projects / osm / devops.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Bug 1991 fixed: modified LCM charm secret name to a standardized one
[osm/devops.git] / installers / charm / lcm / src / charm.py
1 #!/usr/bin/env python3
2 # Copyright 2021 Canonical Ltd.
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License"); you may
5 # not use this file except in compliance with the License. You may obtain
6 # a copy of the License at
7 #
8 # http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 # License for the specific language governing permissions and limitations
14 # under the License.
15 #
16 # For those usages not covered by the Apache License, Version 2.0 please
17 # contact: legal@canonical.com
18 #
19 # To get in touch with the maintainers, please contact:
20 # osm-charmers@lists.launchpad.net
21 ##
22
23 # pylint: disable=E0213
24
25
26 import logging
27 from typing import NoReturn, Optional
28
29
30 from charms.kafka_k8s.v0.kafka import KafkaEvents, KafkaRequires
31 from ops.main import main
32 from opslib.osm.charm import CharmedOsmBase, RelationsMissing
33 from opslib.osm.interfaces.http import HttpClient
34 from opslib.osm.interfaces.mongo import MongoClient
35 from opslib.osm.pod import ContainerV3Builder, PodRestartPolicy, PodSpecV3Builder
36 from opslib.osm.validator import ModelValidator, validator
37
38
39 logger = logging.getLogger(__name__)
40
41 PORT = 9999
42
43
44 class ConfigModel(ModelValidator):
45 vca_host: Optional[str]
46 vca_port: Optional[int]
47 vca_user: Optional[str]
48 vca_secret: Optional[str]
49 vca_pubkey: Optional[str]
50 vca_cacert: Optional[str]
51 vca_cloud: Optional[str]
52 vca_k8s_cloud: Optional[str]
53 database_commonkey: str
54 mongodb_uri: Optional[str]
55 log_level: str
56 vca_apiproxy: Optional[str]
57 # Model-config options
58 vca_model_config_agent_metadata_url: Optional[str]
59 vca_model_config_agent_stream: Optional[str]
60 vca_model_config_apt_ftp_proxy: Optional[str]
61 vca_model_config_apt_http_proxy: Optional[str]
62 vca_model_config_apt_https_proxy: Optional[str]
63 vca_model_config_apt_mirror: Optional[str]
64 vca_model_config_apt_no_proxy: Optional[str]
65 vca_model_config_automatically_retry_hooks: Optional[bool]
66 vca_model_config_backup_dir: Optional[str]
67 vca_model_config_cloudinit_userdata: Optional[str]
68 vca_model_config_container_image_metadata_url: Optional[str]
69 vca_model_config_container_image_stream: Optional[str]
70 vca_model_config_container_inherit_properties: Optional[str]
71 vca_model_config_container_networking_method: Optional[str]
72 vca_model_config_default_series: Optional[str]
73 vca_model_config_default_space: Optional[str]
74 vca_model_config_development: Optional[bool]
75 vca_model_config_disable_network_management: Optional[bool]
76 vca_model_config_egress_subnets: Optional[str]
77 vca_model_config_enable_os_refresh_update: Optional[bool]
78 vca_model_config_enable_os_upgrade: Optional[bool]
79 vca_model_config_fan_config: Optional[str]
80 vca_model_config_firewall_mode: Optional[str]
81 vca_model_config_ftp_proxy: Optional[str]
82 vca_model_config_http_proxy: Optional[str]
83 vca_model_config_https_proxy: Optional[str]
84 vca_model_config_ignore_machine_addresses: Optional[bool]
85 vca_model_config_image_metadata_url: Optional[str]
86 vca_model_config_image_stream: Optional[str]
87 vca_model_config_juju_ftp_proxy: Optional[str]
88 vca_model_config_juju_http_proxy: Optional[str]
89 vca_model_config_juju_https_proxy: Optional[str]
90 vca_model_config_juju_no_proxy: Optional[str]
91 vca_model_config_logforward_enabled: Optional[bool]
92 vca_model_config_logging_config: Optional[str]
93 vca_model_config_lxd_snap_channel: Optional[str]
94 vca_model_config_max_action_results_age: Optional[str]
95 vca_model_config_max_action_results_size: Optional[str]
96 vca_model_config_max_status_history_age: Optional[str]
97 vca_model_config_max_status_history_size: Optional[str]
98 vca_model_config_net_bond_reconfigure_delay: Optional[str]
99 vca_model_config_no_proxy: Optional[str]
100 vca_model_config_provisioner_harvest_mode: Optional[str]
101 vca_model_config_proxy_ssh: Optional[bool]
102 vca_model_config_snap_http_proxy: Optional[str]
103 vca_model_config_snap_https_proxy: Optional[str]
104 vca_model_config_snap_store_assertions: Optional[str]
105 vca_model_config_snap_store_proxy: Optional[str]
106 vca_model_config_snap_store_proxy_url: Optional[str]
107 vca_model_config_ssl_hostname_verification: Optional[bool]
108 vca_model_config_test_mode: Optional[bool]
109 vca_model_config_transmit_vendor_metrics: Optional[bool]
110 vca_model_config_update_status_hook_interval: Optional[str]
111 vca_stablerepourl: Optional[str]
112 vca_helm_ca_certs: Optional[str]
113 image_pull_policy: str
114 debug_mode: bool
115 security_context: bool
116
117 @validator("log_level")
118 def validate_log_level(cls, v):
119 if v not in {"INFO", "DEBUG"}:
120 raise ValueError("value must be INFO or DEBUG")
121 return v
122
123 @validator("mongodb_uri")
124 def validate_mongodb_uri(cls, v):
125 if v and not v.startswith("mongodb://"):
126 raise ValueError("mongodb_uri is not properly formed")
127 return v
128
129 @validator("image_pull_policy")
130 def validate_image_pull_policy(cls, v):
131 values = {
132 "always": "Always",
133 "ifnotpresent": "IfNotPresent",
134 "never": "Never",
135 }
136 v = v.lower()
137 if v not in values.keys():
138 raise ValueError("value must be always, ifnotpresent or never")
139 return values[v]
140
141
142 class LcmCharm(CharmedOsmBase):
143
144 on = KafkaEvents()
145
146 def __init__(self, *args) -> NoReturn:
147 super().__init__(
148 *args,
149 oci_image="image",
150 vscode_workspace=VSCODE_WORKSPACE,
151 )
152 if self.config.get("debug_mode"):
153 self.enable_debug_mode(
154 pubkey=self.config.get("debug_pubkey"),
155 hostpaths={
156 "LCM": {
157 "hostpath": self.config.get("debug_lcm_local_path"),
158 "container-path": "/usr/lib/python3/dist-packages/osm_lcm",
159 },
160 "N2VC": {
161 "hostpath": self.config.get("debug_n2vc_local_path"),
162 "container-path": "/usr/lib/python3/dist-packages/n2vc",
163 },
164 "osm_common": {
165 "hostpath": self.config.get("debug_common_local_path"),
166 "container-path": "/usr/lib/python3/dist-packages/osm_common",
167 },
168 },
169 )
170 self.kafka = KafkaRequires(self)
171 self.framework.observe(self.on.kafka_available, self.configure_pod)
172 self.framework.observe(self.on.kafka_broken, self.configure_pod)
173
174 self.mongodb_client = MongoClient(self, "mongodb")
175 self.framework.observe(self.on["mongodb"].relation_changed, self.configure_pod)
176 self.framework.observe(self.on["mongodb"].relation_broken, self.configure_pod)
177
178 self.ro_client = HttpClient(self, "ro")
179 self.framework.observe(self.on["ro"].relation_changed, self.configure_pod)
180 self.framework.observe(self.on["ro"].relation_broken, self.configure_pod)
181
182 def _check_missing_dependencies(self, config: ConfigModel):
183 missing_relations = []
184
185 if not self.kafka.host or not self.kafka.port:
186 missing_relations.append("kafka")
187 if not config.mongodb_uri and self.mongodb_client.is_missing_data_in_unit():
188 missing_relations.append("mongodb")
189 if self.ro_client.is_missing_data_in_app():
190 missing_relations.append("ro")
191
192 if missing_relations:
193 raise RelationsMissing(missing_relations)
194
195 def build_pod_spec(self, image_info):
196 # Validate config
197 config = ConfigModel(**dict(self.config))
198
199 if config.mongodb_uri and not self.mongodb_client.is_missing_data_in_unit():
200 raise Exception("Mongodb data cannot be provided via config and relation")
201
202 # Check relations
203 self._check_missing_dependencies(config)
204
205 security_context_enabled = (
206 config.security_context if not config.debug_mode else False
207 )
208
209 # Create Builder for the PodSpec
210 pod_spec_builder = PodSpecV3Builder(
211 enable_security_context=security_context_enabled
212 )
213
214 # Add secrets to the pod
215 mongodb_secret_name = f"{self.app.name}-mongodb-secret"
216 pod_spec_builder.add_secret(
217 mongodb_secret_name,
218 {
219 "uri": config.mongodb_uri or self.mongodb_client.connection_string,
220 "commonkey": config.database_commonkey,
221 "helm_ca_certs": config.vca_helm_ca_certs,
222 },
223 )
224
225 # Build Container
226 container_builder = ContainerV3Builder(
227 self.app.name,
228 image_info,
229 config.image_pull_policy,
230 run_as_non_root=security_context_enabled,
231 )
232 container_builder.add_port(name=self.app.name, port=PORT)
233 container_builder.add_envs(
234 {
235 # General configuration
236 "ALLOW_ANONYMOUS_LOGIN": "yes",
237 "OSMLCM_GLOBAL_LOGLEVEL": config.log_level,
238 # RO configuration
239 "OSMLCM_RO_HOST": self.ro_client.host,
240 "OSMLCM_RO_PORT": self.ro_client.port,
241 "OSMLCM_RO_TENANT": "osm",
242 # Kafka configuration
243 "OSMLCM_MESSAGE_DRIVER": "kafka",
244 "OSMLCM_MESSAGE_HOST": self.kafka.host,
245 "OSMLCM_MESSAGE_PORT": self.kafka.port,
246 # Database configuration
247 "OSMLCM_DATABASE_DRIVER": "mongo",
248 # Storage configuration
249 "OSMLCM_STORAGE_DRIVER": "mongo",
250 "OSMLCM_STORAGE_PATH": "/app/storage",
251 "OSMLCM_STORAGE_COLLECTION": "files",
252 "OSMLCM_VCA_STABLEREPOURL": config.vca_stablerepourl,
253 }
254 )
255 container_builder.add_secret_envs(
256 secret_name=mongodb_secret_name,
257 envs={
258 "OSMLCM_DATABASE_URI": "uri",
259 "OSMLCM_DATABASE_COMMONKEY": "commonkey",
260 "OSMLCM_STORAGE_URI": "uri",
261 "OSMLCM_VCA_HELM_CA_CERTS": "helm_ca_certs",
262 },
263 )
264 if config.vca_host:
265 vca_secret_name = f"{self.app.name}-vca-secret"
266 pod_spec_builder.add_secret(
267 vca_secret_name,
268 {
269 "host": config.vca_host,
270 "port": str(config.vca_port),
271 "user": config.vca_user,
272 "pubkey": config.vca_pubkey,
273 "secret": config.vca_secret,
274 "cacert": config.vca_cacert,
275 "cloud": config.vca_cloud,
276 "k8s_cloud": config.vca_k8s_cloud,
277 },
278 )
279 container_builder.add_secret_envs(
280 secret_name=vca_secret_name,
281 envs={
282 # VCA configuration
283 "OSMLCM_VCA_HOST": "host",
284 "OSMLCM_VCA_PORT": "port",
285 "OSMLCM_VCA_USER": "user",
286 "OSMLCM_VCA_PUBKEY": "pubkey",
287 "OSMLCM_VCA_SECRET": "secret",
288 "OSMLCM_VCA_CACERT": "cacert",
289 "OSMLCM_VCA_CLOUD": "cloud",
290 "OSMLCM_VCA_K8S_CLOUD": "k8s_cloud",
291 },
292 )
293 if config.vca_apiproxy:
294 container_builder.add_env("OSMLCM_VCA_APIPROXY", config.vca_apiproxy)
295
296 model_config_envs = {
297 f"OSMLCM_{k.upper()}": v
298 for k, v in self.config.items()
299 if k.startswith("vca_model_config")
300 }
301 if model_config_envs:
302 container_builder.add_envs(model_config_envs)
303 container = container_builder.build()
304
305 # Add container to pod spec
306 pod_spec_builder.add_container(container)
307
308 # Add restart policy
309 restart_policy = PodRestartPolicy()
310 restart_policy.add_secrets()
311 pod_spec_builder.set_restart_policy(restart_policy)
312
313 return pod_spec_builder.build()
314
315
316 VSCODE_WORKSPACE = {
317 "folders": [
318 {"path": "/usr/lib/python3/dist-packages/osm_lcm"},
319 {"path": "/usr/lib/python3/dist-packages/n2vc"},
320 {"path": "/usr/lib/python3/dist-packages/osm_common"},
321 ],
322 "settings": {},
323 "launch": {
324 "version": "0.2.0",
325 "configurations": [
326 {
327 "name": "LCM",
328 "type": "python",
329 "request": "launch",
330 "module": "osm_lcm.lcm",
331 "justMyCode": False,
332 }
333 ],
334 },
335 }
336
337
338 if __name__ == "__main__":
339 main(LcmCharm)
340
341
342 # class ConfigurePodEvent(EventBase):
343 # """Configure Pod event"""
344
345 # pass
346
347
348 # class LcmEvents(CharmEvents):
349 # """LCM Events"""
350
351 # configure_pod = EventSource(ConfigurePodEvent)
352
353
354 # class LcmCharm(CharmBase):
355 # """LCM Charm."""
356
357 # state = StoredState()
358 # on = LcmEvents()
359
360 # def __init__(self, *args) -> NoReturn:
361 # """LCM Charm constructor."""
362 # super().__init__(*args)
363
364 # # Internal state initialization
365 # self.state.set_default(pod_spec=None)
366
367 # # Message bus data initialization
368 # self.state.set_default(message_host=None)
369 # self.state.set_default(message_port=None)
370
371 # # Database data initialization
372 # self.state.set_default(database_uri=None)
373
374 # # RO data initialization
375 # self.state.set_default(ro_host=None)
376 # self.state.set_default(ro_port=None)
377
378 # self.port = LCM_PORT
379 # self.image = OCIImageResource(self, "image")
380
381 # # Registering regular events
382 # self.framework.observe(self.on.start, self.configure_pod)
383 # self.framework.observe(self.on.config_changed, self.configure_pod)
384 # self.framework.observe(self.on.upgrade_charm, self.configure_pod)
385
386 # # Registering custom internal events
387 # self.framework.observe(self.on.configure_pod, self.configure_pod)
388
389 # # Registering required relation events
390 # self.framework.observe(
391 # self.on.kafka_relation_changed, self._on_kafka_relation_changed
392 # )
393 # self.framework.observe(
394 # self.on.mongodb_relation_changed, self._on_mongodb_relation_changed
395 # )
396 # self.framework.observe(
397 # self.on.ro_relation_changed, self._on_ro_relation_changed
398 # )
399
400 # # Registering required relation broken events
401 # self.framework.observe(
402 # self.on.kafka_relation_broken, self._on_kafka_relation_broken
403 # )
404 # self.framework.observe(
405 # self.on.mongodb_relation_broken, self._on_mongodb_relation_broken
406 # )
407 # self.framework.observe(
408 # self.on.ro_relation_broken, self._on_ro_relation_broken
409 # )
410
411 # def _on_kafka_relation_changed(self, event: EventBase) -> NoReturn:
412 # """Reads information about the kafka relation.
413
414 # Args:
415 # event (EventBase): Kafka relation event.
416 # """
417 # message_host = event.relation.data[event.unit].get("host")
418 # message_port = event.relation.data[event.unit].get("port")
419
420 # if (
421 # message_host
422 # and message_port
423 # and (
424 # self.state.message_host != message_host
425 # or self.state.message_port != message_port
426 # )
427 # ):
428 # self.state.message_host = message_host
429 # self.state.message_port = message_port
430 # self.on.configure_pod.emit()
431
432 # def _on_kafka_relation_broken(self, event: EventBase) -> NoReturn:
433 # """Clears data from kafka relation.
434
435 # Args:
436 # event (EventBase): Kafka relation event.
437 # """
438 # self.state.message_host = None
439 # self.state.message_port = None
440 # self.on.configure_pod.emit()
441
442 # def _on_mongodb_relation_changed(self, event: EventBase) -> NoReturn:
443 # """Reads information about the DB relation.
444
445 # Args:
446 # event (EventBase): DB relation event.
447 # """
448 # database_uri = event.relation.data[event.unit].get("connection_string")
449
450 # if database_uri and self.state.database_uri != database_uri:
451 # self.state.database_uri = database_uri
452 # self.on.configure_pod.emit()
453
454 # def _on_mongodb_relation_broken(self, event: EventBase) -> NoReturn:
455 # """Clears data from mongodb relation.
456
457 # Args:
458 # event (EventBase): DB relation event.
459 # """
460 # self.state.database_uri = None
461 # self.on.configure_pod.emit()
462
463 # def _on_ro_relation_changed(self, event: EventBase) -> NoReturn:
464 # """Reads information about the RO relation.
465
466 # Args:
467 # event (EventBase): Keystone relation event.
468 # """
469 # ro_host = event.relation.data[event.unit].get("host")
470 # ro_port = event.relation.data[event.unit].get("port")
471
472 # if (
473 # ro_host
474 # and ro_port
475 # and (self.state.ro_host != ro_host or self.state.ro_port != ro_port)
476 # ):
477 # self.state.ro_host = ro_host
478 # self.state.ro_port = ro_port
479 # self.on.configure_pod.emit()
480
481 # def _on_ro_relation_broken(self, event: EventBase) -> NoReturn:
482 # """Clears data from ro relation.
483
484 # Args:
485 # event (EventBase): Keystone relation event.
486 # """
487 # self.state.ro_host = None
488 # self.state.ro_port = None
489 # self.on.configure_pod.emit()
490
491 # def _missing_relations(self) -> str:
492 # """Checks if there missing relations.
493
494 # Returns:
495 # str: string with missing relations
496 # """
497 # data_status = {
498 # "kafka": self.state.message_host,
499 # "mongodb": self.state.database_uri,
500 # "ro": self.state.ro_host,
501 # }
502
503 # missing_relations = [k for k, v in data_status.items() if not v]
504
505 # return ", ".join(missing_relations)
506
507 # @property
508 # def relation_state(self) -> Dict[str, Any]:
509 # """Collects relation state configuration for pod spec assembly.
510
511 # Returns:
512 # Dict[str, Any]: relation state information.
513 # """
514 # relation_state = {
515 # "message_host": self.state.message_host,
516 # "message_port": self.state.message_port,
517 # "database_uri": self.state.database_uri,
518 # "ro_host": self.state.ro_host,
519 # "ro_port": self.state.ro_port,
520 # }
521
522 # return relation_state
523
524 # def configure_pod(self, event: EventBase) -> NoReturn:
525 # """Assemble the pod spec and apply it, if possible.
526
527 # Args:
528 # event (EventBase): Hook or Relation event that started the
529 # function.
530 # """
531 # if missing := self._missing_relations():
532 # self.unit.status = BlockedStatus(
533 # "Waiting for {0} relation{1}".format(
534 # missing, "s" if "," in missing else ""
535 # )
536 # )
537 # return
538
539 # if not self.unit.is_leader():
540 # self.unit.status = ActiveStatus("ready")
541 # return
542
543 # self.unit.status = MaintenanceStatus("Assembling pod spec")
544
545 # # Fetch image information
546 # try:
547 # self.unit.status = MaintenanceStatus("Fetching image information")
548 # image_info = self.image.fetch()
549 # except OCIImageResourceError:
550 # self.unit.status = BlockedStatus("Error fetching image information")
551 # return
552
553 # try:
554 # pod_spec = make_pod_spec(
555 # image_info,
556 # self.model.config,
557 # self.relation_state,
558 # self.model.app.name,
559 # self.port,
560 # )
561 # except ValueError as exc:
562 # logger.exception("Config/Relation data validation error")
563 # self.unit.status = BlockedStatus(str(exc))
564 # return
565
566 # if self.state.pod_spec != pod_spec:
567 # self.model.pod.set_spec(pod_spec)
568 # self.state.pod_spec = pod_spec
569
570 # self.unit.status = ActiveStatus("ready")
571
572
573 # if __name__ == "__main__":
574 # main(LcmCharm)