projects / osm / devops.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
CharmHub and new kafka and zookeeper charms
[osm/devops.git] / installers / charm / ro / src / charm.py
1 #!/usr/bin/env python3
2 # Copyright 2021 Canonical Ltd.
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License"); you may
5 # not use this file except in compliance with the License. You may obtain
6 # a copy of the License at
7 #
8 # http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 # License for the specific language governing permissions and limitations
14 # under the License.
15 #
16 # For those usages not covered by the Apache License, Version 2.0 please
17 # contact: legal@canonical.com
18 #
19 # To get in touch with the maintainers, please contact:
20 # osm-charmers@lists.launchpad.net
21 ##
22
23 # pylint: disable=E0213
24
25 import base64
26 import logging
27 from typing import Dict, NoReturn, Optional
28
29 from charms.kafka_k8s.v0.kafka import KafkaEvents, KafkaRequires
30 from ops.main import main
31 from opslib.osm.charm import CharmedOsmBase, RelationsMissing
32 from opslib.osm.interfaces.mongo import MongoClient
33 from opslib.osm.interfaces.mysql import MysqlClient
34 from opslib.osm.pod import (
35 ContainerV3Builder,
36 FilesV3Builder,
37 PodRestartPolicy,
38 PodSpecV3Builder,
39 )
40 from opslib.osm.validator import ModelValidator, validator
41
42 logger = logging.getLogger(__name__)
43
44 PORT = 9090
45
46
47 def _check_certificate_data(name: str, content: str):
48 if not name or not content:
49 raise ValueError("certificate name and content must be a non-empty string")
50
51
52 def _extract_certificates(certs_config: str):
53 certificates = {}
54 if certs_config:
55 cert_list = certs_config.split(",")
56 for cert in cert_list:
57 name, content = cert.split(":")
58 _check_certificate_data(name, content)
59 certificates[name] = content
60 return certificates
61
62
63 def decode(content: str):
64 return base64.b64decode(content.encode("utf-8")).decode("utf-8")
65
66
67 class ConfigModel(ModelValidator):
68 enable_ng_ro: bool
69 database_commonkey: str
70 mongodb_uri: Optional[str]
71 log_level: str
72 mysql_host: Optional[str]
73 mysql_port: Optional[int]
74 mysql_user: Optional[str]
75 mysql_password: Optional[str]
76 mysql_root_password: Optional[str]
77 vim_database: str
78 ro_database: str
79 openmano_tenant: str
80 certificates: Optional[str]
81 image_pull_policy: str
82 debug_mode: bool
83 security_context: bool
84
85 @validator("log_level")
86 def validate_log_level(cls, v):
87 if v not in {"INFO", "DEBUG"}:
88 raise ValueError("value must be INFO or DEBUG")
89 return v
90
91 @validator("certificates")
92 def validate_certificates(cls, v):
93 # Raises an exception if it cannot extract the certificates
94 _extract_certificates(v)
95 return v
96
97 @validator("mongodb_uri")
98 def validate_mongodb_uri(cls, v):
99 if v and not v.startswith("mongodb://"):
100 raise ValueError("mongodb_uri is not properly formed")
101 return v
102
103 @validator("mysql_port")
104 def validate_mysql_port(cls, v):
105 if v and (v <= 0 or v >= 65535):
106 raise ValueError("Mysql port out of range")
107 return v
108
109 @validator("image_pull_policy")
110 def validate_image_pull_policy(cls, v):
111 values = {
112 "always": "Always",
113 "ifnotpresent": "IfNotPresent",
114 "never": "Never",
115 }
116 v = v.lower()
117 if v not in values.keys():
118 raise ValueError("value must be always, ifnotpresent or never")
119 return values[v]
120
121 @property
122 def certificates_dict(cls):
123 return _extract_certificates(cls.certificates) if cls.certificates else {}
124
125
126 class RoCharm(CharmedOsmBase):
127 """GrafanaCharm Charm."""
128
129 on = KafkaEvents()
130
131 def __init__(self, *args) -> NoReturn:
132 """Prometheus Charm constructor."""
133 super().__init__(
134 *args,
135 oci_image="image",
136 vscode_workspace=VSCODE_WORKSPACE,
137 )
138 if self.config.get("debug_mode"):
139 self.enable_debug_mode(
140 pubkey=self.config.get("debug_pubkey"),
141 hostpaths={
142 "osm_common": {
143 "hostpath": self.config.get("debug_common_local_path"),
144 "container-path": "/usr/lib/python3/dist-packages/osm_common",
145 },
146 **_get_ro_host_paths(self.config.get("debug_ro_local_path")),
147 },
148 )
149 self.kafka = KafkaRequires(self)
150 self.framework.observe(self.on.kafka_available, self.configure_pod)
151 self.framework.observe(self.on.kafka_broken, self.configure_pod)
152
153 self.mysql_client = MysqlClient(self, "mysql")
154 self.framework.observe(self.on["mysql"].relation_changed, self.configure_pod)
155 self.framework.observe(self.on["mysql"].relation_broken, self.configure_pod)
156
157 self.mongodb_client = MongoClient(self, "mongodb")
158 self.framework.observe(self.on["mongodb"].relation_changed, self.configure_pod)
159 self.framework.observe(self.on["mongodb"].relation_broken, self.configure_pod)
160
161 self.framework.observe(self.on["ro"].relation_joined, self._publish_ro_info)
162
163 def _publish_ro_info(self, event):
164 """Publishes RO information.
165
166 Args:
167 event (EventBase): RO relation event.
168 """
169 if self.unit.is_leader():
170 rel_data = {
171 "host": self.model.app.name,
172 "port": str(PORT),
173 }
174 for k, v in rel_data.items():
175 event.relation.data[self.app][k] = v
176
177 def _check_missing_dependencies(self, config: ConfigModel):
178 missing_relations = []
179
180 if config.enable_ng_ro:
181 if not self.kafka.host or not self.kafka.port:
182 missing_relations.append("kafka")
183 if not config.mongodb_uri and self.mongodb_client.is_missing_data_in_unit():
184 missing_relations.append("mongodb")
185 else:
186 if not config.mysql_host and self.mysql_client.is_missing_data_in_unit():
187 missing_relations.append("mysql")
188 if missing_relations:
189 raise RelationsMissing(missing_relations)
190
191 def _validate_mysql_config(self, config: ConfigModel):
192 invalid_values = []
193 if not config.mysql_user:
194 invalid_values.append("Mysql user is empty")
195 if not config.mysql_password:
196 invalid_values.append("Mysql password is empty")
197 if not config.mysql_root_password:
198 invalid_values.append("Mysql root password empty")
199
200 if invalid_values:
201 raise ValueError("Invalid values: " + ", ".join(invalid_values))
202
203 def _build_cert_files(
204 self,
205 config: ConfigModel,
206 ):
207 cert_files_builder = FilesV3Builder()
208 for name, content in config.certificates_dict.items():
209 cert_files_builder.add_file(name, decode(content), mode=0o600)
210 return cert_files_builder.build()
211
212 def build_pod_spec(self, image_info):
213 # Validate config
214 config = ConfigModel(**dict(self.config))
215
216 if config.enable_ng_ro:
217 if config.mongodb_uri and not self.mongodb_client.is_missing_data_in_unit():
218 raise Exception(
219 "Mongodb data cannot be provided via config and relation"
220 )
221 else:
222 if config.mysql_host and not self.mysql_client.is_missing_data_in_unit():
223 raise Exception("Mysql data cannot be provided via config and relation")
224
225 if config.mysql_host:
226 self._validate_mysql_config(config)
227
228 # Check relations
229 self._check_missing_dependencies(config)
230
231 security_context_enabled = (
232 config.security_context if not config.debug_mode else False
233 )
234
235 # Create Builder for the PodSpec
236 pod_spec_builder = PodSpecV3Builder(
237 enable_security_context=security_context_enabled
238 )
239
240 # Build Container
241 container_builder = ContainerV3Builder(
242 self.app.name,
243 image_info,
244 config.image_pull_policy,
245 run_as_non_root=security_context_enabled,
246 )
247 certs_files = self._build_cert_files(config)
248
249 if certs_files:
250 container_builder.add_volume_config("certs", "/certs", certs_files)
251
252 container_builder.add_port(name=self.app.name, port=PORT)
253 container_builder.add_http_readiness_probe(
254 "/ro/" if config.enable_ng_ro else "/openmano/tenants",
255 PORT,
256 initial_delay_seconds=10,
257 period_seconds=10,
258 timeout_seconds=5,
259 failure_threshold=3,
260 )
261 container_builder.add_http_liveness_probe(
262 "/ro/" if config.enable_ng_ro else "/openmano/tenants",
263 PORT,
264 initial_delay_seconds=600,
265 period_seconds=10,
266 timeout_seconds=5,
267 failure_threshold=3,
268 )
269 container_builder.add_envs(
270 {
271 "OSMRO_LOG_LEVEL": config.log_level,
272 }
273 )
274
275 if config.enable_ng_ro:
276 # Add secrets to the pod
277 mongodb_secret_name = f"{self.app.name}-mongodb-secret"
278 pod_spec_builder.add_secret(
279 mongodb_secret_name,
280 {
281 "uri": config.mongodb_uri or self.mongodb_client.connection_string,
282 "commonkey": config.database_commonkey,
283 },
284 )
285 container_builder.add_envs(
286 {
287 "OSMRO_MESSAGE_DRIVER": "kafka",
288 "OSMRO_MESSAGE_HOST": self.kafka.host,
289 "OSMRO_MESSAGE_PORT": self.kafka.port,
290 # MongoDB configuration
291 "OSMRO_DATABASE_DRIVER": "mongo",
292 }
293 )
294 container_builder.add_secret_envs(
295 secret_name=mongodb_secret_name,
296 envs={
297 "OSMRO_DATABASE_URI": "uri",
298 "OSMRO_DATABASE_COMMONKEY": "commonkey",
299 },
300 )
301 restart_policy = PodRestartPolicy()
302 restart_policy.add_secrets(secret_names=(mongodb_secret_name,))
303 pod_spec_builder.set_restart_policy(restart_policy)
304
305 else:
306 container_builder.add_envs(
307 {
308 "RO_DB_HOST": config.mysql_host or self.mysql_client.host,
309 "RO_DB_OVIM_HOST": config.mysql_host or self.mysql_client.host,
310 "RO_DB_PORT": config.mysql_port or self.mysql_client.port,
311 "RO_DB_OVIM_PORT": config.mysql_port or self.mysql_client.port,
312 "RO_DB_USER": config.mysql_user or self.mysql_client.user,
313 "RO_DB_OVIM_USER": config.mysql_user or self.mysql_client.user,
314 "RO_DB_PASSWORD": config.mysql_password
315 or self.mysql_client.password,
316 "RO_DB_OVIM_PASSWORD": config.mysql_password
317 or self.mysql_client.password,
318 "RO_DB_ROOT_PASSWORD": config.mysql_root_password
319 or self.mysql_client.root_password,
320 "RO_DB_OVIM_ROOT_PASSWORD": config.mysql_root_password
321 or self.mysql_client.root_password,
322 "RO_DB_NAME": config.ro_database,
323 "RO_DB_OVIM_NAME": config.vim_database,
324 "OPENMANO_TENANT": config.openmano_tenant,
325 }
326 )
327 container = container_builder.build()
328
329 # Add container to pod spec
330 pod_spec_builder.add_container(container)
331
332 return pod_spec_builder.build()
333
334
335 VSCODE_WORKSPACE = {
336 "folders": [
337 {"path": "/usr/lib/python3/dist-packages/osm_ng_ro"},
338 {"path": "/usr/lib/python3/dist-packages/osm_common"},
339 {"path": "/usr/lib/python3/dist-packages/osm_ro_plugin"},
340 {"path": "/usr/lib/python3/dist-packages/osm_rosdn_arista_cloudvision"},
341 {"path": "/usr/lib/python3/dist-packages/osm_rosdn_dpb"},
342 {"path": "/usr/lib/python3/dist-packages/osm_rosdn_dynpac"},
343 {"path": "/usr/lib/python3/dist-packages/osm_rosdn_floodlightof"},
344 {"path": "/usr/lib/python3/dist-packages/osm_rosdn_ietfl2vpn"},
345 {"path": "/usr/lib/python3/dist-packages/osm_rosdn_juniper_contrail"},
346 {"path": "/usr/lib/python3/dist-packages/osm_rosdn_odlof"},
347 {"path": "/usr/lib/python3/dist-packages/osm_rosdn_onos_vpls"},
348 {"path": "/usr/lib/python3/dist-packages/osm_rosdn_onosof"},
349 {"path": "/usr/lib/python3/dist-packages/osm_rovim_aws"},
350 {"path": "/usr/lib/python3/dist-packages/osm_rovim_azure"},
351 {"path": "/usr/lib/python3/dist-packages/osm_rovim_gcp"},
352 {"path": "/usr/lib/python3/dist-packages/osm_rovim_fos"},
353 # {"path": "/usr/lib/python3/dist-packages/osm_rovim_opennebula"},
354 {"path": "/usr/lib/python3/dist-packages/osm_rovim_openstack"},
355 {"path": "/usr/lib/python3/dist-packages/osm_rovim_openvim"},
356 {"path": "/usr/lib/python3/dist-packages/osm_rovim_vmware"},
357 ],
358 "launch": {
359 "configurations": [
360 {
361 "module": "osm_ng_ro.ro_main",
362 "name": "NG RO",
363 "request": "launch",
364 "type": "python",
365 "justMyCode": False,
366 }
367 ],
368 "version": "0.2.0",
369 },
370 "settings": {},
371 }
372
373
374 def _get_ro_host_paths(ro_host_path: str) -> Dict:
375 """Get RO host paths"""
376 return (
377 {
378 "NG-RO": {
379 "hostpath": f"{ro_host_path}/NG-RO",
380 "container-path": "/usr/lib/python3/dist-packages/osm_ng_ro",
381 },
382 "RO-plugin": {
383 "hostpath": f"{ro_host_path}/RO-plugin",
384 "container-path": "/usr/lib/python3/dist-packages/osm_ro_plugin",
385 },
386 "RO-SDN-arista_cloudvision": {
387 "hostpath": f"{ro_host_path}/RO-SDN-arista_cloudvision",
388 "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_arista_cloudvision",
389 },
390 "RO-SDN-dpb": {
391 "hostpath": f"{ro_host_path}/RO-SDN-dpb",
392 "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_dpb",
393 },
394 "RO-SDN-dynpac": {
395 "hostpath": f"{ro_host_path}/RO-SDN-dynpac",
396 "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_dynpac",
397 },
398 "RO-SDN-floodlight_openflow": {
399 "hostpath": f"{ro_host_path}/RO-SDN-floodlight_openflow",
400 "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_floodlightof",
401 },
402 "RO-SDN-ietfl2vpn": {
403 "hostpath": f"{ro_host_path}/RO-SDN-ietfl2vpn",
404 "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_ietfl2vpn",
405 },
406 "RO-SDN-juniper_contrail": {
407 "hostpath": f"{ro_host_path}/RO-SDN-juniper_contrail",
408 "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_juniper_contrail",
409 },
410 "RO-SDN-odl_openflow": {
411 "hostpath": f"{ro_host_path}/RO-SDN-odl_openflow",
412 "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_odlof",
413 },
414 "RO-SDN-onos_openflow": {
415 "hostpath": f"{ro_host_path}/RO-SDN-onos_openflow",
416 "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_onosof",
417 },
418 "RO-SDN-onos_vpls": {
419 "hostpath": f"{ro_host_path}/RO-SDN-onos_vpls",
420 "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_onos_vpls",
421 },
422 "RO-VIM-aws": {
423 "hostpath": f"{ro_host_path}/RO-VIM-aws",
424 "container-path": "/usr/lib/python3/dist-packages/osm_rovim_aws",
425 },
426 "RO-VIM-azure": {
427 "hostpath": f"{ro_host_path}/RO-VIM-azure",
428 "container-path": "/usr/lib/python3/dist-packages/osm_rovim_azure",
429 },
430 "RO-VIM-gcp": {
431 "hostpath": f"{ro_host_path}/RO-VIM-gcp",
432 "container-path": "/usr/lib/python3/dist-packages/osm_rovim_gcp",
433 },
434 "RO-VIM-fos": {
435 "hostpath": f"{ro_host_path}/RO-VIM-fos",
436 "container-path": "/usr/lib/python3/dist-packages/osm_rovim_fos",
437 },
438 "RO-VIM-opennebula": {
439 "hostpath": f"{ro_host_path}/RO-VIM-opennebula",
440 "container-path": "/usr/lib/python3/dist-packages/osm_rovim_opennebula",
441 },
442 "RO-VIM-openstack": {
443 "hostpath": f"{ro_host_path}/RO-VIM-openstack",
444 "container-path": "/usr/lib/python3/dist-packages/osm_rovim_openstack",
445 },
446 "RO-VIM-openvim": {
447 "hostpath": f"{ro_host_path}/RO-VIM-openvim",
448 "container-path": "/usr/lib/python3/dist-packages/osm_rovim_openvim",
449 },
450 "RO-VIM-vmware": {
451 "hostpath": f"{ro_host_path}/RO-VIM-vmware",
452 "container-path": "/usr/lib/python3/dist-packages/osm_rovim_vmware",
453 },
454 }
455 if ro_host_path
456 else {}
457 )
458
459
460 if __name__ == "__main__":
461 main(RoCharm)