Commit Graph

3467 Commits

Author SHA1 Message Date
Zuul
2de31e9173 Merge "Add validation for VIP network parameters in amphora driver" 2021-01-30 00:45:33 +00:00
Zuul
673a5691c1 Merge "Support deletion of all tags" 2021-01-29 05:19:53 +00:00
Zuul
d221cd8937 Merge "Install HAProxy 2.x in CentOS amphora images" 2021-01-29 02:41:30 +00:00
Zuul
b206516c07 Merge "Fix PROXYV2 pools" 2021-01-29 01:13:46 +00:00
Carlos Goncalves
3730d27232 Install HAProxy 2.x in CentOS amphora images
The CentOS NFV SIG [1] maintains a RPM repository with extra and newer
packages. This includes HAProxy 2.2 as of this time of writing.

[1] https://wiki.centos.org/SpecialInterestGroup/NFV

Change-Id: I2f64a44c566f138c58ea4be53b1ff90a52012950
2021-01-28 22:14:52 +00:00
Carlos Goncalves
d2d5fc80f8 Add ALPN support for TLS-enabled pools
ALPN is a TLS extension for application-layer protocol negotiation
within the TLS handshake [1].

This patch extends the Pool API to include a new 'alpn_protocols'
parameter. With this parameter, users can set an ALPN preference list
(descending order of preference) to be advertised by load balancer to
members.

This patch also adds HTTP/2 over TLS support to TLS-enabled pools to the
Amphora provider driver, although default the pool ALPN protocol list
configuration setting has HTTP/2 disabled similarly to the default
listener ALPN protocol list value added in Victoria release.

[1] https://tools.ietf.org/html/rfc7301

Change-Id: I91924486bab22601c15c538c8a5282ad8bc54700
2021-01-28 14:42:48 +01:00
Gregory Thiemonge
dda1d8665c Add validation for VIP network parameters in amphora driver
Some network parameters can be validated in the API, it would avoid to
handle exceptions in the worker when plugging networking resources.
This commit validates that port_security_enabled is True on the VIP
network when using the amphora driver.

Story: 2008449
Task: 41422

Change-Id: I1236d3c6231a657b2aa53b1e488a4d0fe3215070
2021-01-26 17:34:21 +01:00
Gregory Thiemonge
fbbc5f9024 Validate listener protocol in amphora driver
Validate that the amphora driver supports the listener protocol when
receving a listener_create request.

It returns an UnsupportedOptionError exception to the user if the
amphora driver doesn't support a protocol that is defined in the API
(ex: SCTP is supported in the API in the Victoria release, but not in
the amphora driver).

Story: 2008545
Task: 41647

Change-Id: I1c5cb987945a7a465bfecfda399dfe93fc1b76bb
2021-01-21 10:00:47 +01:00
Brian Haley
a4aa03d3bc Fix the unit test tree structure
There were a few unit test files that didn't match their
code counterparts, so were a little hard to find. Moved
things around to line-up better, leaving only a handful
of exceptions to ignore. Added a test script to check
things so it won't happen again, copied from Neutron.

No actual code was changed, files were just moved around.

Change-Id: I6d84047b3481a2bf6bf9bd17d482fb504dbc752b
2021-01-14 15:55:35 -05:00
Zuul
b62d9f0214 Merge "Fix operating status for empty UDP pools" 2021-01-11 08:06:52 +00:00
Zuul
4704e458a8 Merge "Fix periodic image builder jobs" 2021-01-04 11:28:30 +00:00
Lingxian Kong
1a86e454e7 Use 'bash' in the keepalived check script
Use bash instead of sh to avoid the error "shopt: not found"

Change-Id: Ib089affa229531cd72f6853105d74b446687ae86
Story: 2008437
Task: 41399
2020-12-17 12:52:01 +00:00
Gregory Thiemonge
d81a0556f5 Fix periodic image builder jobs
publish-openstack-octavia-amphora-image* jobs started failing because
ubuntu no longer provides yum-utils package.
Now dependencies have been cleaned up for the ubuntu job, and the centos
job uses a centos node. The zuul playbook now works on Ubuntu and
RedHat/Centos nodes.

Change-Id: Ifca01d91d8eb92115d56744f4963e91ac537dd8e
2020-12-17 13:50:40 +01:00
Brian Haley
dc876eed9d Fix gate failure
Bumped a bunch of constraints and requirements to fix
a gate failure with recent pip update.

Change-Id: I7af382a993bd16ce4e32a9052337f006d9aa58aa
2020-12-15 14:33:09 -05:00
Zuul
773e41f2d8 Merge "Remove re-import of octavia-lib constants" 2020-12-03 20:54:31 +00:00
Zuul
9d38db9065 Merge "Add amphora_id in store params for failover_amphora" 2020-12-03 06:45:11 +00:00
Zuul
8258992c01 Merge "Fix nf_conntrack_buckets sysctl in Amphora" 2020-12-02 15:39:31 +00:00
Zuul
e9e8f5229d Merge "Fix missing cronie package in RHEL-based image builds" 2020-11-27 11:25:52 +00:00
Zuul
8ef137ff1b Merge "Map cloud-guest-utils to cloud-utils-growpart for Red Hat distros." 2020-11-27 11:25:27 +00:00
Ann Taraday
1a154839c2 Add amphora_id in store params for failover_amphora
Several tasks require amphora_id parameter to be passed in
get_amphora_for_lb_failover_subflow.
Execution passed results in error:

taskflow.exceptions.NotFound: Mapped argument 'amphora_id' <=
'amphora_id' was not produced by any accessible provider
(1 possible providers were scanned).

Also fix getting ID parameter from amphora dict in
AmphoraIndexListenersReload and add missing retries for create_*
resources in v2 worker.

Change-Id: I5ed6288b2776bd7f1c9b67e9cfd9a8f05b1196be
2020-11-25 19:07:08 +04:00
Gregory Thiemonge
2954370e38 Fix operating status for empty UDP pools
Fix empty UDP pools status: a UDP pool without members went OFFLINE
instead of ONLINE.

This commit changes the keepalived configuration with empty pools:
the configuration now contains a virtual_server and a comment about the
existing pool. This comment is used by the get_udp_listener_pool_status
to detect that the pool exists and is not offline.

Story 2007984
Task 40610

Change-Id: I30e23ca13d033d77c8ebdabbfdc7b54556a9466b
2020-11-20 14:14:56 +01:00
Gregory Thiemonge
9653920a04 Remove useless proto parameter from sample functions
Some functions in unit tests are creating namedtuples that represent
loadbalancers, these sample loadbalancer objects contain a 'protocol'
field that doesn't exist in real objects and isn't used.

Change-Id: I8f191a720a3d38a7f579ed5f587563bfd40cce15
2020-11-20 10:13:11 +01:00
Martin Chlumsky
6aa23358eb Fix missing cronie package in RHEL-based image builds
In RHEL-based distros, cron is provided by the cronie package. This package is
missing from the amphora built images.

This patch maps the cron package to cronie for distros in the Red Hat family.

Change-Id: I6fb7889de90e8e5354c1e6ce2c95ec0199ce90e3
Story: 2008351
Task: 41253
2020-11-19 17:48:50 -05:00
Brian Haley
15a68fd426 Remove re-import of octavia-lib constants
W0404: Reimport 'constants' (imported line 17) (reimported)

constants was already imported, just use the first one.

Change-Id: I5d999d72cfe55600238c0daaa22766b7fe716e41
2020-11-19 16:05:05 -05:00
Martin Chlumsky
6d59fec8a0 Map cloud-guest-utils to cloud-utils-growpart for Red Hat distros.
The package cloud-utils-growpart is missing from Red Hat based image
builds which means the root filesystems are not grown on instance
startup which means not much space for things like logs.

This patch maps the cloud-guest-utils package to cloud-utils-growpart.

Change-Id: I3c830a9f0fd21ca10238946721c0f75d01d3ddff
Story: 2008350
Task: 41252
2020-11-19 11:49:52 -05:00
Zuul
58bf439bda Merge "Fix setting None in tls_versions and tls_ciphers in pools" 2020-11-19 12:20:35 +00:00
Zuul
5160efef2d Merge "Add experimental amphorav2 jobs" 2020-11-19 11:25:03 +00:00
Zuul
30bbcdd3b2 Merge "Fix amphorav2 bytes error" 2020-11-19 11:24:57 +00:00
Zuul
3831c66315 Merge "Fix load balancers with failed amphora failover" 2020-11-19 06:00:22 +00:00
Zuul
bc8f281071 Merge "Handle listener not found during loadbalancer status update" 2020-11-18 18:30:37 +00:00
Gregory Thiemonge
8a207a7e03 Fix setting None in tls_versions and tls_ciphers in pools
Setting None in tls_versions and tls_ciphers should reset their value
to the default value

Story 2008367
Task 41276

Change-Id: I64a7072b2c4e1a12b5d908647f1eddcad7ec3b90
2020-11-18 15:18:42 +01:00
Andrew Karpow
7ad022379f Support deletion of all tags
Add support for removal of all tags by PUTing empty tags array.

Also moved assignment after initial session query for the
object in the listener update path.

Task: #41009
Story: #2008220

Change-Id: I7488f2fae61917f6d4a56cedd05bace7c5e2bc70
Signed-off-by: Andrew Karpow <andrew.karpow@sap.com>
2020-11-17 09:14:41 -05:00
Zuul
f96b0986cd Merge "Replace assertItemsEqual with assertCountEqual" 2020-11-17 03:27:04 +00:00
Brian Haley
57e7bd17bf Fix pep8 failures in gate
Some package must have moved forward recently, causing
the pep8 job to start failing.  Fix the issues since
they're all valid.

Also changed other messages using an exception string
to use str(e) to avoid any possible py3 issues.

Fixes the grenade job to properly build the test server.

Change-Id: I5c98c6d41cc4bce907e09dcb20ede3a9e7268b44
2020-11-12 16:46:36 -08:00
Brian Haley
17ae2625da Handle listener not found during loadbalancer status update
If a call to update loadbalancer status cannot find the
specified listener, the API server will throw an exception:

"Error while updating the load balancer status: 'NoneType'
 object has no attribute 'update'"

Change ListenerRepository.update() to check the DB query
returned a record, and if not, raise a NotFound exception
back to the caller.

Change-Id: I6693be3e2d2f0e34f19f07f55b0429f8fda317b2
Task: 41108
Story: 2008254
2020-11-12 12:29:30 -05:00
Guilherme Steinmüller
f96251c742 Fix load balancers with failed amphora failover
This patch is a complement of [1] which we ensure
a fresh lb object, but only for AmpListenersUpdate
class.

It was observed, at least on train and ussuri
deployments that multiple failed amphoras were still
happening when using session persistence.

That is fixed and failover works flawless with session
persistence when we also ensure a fresh lb object on
AmphoraIndexListenerUpdate class.

[1] https://review.opendev.org/#/c/756597/

Change-Id: I923accd73e0c9cadc91c115157c576432f428622
Story: 2008099
Task: 40802
2020-11-10 12:59:51 +00:00
Ann Taraday
9a6a90000f Add experimental amphorav2 jobs
The following jobs with default amphorav2 added as experimental:
* octavia-v2-dsvm-noop-api
* octavia-v2-dsvm-tls-barbican
* octavia-v2-dsvm-spare-pool
* octavia-v2-act-stdby-dsvm-scenario
* octavia-grenade
* octavia-v2-dsvm-cinder-amphora
* octavia-v2-dsvm-scenario-two-node

Note: octavia-grenade-amphorav2 will show valid result
with renamed alias amphorav2 -> amphora.

Change-Id: I03385d93575db4e44a72335c0af4fde490a93b0f
2020-11-03 09:02:09 +00:00
likui
fd4abac1d6 Replace assertItemsEqual with assertCountEqual
assertItemsEqual was removed from Python's unittest.TestCase in
Python 3.3 [1][2]. We have been able to use them since then, because
testtools required unittest2, which still included it. With testtools
removing Python 2.7 support [3][4], we will lose support for
assertItemsEqual, so we should switch to use assertCountEqual.

[1] - https://bugs.python.org/issue17866
[2] - https://hg.python.org/cpython/rev/d9921cb6e3cd
[3] - testing-cabal/testtools#286
[4] - testing-cabal/testtools#277

Change-Id: Id354d9e30b6fa6f4b72116a659d16a2fb8030c87
2020-11-02 08:59:39 +08:00
Zuul
198980639c Merge "Use run_flow for failover functions in v2 control worker" 2020-10-30 19:26:42 +00:00
Zuul
7f26a5d5b4 Merge "Stop install unnecessary packages when run tox -ereleasenotes" 2020-10-29 10:59:24 +00:00
Zuul
009af5b0d8 Merge "Correct a typo in the document" 2020-10-29 09:09:50 +00:00
Ann Taraday
a9a817e428 Use run_flow for failover functions in v2 control worker
Align failover_amphora and failover_loadbalancer to use
run_flow.

Also avoid NoneType error in logging of create_health_monitor.

Change-Id: I1b4c18d3bec5ff62adf48d3d751d553eb359ccbe
2020-10-27 08:48:55 +00:00
OpenStack Proposal Bot
71440bdbdb Imported Translations from Zanata
For more information about this automatic import see:
https://docs.openstack.org/i18n/latest/reviewing-translation-import.html

Change-Id: Ida42b240a1caec3805ce8148eb114a8c7d67db97
2020-10-15 08:19:40 +00:00
Zuul
8ea4d40281 Merge "Fix pool delete race on load balancer cascade delete" 2020-10-14 14:26:07 +00:00
Zuul
6c3fabc414 Merge "Remove unnecessary joinedload" 2020-10-14 12:07:32 +00:00
Carlos Goncalves
332791ee2b Fix pool delete race on load balancer cascade delete
In what appears to be a race condition, load balancer cascade delete can
fail while deleting numerous pools. The load balancer can still be
deleted with one or more follow-up cascade delete API calls but this is
suboptimal.

Per local testing, the ValueError exception is harmless so we can just
ignore it and continue the pool delete flow, with no orphan resources
left behind resulting from the exception skip.

Task: 41096
Story: 2008249

Change-Id: I9283d9804feb83a1d5a160da48da6146b19da88c
2020-10-13 13:37:27 +02:00
likui
ce6b563ee9 Stop install unnecessary packages when run tox -ereleasenotes
requirements.txt is unnecessary when run tox -e releasenotes,
releasenotes relative stuffs is in doc/requirements.txt

Change-Id: Ia6649ba95bdaa5d4c48f766bc8c1a87bab4f07b3
2020-10-12 13:52:58 +08:00
Ann Taraday
02dc98814b Fix amphorav2 bytes error
Fix Object of type 'bytes' is not JSON serializable
error while writing barbican tls data to persistence database.
Also fix _encrypt_listener_dict to encrypt dicts properly:
error - data must be bytes (HTTP 500)

Story: 2007877
Task: 40245

Change-Id: If69b5973e2a82c8e8d323a89eefb426a3986cd8f
2020-10-09 13:15:02 +04:00
Michael Johnson
4024536621 Fix PROXYV2 pools
There was a bug in the initial PROXYV2 patch that causes pools to
go into ERROR when using PROXYV2 protocol.
This patch corrects that issue.

Change-Id: If403a90ec27721ef63b6ae666fd77dfc9df0295e
Story: 2008237
Task: 41080
2020-10-08 17:11:48 -07:00
Michael Johnson
77dc23fc26 Fix load balancers with failed amphora failover
There was a bug in the load balancer failover code for the amphora
v1 driver where if there were multiple failed amphora, with session
persistence, could cause a load balancer failover to not complete.

Change-Id: Ia46a05ab9fdc97ed9be699e5b2ae90daca3ab9a2
Story: 2008099
Task: 40802
2020-10-07 16:02:19 -07:00