300 Commits

Author SHA1 Message Date
Zuul
f98d164be9 Merge "Floating IP port forwarding resource" 2022-08-17 06:14:33 +00:00
Zuul
3d228d0449 Merge "Remove remaining implementation for Heat CloudWatch API" 2022-08-17 05:49:39 +00:00
Brendan Shephard
79f5868e04 Floating IP port forwarding resource
Add a new heat resource for Floating IP port
forwarding extension.

Story: 2009321
Task: 43742
Change-Id: I729f11873940a83e77038c5ba8e8eb50965623f6
2022-08-16 13:50:52 +10:00
Zuul
c37ea72a6b Merge "Add REBUILD option to user_data_update_policy" 2022-06-23 06:37:35 +00:00
Zuul
0778bd3422 Merge "Add OS::Neutron::QoSMinimumPacketRateRule resource" 2022-06-22 11:17:06 +00:00
Przemyslaw Szczerbik
0e70383d08 Add OS::Neutron::QoSMinimumPacketRateRule resource
This patch adds a new resource to support ``minimum_packet_rate_rule``
QoS rule in Neutron.

Related-Bug: #1922237
Story: 2009686
Task: 43997
See-Also: https://review.opendev.org/785236
Change-Id: I29e205979b40e3e0d0746e1c22fa679736c853b7
2022-06-13 14:39:57 +02:00
Zuul
44dd85dbcd Merge "Update python testing as per zed cycle teting runtime" 2022-06-13 12:14:26 +00:00
Zuul
0b6d5e07a7 Merge "Supports 'availability_zone_hints' for Neutron networks and routers" 2022-06-10 01:53:50 +00:00
LeopardMa
e2425a94a6 Update python testing as per zed cycle teting runtime
In Zed cycle, we have dropped the python 3.6/3.7[1] testing
and its support. Removing the py36 centos8 job as well as
updating the python classifier also to reflect the same.

[1] https://governance.openstack.org/tc/reference/runtimes/zed.html

Change-Id: I5073a67df7a0b73dac21de4302743712f5541941
2022-06-04 11:39:19 +08:00
Takashi Kajinami
ba15d70e19 Remove remaining implementation for Heat CloudWatch API
The CloudWatch API was removed during Queens cycle[1]. This change
removes the remaining parameters because these have been kept for
enough cycles to let users aware of the removal.

Change-Id: I4f57f02332cb1b61a0681794e519dd5ecfbec6c3
2022-05-06 19:43:56 +09:00
Brendan Shephard
5e14163f9c Allow multiple required_service_extension
In some cases, some resources may require more than
one service_extension. In this case, we should allow
resources to define a list of required resources.

Change-Id: Iee0104a741cc050047824d23b8ab5ee9871c4f28
2022-04-26 06:37:05 +00:00
Alejandro García
77c6681278 Supports 'availability_zone_hints' for Neutron networks and routers
This patch adds the property 'availability_zone_hints' for OS::Neutron::Router,
OS::Neutron::Net and OS::Neutron::ProviderNet resources.

Story: 1644974
Task: 17156
Signed-off-by: Alejandro <agarcia@whitestack.com>
Change-Id: I71caefae01560dc106badbefd3859813d8417b2a
2022-04-14 20:30:35 +00:00
apetrich
06071f5e9b Add REBUILD option to user_data_update_policy
OS::Nova::Server supports it so here we add the heat support for it.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1802602

Change-Id: Ieb05ba6d6b670aff31f9f8c8debb86a6dd3b0245
2021-12-07 04:06:07 +00:00
Zuul
7778e00817 Merge "Drop support for Block Storage API v2" 2021-10-04 14:07:53 +00:00
Zuul
ee0eb8e944 Merge "Add volumev3 to shared_services_types by default" 2021-10-04 13:45:16 +00:00
Brendan Shephard
3eaeda68ba Allow arbitrary image properties
In some circumstances, it is necessary to have
arbitrary image properties on Glance images.
An example is described here:
https://storyboard.openstack.org/#!/story/2008951

This patch adds the ability to specify those
properties using the WebImage resource.

Story: 2008951
Task: 42575
Change-Id: I23475185671c52b02eb57f1aa537f206b51c384a
2021-08-04 23:43:42 +00:00
Takashi Kajinami
271156446f Drop support for Block Storage API v2
... because it was already removed from cinder[1].

[1] e05b261af7dcd24096b229860df65dff1d385910

Change-Id: I8baf1701483ce2addd47dd4cb472f92ad4a192cd
2021-08-02 05:41:26 +00:00
Takashi Kajinami
77bde0120b Add volumev3 to shared_services_types by default
The shared_services_types parameter defines the shared services located
in the other region. This parameter by default include volume and
volumev2 but doesn't include volumev3 which represents Bloack Storage
API v3.
This change adds volumev3 to the default items so that all of volume
services are included by default.

Change-Id: Idde186b2d88321e7902e4330780aabc369754b14
2021-08-02 05:41:11 +00:00
Zuul
8a5a18322f Merge "Add availability_zone to OS::Octavia::LoadBalancer" 2021-06-24 13:42:54 +00:00
Ghanshyam Mann
157f358057 [goal] Deprecate the JSON formatted policy file
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:

1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.

2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.

Also replace policy.json to policy.yaml ref from doc and code.

[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html

Change-Id: I1aa12bcd2638390f25d57ce8abeeec248121dc02
2021-06-17 01:35:45 +08:00
Jake Yip
ba0b6676c0 Add availability_zone to OS::Octavia::LoadBalancer
Change-Id: I63369b92b77b4f84bc2646ab35632006ee6b841b
2021-06-16 22:41:32 +10:00
Zuul
af0dd44dab Merge "Allow creating a Neutron port without fixed ips" 2021-03-15 18:44:39 +00:00
Zuul
26407ae5d9 Merge "Add separate policy for updates with no changes" 2021-03-15 15:56:37 +00:00
Zuul
c75d68254c Merge "Adds backups and backups_gigabytes parameters to cinder quota resource" 2021-03-15 14:05:46 +00:00
Zuul
439d42f902 Merge "Add segments attribute to OS::Neutron::ProviderNet" 2021-03-15 14:04:50 +00:00
Zuul
4ca9bc5ce7 Merge "Add Vitrage template resource" 2021-03-15 14:04:29 +00:00
Zuul
73f822361c Merge "Use resource_id instead of phy rsrc name in InstanceGroup" 2021-03-15 13:51:00 +00:00
Zane Bitter
af7f8e380a Add separate policy for updates with no changes
Allow operators to set a different (presumably looser) policy on PATCH
updates that don't make any changes to the stack, but just retrigger a
new update traversal (that will result in e.g. replacing any unhealthy
resources).

Change-Id: Id29e7ec7f6cf127177ea7ab29127b0568afaa18b
Task: 37305
2021-03-15 17:38:14 +05:30
Victor Coutellier
1dcbac064c Add segments attribute to OS::Neutron::ProviderNet
Adds a attribute to the neutron ProviderNet resource to get the
segments of a provider network.

Change-Id: I27656822fd10dffbcaeda016c27a47974313a65d
Story: 2007260
Task: 38622
2021-03-11 15:26:27 +00:00
Lance Bragstad
93594c30ec Implement secure RBAC
This commit updates default policies to account for system scope
and default roles. This is part of a broader change to provide a
consistent and secure authorization experience across OpenStack
projects.

- Introduces basic/reusable check strings in base.py
- Implements secure RBAC for build info API
- Implements secure RBAC for the action API
- Implements secure RBAC for cloud formations
- Implements secure RBAC for events
- Implements secure RBAC for the resource API
- Implements secure RBAC for the service API
- Implements secure RBAC for software configs
- Implements secure RBAC for software deployments
- Implements secure RBAC for stacks
- Adds unit tests for legacy and new secure-rbac policies.

Change-Id: Iff1e39481ea3b1f00bd89dba4a00aed30334ecec
2021-03-02 09:32:41 +05:30
Rico Lin
8daa7e9389 Allow using database configs on db retry
Allow following db configs when calling wrap_db_retry:
    * database.db_max_retries
    * database.db_retry_interval
    * database.db_inc_retry_interval
    * database.db_max_retry_interval
So database cofig can now control db retries.
Please reference [1] for what each config options can do.

[1] https://opendev.org/openstack/oslo.db/src/branch/master/oslo_db/options.py

Change-Id: I034625733c2d22f0f5635f58e9df3d5785e58cf5
2021-02-27 15:42:07 +08:00
Takashi Kajinami
9292264aa7 Allow creating a Neutron port without fixed ips
Since Newton release, Neutron supports ports without fixed ips[1].
This change introduces a new no_fixed_ips property so that we can
create an unaddressed port from Heat.

[1] https://specs.openstack.org/openstack/neutron-specs/specs/newton/unaddressed-port.html

Story: 2008554
Task: 41685
Change-Id: I6f16905155038db44c7e01dd5d34d65032dca061
2021-01-25 22:40:03 +09:00
Sampat P
d7d2ce077f Adds backups and backups_gigabytes parameters to cinder quota resource
Change-Id: I3b2a088597ec46cd43cb5fbcb2be0c79a6b0fa94
Story:2008120
Task:40841
2020-11-25 15:42:50 +00:00
Sampat P
762879a145 [S2007220]: Added more image properties to web_image
Story: 2007220
Task: 38472

Change-Id: I9980fee0b33c45e6d80862ca4a43abf075a4dd58
2020-11-17 05:14:58 +00:00
Ifat Afek
e39b03e8ed Add Vitrage template resource
The VitrageTemplate resource is responsible for
adding a Vitrage template. This template can be
used, for example, to execute a Mistral healing
workflow.

Depends-On: If05f0907d8f43f64327c7774170e5b559286fc06
Depends-On: I56560d014a02b5f2ddbc08689d39147fbe4ffca4
Change-Id: Ie862e88ccb82c819b93fa2dbc5f21af61b138046
Story: 2002684
Task: 22504
2020-11-16 07:36:58 +00:00
Zuul
3b05f784a8 Merge "Add SOURCE_IP_PORT to LB_ALGORITHM allowed values" 2020-11-06 09:04:38 +00:00
Kevin Carter
20b599cdf8 Add SOURCE_IP_PORT to LB_ALGORITHM allowed values
This change adds SOURCE_IP_PORT to lb_algorithm property of
OS::Octavia::Pool resource which is missing from the available options
and required when using the OVN provider driver.

[0] https://docs.openstack.org/ovn-octavia-provider/latest/admin/driver.html#limitations-of-the-ovn-provider-driver
[1] https://docs.openstack.org/releasenotes/octavia/train.html

Change-Id: Ibed37eea817a5125c5751b2bc9f44acf3c016fe1
Signed-off-by: Kevin Carter <kecarter@redhat.com>
2020-11-06 03:51:13 +00:00
Zuul
2d85fdd51a Merge "Delete the default value of domain in role creation" 2020-11-04 19:30:44 +00:00
Zuul
5eec3e4bd0 Merge "Modify 'if' Macro to allow optional properties" 2020-11-02 17:46:26 +00:00
yanpuqing
e5b00ddfaf Delete the default value of domain in role creation
The default value of domain caused the user to be unable to create
role which no domain.
The patch delete the default value of domain.

Change-Id: Ic67b22c435e29f67bafa8e14ab502ebec5b07ec5
Story: 2002671
Task: 22488
2020-11-02 08:07:34 +00:00
Zane Bitter
71a9c3d690 Modify 'if' Macro to allow optional properties
Change-Id: I931d88e79fc077d12fc9bd39009061ffe87f1262
Story: 2007388
Task: 38973
2020-10-27 16:59:30 -04:00
Harald Jensås
539b2a4c49 Net attr: Sort segments without name attribute first
Useing get_attr, pulling index 0 in the segments list
of a network to associate the a subnet with the "first"
segment is useful since the "first" segment is created
by neutron behind the scenes on network create. A resource
reference cannot be used since the "first" segment is'nt
a heat resource.

The issue is the order of the segments list is'nt reliable.

On stack update index 0 may be a different segment, and
we end up trying to update the segment_id for a subnet.
Changeing the segment association is not allowed, so
the stack update fails.

While not perfect, sorting the list so that segments where
name is None comes first will ensure that index 0 can be used.

The template author should ensure segments defined in the heat
template all have a names set, so that only the segment creted
implicitly by neutron have 'None' name.

Closes-Bug: #1894920
Change-Id: I097aba2a97144327bec188e6c71629d0f6c95901
2020-09-18 14:03:33 +00:00
Zuul
b18aadc84d Merge "Bump MANILACLIENT_VERSION and use sharev2 endpoint" 2020-08-25 20:53:45 +00:00
Jan Horstmann
f98aef09e2 Bump MANILACLIENT_VERSION and use sharev2 endpoint
This commit bumps MANILACLIENT_VERSION to 2.13 and changes the used
service type to sharev2.

In order to support the value of "cephx" in property
'{"access_rules": [{"access_type": ""}]}' in ressource
OS::Manila::Share, manilaclient needs to use at least version 2.13 of
the manila API ([1]). The default minimum version in manilaclient, which
is used when only a mayor version is specified is 2.0.
Additionally the sharev2 service type endpoint has to be used to access
the manila v2 API.

The export_locations response was removed in version 2.9 of manila API
from the "Show share details" request ([2]) and moved to its own
endpoint in [3]. Thus it is requested from there now.
Additionally the new endpoint is more verbose, so only its path
attribute is returned, in order to match the previous behaviour.

[1]
https://docs.openstack.org/manila/latest/contributor/api_microversion_history.html
[2]
https://docs.openstack.org/api-ref/shared-file-system/?expanded=show-single-export-location-detail,show-share-details-detail#show-share-details
[3]
https://docs.openstack.org/api-ref/shared-file-system/?expanded=show-single-export-location-detail,list-export-locations-detail#list-export-locations

Change-Id: I4c37be8fad1edb05d812fed260e97e9188fd23ce
Story: 2007986
Task: 40612
2020-08-25 16:20:53 +02:00
Zane Bitter
c362c57854 Fix OS::Heat::Delay resource type
Don't override ResourceStatus.ACTIONS, as it's used internally by the
Resource class.

Change-Id: Icf306e981c19e3d5410905befa7907dcdba33337
Story: 2008013
Task: 40663
2020-08-13 11:39:17 -04:00
Zane Bitter
a3eeefb6d7 Eliminate Master/Slave terminology from Designate Zone resource
Change-Id: If136f5e270db5df1f871dc9473afb178e242bc18
2020-07-14 19:45:42 -04:00
Zuul
f9137b6c9f Merge "Add propagate_uplink_status support to OS::Neutron::Port" 2020-05-20 19:38:05 +00:00
Jason Li
4d11d3117a Add propagate_uplink_status support to OS::Neutron::Port
This resource depends on Neutron API extension
``uplink-status-propagation`` and the default is
``False``. If this property is set to ``True``,
the VF link state can follow that of PF.
See release note at
https://docs.openstack.org/releasenotes/neutron/stein.html.

Change-Id: I46749f0458fd69e3f62d03e5b4648e1704750e15
2020-05-06 09:43:51 -05:00
Zuul
91afdf1db7 Merge "Add dns_domain support to OS::Neutron::ProviderNet" 2020-05-05 16:04:08 +00:00
Zuul
084c9b3ea1 Merge "New resource OS::Neutron::QoSMinimumBandwidthRule" 2020-04-27 12:22:15 +00:00