Merge "Update nova helm overrides for cold migration"

2019-01-23 16:20:59 +00:00 · 2019-01-23 16:20:59 +00:00 · f1791a2dc1
parent 6287c90d49 a0be71beaa
commit f1791a2dc1
2 changed files with 49 additions and 1 deletions
--- a/sysinv/sysinv/sysinv/sysinv/helm/nova.py
+++ b/sysinv/sysinv/sysinv/sysinv/helm/nova.py
@ -52,6 +52,8 @@ class NovaHelm(openstack.OpenstackBaseHelm):
    def get_overrides(self, namespace=None):
        scheduler_filters = SCHEDULER_FILTERS_COMMON

+        ssh_privatekey, ssh_publickey = \
+            self._get_or_generate_ssh_keys(self.SERVICE_NAME, common.HELM_NS_OPENSTACK)
        overrides = {
            common.HELM_NS_OPENSTACK: {
                'pod': {
@ -156,10 +158,18 @@ class NovaHelm(openstack.OpenstackBaseHelm):
                        'nova_compute': {
                            'hosts': self._get_per_host_overrides()
                        }
-                    }
+                    },
+                    'ssh_private': ssh_privatekey,
+                    'ssh_public': ssh_publickey,
                },
                'endpoints': self._get_endpoints_overrides(),
                'images': self._get_images_overrides(),
+                'network': {
+                    'sshd': {
+                        'enabled': True,
+                        'from_subnet': self._get_ssh_subnet(),
+                    }
+                }
            }
        }

@ -357,6 +367,12 @@ class NovaHelm(openstack.OpenstackBaseHelm):
        libvirt_config.update({'live_migration_inbound_addr': cluster_host_ip})
        vnc_config.update({'vncserver_proxyclient_address': cluster_host_ip})

+    def _get_ssh_subnet(self):
+        cluster_host_network = self.dbapi.network_get_by_type(
+            constants.NETWORK_TYPE_CLUSTER_HOST)
+        address_pool = self.dbapi.address_pool_get(cluster_host_network.pool_uuid)
+        return '%s/%s' % (str(address_pool.network), str(address_pool.prefix))
+
    def _update_host_memory(self, host, default_config):
        vswitch_2M_pages = []
        vswitch_1G_pages = []
--- a/sysinv/sysinv/sysinv/sysinv/helm/openstack.py
+++ b/sysinv/sysinv/sysinv/sysinv/helm/openstack.py
@ -7,6 +7,7 @@
 import keyring
 import subprocess

+from Crypto.PublicKey import RSA
 from sysinv.helm import base
 from sysinv.helm import common

@ -227,3 +228,34 @@ class OpenstackBaseHelm(base.BaseHelm):
                service, user, pw_format=common.PASSWORD_FORMAT_CEPH)

        return passwords[service][user]
+
+    def _get_or_generate_ssh_keys(self, chart, namespace):
+        try:
+            override = self.dbapi.helm_override_get(name=chart,
+                                                    namespace=namespace)
+        except exception.HelmOverrideNotFound:
+            # Override for this chart not found, so create one
+            values = {
+                'name': chart,
+                'namespace': namespace,
+            }
+            override = self.dbapi.helm_override_create(values=values)
+
+        privatekey = override.system_overrides.get('privatekey', None)
+        publickey = override.system_overrides.get('publickey', None)
+
+        if privatekey and publickey:
+            return str(privatekey), str(publickey)
+
+        # ssh keys are not set so generate them and store in overrides
+        key = RSA.generate(2048)
+        pubkey = key.publickey()
+        newprivatekey = key.exportKey('PEM')
+        newpublickey = pubkey.exportKey('OpenSSH')
+        values = {'system_overrides': override.system_overrides}
+        values['system_overrides'].update({'privatekey': newprivatekey,
+                                           'publickey': newpublickey})
+        self.dbapi.helm_override_update(
+            name=chart, namespace=namespace, values=values)
+
+        return newprivatekey, newpublickey