Added support for an Openstack provider.

[kat-co]

No description provided.

[wallyworld]

This doesn't belong here - common providers are those that work with any environment. The correct place to register this provider in the init() in providers/openstack. See how it's done for providers/ec2 and the ebs provider

[wallyworld]

This should be named CinderProviderType
Just as for AWS, we have a EBS_Provider type.
The storage provider type is named after the type of volume it manages, not the cloud on which it provisions the storage.

[kat-co]

Thanks, corrected.

[wallyworld]

This should be EnvironScope

[kat-co]

Are you sure? I just updated from trunk and the interface specifies Scope. Should I be rebasing from somewhere else?

[axw]

Ian meant the method should return storage.EnvironScope. It needs to be implemented.

[wallyworld]

The ebs provider uses a deferred function to delete any created volumes in that operation when the method exists with an error. We should do the same here too to prevent resource leakage.

[axw]

In case you're wondering, CreateVolumes does not need to be idempotent as it is not operating on existing resources (excluding instances). If a volume is created but never recorded in state, then later the storage provisioner will harvest them (when the code is written).

[kat-co]

If this is the case, would it be OK to leave the deferred removal out of this function? It clutter's the purpose a bit. Not a huge deal either way.

[axw]

Seeing as harvesting is not yet implemented, I'd prefer if we do it here for now at least. I think it'd be better to destroy them sooner-rather-than-later anyway. Also bear in mind that (AFAIK) tagging and creating are independent steps, so we'll need to make an effort to destroy created-but-not-tagged volumes.

[wallyworld]

Don't do the attachment here. Restrict CreateVolumes to just creating. The storage provisioner will call Attach(). We were going to remove the Attachment attribute. It may still need to be there though because with ebs for example, we need to know the AZ at creation time. Need to check the latest on this though.

[axw]

I'd suggest leaving it as-is for now. It's necessary to create the attachment with the volume iff the volume is non-persistent. For ec2 (branch forthcoming), the attachment is only created by CreateVolumes for that condition, otherwise it's deferred.

[kat-co]

Also, if there is a case where we wouldn't want to attach, we need to update the docstring on VolumeParams. It specifies that if Attachment != nil, you should attach.

[wallyworld]

This should just return nil, right?

[axw]

Definitely. When my ec2/ebs branch lands, it'll also need to complain if the params doesn't have an attachment or an instance-ID (for non-persistent volumes).

[wallyworld]

Can we implement this before landing? Or if not, let's do it straight away afterwards.

[kat-co]

I need to add support for this in goose. I'll land as a separate branch.

[wallyworld]

Does this need to be exported? Maybe it does, so needs a comment, as do the methods.

[wallyworld]

As with ebs, the Juju cloud provider itself creates a client with with to connect to the cloud. Can we look at reusing that existing code, probably via extracting to a helper method as was done for ec2/ebs.

[wallyworld]

This needs to be rounded up ie (size+1023)/1024

There are helper functions in providers/ec2 - mibToGib() and gibToMib()
Let's re-home those and use everywhere.

[wallyworld]

Just as the AWS test server was extended to listen and respond to EBS requests, I'm in 2 minds as to whether we should be doing that here too. All the other openstack tests use the openstack test server. I'd like to discuss this further.

[axw]

you'll still need to add createdVol to vols. I suggest doing what's in the else-block unconditionally, and just creating the attachment if Attachment!=nil

[kat-co]

Great suggestion; implemented as such.

[axw]

This presumably must be a TODO for this branch, unless OpenStack chooses a device name for you if you don't specify?

[kat-co]

Sorry, I meant to ask in tonight's stand-up. This is the mount-point in OpenStack I didn't see a place to get this from the parameters passed in, and assumed it was work that needed to be done on the API. Where can I retrieve the mount point in this function?

[axw]

Knowing what device name to specify requires fairly intimate knowledge of the provider. In EC2/EBS, we start from the first device name reserved/suggested for EBS volumes, and iterate until we find one that is not in use.

See: https://github.com/juju/juju/blob/master/provider/ec2/disks.go#L207
(the code that uses it at the moment is a bit broken; I'll have fixes up for review today)

[kat-co]

It looks like for Cinder I can just pass in nothing and it will auto-assign. Nice!

[axw]

Lovely. It is slightly concerning that the docs say "if supported", but let's run with that for now.

[axw]

Tag should be exactly what was in the storage.VolumeParams, not based off the provider ID.

[kat-co]

Thanks, corrected. There is a bit of an oddity when listing Volumes as there are no storage.VolumeParams coming in. I'm passing in an empty tag. Any suggestions on how to handle that better?

[axw]

Yeah, the DescribeVolumes signature is broken. It should be returning a different structure, one that does not include a tag; just info that the provider can supply. Passing in an empty tag is a reasonable thing to do for now, as long as there's a TODO to fix it once the API is updated.

[axw]

One thing to bear in mind: Juju's DeviceName is the bare device name, not the path. e.g. "sda" and not "/dev/sda". I'm not sure what it is in Nova/Cinder, but EC2/EBS returns the path. What's more, in EC2 you specify, say, "/dev/sda" but that actually gets translated to "/dev/xvda" on the machine that's created (in recent Linux kernels). So there's some translation required for EC2 - not sure what the case is here.

[axw]

Please make sure AttachVolumes and DetachVolumes are idempotent. This is primarily to cover partial failures. In the storage provisioner, we'll issue Attach calls for machine-scoped storage whenever the machine agent starts up; I don't think we'll do this for environ-scoped (shouldn't be necessary), but we do need to cover partial failures (i.e. where an attachment is created, but not recorded in state).

[axw]

P.S. I could live with that being done in a follow-up, but it is a must-have.

[axw]

Like Attach/Detach, DestroyVolumes needs to be idempotent and not fail if the volume doesn't exist.

[kat-co]

Kind of confusing then: why return a slice of errors?

[axw]

There may be other types of errors. Poorly specified, I know; sorry.

[axw]

Thanks, looking pretty good overall.

[axw]

Is there no way to do server-side filtering on volume IDs? If there is (which I can't see looking at the API), please add a TODO to use it.

[kat-co]

I don't think there is. You can get detailed volume information via /v2/​{tenant_id}​/volumes/​{volume_id}​, but I figured 1 batch request would be faster than several API calls.

[axw]

Thanks for confirming, leave as is.

[axw]

10 what?

[axw]

magic numbers less magic please

[kat-co]

Good point, corrected.

[axw]

I think it'd be better to just call AttachVolume, and then check the error result. Fewer API calls that way. Did you consider this and dismiss the option?

[axw]

Like AttachVolume, just call and check the OpenStack error code?

[kat-co]

Here at least, we need the the actual attachment ID to detach the volume. This is only provided by finding the correct attachment on the server.

[axw]

Forgive me if I'm being dense, but I don't see an attachment ID being used in the DetachVolume call; only an instance ID and a volume ID.

[axw]

Perhaps a comment just above here, noting that volumes must be "available" before they can be attached to a server.

[kat-co]

Good observation, corrected.

[axw]

This still needs implementing. Just return storage.ScopeEnviron.

[kat-co]

Thanks, done.

[axw]

return true
there will be very few static storage providers; only the ones that can't allocate storage separately from machines

[kat-co]

Thanks for the explanation.

[axw]

I don't think this is necessary, it'll never happen. I may have said at an earlier time to do this because StartInstance would be passed params for different providers, but this is dynamic now and will never be passed anything other than Cinder-type params.

[kat-co]

Awesome, removed.

[axw]

createdVol will always be non-zero?

[kat-co]

Doh, you're correct.

[axw]

Whoa! {anicking is a bit drastic, and suggests that the caller did something wrong.
Really there's nothing we can do at this point, so panicking isn't helpful. Just log the error and continue. Once harvesting is implemented we'll retry.

[kat-co]

Yeah I was going to ask what we'd like to do here. Switched to logging.

[axw]

This should be in provider/openstack/init.go. See provider/ec2/init.go.

[kat-co]

Sorry, this finally clicked! Corrected.

[axw]

Comment is a little weird. It's recording in the registry which storage providers are supported by OpenStack.

[kat-co]

Agreed; modified.

[axw]

d

[axw]

make this the final block

[axw]

return after the logging.
(otherwise you're relying on volAttachments below)

[kat-co]

Whoops, good catch.

[axw]

d

[axw]

make this the final block

[axw]

LGTM with a few more fixes.

[axw]

Either this should be newOpenstackAdapter, s/newOpenstackAdapter/NewGooseAdapter/g

Not sure this should be exported anyway...

[axw]

this needs updating again

[axw]

&& a.Attachment.InstanceId != ""

Because this is a dynamic provider, the instance may not be provisioned yet. This should change in the future (i.e. we should wait until the instance is provisioned before calling CreateVolumes with an attachment), but until then we need to check.

[axw]

this is wrong

[axw]

likewise.

tags correspond to Juju's internal names for entities ("0", "1", etc.), not whatever OpenStack or AWS says.

[axw]

I thought this was resolved previously, so sorry for not bringing it up before LGTM: OpenStack returns "/dev/sda", but in storage.VolumeAttachment we need to record "sda".

[axw]

attachment.Volume is the wrong thing to be using here. You should be using the attachment ID from OpenStack, which is not recorded in storage.VolumeAttachment.

I think you should change the adapter so that it only deals with nova structures. I guess it wouldn't be an adapter at all, just an interface that implements the volume-related bits of Nova and Cinder.