This patch converts the member flows to use the provider driver
data model.
It also stops storing sqlalchemy models in the flow storage in
preparation for enabling jobboard.
Change-Id: Ic15e4311ce244e71b65069359c6c08e49f6b8d00
Story: 2005072
Task: 30810
This patch converts the listener flows to use the provider driver
data model.
It also stops storing sqlalchemy models in the flow storage in
preparation for enabling jobboard.
Change-Id: Ic44019b8877f008e6d7a75ceed1b7fd958e051d0
Story: 2005072
Task: 30808
Use taskflow retry for connectivity wait. [1]
This reqired for redis jobboard implementation as each retry expand
claim for job on worker. This means that worker is proccesing job and
it should not be released for other workers to work on it.
Adopted for v2 flows.
[1] - https://docs.openstack.org/taskflow/latest/user/atoms.html#retry
Story: 2005072
Task: 33477
Change-Id: I2cf241ea965ad56ed70ebde83632ab855f5d859e
API update calls were blocked if the load balancer had a TLS
terminated listener that the secret has been removed from barbican.
This patch corrects this problem allowing users to update the
certificate reference.
Change-Id: I96908e6cbdb523f95298aff463a749d15e98e1ad
Story: 2006676
Task: 37322
RHEL8 and Centos8 refuse to load certificates generated with a 1024-bits
key because of new security policies. Increasing key size to 2048-bits
fixes certificate generation scripts for these distributions.
Story 2006944
Task 37623
Change-Id: I6d5d39c4cf87ac687355f80ca591c1a611f46f41
Adds the ability for admins to create/manage availability_zones
and profiles for use with upcoming functionality. Works like flavors.
Depends-On: https://review.opendev.org/#/c/694057/
Change-Id: I468d9fdf8c9d0898f9e30f04ac233510a10a53fc
The image building process adds some unnecessary network interface
configuration files to /etc/network/interfaces.d. This element cleans those
out as they are not needed because cloud-init will create the required
configuration file.
Change-Id: If5fbfc34ff0e91608f402811aa2b78c9cbcb00ec
When filtering API calls using tags along with other filter parameters
the API could fail with an "Entity has no property" errors.
Also when filtering with tags that contain a comma separated list,
the API would mis-interpret the list of tags as a single string.
This patch resolves both of these issues and adds functional test
coverage for these use cases.
Change-Id: I7153ed9a6214ce352b2ac115001f7f6134d95b39
Story: 2006914
Task: 37559
Currently the API allows an operator to delete a flavor even when it
is in use by a load balancer. This patch corrects this by blocking
the deletion of a flavor that is currently in use by a load balancer.
It also correctly handles load balancers in the "DELETED"
provisioning_status.
Change-Id: Ie6d4f74e36c2fb7cee4e0ff1e198602c5d8394cc
Story: 2006782
Task: 37307
The provided etc/octavia.conf file is typically installed by system
packages. It is important to set correct configuration option names and
default values even when commented out.
Task: 37525
Story: 2006891
Change-Id: Ia9da64d76e31422464af9d24b675094f25350f48
The "Show Provider Flavor Capabilities" would silently ignore
filtering parameters passed into the API. This patch corrects this
such that you can filter the providers capabilities list.
Change-Id: I9a2aa4ed5b4ef60545c60a6d5bd06066ef361a56
Story: 2006817
Task: 37377
There is a potential race condition in the start order for the
amphora-agent service and the certs-ramfs service.
This patch configures an explict ordering for the services.
Change-Id: I8e449b19af72d72f6effd52e0a2debb5754a19b3
Story: 2006823
Task: 37396
Currently the keepalivedlvs_query script calls ipvsadm -Ln --stats
to query the local lvs for connection information. If any of these
values grow large enough they will be abbreviated with human-
friendly suffixes (K, M, G) and cause the get_ipvsadm_info func
to raise an exception when it receives a non-integer value from
its command output. By using the --exact argument in addition to
the existing arguments, we can ensure the output is always expanded
numbers, per the ipvsadm man page, and will only ever offer integer
outputs to the get_ipvsadm_info command.
Change-Id: I2e8c0be2221c0c23b752fdf2cdff065cddf830a5
Story: 2006791
Task: 37331
The single process patch changed the way listeners and load balancers
are deployed inside the amphora. This caused listeners with SNI
enabled to load all of the certificates for all of the TLS enabled
listeners on a load balancer.
This patch corrects that by configuring each listener with a
specific list of certificates.
Change-Id: I2f3c7ab4137dbd84d77a6a6b675975af406249d0
Story: 2006758
Task: 37252
Fix an issue that prevents graceful shutdown of controller workers.
cotyledon.Service.terminate function is by definition the graceful
termination function and doesn't have any 'graceful' optional boolean
argument (https://cotyledon.readthedocs.io/en/latest/api.html).
Because of this error, message_listener.wait() was never called in the
consumers' termination functions, so flows could be interrupted before
completion and could leave resources such as load balancer in a
PENDING_* provisioning state.
By default cotyledon.Service terminates the server after a timeout if
the worker could not shutdown itself gracefully. The default value
for the timeout is 300 seconds (set in devstack plugin) and can be
overriden using the graceful_shutdown_timeout setting in octavia.conf
The default value will be updated to a lower value when work on
persistant taskflow will be merged.
Story: 2006603
Task: 36770
Change-Id: I3f776bd018246897c9a889699a2d0ecbbfbb7098
If the list of changes was empty, the worker would fail to fetch the
pool because it was retrieved implicitly from one of the changed
members. Pass it explicitly instead, and also short-circuit on NOOPs.
Story: 2006719
Task: 37090
Depends-On: https://review.opendev.org/#/c/688546/
Change-Id: I161a522abad4a2aa521ea46cb1065c5b05a2cd2e
Mocks were done slightly incorrectly for pyroute2, correct this and add
a missing mock for os.path.isfile since it only coincidentally worked.
Change-Id: Id178784ebb4a9da348d295201fd6aa715c5b4abe
This allows the Octavia devstack plugin to use IPv6 for the service
endpoint as well as for the lb-mgmt-net.
Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Change-Id: I87917440565ea953ec0d762a7e219d912c56c418
Previously, if a secret became unavailable in barbican, the user saw
a generic error raised from the barbican client and was unable to delete
load balancer resources. This patch corrects both of those issues.
Change-Id: I97bd1b2a97a44d0a0566ae56167fa4f2e503ee2d
Story: 2006676
Task: 37012
Task: 37077