Commit Graph

2500 Commits (49767beaa92fabf17d546e7345a0a1776f51bd6b)

Author SHA1 Message Date
Stephen Finucane 49767beaa9 docs: Add SEV guide
This was previously hidden in the hypervisor configuration guide. Make
it a top-level document.

Change-Id: If402522c859c1413f0d90912e357496a0a67c5cf
Signed-off-by: Stephen Finucane <>
2021-03-23 11:13:34 +00:00
Stephen Finucane c5ebaef610 docs: Remove duplicated PCI passthrough extra spec info
There's also a PCI passthrough guide. Use that instead, allowing us to
remove the sections for various extra specs from the 'user/flavors'

- hw:pci_numa_affinity_policy
- pci_passthrough:alias

Change-Id: I5701d284c2cfdadf825f8e2f699651b3f8c0c9ab
Signed-off-by: Stephen Finucane <>
2021-03-23 11:13:01 +00:00
Stephen Finucane 94c03e8d66 docs: Remove duplicate TPM extra spec info
We have a perfectly good TPM guide. Enhance that, allowing us to remove
the special section dedicated to this from the generic flavor docs.

Change-Id: If484074c01595f747f9201b5ec12164779195b61
Signed-off-by: Stephen Finucane <>
2021-03-23 11:12:29 +00:00
Stephen Finucane 777c02485f docs: Add a real-time guide
This beefy patch closes a long-standing TODO and allows us to move yet
more information out of the flavors guide and into specific documents.
This, combined with existing documentation in place, means we can remove
the sections for various extra specs from the 'user/flavors' guide:

- hw:cpu_realtime            -> doc/source/admin/real-time.rst
- hw:cpu_realtime_mask       -> doc/source/admin/real-time.rst
- hw:emulator_threads_policy -> doc/source/admin/cpu-topologies.rst
- hw:cpu_policy              -> doc/source/admin/cpu-topologies.rst
- hw:cpu_thread_policy       -> doc/source/admin/cpu-topologies.rst
- hw:cpu_sockets             -> doc/source/admin/cpu-topologies.rst
- hw:cpu_cores               -> doc/source/admin/cpu-topologies.rst
- hw:cpu_threads             -> doc/source/admin/cpu-topologies.rst
- hw:cpu_max_sockets         -> doc/source/admin/cpu-topologies.rst
- hw:cpu_max_cores           -> doc/source/admin/cpu-topologies.rst
- hw:cpu_max_threads         -> doc/source/admin/cpu-topologies.rst
- hw:numa_nodes              -> doc/source/admin/cpu-topologies.rst
- hw:numa_cpus.N             -> doc/source/admin/cpu-topologies.rst
- hw:numa_mem.N              -> doc/source/admin/cpu-topologies.rst
- hw:mem_page_size           -> doc/source/admin/huge-pages.rst

Multiple improvements to the libvirt extra spec docs are included here,
for want of a better place to include them.

Change-Id: I02b044f8246f4a42481bb5f00259842692b29b71
Signed-off-by: Stephen Finucane <>
2021-03-23 11:11:52 +00:00
Stephen Finucane 8528eaa602 docs: Add a resource limits guide
This is mostly regurgitated information from the current flavors guide
but we take the opportunity to significantly expand upon what we've
already stated here.

Change-Id: I9ad798427bbc6451fd920d6c08357d6e1eaa5136
Signed-off-by: Stephen Finucane <>
2021-03-23 10:37:30 +00:00
Josephine Seifert 5d5ff82bab Add config parameter 'live_migration_scheme' to live migration with tls guide
This patch adds the config option 'live_migration_scheme = tls' to the
secure live migration guide.

To let the live migration use the qemu native tls, some configuration of
the compute nodes is needed. The guide describes this but misses the
'live_migration_scheme' config option.

It is necessary to set 'live_migration_scheme' to tls to use the
connection uri for encrypted traffic. Without this parameter everything
seems to work, but the unencrypted tcp-connection is still used for the
live migration.

Closes-Bug: #1919357
Change-Id: Ia5130d411706bf7e1c983156158011a3bc6d5cd6
2021-03-17 11:31:54 +01:00
Zuul 2dc26edfc5 Merge "docs: Document UEFI secure boot feature" 2021-03-16 11:49:51 +00:00
Stephen Finucane f4c249c692 docs: Document UEFI secure boot feature
Introduce two new guides on UEFI and Secure Boot. In addition, update
the flavors guide to document the secure boot feature (though this doc
should really be removed in near term in favour of the auto-generated
docs, as noted inline).

Note that this change includes our first use of the ':nova:extra-spec:'
cross-reference role and highlights a small bug in that implementation.
This is resolved.

Blueprint: allow-secure-boot-for-qemu-kvm-guests
Change-Id: I4eb370b87ba8d0403c8c0ef038a909313a48d1d6
Signed-off-by: Stephen Finucane <>
2021-03-12 17:42:02 +00:00
Artom Lifshitz b2471dd578 pci: implement the 'socket' NUMA affinity policy
This patch enables the 'socket' PCI NUMA affinity policy. The PCI
manager gets a new method to implement it, and the libvirt driver
starts reporting the necessary trait, enabling it to receive
instances with the 'socket' policy.

Implements: blueprint pci-socket-affinity
Change-Id: Ia875c9c3542ef4138d0d7a2c26c0cf49dcca0761
2021-03-10 17:06:03 -05:00
Lee Yarwood 9020896cb7 docs: Add admin docs for configuring and updating machine types
This change simply documents how an operator/admin would go about
changing the underlying [libvirt]hw_machine_type config within an
environment while ensuring existing instances are not impacted.

blueprint: libvirt-default-machine-type
Change-Id: I66003220bf173dfa917a13c5a408b1ea31cbc057
2021-03-03 14:03:49 +00:00
Lee Yarwood 8cddd243bf nova-status: Add hw_machine_type check for libvirt instances
This change introduces a new nova-status check to ensure a machine type
has been recorded for each instance within an environment.

nova-status will fail with a warning when instances are found, directing
the operator to use the previously added nova-manage list_unset and
update commands to set a machine type for these instances. The logic for
this check comes entirely from the list_unset command.

It is noted in the warning output that this can be ignored if no libvirt
or HyperV based computes are present in the environment as
hw_machine_type is only used by these two virt drivers at present.

blueprint: libvirt-default-machine-type
Change-Id: Ic3ae48c57e61c4e45883fbae1328a448be025953
2021-03-03 14:03:49 +00:00
Lee Yarwood 9a5b07d9fc nova-manage: Add libvirt list_unset_machine_type command
This change adds a libvirt command to list all instance UUIDs with
hw_machine_type unset in their image metadata. This will be useful to
operators attempting to change the [libvirt]hw_machine_type default in
the future as it allows them to confirm if it is safe to change the
configurable without impacting existing instances.

blueprint: libvirt-default-machine-type
Change-Id: I39909ace97f62e87f326d4d822d4e4c391445765
2021-03-03 14:03:49 +00:00
Lee Yarwood c70cde057d nova-manage: Add libvirt update_machine_type command
This change adds a second update command to the libvirt group
within nova-manage. This command will set or update the machine type of
the instance when the following criteria are met:

* The instance must have a ``vm_state`` of ``STOPPED``, ``SHELVED`` or

* The machine type is supported. The supported list includes alias and
  versioned types of ``pc``, ``pc-i440fx``, ``pc-q35``, ``q35``, ``virt``
  or ``s390-ccw-virtio``.

* The update will not move the instance between underlying machine types.
  For example, ``pc`` to ``q35``.

* The update will not move the instance between an alias and versioned
  machine type or vice versa. For example, ``pc`` to ``pc-1.2.3`` or
  ``pc-1.2.3`` to ``pc``.

A --force flag is provided to skip the above checks but caution
should be taken as this could easily lead to the underlying ABI of the
instance changing when moving between machine types.

blueprint: libvirt-default-machine-type
Change-Id: I6b80021a2f90d3379c821dc8f02a72f350169eb3
2021-03-03 14:03:49 +00:00
Lee Yarwood 20692c245c nova-manage: Add libvirt get_machine_type command
This change introduces the first machine_type command to nova-manage to
fetch and display the current machine type if set in the system metadata
of the instance.

blueprint: libvirt-default-machine-type
Change-Id: Idc035671892e4668141a93763f8f2bed7a630812
2021-03-03 14:03:49 +00:00
Zuul d4016eaa6f Merge "Docs: Correct ``Password injection using the dashboard`` Explanation" 2021-03-02 18:04:36 +00:00
manchandavishal 5d3fb6cdbd Docs: Correct ``Password injection using the dashboard`` Explanation
During Icehouse release default value of 'can_set_password' sets
to False for horizon(dashboard) but nova document is not updated
yet and acc. to nova doc default value for above setting is True.
So this patch correct the doc. For more info. please refer [1].


Change-Id: I3007e1f157e329f121b99ceaddd59625c86f428c
2021-02-23 12:57:48 +00:00
Zuul bb8b1e8398 Merge "cmd: Remove 'nova-manage db ironic_flavor_migration'" 2021-02-17 00:56:48 +00:00
Zuul a3032cc43f Merge "cmd: Remove 'nova-manage db null_instance_uuid_scan'" 2021-02-17 00:52:04 +00:00
Stephen Finucane 35b58a5035 cmd: Remove 'nova-manage db ironic_flavor_migration'
This command was helpful to assist users FFUing past the Pike release,
however, it's no longer helpful and should be removed now. Do just that.

Change-Id: Ib42f65dbcf61ead571e9107e7ffbba2b29f48d64
Signed-off-by: Stephen Finucane <>
2021-02-10 15:32:03 +00:00
Stephen Finucane 2d4eff0ef7 cmd: Remove 'nova-manage db null_instance_uuid_scan'
Change I2aae01ed235f1257b0b3ddc6aee4efc7be38eb6e indicated that this
command was no longer necessary and could be removed. In hindsight, it's
been unnecessary since Liberty, which introduced a blocking migration
requiring this script be run, and it could have been deleted years ago.
No time like the present though.

Change-Id: I532c7918a8e2c887f29d2f0e1e33b80f2b3a7507
Signed-off-by: Stephen Finucane <>
2021-02-02 17:16:12 +00:00
Lee Yarwood a19d25b67f docs: Move the LibvirtDistroSupportMatrix wiki page into our docs
This change moves the LibvirtDistroSupportMatrix [1] wiki page into the
tree as a reference doc. The wiki page will be decommissioned once this
change lands and is published.

Some older distro information is removed to keep the table readable and
a note is added to to ensure it updated with each version


Change-Id: Id49a4e400159130fbc676800aeca6b9746071a2e
2021-02-01 14:33:15 +00:00
Zuul d92c0740c6 Merge "libvirt: Drop support for Xen" 2021-01-27 13:46:58 +00:00
Zuul b4cf40a07f Merge "libvirt: Drop support for UML" 2021-01-27 02:14:36 +00:00
Stephen Finucane 3a390c2c82 libvirt: Drop support for Xen
This hasn't been validated upstream and there doesn't appear to be
anyone using it. It's time to drop support for this. This is mostly test
and documentation damage, though there is some other cleanup going on,
like the removal of the essentially noop 'pick_disk_driver_name' helper.

Change-Id: I73305e82da5d8da548961b801a8e75fb0e8c4cf1
Signed-off-by: Stephen Finucane <>
2021-01-22 10:06:40 +00:00
Stephen Finucane d02ce3c4f0 libvirt: Drop support for UML
This has not been tested in the gate for a long time and was only added
to enable CI in the early days of OpenStack. Time to bid adieu.

Change-Id: I7a157f37d2a67e1174a1725fd579c761d81a09b1
Signed-off-by: Stephen Finucane <>
2021-01-22 10:05:57 +00:00
Lee Yarwood d5420bbb50 docs: Add reference docs for internal block device structures
It's time to shine a light on this area of the codebase ahead of some
much required cleanup. This documentation is based on an email sent
almost 5 years ago but is still accurate today.

Change-Id: I66cc2c5549833f269872748fb1532438f9ba8489
2021-01-22 09:59:27 +00:00
Zuul b9c48afd15 Merge "Docs: correct cpu_thread_policy explanation" 2021-01-20 17:55:32 +00:00
Zuul cd794aa538 Merge "doc: require openstack client change for every new API microversion" 2021-01-20 17:04:42 +00:00
Manik Sidana 5f93b680e7 Fix typo in warning message
Change-Id: Idcc1671f3c584064469052b1cbe044f146af45ee
Closes-Bug: #1910960
2021-01-11 14:05:15 +05:30
Zuul 96e9124ad7 Merge "Ignore PCI devices with 32bit domain" 2020-12-23 13:26:43 +00:00
Balazs Gibizer 1c056c384d Fallback to same-cell resize with qos ports
The cross-cell resize code does not consider neutron ports with resource
request. To avoid migration failures this patch makes nova to fall back
to same cell resize if the instance has neutron ports with resource

Change-Id: Icaad4b2375b491c8a7e87fb6f4977ae2e13e8190
Closes-Bug: #1907522
2020-12-16 17:01:49 +01:00
Takashi Natsume bd0ead2d63 Add a description in the PTL guide
Add a description to update the RESI API microversion history
after milestone-3 in the PTL guide.

Change-Id: I1530f77291feda4c916cfe9c4a54de7dfdd8180f
Signed-off-by: Takashi Natsume <>
2020-12-13 11:28:00 +00:00
Zuul f27a11feb7 Merge "Update supported transports for iscsi connector" 2020-12-05 17:01:40 +00:00
Artom Lifshitz 3cb1215f19 Docs: correct cpu_thread_policy explanation
With the landing of the cpu-resources series in train [1], the
hw:cpu_thread_policy extra spec has a different effect than before.
Correct our documentation.


Change-Id: I338408b01b1d2328035dd92d2588710a20aba323
2020-12-02 11:46:38 -05:00
Takashi Natsume 9c0ea4a901 doc: Fix rendering in the PTL guide
Change-Id: I87c21431d8e286af793178ac934cc8f13cece523
Signed-off-by: Takashi Natsume <>
2020-11-25 23:14:59 +09:00
Zuul 28a0dfb11d Merge "doc: Update the PTL guide" 2020-11-23 15:45:44 +00:00
Zuul ab90c7af56 Merge "Add os-volume_attachments reference docs" 2020-11-23 12:58:41 +00:00
Balazs Gibizer 65fb14c36e doc: require openstack client change for every new API microversion
To avoid widening the gap between novaclient and openstack client we
require to add support for each new microversion in both clients.

Change-Id: I136cae2ea0b2f59c46d999569998e80ec5d4f24d
2020-11-16 11:25:55 +01:00
Balazs Gibizer 8c9d6fc8f0 Ignore PCI devices with 32bit domain
Nova and QEMU[1] supports PCI devices with a PCI address that has 16 bit
domain. However there are hypervisors that reports PCI addresses with
32 bit domain. While today we cannot assign these to guests this should
not prevent the nova-compute service to start.

This patch changes the PCI manager to ignore such PCI devices.

Please note that this patch does not change fact that nova does not
allow specifying PCI addresses with 32bit domain in the
[pci]/passthrough_whitelist configuration. Such configuration is still
rejected at nova-compute service startup.

Closes-Bug: #1897528

[1] f2a1cf9180/hw/core/qdev-properties.c (L993)

Change-Id: I59a0746b864610b6a314078cf5661d3d2b84b1d4
2020-11-16 11:16:57 +01:00
Takashi Natsume a1ec6e69fa doc: Update the PTL guide
Add a description to update the contributor guide
in the PTL guide.

Change-Id: I1e292a98ed72cf181a944c2bb20ff3a4d0bdd600
Signed-off-by: Takashi Natsume <>
2020-11-14 13:56:42 +09:00
Radosław Piliszek 52c8137b4b [docs] Fix a placement client's command
For amending a single value, `--amend` switch is required to be
used. Otherwise Placement will return 400 about required
properties being missing.

Change-Id: Ia94be98dea22f97bc89201ee2a0a1a4e6b54c875
2020-11-13 15:26:46 +01:00
Takashi Natsume bf47afd70a Update contributor guide for Wallaby
Change-Id: I8ce10c7dad73da2c2269282b9f2350a230e3aa84
Signed-off-by: Takashi Natsume <>
2020-11-11 12:54:35 +00:00
Lee Yarwood b62f9a04a0 Add os-volume_attachments reference docs
This change adds a simple sequence diagram showing the flow of a volume
attachment between the various services, using the libvirt driver as an
example virt driver.

Change-Id: I631ac9de3d48aa0ad849f6615d0ad2052cb63e80
2020-11-09 17:12:48 +00:00
Balazs Gibizer 3b8257cd23 Add upgrade check about old computes
Report a warning during upgrade checks if there are computes older than
the previous major nova release in the system.

So if code is upgraded to Wallaby and the upgrade check was run before
the restart of the services with W code then the check warns for Ussuri
computes in the system.

Change-Id: I873b0c1e6e695ae88241bbf75ac9f80ecc6f5664
2020-11-04 15:43:09 +01:00
Balazs Gibizer aa7c6f8769 Prevent starting services with older than N-1 computes
Nova services only support computes that are not older than
the previous major release. This patch introduces a check in the
service startup that prevents staring the service if too old computes
are detected.

Change-Id: Ie15ec8299ae52ae8f5334d591ed3944e9585cf71
2020-11-04 14:05:52 +01:00
Zuul e2a1bc7641 Merge "[doc]: Fix glance image_metadata link" 2020-10-24 01:23:53 +00:00
Stephen Finucane b32a685595 docs: Make JSON valid
Pygments 2.7.x is stricter in how it validates JSON escapes, aligning it
closer with the spec [1]. Turns out we have some invalid JSON in our
docs, meaning builds are now failing with the following error:

  doc/source/user/metadata.rst:262: WARNING: Could not lex literal_block
  as "json". Highlighting skipped.

Resolve this.

[1] 9514e794e0

Change-Id: Ic50e29e9c7817744ad0b4f9de309aa3e96a09505
Signed-off-by: Stephen Finucane <>
2020-10-23 17:15:43 +01:00
Balazs Gibizer f5a68826c7 [doc]: Fix glance image_metadata link
Change-Id: Ib1e3798992696cf5f271b20bc731b8b766d173ac
Closes-Bug: #1900731
2020-10-21 18:19:13 +02:00
Zuul 5441a76b0e Merge "docs: fix aggregate weight multiplier property names" 2020-09-22 15:27:51 +00:00
Wang Huaqiang db7f263406 doc: correct the link to user/flavor.rst
In commit a76277f81a, the introduction
of flavor extra specs, such as 'hw:cpu_policy', 'hw:cpu_thread_policy'
and ... , have been moved to 'doc/source/user/flavors.rst' from
'doc/source/admin/flavors.rst', while in 'cpu-topologiest.rst' this
change hasn't been updated. Apply this change.

Change-Id: I031a5ea6de00a8c5cf67897ddb78075c8bc79c0b
Signed-off-by: Wang Huaqiang <>
2020-09-18 09:02:58 +00:00