Cross Reference: /solaris-userland-s11u3/components/openstack/keystone/files/keystone-upgrade

#!/usr/bin/python2.7

# Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#    License for the specific language governing permissions and limitations
#    under the License.

import glob
import os
from subprocess import check_call, Popen, PIPE
import sys
import traceback

import iniparse
import smf_include
import sqlalchemy

from openstack_common import alter_mysql_tables, create_backups, modify_conf


KEYSTONE_CONF_MAPPINGS = {
    # Deprecated group/name
    ('DEFAULT', 'admin_bind_host'): ('eventlet_server', 'admin_bind_host'),
    ('DEFAULT', 'admin_workers'): ('eventlet_server', 'admin_workers'),
    ('DEFAULT', 'admin_port'): ('eventlet_server', 'admin_port'),
    ('DEFAULT', 'tcp_keepidle'): ('eventlet_server', 'tcp_keepidle'),
    ('ssl', 'cert_required'): ('eventlet_server_ssl', 'cert_required'),
    ('DEFAULT', 'public_port'): ('eventlet_server', 'public_port'),
    ('DEFAULT', 'public_bind_host'): ('eventlet_server', 'public_bind_host'),
    ('DEFAULT', 'tcp_keepalive'): ('eventlet_server', 'tcp_keepalive'),
    ('DEFAULT', 'public_workers'): ('eventlet_server', 'public_workers'),
    ('ssl', 'keyfile'): ('eventlet_server_ssl', 'keyfile'),
    ('ssl', 'ca_certs'): ('eventlet_server_ssl', 'ca_certs'),
    ('ssl', 'enable'): ('eventlet_server_ssl', 'enable'),
    ('ssl', 'certfile'): ('eventlet_server_ssl', 'certfile'),
    ('DEFAULT', 'amqp_durable_queues'):
        ('oslo_messaging_qpid', 'amqp_durable_queues'),
    ('DEFAULT', 'amqp_auto_delete'):
        ('oslo_messaging_qpid', 'amqp_auto_delete'),
    ('DEFAULT', 'rpc_conn_pool_size'):
        ('oslo_messaging_qpid', 'rpc_conn_pool_size'),
    ('DEFAULT', 'qpid_hostname'):
        ('oslo_messaging_qpid', 'qpid_hostname'),
    ('DEFAULT', 'qpid_port'):
        ('oslo_messaging_qpid', 'qpid_port'),
    ('DEFAULT', 'qpid_hosts'):
        ('oslo_messaging_qpid', 'qpid_hosts'),
    ('DEFAULT', 'qpid_username'):
        ('oslo_messaging_qpid', 'qpid_username'),
    ('DEFAULT', 'qpid_password'):
        ('oslo_messaging_qpid', 'qpid_password'),
    ('DEFAULT', 'qpid_sasl_mechanisms'):
        ('oslo_messaging_qpid', 'qpid_sasl_mechanisms'),
    ('DEFAULT', 'qpid_heartbeat'):
        ('oslo_messaging_qpid', 'qpid_heartbeat'),
    ('DEFAULT', 'qpid_tcp_nodelay'):
        ('oslo_messaging_qpid', 'qpid_tcp_nodelay'),
    ('DEFAULT', 'qpid_receiver_capacity'):
        ('oslo_messaging_qpid', 'qpid_receiver_capacity'),
    ('DEFAULT', 'qpid_topology_version'):
        ('oslo_messaging_qpid', 'qpid_topology_version'),
    ('DEFAULT', 'kombu_ssl_version'):
        ('oslo_messaging_rabbit', 'kombu_ssl_version'),
    ('DEFAULT', 'kombu_ssl_keyfile'):
        ('oslo_messaging_rabbit', 'kombu_ssl_keyfile'),
    ('DEFAULT', 'kombu_ssl_certfile'):
        ('oslo_messaging_rabbit', 'kombu_ssl_certfile'),
    ('DEFAULT', 'kombu_ssl_ca_certs'):
        ('oslo_messaging_rabbit', 'kombu_ssl_ca_certs'),
    ('DEFAULT', 'kombu_reconnect_delay'):
        ('oslo_messaging_rabbit', 'kombu_reconnect_delay'),
    ('DEFAULT', 'rabbit_host'):
        ('oslo_messaging_rabbit', 'rabbit_host'),
    ('DEFAULT', 'rabbit_port'):
        ('oslo_messaging_rabbit', 'rabbit_port'),
    ('DEFAULT', 'rabbit_hosts'):
        ('oslo_messaging_rabbit', 'rabbit_hosts'),
    ('DEFAULT', 'rabbit_use_ssl'):
        ('oslo_messaging_rabbit', 'rabbit_use_ssl'),
    ('DEFAULT', 'rabbit_userid'):
        ('oslo_messaging_rabbit', 'rabbit_userid'),
    ('DEFAULT', 'rabbit_password'):
        ('oslo_messaging_rabbit', 'rabbit_password'),
    ('DEFAULT', 'rabbit_login_method'):
        ('oslo_messaging_rabbit', 'rabbit_login_method'),
    ('DEFAULT', 'rabbit_virtual_host'):
        ('oslo_messaging_rabbit', 'rabbit_virtual_host'),
    ('DEFAULT', 'rabbit_retry_interval'):
        ('oslo_messaging_rabbit', 'rabbit_retry_interval'),
    ('DEFAULT', 'rabbit_retry_backoff'):
        ('oslo_messaging_rabbit', 'rabbit_retry_backoff'),
    ('DEFAULT', 'rabbit_max_retries'):
        ('oslo_messaging_rabbit', 'rabbit_max_retries'),
    ('DEFAULT', 'rabbit_ha_queues'):
        ('oslo_messaging_rabbit', 'rabbit_ha_queues'),
    ('DEFAULT', 'fake_rabbit'):
        ('oslo_messaging_rabbit', 'fake_rabbit'),
    ('DEFAULT', 'max_request_body_size'):
        ('oslo_middleware', 'max_request_body_size'),
    ('assignment', 'list_limit'): ('resource', 'list_limit'),
    ('assignment', 'caching'): ('resource', 'caching'),
    ('assignment', 'cache_time'): ('resource', 'cache_time'),
    ('token', 'revocation_cache_time'): ('revoke', 'cache_time'),
    ('DEFAULT', 'log-format'): (None, None),
    ('DEFAULT', 'use-syslog'): (None, None),
}

KEYSTONE_CONF_EXCEPTIONS = [
    ('eventlet_server', 'public_workers'),
    ('eventlet_server', 'admin_workers'),
    ('database', 'connection'),
]


def start():
    # pull out the current version of config/upgrade-id
    p = Popen(['/usr/bin/svcprop', '-p', 'config/upgrade-id',
               os.environ['SMF_FMRI']], stdout=PIPE, stderr=PIPE)
    curr_ver, _err = p.communicate()
    curr_ver = curr_ver.strip()

    # extract the openstack-upgrade-id from the pkg
    p = Popen(['/usr/bin/pkg', 'contents', '-H', '-t', 'set', '-o', 'value',
               '-a', 'name=openstack.upgrade-id',
               'pkg:/cloud/openstack/keystone'], stdout=PIPE, stderr=PIPE)
    pkg_ver, _err = p.communicate()
    pkg_ver = pkg_ver.strip()

    if curr_ver == pkg_ver:
        # No need to upgrade
        sys.exit(smf_include.SMF_EXIT_OK)

    # look for any .new files
    if glob.glob('/etc/keystone/*.new'):
        # the versions are different, so perform an upgrade
        # modify the configuration files

        # backup all the old configuration files
        create_backups('/etc/keystone')

        modify_conf('/etc/keystone/keystone.conf', KEYSTONE_CONF_MAPPINGS,
                    KEYSTONE_CONF_EXCEPTIONS)
        modify_conf('/etc/keystone/keystone-paste.ini')
        modify_conf('/etc/keystone/logging.conf')

    config = iniparse.RawConfigParser()
    config.read('/etc/keystone/keystone.conf')
    # In certain cases the database section does not exist and the
    # default database chosen is sqlite.
    if config.has_section('database'):
        db_connection = config.get('database', 'connection')

        if db_connection.startswith('mysql'):
            engine = sqlalchemy.create_engine(db_connection)
            if engine.url.username != '%SERVICE_USER%':
                alter_mysql_tables(engine)
                print "altered character set to utf8 in keystone tables"

    # update the current version
    check_call(['/usr/sbin/svccfg', '-s', os.environ['SMF_FMRI'], 'setprop',
               'config/upgrade-id', '=', pkg_ver])
    check_call(['/usr/sbin/svccfg', '-s', os.environ['SMF_FMRI'], 'refresh'])

    sys.exit(smf_include.SMF_EXIT_OK)


if __name__ == '__main__':
    os.putenv('LC_ALL', 'C')
    try:
        smf_include.smf_main()
    except RuntimeError:
        sys.exit(smf_include.SMF_EXIT_ERR_FATAL)
    except Exception as err:
        print 'Unknown error:  %s' % err
        print
        traceback.print_exc(file=sys.stdout)
        sys.exit(smf_include.SMF_EXIT_ERR_FATAL)