run this after AddMachines has been called, - # as we need the machine_id - self.log.debug("Installing Juju agent into machine {}".format(machine_id)) - asyncio.ensure_future( - provisioner.install_agent( - connection=connection, - nonce=params.nonce, - machine_id=machine_id, - api=self.api_proxy, - ) - ) - - # wait for machine in model (now, machine is not yet in model, so we must - # wait for it) - machine = None - for _ in range(10): - machine_list = await model.get_machines() - if machine_id in machine_list: - self.log.debug("Machine {} found in model!".format(machine_id)) - machine = model.machines.get(machine_id) - break - await asyncio.sleep(2) - - if machine is None: - msg = "Machine {} not found in model".format(machine_id) - self.log.error(msg=msg) - raise Exception(msg) - - # register machine with observer - observer.register_machine(machine=machine, db_dict=db_dict) - - # wait for machine creation - self.log.debug("waiting for provision finishes... {}".format(machine_id)) - await observer.wait_for_machine( - machine_id=machine_id, - progress_timeout=progress_timeout, - total_timeout=total_timeout, - ) - - self.log.debug("Machine provisioned {}".format(machine_id)) - - return machine_id - - async def _juju_deploy_charm( - self, - model_name: str, - application_name: str, - charm_path: str, - machine_id: str, - db_dict: dict, - progress_timeout: float = None, - total_timeout: float = None, - config: dict = None, - ) -> (Application, int): - - # get juju model and observer - model = await self._juju_get_model(model_name=model_name) - observer = self.juju_observers[model_name] - - # check if application already exists - application = None - if application_name in model.applications: - application = model.applications[application_name] - - if application is None: - - # application does not exist, create it and wait for it - self.log.debug( - "deploying application {} to machine {}, model {}".format( - application_name, machine_id, model_name - ) - ) - self.log.debug("charm: {}".format(charm_path)) - series = "xenial" - # series = None - application = await model.deploy( - entity_url=charm_path, - application_name=application_name, - channel="stable", - num_units=1, - series=series, - to=machine_id, - config=config, - ) - - # register application with observer - observer.register_application(application=application, db_dict=db_dict) - - self.log.debug( - "waiting for application deployed... {}".format(application.entity_id) - ) - retries = await observer.wait_for_application( - application_id=application.entity_id, - progress_timeout=progress_timeout, - total_timeout=total_timeout, - ) - self.log.debug("application deployed") - - else: - - # register application with observer - observer.register_application(application=application, db_dict=db_dict) - - # application already exists, but not finalised - self.log.debug("application already exists, waiting for deployed...") - retries = await observer.wait_for_application( - application_id=application.entity_id, - progress_timeout=progress_timeout, - total_timeout=total_timeout, - ) - self.log.debug("application deployed") - - return application, retries - - async def _juju_execute_action( - self, - model_name: str, - application_name: str, - action_name: str, - db_dict: dict, - progress_timeout: float = None, - total_timeout: float = None, - **kwargs - ) -> Action: - - # get juju model and observer - model = await self._juju_get_model(model_name=model_name) - observer = self.juju_observers[model_name] - - application = await self._juju_get_application( - model_name=model_name, application_name=application_name - ) - - unit = None - for u in application.units: - if await u.is_leader_from_status(): - unit = u - if unit is not None: - actions = await application.get_actions() - if action_name in actions: - self.log.debug( - 'executing action "{}" using params: {}'.format(action_name, kwargs) - ) - action = await unit.run_action(action_name, **kwargs) - - # register action with observer - observer.register_action(action=action, db_dict=db_dict) - - await observer.wait_for_action( - action_id=action.entity_id, - progress_timeout=progress_timeout, - total_timeout=total_timeout, - ) - self.log.debug("action completed with status: {}".format(action.status)) - output = await model.get_action_output(action_uuid=action.entity_id) - status = await model.get_action_status(uuid_or_prefix=action.entity_id) - if action.entity_id in status: - status = status[action.entity_id] - else: - status = "failed" - return output, status - - raise N2VCExecutionException( - message="Cannot execute action on charm", primitive_name=action_name - ) - - async def _juju_configure_application( - self, - model_name: str, - application_name: str, - config: dict, - db_dict: dict, - progress_timeout: float = None, - total_timeout: float = None, - ): - - # get the application - application = await self._juju_get_application( - model_name=model_name, application_name=application_name - ) - - self.log.debug( - "configuring the application {} -> {}".format(application_name, config) - ) - res = await application.set_config(config) - self.log.debug( - "application {} configured. res={}".format(application_name, res) - ) - - # Verify the config is set - new_conf = await application.get_config() - for key in config: - value = new_conf[key]["value"] - self.log.debug(" {} = {}".format(key, value)) - if config[key] != value: - raise N2VCException( - message="key {} is not configured correctly {} != {}".format( - key, config[key], new_conf[key] - ) - ) - - # check if 'verify-ssh-credentials' action exists - # unit = application.units[0] - actions = await application.get_actions() - if "verify-ssh-credentials" not in actions: - msg = ( - "Action verify-ssh-credentials does not exist in application {}" - ).format(application_name) - self.log.debug(msg=msg) - return False - - # execute verify-credentials - num_retries = 20 - retry_timeout = 15.0 - for _ in range(num_retries): - try: - self.log.debug("Executing action verify-ssh-credentials...") - output, ok = await self._juju_execute_action( - model_name=model_name, - application_name=application_name, - action_name="verify-ssh-credentials", - db_dict=db_dict, - progress_timeout=progress_timeout, - total_timeout=total_timeout, - ) - self.log.debug("Result: {}, output: {}".format(ok, output)) - return True - except asyncio.CancelledError: - raise - except Exception as e: - self.log.debug( - "Error executing verify-ssh-credentials: {}. Retrying...".format(e) - ) - await asyncio.sleep(retry_timeout) - else: - self.log.error( - "Error executing verify-ssh-credentials after {} retries. ".format( - num_retries - ) - ) - return False - - async def _juju_get_application(self, model_name: str, application_name: str): - """Get the deployed application.""" - - model = await self._juju_get_model(model_name=model_name) - - application_name = N2VCJujuConnector._format_app_name(application_name) - - if model.applications and application_name in model.applications: - return model.applications[application_name] - else: - raise N2VCException( - message="Cannot get application {} from model {}".format( - application_name, model_name - ) - ) - - async def _juju_get_model(self, model_name: str) -> Model: - """ Get a model object from juju controller - If the model does not exits, it creates it. - - :param str model_name: name of the model - :returns Model: model obtained from juju controller or Exception - """ - - # format model name - model_name = N2VCJujuConnector._format_model_name(model_name) - - if model_name in self.juju_models: - return self.juju_models[model_name] - - if self._creating_model: - self.log.debug("Another coroutine is creating a model. Wait...") - while self._creating_model: - # another coroutine is creating a model, wait - await asyncio.sleep(0.1) - # retry (perhaps another coroutine has created the model meanwhile) - if model_name in self.juju_models: - return self.juju_models[model_name] - - try: - self._creating_model = True - - # get juju model names from juju - model_list = await self.controller.list_models() - - if model_name not in model_list: - self.log.info( - "Model {} does not exist. Creating new model...".format(model_name) - ) - config_dict = {"authorized-keys": self.public_key} - if self.apt_mirror: - config_dict["apt-mirror"] = self.apt_mirror - if not self.enable_os_upgrade: - config_dict["enable-os-refresh-update"] = False - config_dict["enable-os-upgrade"] = False - if self.cloud in self.BUILT_IN_CLOUDS: - model = await self.controller.add_model( - model_name=model_name, - config=config_dict, - cloud_name=self.cloud, - ) - else: - model = await self.controller.add_model( - model_name=model_name, - config=config_dict, - cloud_name=self.cloud, - credential_name=self.cloud, - ) - self.log.info("New model created, name={}".format(model_name)) - else: - self.log.debug( - "Model already exists in juju. Getting model {}".format(model_name) - ) - model = await self.controller.get_model(model_name) - self.log.debug("Existing model in juju, name={}".format(model_name)) - - self.juju_models[model_name] = model - self.juju_observers[model_name] = JujuModelObserver(n2vc=self, model=model) - return model - - except Exception as e: - msg = "Cannot get model {}. Exception: {}".format(model_name, e) - self.log.error(msg) - raise N2VCException(msg) - finally: - self._creating_model = False - - async def _juju_add_relation( - self, - model_name: str, - application_name_1: str, - application_name_2: str, - relation_1: str, - relation_2: str, - ): - - # get juju model and observer - model = await self._juju_get_model(model_name=model_name) - - r1 = "{}:{}".format(application_name_1, relation_1) - r2 = "{}:{}".format(application_name_2, relation_2) - - self.log.debug("adding relation: {} -> {}".format(r1, r2)) - try: - await model.add_relation(relation1=r1, relation2=r2) - except JujuAPIError as e: - # If one of the applications in the relationship doesn't exist, or the - # relation has already been added, - # let the operation fail silently. - if "not found" in e.message: - return - if "already exists" in e.message: - return - # another execption, raise it - raise e - - async def _juju_destroy_application(self, model_name: str, application_name: str): - - self.log.debug( - "Destroying application {} in model {}".format(application_name, model_name) - ) - - # get juju model and observer - model = await self._juju_get_model(model_name=model_name) - observer = self.juju_observers[model_name] - - application = model.applications.get(application_name) - if application: - observer.unregister_application(application_name) - await application.destroy() - else: - self.log.debug("Application not found: {}".format(application_name)) - - async def _juju_destroy_machine( - self, model_name: str, machine_id: str, total_timeout: float = None - ): - - self.log.debug( - "Destroying machine {} in model {}".format(machine_id, model_name) - ) - - if total_timeout is None: - total_timeout = 3600 - - # get juju model and observer - model = await self._juju_get_model(model_name=model_name) - observer = self.juju_observers[model_name] - - machines = await model.get_machines() - if machine_id in machines: - machine = model.machines[machine_id] - observer.unregister_machine(machine_id) - # TODO: change this by machine.is_manual when this is upstreamed: - # https://github.com/juju/python-libjuju/pull/396 - if "instance-id" in machine.safe_data and machine.safe_data[ - "instance-id" - ].startswith("manual:"): - self.log.debug("machine.destroy(force=True) started.") - await machine.destroy(force=True) - self.log.debug("machine.destroy(force=True) passed.") - # max timeout - end = time.time() + total_timeout - # wait for machine removal - machines = await model.get_machines() - while machine_id in machines and time.time() < end: - self.log.debug( - "Waiting for machine {} is destroyed".format(machine_id) - ) - await asyncio.sleep(0.5) - machines = await model.get_machines() - self.log.debug("Machine destroyed: {}".format(machine_id)) - else: - self.log.debug("Machine not found: {}".format(machine_id)) - - async def _juju_destroy_model(self, model_name: str, total_timeout: float = None): - - self.log.debug("Destroying model {}".format(model_name)) - - if total_timeout is None: - total_timeout = 3600 - end = time.time() + total_timeout - - model = await self._juju_get_model(model_name=model_name) - - if not model: - raise N2VCNotFound(message="Model {} does not exist".format(model_name)) - - uuid = model.info.uuid - - # destroy applications - for application_name in model.applications: - try: - await self._juju_destroy_application( - model_name=model_name, application_name=application_name - ) - except Exception as e: - self.log.error( - "Error destroying application {} in model {}: {}".format( - application_name, model_name, e - ) - ) - - # destroy machines - machines = await model.get_machines() - for machine_id in machines: - try: - await self._juju_destroy_machine( - model_name=model_name, machine_id=machine_id - ) - except asyncio.CancelledError: - raise - except Exception: - # ignore exceptions destroying machine - pass - - await self._juju_disconnect_model(model_name=model_name) - - self.log.debug("destroying model {}...".format(model_name)) - await self.controller.destroy_model(uuid) - # self.log.debug('model destroy requested {}'.format(model_name)) - - # wait for model is completely destroyed - self.log.debug("Waiting for model {} to be destroyed...".format(model_name)) - last_exception = "" - while time.time() < end: - try: - # await self.controller.get_model(uuid) - models = await self.controller.list_models() - if model_name not in models: - self.log.debug( - "The model {} ({}) was destroyed".format(model_name, uuid) - ) - return - except asyncio.CancelledError: - raise - except Exception as e: - last_exception = e - await asyncio.sleep(5) - raise N2VCException( - "Timeout waiting for model {} to be destroyed {}".format( - model_name, last_exception - ) - ) - - async def _juju_login(self): - """Connect to juju controller - - """ - - # if already authenticated, exit function - if self._authenticated: - return - - # if connecting, wait for finish - # another task could be trying to connect in parallel - while self._connecting: - await asyncio.sleep(0.1) - - # double check after other task has finished - if self._authenticated: - return - - try: - self._connecting = True - self.log.info( - "connecting to juju controller: {} {}:{}{}".format( - self.url, - self.username, - self.secret[:8] + "...", - " with ca_cert" if self.ca_cert else "", - ) - ) - - # Create controller object - self.controller = Controller(loop=self.loop) - # Connect to controller - await self.controller.connect( - endpoint=self.url, - username=self.username, - password=self.secret, - cacert=self.ca_cert, - ) - self._authenticated = True - self.log.info("juju controller connected") - except Exception as e: - message = "Exception connecting to juju: {}".format(e) - self.log.error(message) - raise N2VCConnectionException(message=message, url=self.url) - finally: - self._connecting = False - - async def _juju_logout(self): - """Logout of the Juju controller.""" - if not self._authenticated: - return False - - # disconnect all models - for model_name in self.juju_models: - try: - await self._juju_disconnect_model(model_name) - except Exception as e: - self.log.error( - "Error disconnecting model {} : {}".format(model_name, e) - ) - # continue with next model... - - self.log.info("Disconnecting controller") - try: - await self.controller.disconnect() - except Exception as e: - raise N2VCConnectionException( - message="Error disconnecting controller: {}".format(e), url=self.url - ) - - self.controller = None - self._authenticated = False - self.log.info("disconnected") - - async def _juju_disconnect_model(self, model_name: str): - self.log.debug("Disconnecting model {}".format(model_name)) - if model_name in self.juju_models: - await self.juju_models[model_name].disconnect() - self.juju_models[model_name] = None - self.juju_observers[model_name] = None - else: - self.warning("Cannot disconnect model: {}".format(model_name)) - - def _create_juju_public_key(self): - """Recreate the Juju public key on lcm container, if needed - Certain libjuju commands expect to be run from the same machine as Juju - is bootstrapped to. This method will write the public key to disk in - that location: ~/.local/share/juju/ssh/juju_id_rsa.pub - """ - - # Make sure that we have a public key before writing to disk - if self.public_key is None or len(self.public_key) == 0: - if "OSMLCM_VCA_PUBKEY" in os.environ: - self.public_key = os.getenv("OSMLCM_VCA_PUBKEY", "") - if len(self.public_key) == 0: - return - else: - return - - pk_path = "{}/.local/share/juju/ssh".format(os.path.expanduser("~")) - file_path = "{}/juju_id_rsa.pub".format(pk_path) - self.log.debug( - "writing juju public key to file:\n{}\npublic key: {}".format( - file_path, self.public_key - ) - ) - if not os.path.exists(pk_path): - # create path and write file - os.makedirs(pk_path) - with open(file_path, "w") as f: - self.log.debug("Creating juju public key file: {}".format(file_path)) - f.write(self.public_key) - else: - self.log.debug("juju public key file already exists: {}".format(file_path)) - @staticmethod def _format_model_name(name: str) -> str: """Format the name of the model. @@ -1690,3 +1205,14 @@ class N2VCJujuConnector(N2VCConnector): app_name = "z" + app_name return app_name + + async def validate_vca(self, vca_id: str): + """ + Validate a VCA by connecting/disconnecting to/from it + + :param: vca_id: VCA ID + """ + vca_connection = await get_connection(self._store, vca_id=vca_id) + libjuju = Libjuju(vca_connection, loop=self.loop, log=self.log, n2vc=self) + controller = await libjuju.get_controller() + await libjuju.disconnect_controller(controller)