New charms: midonet-host-agent, midonet-agnet, midonet-api
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Juju Charms Collection |
Fix Released
|
Medium
|
Unassigned |
Related branches
James Page (james-page) wrote : Re: New charms: midonet-host-agent, midonet-repository, midonet-api | #1 |
summary: |
- New charm: midonet-host-agent + New charms: midonet-host-agent, midonet-repository, midonet-api |
description: | updated |
Changed in charms: | |
importance: | Undecided → High |
importance: | High → Medium |
James Page (james-page) wrote : | #2 |
General observation across all three charms - its not really required to add copyright headers to all files; a copyright file should be provided for each charm which can detail copyright for individual files if required:
This is a machine readable format used across Debian and Ubuntu.
James Page (james-page) wrote : | #3 |
metadata.yaml:
'maintainer' field needs to be an email address so that users of the charm know who to contact for bugs/support etc...
James Page (james-page) wrote : | #4 |
Based on the proposed change to keystone:
https:/
I think the midonet-api charm needs a bit of refactoring so that keystone becomes responsible for tenant/user server and endpoint registration. This will be alot less racey than trying todo it remotely from midonet-api.
James Page (james-page) wrote : | #5 |
midonet-host-agent:
_install_rootwrap() installs nova-network to get (I think) the required rootwrap filters.
This feels a little brutal - maybe it might be better to ship the required rootwrap filters in the charm and copy them to the right place once you know the principle charm is nova-compute.
Also:
if remote_unit and remote_
is unsafe - there is no guarantee that the principle service will be called nova-compute (that's the charm name) - it could be nova-compute-az1 or something similar.
Its probably better to detect whether nova packages are installed - or maybe just whether the /etc/nova/
Also restarting nova-compute in the subordinate is generally frowned upon - we try to ensure that the charm responsible for the service does restarts. That said the nova-compute charm does not currently expose a good way of doing this (we can do that later), so I'd make the restart conditional on the need to install the rootwrap filter, otherwise every hook execution will restart nova-compute unconditionally.
This will create problems.
James Page (james-page) wrote : | #6 |
midonet-host-agent:
hooks/relations.py looks like it wants merging into hooks/utils/
James Page (james-page) wrote : | #7 |
midonet-host-agent:
Alot of the hooks contain:
import services
services.manage()
rather than having lots of copied of this, it might be neater to have a single executable py file with this in it, and symlink the required hooks to that.
James Page (james-page) wrote : | #8 |
midonet-host-agent:
README.md - Usage section needs a bit of tidy - some of the formatting is a bit off - also;
juju add-relation midonet-host_agent midonet-api
->
juju add-relation midonet-host-agent midonet-api
James Page (james-page) wrote : | #9 |
OK - so the need for midonet-repository confused me for a while - I see that its just used to propagate out 'source' type information to the other midonet charms for the puppet manifests to use.
This feels a bit awkward; reading the README's I understand the two principle sources to be:
"upstream opensource"
"downstream MEM"
presumably combined with a stable/
I would recommend that you a) attempt to consolidate these configuration options into a more end-user consumable set of options and b) push them into midonet-api and midonet-host-agent directly - having the extra charm and associated deployment overhead but does not add a huge amount of value and feels counter to the generally modelling of software in juju charms.
James Page (james-page) wrote : | #10 |
Re my comments in #9 - including the keys for the midonet repositories within the charm is perfectly acceptable - we have precedent for this in other charms.
so 'downstream' 'stable' 'juno' could just map to a defined set of repositories, verified by the keys in the charm.
James Page (james-page) wrote : | #11 |
midonet-api:
This charm provides configuration options for midonet-
I'm also not sure of the intent of the 'api_ip' option - this feels like something the charm should just figure out. I'd probably also drop the api_port option as well - I know some of the other openstack charms do have this type of configuration, but generally it just lets end-users break things faster....
James Page (james-page) wrote : | #12 |
FYI I've merged:
https:/
The resolution of conflicts for trivial and I thought it would avoid any further round-trips!
Kevin W Monroe (kwmonroe) wrote : | #13 |
Changed status to In Progress while Midonet considers James' initial review comments.
Changed in charms: | |
status: | New → In Progress |
James Page (james-page) wrote : | #14 |
I also discussed with celebdor on irc - he's reworking based on our conversation and the feedback in this bug report.
Mark W Wenning (mwenning) wrote : | #15 |
Toni has or will be posting updates to these merges, setting back to New to get back on the review Q
Changed in charms: | |
status: | In Progress → New |
Charles Butler (lazypower) wrote : | #16 |
Moving this bug to in-progress as its not ready for re-review after corresponding with apuimedo in irc. WHen you're ready for another review please change the status of this bug to "fix-committed" and it will be reviewed shortly.
Changed in charms: | |
status: | New → In Progress |
Mark W Wenning (mwenning) wrote : | #17 |
Hi Charles and James,
First of all, I want to thank you both for the previous round of reviews and the very enlightening charm development discussions we've had in these past few months.I just merged Lucas' amulet tests to my development branch of the MidoNet specific charms and I would really appreciate it if you two could take a look at our charms so that they may be approved for the partner lab.:
https:/
https:/
https:/
Let me know what you think so that I can push the branches to ~midonet-charmers and we can have this (and the openstack charms that are undergoing review already) in the partner lab and store as soon as possible.
Regards,
Toni
Changed in charms: | |
status: | In Progress → New |
Changed in charms: | |
status: | New → Fix Committed |
Charles Butler (lazypower) wrote : | #18 |
Greetings, after following up with Antoni at the beginning of ODS, I've taken some additional time to review the charms.
I did notice when standing up the cluster using the amulet tests in midonet-api, that I received an error fetching a package for : Unable to locate package python-
The logs preceding this indicate that there was an issue acquiring control of apt and apt is unable to add/update from the datastax and midonet source.
W: Failed to fetch http://
Couldn't acquire DPKG lock. Will retry in 10 seconds.
This is reproducible by cloning the charm and executing bundletester from the root on any serverstack instance. I'm filing requests with IS to open these resources during the testing cycle.
This is a candidate for being noted in the README that `repo.midonet.com` will need to be added to any firewall ACLs.
`bundletester -Fvl DEBUG `
I'll resume reviews once I have been able to resolve our firewall issues.
Ashley Lai (alai) wrote : | #19 |
From the OIL side the firewall issues are resolved. In OIL network we are able to deploy Midonet successfully but we are blocked on this bug https:/
Antonio Rosales (arosales) wrote : | #20 |
Per comment 19 development continues around getting the processes running on nova-compute. Thus, I will put this bug in "In Progress." Once that development is complete and the charms are ready for review please update the status to "Fix Committed."
-thanks,
Antonio
Changed in charms: | |
status: | Fix Committed → In Progress |
Ashley Lai (alai) wrote : | #21 |
One comment I have for the Midonet charms is currently the charms use "midonet-release: kilo/midonet-
The format is "openstack-origin: cloud:trusty-kilo", it will always be cloud:ubuntuRel
James Page (james-page) wrote : | #22 |
Ashley and I discussed on IRC; the semantics of values midonet-release express different intent than openstack-origin, so I think its best not to polute the midonet charms with this configuration option.
Ashley Lai (alai) wrote : | #23 |
Bug https:/
James Page (james-page) wrote : | #24 |
Picking up testing and review.
Changed in charms: | |
assignee: | nobody → James Page (james-page) |
James Page (james-page) wrote : | #25 |
Other pertinent merges:
https:/
James Page (james-page) wrote : | #26 |
and:
https:/
keystone and nova-compute don't have outstanding merges for midonet support AFAICT
James Page (james-page) wrote : | #27 |
Also:
https:/
which still needs unit tests as described in the feedback.
James Page (james-page) wrote : | #28 |
midonet-api::Amulet Tests
Had a few problems executing the amulet tests.
a) shared_secret -> shared-secret
The nova-cloud-
b) neutron-api install failure
unit-neutron-
unit-neutron-
unit-neutron-
unit-neutron-
unit-neutron-
This actually related to a network access problem that I had - once that was sorted out, I was able to get the neutron-api service running; however it does highlight a bug in the neutron-api charm (apt_update is called in non fatal mode):
https:/
No action required as part of this review - we'll get that fixed under separate cover.
c) switch tests to use landed midonet changes
We still have outstanding changes for neutron-api and nova-cloud-
d) memory requirements for units
Anything with midonet-agent installed appears to need > 2G of RAM to actually operate as the java heap size for midolman is not dynamically configured based on avaliable memory.
I increased the mem constraint on the services that use this sub to work around that in my testenv (default unit only has 1.5G of RAM).
e) wedged hook execution
Once everything was deployed I noticed:
root 9579 0.0 1.1 419792 17128 ? Ssl 12:23 0:00 /var/lib/
root 9623 0.0 1.3 331612 20420 ? Ssl 12:23 0:00 /var/lib/
root 19731 0.0 1.5 84144 23392 ? S 12:34 0:00 \_ python /var/lib/
host-relation-
f) midonet-agent on nova-compute
midolman never actually go installed - this is not propagated back to the charm, so the deployment looks OK, but its not actually complete.
2015-12-17 12:30:01 INFO zookeeper-
2015-12-17 12:30:01 INFO zookeeper-
2015-12-17 12:30:01 INFO zookeeper-
2015-12-17 12:30:01 INFO ...
James Page (james-page) wrote : | #29 |
Looking at the hook hang:
Process 21428 attached
recvfrom(3,
FD 3 is:
3 -> socket:[37498]
James Page (james-page) wrote : | #30 |
Looks like a hang in the TunnelHandling() call ? related to this connection:
tcp 0 0 10.5.37.237:48513 10.5.37.237:8080 ESTABLISHED
tcp6 251 0 10.5.37.237:8080 10.5.37.237:48513 ESTABLISHED
any ideas?
James Page (james-page) wrote : | #31 |
Antoni is working on a topology change and charm fixes for w/c 18th January.
Parking further review and testing until then.
Antoni Segura Puimedon (celebdor) wrote : | #32 |
Latest changes are:
MidoNet API
https:/
The old complete amulet test has to be updated with fixes like those in:
https:/
and MidoNet Agent
https:/
Due to the pacemaker/corosync bug, I'm changing the neutron-api, neutron-
James Page (james-page) wrote : Re: [Bug 1453678] Re: New charms: midonet-host-agent, midonet-repository, midonet-api | #33 |
Hi Toni
Could you also link to your preferred bundle for deployment? Would really
help with the testing and review process.
Cheers
James
On Thu, 21 Jan 2016 at 09:16 Antoni Segura Puimedon <email address hidden>
wrote:
> Latest changes are:
>
> MidoNet API
>
> https:/
>
> The old complete amulet test has to be updated with fixes like those in:
>
> https:/
> /review-fixes
> <https:/
>
> and MidoNet Agent
>
> https:/
> agent/trunk
>
>
> Due to the pacemaker/corosync bug, I'm changing the neutron-api,
> neutron-
> reproducing in our deployments. I'll post the changes to neutron-api and
> neutron-
> only neutron-
>
> --
> You received this bug notification because you are a bug assignee.
> https:/
>
> Title:
> New charms: midonet-host-agent, midonet-repository, midonet-api
>
> Status in Juju Charms Collection:
> In Progress
>
> Bug description:
> New charms for deploying midonet SDN.
>
> To manage notifications about this bug go to:
> https:/
>
Antoni Segura Puimedon (celebdor) wrote : Re: New charms: midonet-host-agent, midonet-repository, midonet-api | #34 |
Proposed merge for neutron-api with Liberty support:
https:/
@James: I'll upload a bundle with constraints that could be used in a cloud later today. The problem is that it will be without neutron-
Antoni Segura Puimedon (celebdor) wrote : | #35 |
https:/
for the previous merge proposal.
James Page (james-page) wrote : | #36 |
https:/
James Page (james-page) wrote : | #37 |
Toni
Please can you link to your reworked neutron-
summary: |
- New charms: midonet-host-agent, midonet-repository, midonet-api + New charms: midonet-host-agent, midonet-agnet, midonet-api |
James Page (james-page) wrote : | #38 |
Changes to neutron-api under:
https:/
now landed into next - thankyou!
James Page (james-page) wrote : | #39 |
Hi Toni
I took a run through the midonet-api charm this morning; lots of niggles in lint, unit and amulet tests still.
1) lint
$ make lint
hooks/relations
hooks/relations
hooks/relations
hooks/relations
2) unit tests
Python2 tests have the right deps installed in the venv, but are not platform agnostic - this probably needs some patching into the unit tests to ensure a consistent unit tests execution environment.
$ make test2
Starting Py2 tests...
PYTHONPATH=hooks .venv2/
juju-log: ERROR: FATAL ERROR: Could not derive openstack release for this Ubuntu release: xenial
E.
=======
ERROR: test_config_change (unit_tests.
-------
Traceback (most recent call last):
File "/home/
return func(*args, **keywargs)
File "/home/
services.
File "/home/
ost_release = helpers_
File "/home/
error_out(e)
File "/home/
sys.exit(1)
SystemExit: 1
-------
Ran 2 tests in 0.039s
FAILED (errors=1)
$ make test3
Starting Py3 tests...
PYTHONPATH=hooks .venv3/
E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)
E: Unable to lock the administration directory (/var/lib/dpkg/), are you root?
E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)
E: Unable to lock the administration directory (/var/lib/dpkg/), are you root?
EEE
=======
ERROR: Failure: ImportError (No module named 'yaml')
-------
Traceback (most recent call last):
File "/home/
raise self.exc_
File "/home/
addr.filename, addr.module)
File "/home/
return self.importFrom
James Page (james-page) wrote : | #40 |
OK - so I was able to successfully deploy midonet-api with keystone and neutron-api, and then create some subnet and network objects in the services.
I'll move on next to test integration with nova-compute and midonet-agent (which I'll review next).
James Page (james-page) wrote : | #41 |
Adding:
This will superceed the update to nova-cc to support metadata in the nova-cc charm for neutron; nova metadata services will be hosted on neutron-
James Page (james-page) wrote : | #42 |
I've been able to deploy midonet-api, midonet-agent and neutron-
Remaining actions before promulgation across all three charms:
1) Tidy lint
2) Get unit tests mocking fully and passing
3) Tidy amulet tests to use landed changes to other openstack charms and ensure that these run to completion so we can verify deployments.
I'll attach my kilo and juno test deployment bundles to this bug report so people can see what's been tested.
James Page (james-page) wrote : | #43 |
James Page (james-page) wrote : | #44 |
Changed in charms: | |
status: | In Progress → Incomplete |
assignee: | James Page (james-page) → Antoni Segura Puimedon (celebdor) |
James Page (james-page) wrote : | #45 |
Marking 'Incomplete' and assigning bug to Toni for completion of the comments in #42; Toni - once you're happy all is good, set back to new and re-assign to me with an appropriate comment.
Thanks for all of your work on these charms so far - feels real close to promulgation now!
Antoni Segura Puimedon (celebdor) wrote : | #46 |
@James:
I pushed new versions of all three charms with unit tests fixed.
I also hope that the amulet tests are fixed. However, due to a bug in the openstack juju provider that is not opening the security groups for the open ports, the tunnel zone handling that happens via midonet-api port 8080 could not be verified. I'll try to get access to some aws environment (as in my maas env I don't have nearly enough machines to test it).
Changed in charms: | |
status: | Incomplete → New |
assignee: | Antoni Segura Puimedon (celebdor) → nobody |
James Page (james-page) wrote : | #47 |
I've performed final review and testing using amulet over the last few days; all looking good so have promulgated all three charms to the charm store - will injest in the next few hours.
The charms make some limited use of status - it would be nice as a follow up for this to be a bit more in-depth (assessing the status of relations at the end of each hook execution), and to provide implementations of the 'update-status' hook which runs every 5 mins to validate that daemons are running.
Changed in charms: | |
status: | New → Fix Released |
James Page (james-page) wrote : | #48 |
Also the propagation of problems encountered in the underlying puppet modules up into the charm could be better; I had some challenges figuring out why stuff was not installed when we have some issues in our test environment with access to repositories.
Merged the three new charm bugs into this bug to make tracking and review a bit easier.