projects / osm / devops.git / blob
? search:


272193964c3af6b38b0973532aac1e1bd999fae7
[osm/devops.git] / installers / charm / mon / src / charm.py
1 #!/usr/bin/env python3
2 # Copyright 2021 Canonical Ltd.
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License"); you may
5 # not use this file except in compliance with the License. You may obtain
6 # a copy of the License at
7 #
8 # http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 # License for the specific language governing permissions and limitations
14 # under the License.
15 #
16 # For those usages not covered by the Apache License, Version 2.0 please
17 # contact: legal@canonical.com
18 #
19 # To get in touch with the maintainers, please contact:
20 # osm-charmers@lists.launchpad.net
21 ##
22
23 # pylint: disable=E0213
24
25
26 import base64
27 import logging
28 from typing import NoReturn, Optional
29
30
31 from ops.main import main
32 from opslib.osm.charm import CharmedOsmBase, RelationsMissing
33 from opslib.osm.interfaces.kafka import KafkaClient
34 from opslib.osm.interfaces.keystone import KeystoneClient
35 from opslib.osm.interfaces.mongo import MongoClient
36 from opslib.osm.interfaces.prometheus import PrometheusClient
37 from opslib.osm.pod import (
38 ContainerV3Builder,
39 FilesV3Builder,
40 PodRestartPolicy,
41 PodSpecV3Builder,
42 )
43 from opslib.osm.validator import ModelValidator, validator
44
45
46 logger = logging.getLogger(__name__)
47
48 PORT = 8000
49
50
51 def _check_certificate_data(name: str, content: str):
52 if not name or not content:
53 raise ValueError("certificate name and content must be a non-empty string")
54
55
56 def _extract_certificates(certs_config: str):
57 certificates = {}
58 if certs_config:
59 cert_list = certs_config.split(",")
60 for cert in cert_list:
61 name, content = cert.split(":")
62 _check_certificate_data(name, content)
63 certificates[name] = content
64 return certificates
65
66
67 def decode(content: str):
68 return base64.b64decode(content.encode("utf-8")).decode("utf-8")
69
70
71 class ConfigModel(ModelValidator):
72 keystone_enabled: bool
73 vca_host: str
74 vca_user: str
75 vca_secret: str
76 vca_cacert: str
77 database_commonkey: str
78 mongodb_uri: Optional[str]
79 log_level: str
80 openstack_default_granularity: int
81 global_request_timeout: int
82 collector_interval: int
83 evaluator_interval: int
84 grafana_url: str
85 grafana_user: str
86 grafana_password: str
87 certificates: Optional[str]
88 image_pull_policy: str
89
90 @validator("log_level")
91 def validate_log_level(cls, v):
92 if v not in {"INFO", "DEBUG"}:
93 raise ValueError("value must be INFO or DEBUG")
94 return v
95
96 @validator("certificates")
97 def validate_certificates(cls, v):
98 # Raises an exception if it cannot extract the certificates
99 _extract_certificates(v)
100 return v
101
102 @validator("mongodb_uri")
103 def validate_mongodb_uri(cls, v):
104 if v and not v.startswith("mongodb://"):
105 raise ValueError("mongodb_uri is not properly formed")
106 return v
107
108 @validator("image_pull_policy")
109 def validate_image_pull_policy(cls, v):
110 values = {
111 "always": "Always",
112 "ifnotpresent": "IfNotPresent",
113 "never": "Never",
114 }
115 v = v.lower()
116 if v not in values.keys():
117 raise ValueError("value must be always, ifnotpresent or never")
118 return values[v]
119
120 @property
121 def certificates_dict(cls):
122 return _extract_certificates(cls.certificates) if cls.certificates else {}
123
124
125 class MonCharm(CharmedOsmBase):
126 def __init__(self, *args) -> NoReturn:
127 super().__init__(
128 *args,
129 oci_image="image",
130 debug_mode_config_key="debug_mode",
131 debug_pubkey_config_key="debug_pubkey",
132 vscode_workspace=VSCODE_WORKSPACE,
133 )
134
135 self.kafka_client = KafkaClient(self, "kafka")
136 self.framework.observe(self.on["kafka"].relation_changed, self.configure_pod)
137 self.framework.observe(self.on["kafka"].relation_broken, self.configure_pod)
138
139 self.mongodb_client = MongoClient(self, "mongodb")
140 self.framework.observe(self.on["mongodb"].relation_changed, self.configure_pod)
141 self.framework.observe(self.on["mongodb"].relation_broken, self.configure_pod)
142
143 self.prometheus_client = PrometheusClient(self, "prometheus")
144 self.framework.observe(
145 self.on["prometheus"].relation_changed, self.configure_pod
146 )
147 self.framework.observe(
148 self.on["prometheus"].relation_broken, self.configure_pod
149 )
150
151 self.keystone_client = KeystoneClient(self, "keystone")
152 self.framework.observe(self.on["keystone"].relation_changed, self.configure_pod)
153 self.framework.observe(self.on["keystone"].relation_broken, self.configure_pod)
154
155 def _check_missing_dependencies(self, config: ConfigModel):
156 missing_relations = []
157
158 if self.kafka_client.is_missing_data_in_unit():
159 missing_relations.append("kafka")
160 if not config.mongodb_uri and self.mongodb_client.is_missing_data_in_unit():
161 missing_relations.append("mongodb")
162 if self.prometheus_client.is_missing_data_in_app():
163 missing_relations.append("prometheus")
164 if config.keystone_enabled:
165 if self.keystone_client.is_missing_data_in_app():
166 missing_relations.append("keystone")
167
168 if missing_relations:
169 raise RelationsMissing(missing_relations)
170
171 def _build_cert_files(
172 self,
173 config: ConfigModel,
174 ):
175 cert_files_builder = FilesV3Builder()
176 for name, content in config.certificates_dict.items():
177 cert_files_builder.add_file(name, decode(content), mode=0o600)
178 return cert_files_builder.build()
179
180 def build_pod_spec(self, image_info):
181 # Validate config
182 config = ConfigModel(**dict(self.config))
183
184 if config.mongodb_uri and not self.mongodb_client.is_missing_data_in_unit():
185 raise Exception("Mongodb data cannot be provided via config and relation")
186
187 # Check relations
188 self._check_missing_dependencies(config)
189
190 # Create Builder for the PodSpec
191 pod_spec_builder = PodSpecV3Builder()
192
193 # Add secrets to the pod
194 mongodb_secret_name = f"{self.app.name}-mongodb-secret"
195 pod_spec_builder.add_secret(
196 mongodb_secret_name,
197 {
198 "uri": config.mongodb_uri or self.mongodb_client.connection_string,
199 "commonkey": config.database_commonkey,
200 },
201 )
202 grafana_secret_name = f"{self.app.name}-grafana-secret"
203 pod_spec_builder.add_secret(
204 grafana_secret_name,
205 {
206 "url": config.grafana_url,
207 "user": config.grafana_user,
208 "password": config.grafana_password,
209 },
210 )
211
212 vca_secret_name = f"{self.app.name}-vca-secret"
213 pod_spec_builder.add_secret(
214 vca_secret_name,
215 {
216 "host": config.vca_host,
217 "user": config.vca_user,
218 "secret": config.vca_secret,
219 "cacert": config.vca_cacert,
220 },
221 )
222
223 # Build Container
224 container_builder = ContainerV3Builder(
225 self.app.name, image_info, config.image_pull_policy
226 )
227 certs_files = self._build_cert_files(config)
228
229 if certs_files:
230 container_builder.add_volume_config("certs", "/certs", certs_files)
231
232 container_builder.add_port(name=self.app.name, port=PORT)
233 container_builder.add_envs(
234 {
235 # General configuration
236 "ALLOW_ANONYMOUS_LOGIN": "yes",
237 "OSMMON_OPENSTACK_DEFAULT_GRANULARITY": config.openstack_default_granularity,
238 "OSMMON_GLOBAL_REQUEST_TIMEOUT": config.global_request_timeout,
239 "OSMMON_GLOBAL_LOGLEVEL": config.log_level,
240 "OSMMON_COLLECTOR_INTERVAL": config.collector_interval,
241 "OSMMON_EVALUATOR_INTERVAL": config.evaluator_interval,
242 # Kafka configuration
243 "OSMMON_MESSAGE_DRIVER": "kafka",
244 "OSMMON_MESSAGE_HOST": self.kafka_client.host,
245 "OSMMON_MESSAGE_PORT": self.kafka_client.port,
246 # Database configuration
247 "OSMMON_DATABASE_DRIVER": "mongo",
248 # Prometheus configuration
249 "OSMMON_PROMETHEUS_URL": f"http://{self.prometheus_client.hostname}:{self.prometheus_client.port}",
250 }
251 )
252 container_builder.add_secret_envs(
253 secret_name=mongodb_secret_name,
254 envs={
255 "OSMMON_DATABASE_URI": "uri",
256 "OSMMON_DATABASE_COMMONKEY": "commonkey",
257 },
258 )
259 container_builder.add_secret_envs(
260 secret_name=vca_secret_name,
261 envs={
262 "OSMMON_VCA_HOST": "host",
263 "OSMMON_VCA_USER": "user",
264 "OSMMON_VCA_SECRET": "secret",
265 "OSMMON_VCA_CACERT": "cacert",
266 },
267 )
268 container_builder.add_secret_envs(
269 secret_name=grafana_secret_name,
270 envs={
271 "OSMMON_GRAFANA_URL": "url",
272 "OSMMON_GRAFANA_USER": "user",
273 "OSMMON_GRAFANA_PASSWORD": "password",
274 },
275 )
276 if config.keystone_enabled:
277 keystone_secret_name = f"{self.app.name}-keystone-secret"
278 pod_spec_builder.add_secret(
279 keystone_secret_name,
280 {
281 "url": self.keystone_client.host,
282 "user_domain": self.keystone_client.user_domain_name,
283 "project_domain": self.keystone_client.project_domain_name,
284 "service_username": self.keystone_client.username,
285 "service_password": self.keystone_client.password,
286 "service_project": self.keystone_client.service,
287 },
288 )
289 container_builder.add_env("OSMMON_KEYSTONE_ENABLED", True)
290 container_builder.add_secret_envs(
291 secret_name=keystone_secret_name,
292 envs={
293 "OSMMON_KEYSTONE_URL": "url",
294 "OSMMON_KEYSTONE_DOMAIN_NAME": "user_domain",
295 "OSMMON_KEYSTONE_PROJECT_DOMAIN_NAME": "project_domain",
296 "OSMMON_KEYSTONE_SERVICE_USER": "service_username",
297 "OSMMON_KEYSTONE_SERVICE_PASSWORD": "service_password",
298 "OSMMON_KEYSTONE_SERVICE_PROJECT": "service_project",
299 },
300 )
301 container = container_builder.build()
302
303 # Add restart policy
304 restart_policy = PodRestartPolicy()
305 restart_policy.add_secrets()
306 pod_spec_builder.set_restart_policy(restart_policy)
307
308 # Add container to pod spec
309 pod_spec_builder.add_container(container)
310
311 return pod_spec_builder.build()
312
313
314 VSCODE_WORKSPACE = {
315 "folders": [
316 {"path": "/usr/lib/python3/dist-packages/osm_mon"},
317 {"path": "/usr/lib/python3/dist-packages/osm_common"},
318 {"path": "/usr/lib/python3/dist-packages/n2vc"},
319 ],
320 "settings": {},
321 "launch": {
322 "version": "0.2.0",
323 "configurations": [
324 {
325 "name": "MON Server",
326 "type": "python",
327 "request": "launch",
328 "module": "osm_mon.cmd.mon_server",
329 "justMyCode": False,
330 },
331 {
332 "name": "MON evaluator",
333 "type": "python",
334 "request": "launch",
335 "module": "osm_mon.cmd.mon_evaluator",
336 "justMyCode": False,
337 },
338 {
339 "name": "MON collector",
340 "type": "python",
341 "request": "launch",
342 "module": "osm_mon.cmd.mon_collector",
343 "justMyCode": False,
344 },
345 {
346 "name": "MON dashboarder",
347 "type": "python",
348 "request": "launch",
349 "module": "osm_mon.cmd.mon_dashboarder",
350 "justMyCode": False,
351 },
352 ],
353 },
354 }
355 if __name__ == "__main__":
356 main(MonCharm)