projects / osm / devops.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Bug 2192 fixed - MON charm to support the MON attribute vm_infra_metrics
[osm/devops.git] / installers / charm / mon / src / charm.py
1 #!/usr/bin/env python3
2 # Copyright 2021 Canonical Ltd.
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License"); you may
5 # not use this file except in compliance with the License. You may obtain
6 # a copy of the License at
7 #
8 # http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 # License for the specific language governing permissions and limitations
14 # under the License.
15 #
16 # For those usages not covered by the Apache License, Version 2.0 please
17 # contact: legal@canonical.com
18 #
19 # To get in touch with the maintainers, please contact:
20 # osm-charmers@lists.launchpad.net
21 ##
22
23 # pylint: disable=E0213
24
25
26 import base64
27 import logging
28 from typing import NoReturn, Optional
29
30
31 from charms.kafka_k8s.v0.kafka import KafkaEvents, KafkaRequires
32 from ops.main import main
33 from opslib.osm.charm import CharmedOsmBase, RelationsMissing
34 from opslib.osm.interfaces.keystone import KeystoneClient
35 from opslib.osm.interfaces.mongo import MongoClient
36 from opslib.osm.interfaces.prometheus import PrometheusClient
37 from opslib.osm.pod import (
38 ContainerV3Builder,
39 FilesV3Builder,
40 PodRestartPolicy,
41 PodSpecV3Builder,
42 )
43 from opslib.osm.validator import ModelValidator, validator
44
45
46 logger = logging.getLogger(__name__)
47
48 PORT = 8000
49
50
51 def _check_certificate_data(name: str, content: str):
52 if not name or not content:
53 raise ValueError("certificate name and content must be a non-empty string")
54
55
56 def _extract_certificates(certs_config: str):
57 certificates = {}
58 if certs_config:
59 cert_list = certs_config.split(",")
60 for cert in cert_list:
61 name, content = cert.split(":")
62 _check_certificate_data(name, content)
63 certificates[name] = content
64 return certificates
65
66
67 def decode(content: str):
68 return base64.b64decode(content.encode("utf-8")).decode("utf-8")
69
70
71 class ConfigModel(ModelValidator):
72 keystone_enabled: bool
73 vca_host: str
74 vca_user: str
75 vca_secret: str
76 vca_cacert: str
77 database_commonkey: str
78 mongodb_uri: Optional[str]
79 log_level: str
80 openstack_default_granularity: int
81 global_request_timeout: int
82 collector_interval: int
83 vm_infra_metrics: bool
84 evaluator_interval: int
85 grafana_url: str
86 grafana_user: str
87 grafana_password: str
88 certificates: Optional[str]
89 image_pull_policy: str
90 debug_mode: bool
91 security_context: bool
92
93 @validator("log_level")
94 def validate_log_level(cls, v):
95 if v not in {"INFO", "DEBUG"}:
96 raise ValueError("value must be INFO or DEBUG")
97 return v
98
99 @validator("certificates")
100 def validate_certificates(cls, v):
101 # Raises an exception if it cannot extract the certificates
102 _extract_certificates(v)
103 return v
104
105 @validator("mongodb_uri")
106 def validate_mongodb_uri(cls, v):
107 if v and not v.startswith("mongodb://"):
108 raise ValueError("mongodb_uri is not properly formed")
109 return v
110
111 @validator("image_pull_policy")
112 def validate_image_pull_policy(cls, v):
113 values = {
114 "always": "Always",
115 "ifnotpresent": "IfNotPresent",
116 "never": "Never",
117 }
118 v = v.lower()
119 if v not in values.keys():
120 raise ValueError("value must be always, ifnotpresent or never")
121 return values[v]
122
123 @property
124 def certificates_dict(cls):
125 return _extract_certificates(cls.certificates) if cls.certificates else {}
126
127
128 class MonCharm(CharmedOsmBase):
129
130 on = KafkaEvents()
131
132 def __init__(self, *args) -> NoReturn:
133 super().__init__(
134 *args,
135 oci_image="image",
136 vscode_workspace=VSCODE_WORKSPACE,
137 )
138 if self.config.get("debug_mode"):
139 self.enable_debug_mode(
140 pubkey=self.config.get("debug_pubkey"),
141 hostpaths={
142 "MON": {
143 "hostpath": self.config.get("debug_mon_local_path"),
144 "container-path": "/usr/lib/python3/dist-packages/osm_mon",
145 },
146 "N2VC": {
147 "hostpath": self.config.get("debug_n2vc_local_path"),
148 "container-path": "/usr/lib/python3/dist-packages/n2vc",
149 },
150 "osm_common": {
151 "hostpath": self.config.get("debug_common_local_path"),
152 "container-path": "/usr/lib/python3/dist-packages/osm_common",
153 },
154 },
155 )
156 self.kafka = KafkaRequires(self)
157 self.framework.observe(self.on.kafka_available, self.configure_pod)
158 self.framework.observe(self.on.kafka_broken, self.configure_pod)
159
160 self.mongodb_client = MongoClient(self, "mongodb")
161 self.framework.observe(self.on["mongodb"].relation_changed, self.configure_pod)
162 self.framework.observe(self.on["mongodb"].relation_broken, self.configure_pod)
163
164 self.prometheus_client = PrometheusClient(self, "prometheus")
165 self.framework.observe(
166 self.on["prometheus"].relation_changed, self.configure_pod
167 )
168 self.framework.observe(
169 self.on["prometheus"].relation_broken, self.configure_pod
170 )
171
172 self.keystone_client = KeystoneClient(self, "keystone")
173 self.framework.observe(self.on["keystone"].relation_changed, self.configure_pod)
174 self.framework.observe(self.on["keystone"].relation_broken, self.configure_pod)
175
176 def _check_missing_dependencies(self, config: ConfigModel):
177 missing_relations = []
178
179 if not self.kafka.host or not self.kafka.port:
180 missing_relations.append("kafka")
181 if not config.mongodb_uri and self.mongodb_client.is_missing_data_in_unit():
182 missing_relations.append("mongodb")
183 if self.prometheus_client.is_missing_data_in_app():
184 missing_relations.append("prometheus")
185 if config.keystone_enabled:
186 if self.keystone_client.is_missing_data_in_app():
187 missing_relations.append("keystone")
188
189 if missing_relations:
190 raise RelationsMissing(missing_relations)
191
192 def _build_cert_files(
193 self,
194 config: ConfigModel,
195 ):
196 cert_files_builder = FilesV3Builder()
197 for name, content in config.certificates_dict.items():
198 cert_files_builder.add_file(name, decode(content), mode=0o600)
199 return cert_files_builder.build()
200
201 def build_pod_spec(self, image_info):
202 # Validate config
203 config = ConfigModel(**dict(self.config))
204
205 if config.mongodb_uri and not self.mongodb_client.is_missing_data_in_unit():
206 raise Exception("Mongodb data cannot be provided via config and relation")
207
208 # Check relations
209 self._check_missing_dependencies(config)
210
211 security_context_enabled = (
212 config.security_context if not config.debug_mode else False
213 )
214
215 # Create Builder for the PodSpec
216 pod_spec_builder = PodSpecV3Builder(
217 enable_security_context=security_context_enabled
218 )
219
220 # Add secrets to the pod
221 mongodb_secret_name = f"{self.app.name}-mongodb-secret"
222 pod_spec_builder.add_secret(
223 mongodb_secret_name,
224 {
225 "uri": config.mongodb_uri or self.mongodb_client.connection_string,
226 "commonkey": config.database_commonkey,
227 },
228 )
229 grafana_secret_name = f"{self.app.name}-grafana-secret"
230 pod_spec_builder.add_secret(
231 grafana_secret_name,
232 {
233 "url": config.grafana_url,
234 "user": config.grafana_user,
235 "password": config.grafana_password,
236 },
237 )
238
239 vca_secret_name = f"{self.app.name}-vca-secret"
240 pod_spec_builder.add_secret(
241 vca_secret_name,
242 {
243 "host": config.vca_host,
244 "user": config.vca_user,
245 "secret": config.vca_secret,
246 "cacert": config.vca_cacert,
247 },
248 )
249
250 # Build Container
251 container_builder = ContainerV3Builder(
252 self.app.name,
253 image_info,
254 config.image_pull_policy,
255 run_as_non_root=security_context_enabled,
256 )
257 certs_files = self._build_cert_files(config)
258
259 if certs_files:
260 container_builder.add_volume_config("certs", "/certs", certs_files)
261
262 container_builder.add_port(name=self.app.name, port=PORT)
263 container_builder.add_envs(
264 {
265 # General configuration
266 "ALLOW_ANONYMOUS_LOGIN": "yes",
267 "OSMMON_OPENSTACK_DEFAULT_GRANULARITY": config.openstack_default_granularity,
268 "OSMMON_GLOBAL_REQUEST_TIMEOUT": config.global_request_timeout,
269 "OSMMON_GLOBAL_LOGLEVEL": config.log_level,
270 "OSMMON_COLLECTOR_INTERVAL": config.collector_interval,
271 "OSMMON_COLLECTOR_VM_INFRA_METRICS": config.vm_infra_metrics,
272 "OSMMON_EVALUATOR_INTERVAL": config.evaluator_interval,
273 # Kafka configuration
274 "OSMMON_MESSAGE_DRIVER": "kafka",
275 "OSMMON_MESSAGE_HOST": self.kafka.host,
276 "OSMMON_MESSAGE_PORT": self.kafka.port,
277 # Database configuration
278 "OSMMON_DATABASE_DRIVER": "mongo",
279 # Prometheus configuration
280 "OSMMON_PROMETHEUS_URL": f"http://{self.prometheus_client.hostname}:{self.prometheus_client.port}",
281 }
282 )
283 prometheus_user = self.prometheus_client.user
284 prometheus_password = self.prometheus_client.password
285 if prometheus_user and prometheus_password:
286 container_builder.add_envs(
287 {
288 "OSMMON_PROMETHEUS_USER": prometheus_user,
289 "OSMMON_PROMETHEUS_PASSWORD": prometheus_password,
290 }
291 )
292 container_builder.add_secret_envs(
293 secret_name=mongodb_secret_name,
294 envs={
295 "OSMMON_DATABASE_URI": "uri",
296 "OSMMON_DATABASE_COMMONKEY": "commonkey",
297 },
298 )
299 container_builder.add_secret_envs(
300 secret_name=vca_secret_name,
301 envs={
302 "OSMMON_VCA_HOST": "host",
303 "OSMMON_VCA_USER": "user",
304 "OSMMON_VCA_SECRET": "secret",
305 "OSMMON_VCA_CACERT": "cacert",
306 },
307 )
308 container_builder.add_secret_envs(
309 secret_name=grafana_secret_name,
310 envs={
311 "OSMMON_GRAFANA_URL": "url",
312 "OSMMON_GRAFANA_USER": "user",
313 "OSMMON_GRAFANA_PASSWORD": "password",
314 },
315 )
316 if config.keystone_enabled:
317 keystone_secret_name = f"{self.app.name}-keystone-secret"
318 pod_spec_builder.add_secret(
319 keystone_secret_name,
320 {
321 "url": self.keystone_client.host,
322 "user_domain": self.keystone_client.user_domain_name,
323 "project_domain": self.keystone_client.project_domain_name,
324 "service_username": self.keystone_client.username,
325 "service_password": self.keystone_client.password,
326 "service_project": self.keystone_client.service,
327 },
328 )
329 container_builder.add_env("OSMMON_KEYSTONE_ENABLED", True)
330 container_builder.add_secret_envs(
331 secret_name=keystone_secret_name,
332 envs={
333 "OSMMON_KEYSTONE_URL": "url",
334 "OSMMON_KEYSTONE_DOMAIN_NAME": "user_domain",
335 "OSMMON_KEYSTONE_PROJECT_DOMAIN_NAME": "project_domain",
336 "OSMMON_KEYSTONE_SERVICE_USER": "service_username",
337 "OSMMON_KEYSTONE_SERVICE_PASSWORD": "service_password",
338 "OSMMON_KEYSTONE_SERVICE_PROJECT": "service_project",
339 },
340 )
341 container = container_builder.build()
342
343 # Add restart policy
344 restart_policy = PodRestartPolicy()
345 restart_policy.add_secrets()
346 pod_spec_builder.set_restart_policy(restart_policy)
347
348 # Add container to pod spec
349 pod_spec_builder.add_container(container)
350
351 return pod_spec_builder.build()
352
353
354 VSCODE_WORKSPACE = {
355 "folders": [
356 {"path": "/usr/lib/python3/dist-packages/osm_mon"},
357 {"path": "/usr/lib/python3/dist-packages/osm_common"},
358 {"path": "/usr/lib/python3/dist-packages/n2vc"},
359 ],
360 "settings": {},
361 "launch": {
362 "version": "0.2.0",
363 "configurations": [
364 {
365 "name": "MON Server",
366 "type": "python",
367 "request": "launch",
368 "module": "osm_mon.cmd.mon_server",
369 "justMyCode": False,
370 },
371 {
372 "name": "MON evaluator",
373 "type": "python",
374 "request": "launch",
375 "module": "osm_mon.cmd.mon_evaluator",
376 "justMyCode": False,
377 },
378 {
379 "name": "MON collector",
380 "type": "python",
381 "request": "launch",
382 "module": "osm_mon.cmd.mon_collector",
383 "justMyCode": False,
384 },
385 {
386 "name": "MON dashboarder",
387 "type": "python",
388 "request": "launch",
389 "module": "osm_mon.cmd.mon_dashboarder",
390 "justMyCode": False,
391 },
392 ],
393 },
394 }
395 if __name__ == "__main__":
396 main(MonCharm)