You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

455 lines
17 KiB

# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import functools
import os_traits
from oslo_log import log as logging
from oslo_utils import timeutils
import nova.conf
from nova import context as nova_context
from nova import exception
from nova.i18n import _
from import neutron
from nova import objects
from nova.scheduler.client import report
from nova.scheduler import utils
from nova.virt import hardware
CONF = nova.conf.CONF
LOG = logging.getLogger(__name__)
TENANT_METADATA_KEY = 'filter_tenant_id'
def trace_request_filter(fn):
def wrapper(ctxt, request_spec):
timer = timeutils.StopWatch()
ran = False
with timer:
ran = fn(ctxt, request_spec)
if ran:
# Only log info if the filter was enabled and not
# excluded for some reason
LOG.debug('Request filter %r took %.1f seconds',
fn.__name__, timer.elapsed())
return ran
return wrapper
def isolate_aggregates(ctxt, request_spec):
"""Prepare list of aggregates that should be isolated.
This filter will prepare the list of aggregates that should be
ignored by the placement service. It checks if aggregates has metadata
'trait:<trait_name>='required' and if <trait_name> is not present in
either of flavor extra specs or image properties, then those aggregates
will be included in the list of isolated aggregates.
Precisely this filter gets the trait request form the image and
flavor and unions them. Then it accumulates the set of aggregates that
request traits are "non_matching_by_metadata_keys" and uses that to
produce the list of isolated aggregates.
if not CONF.scheduler.enable_isolated_aggregate_filtering:
return False
# Get required traits set in flavor and image
res_req = utils.ResourceRequest.from_request_spec(request_spec)
required_traits = res_req.all_required_traits
keys = ['trait:%s' % trait for trait in required_traits]
isolated_aggregates = (
ctxt, keys, 'trait:', value='required'))
# Set list of isolated aggregates to destination object of request_spec
if isolated_aggregates:
if ('requested_destination' not in request_spec or
request_spec.requested_destination is None):
request_spec.requested_destination = objects.Destination()
destination = request_spec.requested_destination
agg.uuid for agg in isolated_aggregates)
return True
def require_tenant_aggregate(ctxt, request_spec):
"""Require hosts in an aggregate based on tenant id.
This will modify request_spec to request hosts in an aggregate
defined specifically for the tenant making the request. We do that
by looking for a nova host aggregate with metadata indicating which
tenant it is for, and passing that aggregate uuid to placement to
limit results accordingly.
enabled = CONF.scheduler.limit_tenants_to_placement_aggregate
agg_required = CONF.scheduler.placement_aggregate_required_for_tenants
if not enabled:
return False
aggregates = objects.AggregateList.get_by_metadata(
ctxt, value=request_spec.project_id)
aggregate_uuids_for_tenant = set([])
for agg in aggregates:
for key, value in agg.metadata.items():
if key.startswith(TENANT_METADATA_KEY):
if aggregate_uuids_for_tenant:
if ('requested_destination' not in request_spec or
request_spec.requested_destination is None):
request_spec.requested_destination = objects.Destination()
destination = request_spec.requested_destination
LOG.debug('require_tenant_aggregate request filter added '
'aggregates %s for tenant %r',
elif agg_required:
LOG.warning('Tenant %(tenant)s has no available aggregates',
{'tenant': request_spec.project_id})
raise exception.RequestFilterFailed(
reason=_('No hosts available for tenant'))
return True
def map_az_to_placement_aggregate(ctxt, request_spec):
"""Map requested nova availability zones to placement aggregates.
This will modify request_spec to request hosts in an aggregate that
matches the desired AZ of the user's request.
if not CONF.scheduler.query_placement_for_availability_zone:
return False
az_hint = request_spec.availability_zone
if not az_hint:
return False
aggregates = objects.AggregateList.get_by_metadata(ctxt,
if aggregates:
if ('requested_destination' not in request_spec or
request_spec.requested_destination is None):
request_spec.requested_destination = objects.Destination()
agg_uuids = [agg.uuid for agg in aggregates]
LOG.debug('map_az_to_placement_aggregate request filter added '
'aggregates %s for az %r',
return True
def require_image_type_support(ctxt, request_spec):
"""Request type-specific trait on candidates.
This will modify the request_spec to request hosts that support the
disk_format of the image provided.
if not CONF.scheduler.query_placement_for_image_type_support:
return False
if request_spec.is_bfv:
# We are booting from volume, and thus compute node image
# disk_format support does not matter.
return False
disk_format = request_spec.image.disk_format
trait_name = 'COMPUTE_IMAGE_TYPE_%s' % disk_format.upper()
if not hasattr(os_traits, trait_name):
'Computed trait name %r is not valid; is os-traits up to date?',
return False
LOG.debug('require_image_type_support request filter added required '
'trait %s', trait_name)
return True
def transform_image_metadata(ctxt, request_spec):
"""Transform image metadata to required traits.
This will modify the request_spec to request hosts that support
virtualisation capabilities based on the image metadata properties.
if not CONF.scheduler.image_metadata_prefilter:
return False
prefix_map = {
'hw_cdrom_bus': 'COMPUTE_STORAGE_BUS',
'hw_disk_bus': 'COMPUTE_STORAGE_BUS',
'hw_video_model': 'COMPUTE_GRAPHICS_MODEL',
'hw_vif_model': 'COMPUTE_NET_VIF_MODEL',
'hw_architecture': 'HW_ARCH',
'hw_emulation_architecture': 'COMPUTE_ARCH',
'hw_viommu_model': 'COMPUTE_VIOMMU',
trait_names = []
for key, prefix in prefix_map.items():
if key in
value =
'-', '_').upper()
trait_name = f'{prefix}_{value}'
if not hasattr(os_traits, trait_name):
LOG.error('Computed trait name %r is not valid; '
'is os-traits up to date?', trait_name)
return False
for trait_name in trait_names:
'transform_image_metadata request filter added required '
'trait %s', trait_name
return True
def compute_status_filter(ctxt, request_spec):
"""Pre-filter compute node resource providers using COMPUTE_STATUS_DISABLED
The ComputeFilter filters out hosts for compute services that are
disabled. Compute node resource providers managed by a disabled compute
service should have the COMPUTE_STATUS_DISABLED trait set and be excluded
by this mandatory pre-filter.
trait_name = os_traits.COMPUTE_STATUS_DISABLED
LOG.debug('compute_status_filter request filter added forbidden '
'trait %s', trait_name)
return True
def accelerators_filter(ctxt, request_spec):
"""Allow only compute nodes with accelerator support.
This filter retains only nodes whose compute manager published the
COMPUTE_ACCELERATORS trait, thus indicating the version of n-cpu is
sufficient to handle accelerator requests.
trait_name = os_traits.COMPUTE_ACCELERATORS
if request_spec.flavor.extra_specs.get('accel:device_profile'):
LOG.debug('accelerators_filter request filter added required '
'trait %s', trait_name)
return True
def routed_networks_filter(
ctxt: nova_context.RequestContext,
request_spec: 'objects.RequestSpec'
) -> bool:
"""Adds requested placement aggregates that match requested networks.
This will modify request_spec to request hosts in aggregates that
matches segment IDs related to requested networks.
:param ctxt: The usual suspect for a context object.
:param request_spec: a classic RequestSpec object containing the request.
:returns: True if the filter was used or False if not.
:raises: exception.InvalidRoutedNetworkConfiguration if something went
wrong when trying to get the related segment aggregates.
if not CONF.scheduler.query_placement_for_routed_network_aggregates:
return False
# NOTE(sbauza): On a create operation with no specific network request, we
# allocate the network only after scheduling when the nova-compute service
# calls Neutron. In this case, here we just want to accept any destination
# as fine.
# NOTE(sbauza): This could be also going from an old compute reschedule.
if 'requested_networks' not in request_spec:
return True
# This object field is not nullable
requested_networks = request_spec.requested_networks
# NOTE(sbauza): This field could be not created yet.
if (
'requested_destination' not in request_spec or
request_spec.requested_destination is None
request_spec.requested_destination = objects.Destination()
# Get the clients we need
network_api = neutron.API()
report_api = report.report_client_singleton()
for requested_network in requested_networks:
network_id = None
# Check for a specifically requested network ID.
if "port_id" in requested_network and requested_network.port_id:
# We have to lookup the port to see which segment(s) to support.
port = network_api.show_port(ctxt, requested_network.port_id)[
if port['fixed_ips']:
# The instance already exists with a related subnet. We need to
# stick on this subnet.
# NOTE(sbauza): In case of multiple IPs, we could have more
# subnets than only one but given they would be for the same
# port, just looking at the first subnet is needed.
subnet_id = port['fixed_ips'][0]['subnet_id']
aggregates = utils.get_aggregates_for_routed_subnet(
ctxt, network_api, report_api, subnet_id)
except exception.InvalidRoutedNetworkConfiguration as e:
raise exception.RequestFilterFailed(
reason=_('Aggregates not found for the subnet %s'
) % subnet_id) from e
# The port was just created without a subnet.
network_id = port["network_id"]
elif (
"network_id" in requested_network and requested_network.network_id
network_id = requested_network.network_id
if network_id:
# As the user only requested a network or a port unbound to a
# segment, we are free to choose any segment from the network.
aggregates = utils.get_aggregates_for_routed_network(
ctxt, network_api, report_api, network_id)
except exception.InvalidRoutedNetworkConfiguration as e:
raise exception.RequestFilterFailed(
reason=_('Aggregates not found for the network %s'
) % network_id) from e
if aggregates:
'routed_networks_filter request filter added the following '
'aggregates for network ID %s: %s',
network_id, ', '.join(aggregates))
# NOTE(sbauza): All of the aggregates from this request will be
# accepted, but they will have an AND relationship with any other
# requested aggregate, like for another NIC request in this loop.
return True
def remote_managed_ports_filter(
context: nova_context.RequestContext,
request_spec: 'objects.RequestSpec',
) -> bool:
"""Filter out hosts without remote managed port support (driver or hw).
If a request spec contains VNIC_TYPE_REMOTE_MANAGED ports then a
remote-managed port trait (COMPUTE_REMOTE_MANAGED_PORTS) is added to
the request in order to pre-filter hosts that do not use compute
drivers supporting remote managed ports and the ones that do not have
the device pools providing remote-managed ports (actual device
availability besides a pool presence check is done at the time of
PciPassthroughFilter execution).
if request_spec.requested_networks:
network_api = neutron.API()
for request_net in request_spec.requested_networks:
if request_net.port_id and network_api.is_remote_managed_port(
context, request_net.port_id):
LOG.debug('remote_managed_ports_filter request filter added '
f'trait {os_traits.COMPUTE_REMOTE_MANAGED_PORTS}')
return True
def ephemeral_encryption_filter(
ctxt: nova_context.RequestContext,
request_spec: 'objects.RequestSpec'
) -> bool:
"""Pre-filter resource provides by ephemeral encryption support
This filter will only retain compute node resource providers that support
ephemeral storage encryption when the associated image properties or flavor
extra specs are present within the request spec.
# Skip if ephemeral encryption isn't requested in the flavor or image
if not hardware.get_ephemeral_encryption_constraint(
request_spec.flavor, request_spec.image):
LOG.debug("ephemeral_encryption_filter skipped")
return False
# Always add the feature trait regardless of the format being provided
LOG.debug("ephemeral_encryption_filter added trait "
# Try to find the format in the flavor or image and add as a trait
eph_format = hardware.get_ephemeral_encryption_format(
request_spec.flavor, request_spec.image)
if eph_format:
# We don't need to validate the trait here because the earlier call to
# get_ephemeral_encryption_format will raise if it is not valid
trait_name = f"COMPUTE_EPHEMERAL_ENCRYPTION_{eph_format.upper()}"
LOG.debug(f"ephemeral_encryption_filter added trait {trait_name}")
return True
def process_reqspec(ctxt, request_spec):
"""Process an objects.ReqestSpec before calling placement.
:param ctxt: A RequestContext
:param request_spec: An objects.RequestSpec to be inspected/modified
for filter in ALL_REQUEST_FILTERS:
filter(ctxt, request_spec)