This change includes cinder-volume and cinder-volume-ceph to manager the
cinder-volume service as snap that can be configured over multiple
backends.
Change-Id: Id520fc95710c8516aed5eae08cb20c8e54808cc7
Signed-off-by: Guillaume Boutry <guillaume.boutry@canonical.com>
Because handler setup was performed in __init__, this made using
attributes defined in constructor impossible to use in the setup
methods except by ensuring right order in object init. This, in
turn, added a lot of overhead.
Methods of an object should be able to use attributes defined in
the object constructor.
Move handler setup in __post_init__ hooks, called after object
initialiazation.
Remove constructors only calling super() constructor.
Re-order attribute definition to be called after super()
constructor.
Change-Id: Ieb9d23b1e4764e2c0e894c932b7584b5b7c38258
Signed-off-by: Guillaume Boutry <guillaume.boutry@canonical.com>
When removing relations / applications, identity relations lose access
to secrets. Consider ModelError as relation no longer ready.
Treafik route access to relation data is also forbidden during shutdown.
Change-Id: If91fbadeb8b2d81e20ab278ee0d9e499edd55c4c
Signed-off-by: Guillaume Boutry <guillaume.boutry@canonical.com>
* Add new interface service-ready to check for service
readiness of remote application.
* Create a placeholder charm sunbeam-libs to place all
the common libraries. The charm and the libraries need
not be published to charmhub since at this point of time
they are used internally by sunbeam.
* Add provider to service-ready in masakari-k8s
* Add requirer to service-ready in openstack-hypervisor
and enable/disable snap option masakari.enable based on
service-ready relation.
Change-Id: I99feccee2c871fc5a581fdea6f45a541efc2a968
Implement mypy in the most non-breaking way possible. There's still some
changes of behavior that crept in, merely due to incorrect edge case
handling.
Charm libraries are generally well typed, include py.typed marker for
all of the libraries, to allow mypy analyzing their usage.
Change-Id: I7bda1913fa08dd4954a606526272ac80b45197cc
Signed-off-by: Guillaume Boutry <guillaume.boutry@canonical.com>
Implement tracing relation for all the charms.
Instrument most of ops.Object objects, including relation handlers,
pebble handlers, and relation objects.
Change-Id: I967ff858a63aa7d30094cf5a46491fce11195060
Signed-off-by: Guillaume Boutry <guillaume.boutry@canonical.com>
Implement LogForwardHandler for every k8s charm to forward service
stdout to logging provider.
Tempest-k8s is excluded because it implements its own logging handler.
Change-Id: Iccc9f1f911acfaaecf733fe78cc4bc3191a231d5
Signed-off-by: Guillaume Boutry <guillaume.boutry@canonical.com>
BasePeer handler currently changes any '-' characters
in app databag keys to '_'. Handle '/' and '.' as well.
Charm microceph uses app databag keys like
'microceph/0,join_token'
Change-Id: I6091ba503e8711fcc6a43f672cfecc01eff44561
This change refactors tls-certificates relation handler.
List of changes:
- Allow management of multiple tls certificates on the same relation
- Allow easier override of certificate signing request (csr)
- Enable certificate renewal on expiration / revokation
- Upgrade tls-certificates relation from v1 to v3
Change-Id: I4f6ac6a5570635388cc10131b34fbc6b422e1bca
Signed-off-by: Guillaume Boutry <guillaume.boutry@canonical.com>
private_key property is currently logging to debug the actual private
key. Remove the log altogether as this should not be logged
Change-Id: Ibfbded3d0724dda06098f334218183f32be0ac28
lib changes
Add new library nova_service to exchange config
information like nova spice proxy url.
ops-sunbeam changes
Move TraefikRouteHandler from heat-k8s to
ops_sunbeam to reuse in nova-k8s charm as well.
Add nova-service requires handler
nova-k8s changes
Add new container in nova-k8s for nova spice proxy
Add the corresponding pebble handler with plan to
start nova spice proxy process
Change the ingress relation to use traefik-route so
that both nova-api and nova-spiceproxy applications
are exposed via traefik
Add new interface nova-service to provide nova
spiceproxy url to client openstack-hypervisor.
Add nova-service provider handler
openstack-hypervisor changes:
Add interace nova-service in requires section of
metadata.yaml
Handle nova-service requires and update snap config
Change-Id: I27dd6523628e492bef1d1dd851dc528e41c520c7
For retreiving content of secret using get_content(),
use flag refresh=True to always get the latest revision.
Change-Id: I1ec2b2de5c8607b1593be8e5351ddc2c1444ded7
Add functionality to keystone to act as a
certificate transfer provider.
Add actions to add, remove, list CA certs
to keystone.
Add Certificate Transfer requires handler
in ops_sunbeam. Update keystone_auth section
cafile option if certificate is available
in receive-ca-cert relation.
Update metadata.yaml for keystone and rest of
k8s charms.
Change-Id: I9c800e8f8a0c9197b195331be7b445bafe794780
Tox fmt, pep8 for ops_sunbeam are missed
when projects are moved to mono repo.
Add support for fmt, pep8 for ops_sunbeam.
Run tox fmt and tox pep8.
Change-Id: I41559410ff55020ef30ed4b824f7596a20e88bab
Since upgrade of mysql relation (and secrets), only the application's
leader can lead the whole relation databag. Non-leader requiring units are only
allowed to read the provider side of the relation and their own unit's.
Change-Id: Iee073d654cabfbdefc817ea7c0207f3f28c457ac
data_platform_libs.v0.database_requires was deprecated on January 4th,
2023 and has not received updates since then.
This change migrates to data_platform_libs.v0.data_interfaces which the
preferred way to interact with MySQL.
Most notable changes:
- User/password in a secret
- Keystone test 'test_on_peer_data_changed_with_fernet_keys_and_fernet_secret_different'
is no longer mocking secrets to make sure it's using database secrets.
Change-Id: Ia1908c0828689458c6ff3fa8d9640c8debfc0a73
Stop all the services running in the container
when mandatory integrations are removed.
Currently the relation data is not cleared during
processing of gone away events. This is a bug in
juju reported at [1]. Due to this the relation is
still considered as ready.
Add workaround to check the event and mark the
relation to not ready if the event is gone away
event of the relation.
Catch database relation-broken event and block the
application.
[1] https://bugs.launchpad.net/juju/+bug/2024583
Change-Id: I80a0120d08b79561c13996c7a0f055824a1d5336
Recent change Ieffac3732c95846d0e3ec2408a9be4d96e477603 broke the
neutron-k8s py3 tests due to self.private_key being
accessed (_request_certificates method, `if self.private_key`)
before it had been properly set causing an attempt to decode None
Change-Id: I33bbf65e1d170cbc80161c573a381db43468b413
TlsCertificateHandler holds private_key variable
which is updated as type bytes sometimes and str
sometimes. Ensure private_key is of type str.
Change-Id: Ieffac3732c95846d0e3ec2408a9be4d96e477603
Due to a bug in the public url method sunbeam was using the
private _get_url_from_relation_data. This ignores stored state
and interogates the relation data directly. This causes a
race condition when new traefik units are coming up. The bug in
url property is fixed in v2 of the traefik interface so switch
to using that instead.
Closes-Bug: #2036990
Change-Id: I883ca62f8b6e072648bf69d9481bd6c11014ae6b
Using the deprecated 'sans' keyword to the generate_csr method
from the tls interface results in IP address being added as
DNS Sans which is wrong and breaks verification. This updates
the relation adapter to split them up so they are registered
correctly in the csr.
Change-Id: I4fb5c60dba5636fc40fb76c4468e376b7f059924
This change adds a mechanism for charms to be able to update
relation data as part of configure_charm rather than responding
to an explicit relation event.
The reason for this is that pod can be recycled at any point
causing it to loose its defered events. So, if a relation
adapter method to send relation data contains a defer that
deferred event can be lost and when a pod comes back it is
never resent.
Closes-Bug: 2036188
Change-Id: I2e6b27cdc05e93ebb25a7859b3c039ae64d82d9d
This reverts commit 8f18062509d092330e303f94d84a8a4a80d7404f.
Reason for revert: This revert should have been targetted at the stable/2023.1.2 branch not main
Change-Id: Id446a017e3b38bf58c651102f97f72702da1347b
This relates to volume attatchment which is not landing as
part of 2023.1.2 and is currentrly causing the cinder-ceph
charm to fail as the ceph_access lib is missing.
This reverts commit 3bcd8ade511868f81be9a2db1834a558846e9744.
Change-Id: I7d8dae2729657a98ea5c9d6bba860fe316b248b4
The hostnames field is filled later in the relation but templating the
context is not possible without this field. Making it mandatory to
consider RMQ Handler ready.
Change-Id: I017c4f563565503a1cc28d8db8b0b5dc406053d7
This reverts commit c2c6d588c78b7701f6ca8e6dfffa9b81a88c5b25.
Reason for revert: I misunderstood and v0 Identity credentials actually supersedes v1 cloud credentials
Change-Id: Ia985e8c147d92ef593b785d18a1c31132d9b1551
