Based on bug 1823104 it's clear we should have some
explicit wording in the notification reference docs
about what not to include in versioned notification
payloads, so this change attempts to start that with
the most obvious thing - don't expose access credentials
to the nova deployment.
This also adds a reminder to think about what is being
added / mirrored from internal objects and determine if
consumers really need it and if they aren't asking, opt
to not including it until requested.
Change-Id: I326aa39d963091282a5d0b70ba222abfe8ccfdac
Related-Bug: #1823104
This document had a bunch of great content, but some of it has been
addressed and other initiatives have changed the content or approach.
This commit attempts to refresh this documentation so that developers
can continue to use it to improve policy enforcement.
Change-Id: Iac7a2157d625524932b94a5564723b440efd7344
This commit updates the list of issues with policy enforcement and
describe some of the benefits for operators and developers if we fix
these issues.
Change-Id: Ie5ba2375fd32611aca360765af01c1ba6432b45e
This is removing additional details that were originally reviewed in:
I263b2f72037a588623958baccacf78fb6a6be05d
The policy and docs in code work that nova completed in Newton.
Change-Id: I66105fa90036db50249b62fc34442b667a5ee1db
The policy-enforcement document was written prior to any of the
policy-in-code or policy documentation efforts took place. This
commit updates the developer reference for policy to remove these
details since they have already been implemented.
Subsequent patches will update details of this document by taking into
account the recent keystone and oslo changes that help fix the
original issues described in this document.
Change-Id: I263b2f72037a588623958baccacf78fb6a6be05d
Blueprint detach-service-from-computenode in Kilo decoupled the
compute node and services concepts so this section is no longer
relevant and can be removed from the doc - it's no longer evolving.
Change-Id: Ibba2aa83b0afe2be05415b69a1ff8ae86866b860
Related-Bug: #1820283
Since I901184cb1a4b6eb0d6fa6363bc6ffbcaa0c9d21d in Kilo the
aggregates information about a HostState object (which is a
wrapper over a ComputeNode) is cached in the scheduler, so the
comments in the scheduler evolution doc about not accessing the
aggregates table in the DB from filters/weighers and such is
extremely out of date and should just be removed.
Change-Id: Ibcbad227813d3b37b4e314eddbf3bae6e85652ea
Related-Bug: #1820283
This change is an update to the nova reference documentation to reflect
changes to the ComputeDriver.update_provider_tree method in nova drivers.
Change-Id: Ifae98d888069477748ade7ef5e0a5cde5c88ffc2
Closes-Bug: #1800657
As discussed in the mailing list [1] since cells v1
has been deprecated since Pike and the biggest user
of it (CERN as far as we know) moved to cells v2
in Queens, we can start rolling back the cells v1
specific documentation to avoid confusing people
new to nova about what cells is and making them
understand there was an optional v1.
There are still a few mentions of cells v1 left in
here for things like adding a new cell which need
to be re-written and for that I've left a todo.
Users can still get at cells v1 specific docs from
published stable branches and/or rebuilding the
docs from before this change.
[1] http://lists.openstack.org/pipermail/openstack-discuss/2019-February/002569.html
Change-Id: Idaa04a88b6883254cad9a8c6665e1c63a67e88d3
The purpose of the RT._normalize_inventory_from_cn_obj method is
to set allocation_ratio and reserved amounts on standard resource
class inventory records that get sent to placement if the virt driver
did not specifically set a ratio or reserved value (which none but
the ironic driver do).
If the allocation_ratio or reserved amount is in the inventory
data dict from the virt driver, then the normalize method ignores
it and lets the virt driver take priority.
However, with change I6a706ec5966cdc85f97223617662fe15d3e6dc08,
any virt driver that implements the update_provider_tree() interface
is storing the inventory data on the ProviderTree object which gets
cached and re-used, meaning once allocation_ratio/reserved is set
from RT._normalize_inventory_from_cn_obj, it doesn't get unset and
the normalize method always assumes the driver provided a value which
should not be changed, even if the configuration value changes.
We can make the config option changes take effect by changing
the semantics between _normalize_inventory_from_cn_obj and
drivers that implement the update_provider_tree interface, like
for the libvirt driver. Effectively with this change, when a driver
implements update_provider_tree(), they now control setting the
allocation_ratio and reserved resource amounts for inventory they
report. The libvirt driver will use the same configuration option
values that _normalize_inventory_from_cn_obj used. The only difference
is in update_provider_tree we don't have the ComputeNode facade to
get the "real" default values when the allocation_ratio is 0.0, so
we handle that like "CONF.cpu_allocation_ratio or 16.0". Eventually
that will get cleaned up with blueprint initial-allocation-ratios.
Change-Id: I72c83a95dabd581998470edb9543079acb6536a5
Closes-Bug: #1799727
This adds a few more things to the upgrade checks
reference docs after getting questions about it
during the Stein release goal implementation from
other project teams:
1. Notes the high level set of steps for upgrading
nova in grenade and where nova-status fits into
that sequence.
2. Links to the oslo.upgradecheck library which
didn't exist when the original document was
written.
3. Adds a FAQs section with Q&A for several things
that have come up during the Stein release goal.
Change-Id: I990e5dbe563fa342f7481c3720445b924447ad54
Story: 2003657
This adds some background, guidelines and structural
notes on writing nova-status upgrade checks.
This is intentionally written with some potentially
redundant information or nova developers as it's
also meant to be consumed outside nova as part of the
community-wide "upgrade-checkers" goal for Stein [1].
Story: 2003570
[1] https://governance.openstack.org/tc/goals/stein/upgrade-checkers.html
Change-Id: I340b25edeab3ac19c5d0bedfc69acd037d57bdd2
Scheduler hints are not really documented very well at all except
for being mentioned per scheduler filter in the admin configuration
guide, nor are they documented within relation to flavor extra
specs which are both used for impacting scheduling decisions and
are choices that a deployer has to make based on how they configure
their cloud.
This change adds a document about scheduler hints and how they are
similar to and different from flavor extra specs, including end
user discoverability and interoperability, and thoughts on which
should be used if writing a custom scheduler filter.
The TODO in the API guide is also resolved by linking to this
document.
Change-Id: Ib1f35baacf59efafb9e4bccfcc4f0025d99ad5b2
1 typo fixes
2 use :oslo.config:option: elements for nova conf options
3 change '`' to '``' where applicable
Change-Id: Icfebf894185fc83f5fa77e8e10a42ba9dbb37755
This ensures we have version-specific references to other projects [1].
Note that this doesn't mean the URLs are actually valid - we need to do
more work (linkcheck?) here, but it's an improvement nonetheless.
[1] https://docs.openstack.org/openstackdocstheme/latest/#external-link-helper
Change-Id: Ifb99e727110c4904a85bc4a13366c2cae300b8df
This adds information to the "notification_format" config
option help and notifications docs on how to disable notifications.
While updating the config option help text, a stale reference
to Pike is removed.
Change-Id: I736025a0a88fc969831558805687b642da8cd365
Closes-Bug: #1761405
The example versioned notifications don't have any indication of
which release they are available in, and since people can link to
the 'latest' docs, like in I51d0deffc4f42ff2722a8d21aa6b8c8008c62723,
it's important to note that the samples in the latest docs might not
be in the version of nova one is actually using, e.g. ocata or pike.
So this adds a note that people should be aware of that before
relying on some versioned notification.
Change-Id: I2f7db424f0938667895b51f45ea60862a32e22c1
Based on the description of the notify_on_api_faults config option [1]
and the code that uses it [2] nova sends and api.fault notification
if the nova-api service encounters an unhandle exception.
There is a FaultWrapper class [3] added to the pipeline of the REST
request which catches every exception and calls the notification sending.
Based on some debugging in devstack this FaultWrapper never catches any
exception. Every REST API method is decorated with expected_errors
decorator [5] which as a last resort translate the unexpected exception
to HTTPInternalServerError. In the wsgi stack the actual REST api call is
guarded with ResourceExceptionHandler context manager [7] which translates
HTTPException to a Fault [8]. Then Fault is catched and translated to
the REST response [7]. This way the exception never propagates back to
the FaultWrapper and therefore the api.fault notification is never emitted.
Based on the git history of the expected_errors decorator this notification
was never emitted for v2.1 API and as the v2.0 API now supported with the
same codebase than v2.1 it is not emitted for v2.0 calls either. As nobody
reported a bug I assume that nobody tried to use this notification for a very
long time. Therefore instead of fixing this bug this patch propses to remove
the dead code.
See a bit more detailed description on the ML [9].
[1] 0aeaa2bce8/nova/conf/notifications.py (L49)
[2] 0aeaa2bce8/nova/notifications/base.py (L84)
[3] 0aeaa2bce8/nova/api/openstack/__init__.py (L78)
[5] 0aeaa2bce8/nova/api/openstack/extensions.py (L325)
[7] 0aeaa2bce8/nova/api/openstack/wsgi.py (L637)
[8] 0aeaa2bce8/nova/api/openstack/wsgi.py (L418)
[9] http://lists.openstack.org/pipermail/openstack-dev/2017-June/118639.html
Change-Id: I608b6ebdc69d31eb2a11ac6479fa4f2e8c20f7d1
Closes-Bug: #1699115
Add the _rollback_live_migration call on the source as the first thing
that happens on failed driver.live_migration.
Change-Id: I5db474a072ad12d48f496dcc26c99ea73c90cb66
from commit
925eb734a9d3cb46bb89a89ec1a78281d2d7afe9
it says qpid is removed so nova should not guide user to use qpid.
Change-Id: Idf745ec5ccc08a3bab55c3e4394e4a4da900f56d
Notifications are essentially another API for end users, but
it can be hard to find the list of existing notifications or
their samples which are buried deep down via contributors >
technical reference deep dive > notitfications. If I'm an
end user, I'd like to just see them in the same set of links
on the main page as the API, under the "For End Users" section.
Change-Id: If3ca21b080d06a291ed27c9bcd84a566164c3b70
make some modifications to nova db reference and add some
basic information about some functions such as nova.service.start
Change-Id: I70c1a5eac91ab61ecd4ebc1c8ed95e4e4ba6b9fc
There are a few updates here:
1. Fix the size of one of the existing boxes to fit the text.
2. Add a note at the top that anything about alternatives is
future work since that didn't merge in Pike.
3. Add a box to note the call from scheduler to placement to
make the "claim".
Change-Id: I8b6468766f4924d009b2567fe71c2f5d2733a6e3
Add explicit box sizes to ensure all text is visible in the cells of the
activity diagram SVG in the Scheduling doc.
Change-Id: Ife4d72cbd2b877e948ac4aa4fe2fa3efc1e69e9d
There have been some major changes to how scheduling works in Nova
during the Pike and Queens cycles. This documents these design changes
so that this new, more complex workflow is clearly spelled out.
Co-Authored-By: Ed Leafe <ed@leafe.com>
Change-Id: I15121d8fe9b715c0aec39dee4bfdf25ced42b481
This addresses review comments made in change
I6522100a78241400b1ea059a39a32c259fe6ab90 which
updated the stable API docs.
Change-Id: Ib0ffe3e9702fd39914b2025096667e699bc432a0
The ec2 / euca2ools command references definitely don't work any more,
this deletes most of them. The exception is the policy reference doc
which is over a year out of date, and needs more then surgical removal
of ec2 from it.
Change-Id: I963170f99037d5ed085e8c676ab55750c7f6372e
extensions, stevedore and extensions config options are gone
and plain router is introduced in Pike.
Also this documents was little bit confusing about current and
old state of APIs.
This commit makes it more clear and reflect the current API state
and also describe the evolution of APIs.
Change-Id: I6522100a78241400b1ea059a39a32c259fe6ab90
In an attempt to make the main navigation sidebar not be visual mud
(and really confusing) create a reference sub page that explains all
the references.
Part of bp: doc-migration
Change-Id: I005fc24e49487631d7fe73cb498c61619bcaac9d
And add some additional horizontal white space to make it easier to
understand different long bullets are different.
Part of bp: doc-migration
Change-Id: I36cd7513fa5d482b6cd85a062eace21704c49f85
list bullets have to be exactly 2 spaces indented from the parent, and
the top level is left justified, otherwise we get lots of <blockquote>
html tags inserted.
Part of bp: doc-migration
Change-Id: Ie8b311ca286601a47475b33ef80da272efc9be31
