This enables the usage of the mysql_enable_ndb setting
in oslo_db from bug 1564110. This allows operators to
select from MySQL (InnoDB) or MySQL Cluster (NDB)
as the storage engine backend. There are only two
tables that need to have their columns auto adjusted
to fit with in the 14k row width limit of NDB, cluster
and cluster_templates. The modifications here will
have zero affect on users of MySQL (InnoDB). Additionally,
this fix will auto adjust those tables in models.py
module to support this enhancement.
Closes-Bug: 1691514
Change-Id: Ia0584059f998baf3db4a44bccbb6f6ff8a058ae1
Depends-On: I7f9c830073bf9a30abce0aa4bb55b5c9cf661afe
this commit introduces a new `Federation` table to
Magnum database, as well as the necessary DB layer
APIs to access and manage it.
this belongs to the first phase of the implementation
of the federation api. check [1] for more details.
[1] https://review.openstack.org/#/c/489609/
Change-Id: Ie8a68cd3198c8fc7930069fd2e55f1cad55b6c9b
Partially-Implements: blueprint federation-api
Add flavor_id as an option during cluster create. If not given,
the default is taken from the cluster template.
Add flavor_id in the Cluster object and use that instead
of the one from ClusterTemplate.
Update both magnum and magnum cli documentation to reflect the above changes.
Partial-Bug: #1699245
Change-Id: Ib60c05cce1cf2639ca4740abdd264403033433f9
Allow any value to be passed on the docker_storage_driver field by turning it
into a StringField (was EnumField), and remove the constraints limiting the
values to 'devicemapper' and 'overlay'.
Change the docker storage setup to have a generic setup for all drivers with
the exception of 'devicemapper', which keeps its own specific storage config
function. For all others, do the same we already did for overlay (with two
cases for usage of a cinder volume or not) and simply set the storage driver
in the docker configuration to the value provided in the cluster template.
Change-Id: I9aa8f232ce64ece4d439c0a476f463820a499617
Closes-Bug: #1722522
Add master_flavor_id as an option during cluster create. If not given,
the default is taken from the cluster template.
Add master_flavor_id in the Cluster object and use that instead
of the one from ClusterTemplate.
Update both magnum and magnum cli documentation to reflect the above changes.
Partial-Bug: #1699247
Change-Id: Id1d973167b381538121583a0a9691304b39e98de
Add labels as an option during cluster create. If not given,
the default is taken from the cluster template.
Add labels in the Cluster object and use that instead
of the one from ClusterTemplate.
Update both magnum and magnum cli documentation to reflect the above changes.
Partial-Bug: #1697651
Implements: blueprint flatten-attributes
Change-Id: I8990c78433dcbbca5bc4aa121678b02636346802
we have enable multiple workers of magnum-conductor that
result in multiple processes save same DB entry concurrently.
This patch logs warning message instead of raising exception
Change-Id: I548d50bed5d80e96042f88039e880075e1bffc53
Close-Bug: #1711324
Add docker_volume_size as an option during cluster create. If not given,
the default is taken from the cluster template.
Add docker_volume_size in the Cluster object and use that instead
of the one from ClusterTemplate.
Update both magnum and magnum cli documentation to reflect the above changes.
Partial-Bug: #1697648
Implements: blueprint flatten-attributes
Change-Id: Ic6d77e6fdf5b068fa5319b238f4fd98b4d499be4
This commit addresses multiple potential vulnerabilities in
Magnum. It makes the following changes:
* Permissions for /etc/sysconfig/heat-params inside Magnum
created instances are tightened to 0600 (used to be 0755).
* Certificate retrieval is modified to work without the need
for a Keystone trust.
* The cluster's Keystone trust id is only passed into
instances for clusters where that is actually needed. This
prevents the trustee user from consuming the trust in cases
where it is not needed.
* The configuration setting trust/cluster_user_trust (False by
default) is introduced. It needs to be explicitely enabled
by the cloud operator to allow clusters that need the
trust_id to be passed into instances to work. Without this
setting, attempts to create such clusters will fail.
Please note, that none of these changes apply to existing
clusters. They will have to be deleted and rebuilt to benefit
from these changes.
Change-Id: I643d408cde0d6e30812cf6429fb7118184793400
Currently there is no limit on the number of clusters that can
be created in a project. This change limits number of clusters
in a project by checking cluster quota on cluster-create.
Change-Id: Ifa17d12692751fc6929e62be8bb59d481a2fd205
Partially-Implements: blueprint resource-quota
* Add osprofiler wsgi middleware. This middleware is used for 2 things:
1) It checks that person who wants to trace is trusted and knows
secret HMAC key.
2) It starts tracing in case of proper trace headers
and adds first wsgi trace point, with info about HTTP request
* Add initialization of osprofiler at start of service
Currently that includes oslo.messaging notifer instance creation
to send Ceilometer backend notifications.
* Traces HTTP/RPC/DB API calls
Demo: https://hieulq.github.io/cluster-create-false-new-html.html
Co-Authored-By: Hieu LE <hieulq@vn.fujitsu.com>
Implements: blueprint osprofiler-support-in-magnum
Change-Id: I7d68995aab81d365433950aada078ef1fcd5469b
This change introduces a new /stats REST endpoint that
provide the following basic information;
1) Total number of clusters and nodes for the given tenant.
2) Total number of clusters and nodes across all the tenants.
Follow-up patches include more stats.
Change-Id: Iac0bf9343549de31654545d5b1fd7601e56142a7
Partially Implements blueprint magnum-stats-api
The provision_state parameter was copied from ironic
with following patch:
https://review.openstack.org/#/c/138280
It should be removed as it's not required in magnum.
Change-Id: Id9e08ee731ae79531c8e29fd47e4fa650b1c5dcc
Partial-Bug: #1627663
Keypair can now be added during Cluster create command. This allows
Clusters to be created from the same ClusterTemplate but have
different keypair values when created. If not specified on create
then the value from the ClusterTemplate will be used. Adds keypair_id
to Cluster object and uses of keypair_id will use the value from Cluster
instead of ClusterTemplate.
Added release note for new features in magnum and magnum CLI.
Change-Id: I177a5aa06f881156944a9f74c9ccc3cd2abac492
Implements: blueprint keypair-override-on-create
Centralize config option of Paths section.
Replace oslo_conf cfg to magnum.conf.
Modify test_conf test case for covering DEFAULT section
Change-Id: I45775016cdfd7e762c9faa5aa18fc020a07c8134
Implements: blueprint centralize-config-magnum
This is patch 3 of 3 to change the internal usage of the terms
Bay and BayModel. This patch updates Bay to Cluster in DB and
Object as well as all the usages. No functionality should be
changed by this patch, just naming and db updates.
Change-Id: Ife04b0f944ded03ca932d70e09e6766d09cf5d9f
Implements: blueprint rename-bay-to-cluster
This patch is the first of 3 patches to change the internal
usage of the terms Bay and BayModel. This patch updates
BayModel to ClusterTemplate. No functionality should be
changed by this patch, just naming and db updates.
Change-Id: I0803e81be6482962be2878a8ea2c7480f89111ac
Implements: blueprint rename-bay-to-cluster
Passed arguments in key value form, while raising
MagnumServiceNotFound exception, as expected by the exception
message.
Change-Id: Iae767db0bbd264bb668b2845284fc5d876f7025d
Closes-Bug: #1619225
Currently bay-show operation does not return bay/cluster
version information. This change contain changes to return
bay/cluster version and container version info.
Change-Id: Ie12b6583e6d85faa3607f87295c04d72698034a5
Closes-Bug: #1613413
This is the first of several patches to add new Cluster commands
that will replace the Bay terminalogy in Magnum. This patch adds
the new Cluster and ClusterTemplate commands in addition to the
Bay and Baymodel commands. Additional patches will be created
for client, docs, and additional functional tests.
Change-Id: Ie686281a6f98a1a9931158d2a79eee6ac21ed9a1
Implements: blueprint rename-bay-to-cluster
This patch adds floating_ip_enabled field to baymodel to specify
whether floating ip is used or not.
Change-Id: I99677221250480b43a4b95ebf460c43bc77090ad
Partially-Implements: blueprint bay-with-no-floating-ips
Following the removal of service [1], pod [2] and container [3], remove
COE specific object ReplicationController.
This change also removes k8s_conductor.
[1] I4f06bb779caa0ad369a2b96b4714e1bf2db8acc6
[2] I8c2499ccb97aae39d80868ce02fbef292d762c10
[3] I288fa7a9717519b1ae8195820975676d99b4d6d2
Change-Id: Ica100c8d2dfdd7dc709feb1f5cdc5a3f3d6c7318
Partially-Implements: blueprint delete-container-endpoint
Partially-Implements: blueprint bay-drivers
Create enum type "docker_storage_driver" for migration
This is fixing
oslo_db.exception.DBError: (psycopg2.ProgrammingError) type
"docker_storage_driver" does not exist
Closes-Bug: #1609776
Change-Id: I92d427e90bd73b4114d8688d3761cabac450fc9d
Following on from removing the k8s specific APIs in
I1f6f04a35dfbb39f217487fea104ded035b75569 the objects associated with
these APIs need removal.
Remove the container object, drop the db table and remove references to
the container object. The docker_conductor has also been removed as this
was used for managing containers using Magnum objects.
Change-Id: I288fa7a9717519b1ae8195820975676d99b4d6d2
Partially-Implements: blueprint delete-container-endpoint
Co-Authored-By: Spyros Trigazis <strigazi@gmail.com>
There are some ERROR message miss i18n support, this patch adds i18n
support for then and changes some marks in message.
Change-Id: I33ce248b5bfc4e09680a4c6ea1f1c0e1ef02ed5d
Closes-Bug: #1603759
Ironic template needs to specify fixed subnet name/ID.
And also user sometimes want to build his cluster on
his network which he built.
This patch adds fixed_subnet field to baymodel to specify
fixed subnet which bay will build on.
Change-Id: Ia21ad6e3e1472a0d078d08369ef62601034fcc17
Partial-Implements: blueprint magnum-baremetal-full-support
master_lb_enabled is a boolean field that determines if a bay's master
nodes should be load balanced. Defaults to False.
Change-Id: Icf8317432dec70c99c29a3af9edb0499bfd2439d
Partially-Implements: blueprint decouple-lbaas
Following on from removing the k8s specific APIs in
I1f6f04a35dfbb39f217487fea104ded035b75569 the objects associated with
these APIs need removal.
Remove the service object, drop the db table and remove references to
the service object.
Change-Id: I4f06bb779caa0ad369a2b96b4714e1bf2db8acc6
Partially-Implements: blueprint delete-container-endpoint
* This parameter will be optional and users will be able to select
a supported driver, otherwise the default configuration will be
used.
* Add docker storage driver enum field to baymodel
* Add db upgrade file
* Update heat templates for kubernetes and swarm allowing only
devicemapper and overlay as docker_storage_driver values.
* Add configuration for OverlayFS on Fedora Atomic, if overlay is
incompatible bay creation will result a CREATE_FAILED status.
* Factor out configuration of docker storage drivers
* Update tests
* Add Release Notes
Partially-Implements: blueprint support-for-different-docker-storage-driver
Change-Id: Ib58cb734c4e9c90d5d83574852213d2e97359e92
This patch does following:
* Removes X509keypair controller as there is already Certificate
controller for same purpose.
* Removes X509keypair conductor.
* Removes name, ca_cert and bay_uuid from x509keypair model as
Bay model already holds certificate references.
* Add intermediates and private_key_passphrase to x509keypair
model.
* Remove related tests and changes.
Change-Id: I9271221cd1d07c672c4a380a4ae3593237fca66a
Partially-Implements: blueprint barbican-alternative-storeX
Following on from removing the k8s specific APIs in
I1f6f04a35dfbb39f217487fea104ded035b75569 the objects associated with
these APIs need removal.
Remove the pod object, drop the db table and remove references to the
pod object.
Change-Id: I8c2499ccb97aae39d80868ce02fbef292d762c10
Partially-Implements: blueprint delete-container-endpoint
Adding new column of `insecure_registry`, it indicates using insecure
registry when deploying a bay, it should be a validate url with port.
Partially-Implements: blueprint support-insecure-registry
Change-Id: Iaa28d6409264d1d2acd992a7fa14630bb6394852
Allow update baymodel's public field to be True even if referenced by bays,
User case is one operator wants to share this baymodel to others but doesn't
want to delete the referenced bay.
Please note we only allow to update public to be True case. In case of
True->False, this may lead bays lost baymodel, so don't do this.
Closes-Bug: #1557943
Change-Id: Ia08a2e9611de3559c5cec4eee832bade1f9af09e
We can not get public baymodel now.
Fix it by:
1. Union public baymodel when fetch baymodel from DB.
2. Don't apply policy checking if the baymodel is public
Closes-Bug: #1557977
Change-Id: Ie5b1432d06611cd697a55f67fd66207e1e757382
Feilong Wang