This commit introduces a new charm option allowing operators to override
the hardcoded 0.0 that disabled hypervisor demotion on build failures
from pike onward.
In certain environments it may be preferable to retain the upstream
behavior of letting the scheduler work around malfunctional computes and
favor instance building reliability at the cost of a potentially uneven
load distribution.
Change-Id: I2faa5ab8cd505a9d61a9fa26e1b08d16b0c795fb
Closes-Bug: 1892934
Ensure that the public endpoint binding is used to resolve the
path to the SSL certificate and key files as the base access
URL for console access is always via this binding.
Add unit tests to cover the InstanceConsoleContext class.
Change-Id: I27de9445d249b0d670543d250bd02f450764a10f
Closes-Bug: 1871428
New config option count_usage_from_placement is added in Nova from
Train release to enable/disable counting of quota usage from placement
service. Corresponding config parameter is required in nova-cloud-controller
charm.
This patch introduces quota-count-usage-from-placement config parameter in
nova-cloud-controller charm. For openstack releases train or above, this
option is rendered in nova.conf for nova-cloud-controller units.
func-test-pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/250
Change-Id: I57b9335b7b6aecb8610a66a59cb2e4e506e76a5e
Closes-Bug: #1864859
Enable PCI Passthrough Filter if neutron-api charm has enabled
support for hardware offloading.
Change-Id: I0ccb4366b03557b316da1507015112c7f378176e
Depends-On: I1f59012ad2d16af18ca310906f6c6b537bb7ec72
Allow attach between instance and volume in different
availability zones. If False, volumes attached to an
instance must be in the same availability zone
in Cinder as the instance availability zone in Nova.
Change-Id: I21df8e0dfa585133c5ef6a55cdbbc2071c267424
Closes-Bug: #1856776
This commit introduces option osapi_compute_unique_server_name_scope
which allows operators to ensure VMs are created with unique names per
project or cloud.
Change-Id: Idacb60bb31cd60cb1deaec7cb3ec061f0c04da24
Closes-Bug: #1829782
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@canonical.com>
Make placement a required interface for train and above as
placement is required in order to schedule instances.
Change-Id: If2472ec24df4c3d90b14189f8c4d3cceee5edc97
Closes-Bug: #1849893
The placement project has split from nova into its own project
in Train. This patch disables the nova placement API as of Stein
when the placement charm relatation joins, and discontinues
nova placement installation as of Train for new installs.
Change-Id: If7c37ef8936e418b5afd21d83c9322563348cbcf
Needed-By: https://review.opendev.org/#/c/687915/
Partial-Bug: 1811681
A new config option called scheduler-host-subset-size was added
to configure FilterScheduler's host_subset_size property, which
size of the subset of best hosts selected by the scheduler.
Change-Id: Ic61917732d50806f74be0b4e7c87a51d738afbe7
Closes-bug: #1846203
When using DVR and L3HA neutron deployment options,
Nova API Metadata requests are served from compute nodes,
instead of from neutron-gateway nodes.
This change allows nova-cloud-controller to send vendor_data
configuration values to nova-compute charm relation so it
can write to nova-compute's nova.conf appropriately.
Replaced the existing context logic with inheritance
from a new context created in charm-helpers, so the
logic can be shared across several charms that write
vendor metadata to nova.conf and vendor_data.json.
Also, small fix in the vendor-data and vendor-data-url
descriptions, where it was incorrectly stating that such
configuration would be effective in nova-cloud-controller
on Queens release.
The values set in vendor-data and vendor-data-url config
options will always be propagated to nova-compute regardless
of the OpenStack release. Those values will continue to only
be effective in nova-cloud-controller nodes on Rocky release
or later.
Included sync of charm-helpers code in order to inherit
the refactored vendor metadata contexts.
Change-Id: If8373fc6b2d04dbc29ed07896d385ac920cae3f4
Depends-On: I0c79e1bfac9fbe7009a7e862ad010cfa2de8cfda
Closes-Bug: #1777714
The console proxy service run as user ``nova`` throughout its lifespan,
it has no load certificates before dropping privileges mechanism.
Set file permissions on certificate files to support this.
Sync charm helpers.
Closes-Bug: #1819140
Change-Id: I597b82070e51506c56500267daa2b59d8145b9f9
For novnc, need to set novncproxy_port in proxy nodes and
novncproxy_base_url in nova-compute nodes.
For xvpvnc, need to set xvpvncproxy_port in proxy nodes and
xvpvncproxy_base_url in nova-compute nodes.
For spice, need to set spicehtml5proxy_port in proxy nodes and
spicehtml5proxy_base_url in nova-compute nodes.
When release >= Mitaka, novncproxy_port and xvpvncproxy_port
are moved from [default] section into [vnc] section.
spicehtml5proxy_port is renamed to html5proxy_port and moved
to [spice] section.
So eventually the console access port can be customized by:
juju config nova-cloud-controller console-access-protocol=novnc
juju config nova-cloud-controller console-access-port=xx
If console-access-port is not defined, then default port is 6080
for novpc, 6081 for xvpvnc, 6082 for spice.
Change-Id: I4775ad42ba11b0c28163bf7e3718c56d18a2031f
Closes-Bug: #1800753
Signed-off-by: Zhang Hua <joshua.zhang@canonical.com>
Remove support for single-nova-consoleauth operation; this option
managed a single instance of the nova-consoleauth process across
a cluster nova-cloud-controller application using the hacluster
charm. This proves somewhat racey on deployment as the ocf resource
deep checks the operation of nova-consoleauth including connectivity
to AMQP etc.. If the clustering of the service occurs before
other principle relations have been completed, the resource will
fail to start and the hook execution will spin, never returning.
HA deployments should always use memcached to share tokens between
instances of the nova-consolauth daemon; If the 'ha' relation is
detected, then ensure that a memcache relation is then required
for charm operation.
To support evaluation of the memcache relation completeness
the memcache specific code in InstanceConsoleContext was split out
into a new memcache specific class RemoteMemcacheContext.
Existing pacemaker resources will be deleted on upgrade; units will
move into a blocked state until a relation is added to memcached.
The nova-consoleauth service is resumed on upgrade to ensure that
instances run on all nova-cloud-controller units.
Change-Id: I2ac91b2bd92269b761befeb7563ad01cc5431151
Closes-Bug: 1781620
Make the default set of scheduler filters conditional on the release
being deployed; For Pike or later the CoreFilter, RamFilter and
DiskFilter are superfluous to requirements as this filters are in
effect completed by the Placement API.
Add DiskFilter to list of filters for older OpenStack releases.
Change-Id: Iddb4f1f068b982dcd9a70b11b89df1be9f8aaf20
Closes-Bug: 1731302
Closes-Bug: 1732164
Ensure that the haproxy context reflects the services associated
with the specific release of OpenStack being deployment.
< kilo: ec2 and s3 services deployed
>= ocata: placement service deployed
Change-Id: I0d44aa361595f777df625d3a4a0f2a0cd2f81660
Closes-Bug: 1811398
Align formatting of vendordata_providers configuration for nova
with changes in neutron-gateway; values must be strings, delimited
by a comma.
Change-Id: I5293edd77387347f8c012521f4bdeffadc919438
Closes-Bug: 1810953
This change implements a new option in config.yaml that allows
services to come up disabled and be manually enabled later.
Change-Id: I345b56e347b63650ee3df07773ccb2e333610355
Closes-Bug: #1758776
Due to an issue in python3 oslo_cache+eventlet when using
memcached. As workaroud for Rocky it has been decided to run service
nova-api-os-compute from systemd to apache2.
Closes-Bug: #1812672
Depends-On: https://review.openstack.org/#/c/633218
Depends-On: https://review.openstack.org/#/c/633482
Change-Id: I3bf279638c5decf1020345f3d2e876e379144997
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@canonical.com>
Since we will have to generate a HAProxyContext for
nova-compute-os-api, this change add new class
PlacementAPIHAProxyContext which extends HAProxyContext.
Partial-Bug: #1812672
Change-Id: I56920e3d9c5216cdd5a8ea8b83714e65b777a78b
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@canonical.com>
Prior to this, the charm config did not support default quota
configurations for compute (ie. instances, compute, ram, etc.).
Default quota configuration changes will not impact existing
projects with modified quotas. Only new projects and projects with
unmodified quotas will adopt the defaults in the configuration file.
The following default quota settings were added:
instances
cores
ram
metadata_items
injected_files
injected_file_content_bytes
injected_file_path_length
key_pairs
server_groups
server_group_members
The functional test added checks that nova.conf quotas are set in
the correct section of the file.
Change-Id: Iae8c84dbfec97e1879d51963125f7674ea20ba22
Closes-Bug: 1386911
In order to have nova-metadata-api use the same dns-domain as neutron
when nova-metadata-api runs on nova-cloud-controller we must recieve
the dns-domain on the neutron-api relation.
Change-Id: I22c88a6fea87c56efdb5d93474a5ec7d2a6432d0
Partial-Bug: #1805645
Due to a change in the return types in the base64
decoded data, we should open these files in binary
mode to write the byte streams directly.
Change-Id: I9f88a71406b1e6ea774fdbbeea4ba447901fe5c2
Closes-Bug: #1800436
Some major changes:
* the charm has been rebased (from a Python perspective) to be rooted in
the charm directory. This is a single root.
* Imports have been changed so that the don't add lots of imports to the
namespace of the module doing the import.
* The code that used to run at module import time has been made lazy
such that it only has to run if the relevant functions are called.
This includes restart_on_change parameters, the harden function and
the parameters to the guard_map. Appropriate changes will be
submitted to charm-helpers.
* Several tests had to be re-written as (incorrect) mocking meant that
text fixtures didn't actually match what the code was doing. Thus,
the tests were meaningless.
* This has had a net positive impact on the unit tests wrt to importing
modules and mocking.
Change-Id: Id07d9d1caaa9b29453a63c2e49ba831071e9457f
In a cells deployment its possible that the top-level
nova-cloud-controller will have no compute nodes associated with it.
This change fixes the work load status in that scenario.
There is also a drive by fix to return empty contexts for the cell
db and amqp contexts if the relation do not yet exists.
Change-Id: Ia8eeccb6794dd016185eb0cfb05339b76cef9348
Allow json lists to be passed in via the pci-alias charm config
option so that multiple aliases can be set.
Increase amulet timeout due to gate failures
Change-Id: I3b5ea70224536f8d40f9c04482fa676c2b230bdd
Partial-Bug: #1735205
Add a service for handling nova metadata api services. This was
previously handled by the neutron-gateway and still is for
deployemnts up to and including Pike, For the neutron metadata
service and the nova service to communicate they need a shared
secret. To achieve this, the change includes:
* A charmhelper sync to get support for multiple wsgi vhosts
* Rendering new wsgi vhost and corresponding haproxy config.
* Setting a shared-secret down the relation with the neutron
gateway.
* Remove fragile keystone authtoken checks as they are failing
after a ch sync and any issues will be caught by the instance
launch functional test.
Change-Id: I5ad15ba782cb87b6fdb3c0941a6482d201670bff
Remove postgresql DB support; This feature is untested as part
of the charms, is not in use and was deprecated as part of
the 1708 charms release.
Change-Id: I866559f519ace3476e0cc85661d99e5f5491227d
Fixes code that inadvertently interprets strings as
booleans resulting in them always being True.
PciPassthroughFilter will now only be added to
scheduler_default_filters if sriov is enabled.
Change-Id: Ie2c79e98d7880e8172ac7e77febb51af04732bec
Closes-Bug: 1730369
We already support configuring ram and cpu overcommit so
this patch adds the ability to control disk overcommit.
Change-Id: Ib172e8b48cb34de4beb9cec1a277dc43ded36eed
Closes-Bug: 1726346
Update all nova-manage commands to use subprocess.check_output()
and log subprocess.CalledProcessError.output on failure. This
will help capture nova-manage error details on first failure.
Specify cell1 uuid on discover_hosts call. This doesn't change
behavior, it is just more explicit and useful if we move to
multiple cells in the future.
Introduce an is_cellv2_init_ready() function that uses contexts to
check if cells_v2 is ready to initialize. This cleans up the
corresponding TODOs.
Move checks for cell v2 init readiness to update_cell_db_if_ready(),
also cleaning up corresponding TODOs.
Change-Id: I313edce84d3d249031e020a4fbb4baf216c01ddb
Related-Bug: 1720846
Add a new pci-alias option which supports the use of PCI
devices in flavors. This allows, for example, a GPU or
a SR-IOV device to be automatically allocated to an
instance using a specific flavor.
Change-Id: I249ba04085d37657df0c8e3bb21723a388f08938
Closes-Bug: 1649868
This change installs the nova-placement-api, runs it under
mod_wsgi with apache2, updates nova.conf accordingly, and
registers its endpoints.
Change-Id: I4af4afa591cf68964e6146ca0ca0c51d1ddb8a64
Support access to instances via optionally enabled serial console
feature provided in Nova.
Seria console access is enabled using a new config flag; this flag
plus the required base_url for the nova-serialproxy are also passed
over the cloud-compute relation for use in nova-compute units.
This is only supported in OpenStack Juno or later, and replaces
the standard output to the nova console-log.
Change-Id: I3bfcca88bd6147be337e6d770db7348170b914e6
The introduction of the nova_api database in Mitaka broke support
for Percona Cluster deployed using the access-network configuration.
Ensure that a None return value from SharedDBContext is passed up
the call chain, indicating that the relation is currently incomplete
for the nova_api database; a later data set will complete the
relation.
Change-Id: I8b6a95832732ea7dd7d0f25ec63e403797359edb
Closes-Bug: 1618321
All contributors to this charm have agreed to the switch
from GPL v3 to Apache 2.0; switch to Apache-2.0 license
as agreed so we can move forward with official project status.
Change-Id: I20448e0370138e103a00c7fcf0f49949c82d33a9
The neutron-api charm will present an 'enable-sriov' flag to the
nova-cloud-controller charm when SR-IOV support has been enabled by the
end user; ensure that the PciPassthroughFilter is added to the filter
chain when SR-IOV is enabled, so that instances with SR-IOV device
assignments are scheduled to the correct compute hosts.
Change-Id: Iffa77abf22823ce37999ea08f943ce5eeb6af492
Neutron functionality was deprecated last release; remove
direct support for managing the neutron-server process and
associated plugin support from this charm.
All neutron-server support is now provided by the neutron-api
charm.
Change-Id: Iec7bd5ec6d835b573a15f8163fa5f78842bd672b
Rollup all old configuration file templates, remove any related
to Quantum which was renamed in the Havana release.
Drop references in code to Quantum, refactor unit tests to baseline
on Icehouse rather than anything older.
Drop relation and associated references to nova-volume service;
deprecated in Folsom and removed in Havana.
Drop ml2 migration - this was required when migrating to Icehouse
from older releases.
Change-Id: I6f5d641ffef2599d0dfc8e16a2dce3cc7be88bd4
Mitaka requires the use of a separate nova-api database;
ensure that this is setup on the shared-db relation and add
a new [api_database] section to the mitaka nova.conf file.
Add a new NovaAPISharedDBContext wrapper to prefix the key
names for the nova-api database with 'nova_api_' so that we
can present two database connections to the same configuration
file.
Ensure that 'nova-manage api_db sync' is called for database
setup for >= mitaka release.
For upgrades, ensure that the database migration and service
start is deferred until the nova_api database has been
setup by the related mysql service.
Closes-Bug: #1556896
Change-Id: If1c9a037b1e0745a486a57fddf885e26aa7e313d
