7d44c38c90
This commit introduces dccertmon, a new managed service for DC certificate auditing and management. Currently, platform cert management, DC cert management, and subcloud cert auditing are coupled into a single platform service (certmon). To meet the requirements of DC scalability and portability, DC specific functionality must be decoupled. These changes lay the groundwork for the new service, by: - Creating the necessary service files. - Introducing configs for the service. - Declaring high level methods (Skeleton - lifecycle and manager) DC-specific functionality will be migrated to this dccertmon service and optimized in subsequent changes. Non-DC cert management will continue to be handled by certmon. Overall, this commit introduces: - The OCF file necessary for high availability management of the dccertmon service by SM. - Package configurations to build the service (Package: distributedcloud-dccertmon). - Lifecycle manager for a running DC cert monitor service. - Skeleton/base service application logic - CertificateMonitorManager. - RPC notification handlers for subcloud online/managed. - Configuration for the log folders and log rotation. The logs will be available in /var/log/dccertmon/dccertmon.log. These changes are part of a set of commits to introduce the dccertmon service: [1] https://review.opendev.org/c/starlingx/ha/+/941205 [2] https://review.opendev.org/c/starlingx/stx-puppet/+/941208 Test Plan: - PASS: Build dccertmon package - PASS: Install and bootstrap system with custom ISO containing the newly created dccertmon package - PASS: Verify that the dccertmon.service is loaded - PASS: Verify dccertmon is being properly logged to the correct folder. - PASS: Check logged messages and verify execution of - Cert Watcher thread - Task Executor (Audit thread) - Periodic tasks running at expected intervals - PASS: Configure and provision the service using SM and verify it has correctly started and can be restarted with 'sm-restart'. - PASS: Tox checks running on dccertmon Note: This commit has been tested alongside the related changes and their respective test plans. [1][2] Story: 2011311 Task: 51663 Change-Id: Ic23d8d13e4b292cf0508d23eaae99b8e07f36d31 Signed-off-by: Salman Rana <salman.rana@windriver.com>
101 lines
2.3 KiB
Plaintext
101 lines
2.3 KiB
Plaintext
Source: distributedcloud
|
|
Section: admin
|
|
Priority: optional
|
|
Maintainer: StarlingX Developers <starlingx-discuss@lists.starlingx.io>
|
|
Build-Depends:
|
|
debhelper-compat (= 13),
|
|
dh-python,
|
|
python3-all,
|
|
python3-openssl,
|
|
python3-babel,
|
|
python3-cryptography,
|
|
python3-dev,
|
|
python3-eventlet,
|
|
python3-jsonschema (>= 2.0.0),
|
|
python3-keyring,
|
|
python3-keystoneauth1 (>= 3.1.0),
|
|
python3-keystonemiddleware,
|
|
python3-netaddr,
|
|
python3-oslo.concurrency (>= 3.29.1),
|
|
python3-oslo.config,
|
|
python3-oslo.context,
|
|
python3-oslo.db,
|
|
python3-oslo.i18n,
|
|
python3-oslo.log,
|
|
python3-oslo.messaging,
|
|
python3-oslo.middleware,
|
|
python3-oslo.policy,
|
|
python3-oslo.rootwrap,
|
|
python3-oslo.serialization,
|
|
python3-oslo.service,
|
|
python3-oslo.utils,
|
|
python3-oslo.versionedobjects,
|
|
python3-pbr (>= 1.8),
|
|
python3-pecan (>= 1.0.0),
|
|
python3-routes (>= 1.12.3),
|
|
python3-setuptools,
|
|
python3-sphinx,
|
|
python3-sphinxcontrib.httpdomain,
|
|
python3-wheel
|
|
Standards-Version: 4.1.2
|
|
Homepage: https://www.starlingx.io
|
|
|
|
Package: distributedcloud-dccommon
|
|
Architecture: any
|
|
Depends:
|
|
${misc:Depends},
|
|
${python3:Depends},
|
|
python3-kubernetes
|
|
Description: Distributed Cloud Common Module
|
|
Distributed Cloud Common Module
|
|
|
|
Package: distributedcloud-dcmanager
|
|
Architecture: any
|
|
Depends:
|
|
${misc:Depends},
|
|
${python3:Depends}
|
|
Description: Distributed Cloud Manager
|
|
Distributed Cloud Manager
|
|
|
|
Package: distributedcloud-dcorch
|
|
Architecture: any
|
|
Depends:
|
|
${misc:Depends},
|
|
${python3:Depends},
|
|
openstack-resource-agents,
|
|
python3-psutil
|
|
Description: Distributed Cloud Orchestrator
|
|
Distributed Cloud Orchestrator
|
|
|
|
Package: distributedcloud-dcdbsync
|
|
Architecture: any
|
|
Depends:
|
|
${misc:Depends},
|
|
${python3:Depends}
|
|
Description: Distributed Cloud DCorch DBsync Agent
|
|
Distributed Cloud DCorch DBsync Agent
|
|
|
|
Package: distributedcloud-dcagent
|
|
Architecture: any
|
|
Depends:
|
|
${misc:Depends},
|
|
${python3:Depends}
|
|
Description: Distributed Cloud DCAgent
|
|
Distributed Cloud DCAgent
|
|
|
|
Package: distributedcloud-dccertmon
|
|
Architecture: any
|
|
Depends:
|
|
${misc:Depends},
|
|
${python3:Depends}
|
|
Description: Distributed Cloud Certificate Monitor
|
|
Distributed Cloud Certificate Monitor
|
|
|
|
Package: distributedcloud-wheels
|
|
Architecture: any
|
|
Depends:
|
|
${misc:Depends},
|
|
${python3:Depends},
|
|
Description: Distributed Cloud wheels
|
|
Contains python wheels for distributedcloud
|