39 Commits

Author SHA1 Message Date
Brandon Logan
21058fae59 REST Amp Agent: Handle interfaces file too
The amphora agent should be able to add interfaces by using the
/etc/network/interfaces file as well as the /etc/network/interfaces.d/*.cfg
files.

Closes-Bug: #1507889
Change-Id: I7840931fc426a0c74386512dfae3666d223049f8
2015-11-14 02:31:14 +09:00
ptoohill1
0d0853f4b9 Make amphora ssh access configurable
It some instances it is required to not allow access to the Amphora.
In order to solve both cases make the option configurable.

DocImpact
Closes-Bug: #1515078

Change-Id: I8a04ca86e4111c44a0bf44c8993b87a7acc334a2
2015-11-11 19:26:49 -06:00
German Eichberger
6ff8907f2d Adds cert_manager option to octavia.conf
Adds the cert manager option the conf file to make it easier
for users to enable Barbican for TLS termination

Change-Id: I38b9fa9b74fd3fc2046dc7e2eb403932e4573479
2015-10-19 14:23:37 -07:00
ptoohill1
811f7a594e Adding init.d script
For booting on systems where upstart isnt used, such as
Debian, an init.d script can be used.

Change-Id: I2fadc32dc73f31d733c424591d64448059de89e3
Closes-Bug: #1502542
2015-10-04 16:21:06 -05:00
Michael Johnson
833d633975 Increase the number of network call retries
On hosts without nested virtualization enabled, network calls
can timeout.  This triples the number of retries Octavia attempts
for networking calls.

Change-Id: I31ff9cbbdb073d0ee92971894fac86a2245c93f8
2015-09-21 19:13:13 +00:00
ptoohill1
2494c1f920 Make keystone verify configurable
In some cases, such as test environements, it is required
to run with an insecure keystone connection. Allow for a
configuration option to set the verify flag.

Change-Id: I4b0658322b5d737b116d5659551fb2fe4f9e68a1
2015-09-17 11:30:51 -05:00
Brandon Logan
d14ebc2cdf Fix issues uncovered by neutron lbaas tempest tests
Updating a listener caused issues because SNI was not being appropriately
handles on a listener update.  This has been "fixed" but another patch will be
needed to make sure that every listener update does not clear out the list. I
think it is best to leave that for another review though.

This also fixes the bug where security groups were not getting cleaned up when
a load balancer is deleted.  Since neutron does not synchronously remove a
security group from a port, a retry mechanism had to be used and thus more
config options to tune the interval and max attempts.

Change-Id: I0434b8ced144ab08413b91569bd008295ef1784e
Closes-Bug: #1464953
2015-09-15 18:02:40 -05:00
Jenkins
9cf4fe4b75 Merge "Implement UDP heartbeat sender and receiver" 2015-09-10 16:01:09 +00:00
Jenkins
9d1e5defd0 Merge "health manager service" 2015-09-10 02:49:59 +00:00
minwang
c511b2f195 Increase connection_max_retries to be 300
We also set request_poll_timeout to be 3000 in neutron.conf;
This can help to resolve the error for could not ssh to instance for octavia gate-setting.


This patch is needed by https://review.openstack.org/#/c/209675/


Change-Id: I90002a8913dd7db375ff5740a3f9cd5566b82054
2015-09-09 18:16:22 +00:00
Carlos D. Garza
ccd7865350 Implement UDP heartbeat sender and receiver
Used binary compressed encoding of json dumped object. To reduce
the size needed to send heart beats incase some stats objects
start getting sent later on. Also used sha256 instead of sha1
with hmac.

Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Co-Authored-By: German Eichberger <german.eichbeger@hp.com>
Co-Authored-By: Carlos Garza <carlos.garza@rackspace.com>
Partially implements: health-manager
Change-Id: I932c693101b94c9132e1741291610508876eab43
2015-09-09 06:48:24 +00:00
minwang
f849f55e5e health manager service
This model is used to check amphora health
Add a column 'busy' and primary key  for data table amphora health
Add mutiprocessing code in cmd/health_manager, one for health check, the other is for UDP pacakge listening,

Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Co-Authored-By: min wang <swiftwangster@gmail.com>
Implements: blueprint health-manager
Change-Id: I8aeb6b82b58b59951a414e7c2e4c2c58c33a5d15
2015-09-09 06:32:19 +00:00
Jenkins
72dbe50126 Merge "Added support of multi-region environment" 2015-09-02 21:52:10 +00:00
Jenkins
11d682870b Merge "Increase the amp active retries to be 500 times" 2015-08-29 18:28:37 +00:00
minwang
1271d5653f Increase the amp active retries to be 500 times
By increasing te times of amphora active retries,we are targeting for octavia gate setting to work.

Change-Id: If81cc13966a0a24368225b89c9678f6b0fdc1a7b
2015-08-28 13:41:52 -07:00
Bertrand Lallau
0ab265ff41 Added support of multi-region environment
Octavia does not support keystone regions and can choose an incorrect
endpoint url when multiple regions provides same services.

Change-Id: I5ea9de380419592920555a2c2fe7ac6f6935e700
Closes-Bug: #1487359
2015-08-28 19:25:45 +02:00
Jenkins
41cd509270 Merge "Correct rabbit messaging config set in devstack" 2015-08-28 09:03:33 +00:00
Bertrand Lallau
4bd3b20083 Correct rabbit messaging config set in devstack
Config section [oslo_messaging] used to set rabbit config is wrong and not used anymore.
New section [oslo_messaging_rabbit] must be used.

Change-Id: Id06bcdfbfecda202bff13915c4f020bc00e19c3c
2015-08-26 10:11:38 +02:00
bharath
d74ef6b138 Add Housekeeping to manage spare amphora and DB cleanup
Updating config file to include attributes for spare check and db cleanup
Validate the spare amphora count and create new ones when needed
Perform DB cleanup of the expired amphora

Implements: blueprint housekeeping-manager
Change-Id: I98990fbd3a3cb281a70e0eab97f256c960ca5dcb
2015-08-20 03:04:18 -07:00
ptoohill1
fc427679bd Pluggable controller worker
Change-Id: I11496547431fd5c4d162381afd9bc88b3de7513e
2015-07-30 08:51:30 +00:00
German Eichberger
0abcbc4f7d haproxy reference amphora REST API client
Adds rest driver methods
Adds rest driver tests
Add cert task for generating server certs
Modified compute task/flow
Fixed local certificate stuff
Refactored to use requests-mock inetad of responses
Added a "conditiobal flow" for REST

Cleaned up and changed the code to work with
https://review.openstack.org/#/c/160034/

Replaces:
https://review.openstack.org/#/c/144348/
https://review.openstack.org/#/c/145637/14

Change-Id: Ibcbf0717b785aab4c604deef1061e8b2fa41006c
Co-Authored-By: Phillip Toohill <phillip.toohill@rackspace.com>
Co-Authored-By: German Eichberger <german.eichberger@hp.com>
Co-Authored-By: Stephen Balukoff <sbalukoff@bluebox.net>
Implements: bp/haproxy-amphora-driver
2015-06-29 09:08:37 -07:00
German Eichberger
40440b8a0b Implements the haproxy amphora agent api server
- Added configuration
- Added uploading of haproxy config
- Added start, stop, reload (async)
- Added get_details
- Fixed returns of API -- they are now all spec conform
- Added info, get haproxy file
- Added function to get listener status
- Added class to parse haproxy stats socket
- Added methods to handle certs
- Added client cert validation to the sever
- Added script to generate example certs
- Added init script for agent
- Added network and vip plugging
- Added devstack stuff
- Added diskimage scripts; upstart ini file

Change-Id: Ib1db8da9e019e68e9a0f4a16a622b8b1286afd3e
Implements: blueprint amphora-api
2015-06-02 18:13:39 +00:00
ptoohill1
987480156e Fixing inconsistencies and applying sane defaults
Update haproxy_amphora section with sane defaults
Fixed inconsistency with example conf
Updated controller worker and test to reflect updated config option

Change-Id: Ib178df4476bab3fa220c6955dc57c49e4d8f1066
2015-05-04 12:11:45 -05:00
Jorge Miramontes
65e361613e Implemented Queue Consumer
Co-Authored-By: Jorge Miramontes <jorge.miramontes@rackspace.com>
Co-Authored-By: Brandon Logan <brandon.logan@rackspace.com>

Change-Id: I6e739506f29aa4131d7f3626a66f3ac6ea816863
2015-04-30 16:48:09 -05:00
Michael Johnson
424c320b01 Implements Octavia Controller Worker
Co-Authored-By: Aishwarya Thangappa <aishwarya.thangappa@gmail.com>
Co-Authored-By: German Eichberger <german.eichberger@hp.com>
Implements: blueprint controller-worker
Change-Id: If44a70d6ada43673d827987081e7c760598523bd
2015-04-29 21:34:07 +00:00
Trevor Vardeman
fac74ad2d6 Amphora SSH Driver
Adds config value to retrieve key for amphora access
Adds a HAProxyManager class with methods to modify/delete/start/stop an amphora
Modified sample_config to include amphorae on load balancer

Change-Id: I3fc2423a480ecc4b1b732a83fa1d4981c213da47
Implements: blueprint bp/haproxy-amphora-driver
2015-04-29 16:22:55 -05:00
Michael Johnson
3567965154 Fixes a config load bug for keystone v3 domains
The config loading code for keystone v3 authtokens
require domian paramters, but the keystone middleware
currently doesn't have those configuration options.
This fixes the config loading for the domains.

Change-Id: Ieb1571e64ef52b8e48fe21883d3c9f57c8402a54
2015-04-29 17:38:40 +00:00
ptoohill1
6c85431e53 Use stevedore to load API handler
Updates controller base to load handler via stevedore
Updates setup.cfg with entry point
Updates octavia.conf for api_handler default example
Updates config.py for api_handler
Updates requirements.txt for stevedore

Change-Id: I67e3da376fad1d48cec7f56f990c4b13ac7f4b83
2015-04-22 17:59:14 -05:00
Michael Johnson
b88d5ee53b Fix the common/keystone.py for identity v3
tenant_name is no longer accepted for the v3 client authentication.
This patch updates that to project_name which is accepted on v3.

Change-Id: Iccc460c1a4bae10ff530ce09888b877bfd5c39f4
2015-04-21 00:38:46 +00:00
ptoohill1
03f1d5d88c Updates service and config for Octavia API
Updates bind_port default to something not already used(hopefully)
Updates prepare_service to follow oslo_log new behaviour
Updates octavia.conf bind_port default

Change-Id: I399aeb200bccb97ada4e8d59ac7b3ffb0646fb6d
2015-04-16 01:27:28 +00:00
Carlos D. Garza
939e685d96 Switched from sha265 to sha256 in octavia.conf
Seems sha256 is more popular then sha265.

Change-Id: I19eec93410973d68f5d221a7964211e8af06c2d8
2015-04-15 16:17:26 -05:00
German Eichberger
4ebc80e9d0 Patches nova client to work with HP Cloud
- nova v2 only
- network instead of interfaces

Change-Id: Ibe7059013fd67be81b5aa183457d66a69ecc0ab8
2015-01-21 09:21:44 -08:00
Trevor Vardeman
0053509489 Nova driver implementation
Added nova_driver for amphora creation through nova
Added amphora types list and an entry for Virtual Machine type to constants
Added nova version list and available versions to constants
Added amphora status list and UP/DOWN statuses to constants
Added to amphora data_model for reuse in response from nova_driver
Added testing for nova_driver

Change-Id: I6c45dae5dbdd39515f9db02e8765d68871da2762
Partially-Implements: blueprint nova-compute-driver
2015-01-13 16:43:48 -06:00
Brandon Logan
6b511cc113 Added pymysql as default DBAPI
pymysql does not require any system dependencies so it just
requires a pip install unlike MySQL-Python.

Change-Id: I4839e2995869b6dc857052632701affbd9bfcc5e
2014-12-12 16:22:51 -06:00
Brandon Logan
9786021205 Implementing simple operator API
Setup executable to use wsgiref.simple_server
Simple setup of pecan
Defined controllers that define the API resources
Implemented all controllers to manipulate database and send to handler
Added repository methods required for creating multiple items in one transaction
Defined a few API exceptions based of wsme exceptions
Defined the wsme types that define the resource response and request bodies
Defined an abstract handler that all handlers should subclass
Defined a simple handler that is responsible for sending to controller
Added some wsme type tests

Implements: bp/operator-api

Change-Id: I0d91934db47a6e45f0c9ac22089f8689957bd239
2014-12-11 20:22:14 -06:00
Adam Harwell
1e866f3ba2 Local development implementation for Certificates
A basic local filesystem implementation of CertManager and
a local pyOpenSSL implementation of CertGenerator.

Change-Id: I0eb0476afaad8a1bbb2eaaf90564eb63f7872546
Partially-implements: blueprint tls-data-security
2014-11-12 15:40:10 -06:00
Adam Harwell
1c873900b2 Support for Certificate data handling
Create an interface CertManager for handling certificate data.
Create an interface CertGenerator for signing certificates from CSRs.

Change-Id: I7a18496b9665b74c6ca89c503e68ef33a8581d0f
Partially-implements: blueprint tls-data-security
2014-11-11 14:29:01 -06:00
Adam Harwell
b965777fac KeystoneAuth global configuration data
This configuration data will be used by any Octavia code that requires a
service account.

Change-Id: Icd4b419cec5f49d5adae9a5f623ce15d0eb19ae0
2014-11-10 16:30:02 -06:00
Doug Wiegley
74eee09e4b Initial directory skeleton
Implements: blueprint initial-skeleton
Change-Id: If6559f5e1adf4aee70f5d92b5dfcf9fead86b205
2014-09-04 15:28:10 -06:00