Add file to the reno documentation build to show release notes for
stable/wallaby.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/wallaby.
Sem-Ver: feature
Change-Id: Ia31fee0c458533918d5b4ac65366d7db1443d1be
Move the decision up one layer to the API controller.
The amphora driver should now just do as it is told.
Change-Id: Idb3ad20b8539bfdb788981a8634317257d83b238
Story: 2008731
Task: 42083
When using subnets with host_routes in amphorav2, the host_routes
attribute in the Subnet data structure was not correctly converted to a
HostRoute data structure. It triggered exceptions and failed to
provision the load balancer.
Story 2008738
Task 42092
Change-Id: I39391070cea170a6039f901093f09fc89ba06123
Fix for the issue that an amphorav2 LB cannot be reached after
loadbalancer failover. The LB security group was not set in the
amphora port.
Fixed the v2 variant of UpdateVIPSecurityGroup to actually return the
security group id (v1 already did).
The flow created in get_failover_LB_flow uses UpdateVIPSecurityGroup
which is supposed to provide VIP_SG_ID, which is later needed in
get_amphora_for_lb_failover_subflow as a requirement for
CreateVIPBasePort.
Story: 2008735
Task: 42087
Change-Id: I1bb334ef0c11a79038b21a873a6675d76b0fbefc
The healthcheck endpoint should cache results to reduce the potential load on the backend systems being tested.
This patch adds the caching and a configuration setting for the interval
between cache refreshes.
Change-Id: Ic97a991437144f3a220d9b96839cec5b63565f8c
Story: 2008203
Task: 40987
When provider drivers registered a load balancer object delete,
the driver agent was not decrementing the project quota.
This patch corrects that by decrementing the proper quota
when a DELETED status is received from the provider driver.
Change-Id: I7d705c9f4f0217c6fbe332f45b15892bf1d4a90b
Story: 2008268
Task: 41133
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:
1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.
2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.
[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
Change-Id: I8b78c7b640ab18ddfc809cb4603decc739d494d1
The disk image create tool can now build aarch64/arm64 amphora images.
The devstack plugin will facilitate image builds and upload to Glance
for this CPU architecture.
Change-Id: I1cebd8a3da58dc56ebbfac22f7802ab7f52585e1
The two tested Linux distributions for Wallaby release (Ubuntu 20.04 and
CentOS 8) [1] provide a recent enough HAProxy version (>=2.0) that allow
us to add HTTP/2 to the default ALPN protocols list for listeners and
pools.
[1] https://governance.openstack.org/tc/reference/runtimes/wallaby.html
Change-Id: I998bea5e7bcdc28962f2f393e204791a0b519910
The grenade job resource.sh script is waiting for the created object
status but not the overall load balancer status to go ACTIVE.
This can lead to the script failing with a 409 error.
This patch adds a check for the load balancer to be unlocked before
advancing to the next create call.
Change-Id: I6505243ddbf1eab7d110e9bfa03bffda840f07ae
When a load balancer failover was performed on a load balancer where
the VIP address is on a subnet that has no IP addresses available,
the VIP address may be deactivated.
This patch corrects the failover flow to not deallocate the VIP
address on a failover revert flow due to the subnet being out of
IP addresses.
Story: 2008625
Task: 41827
Change-Id: I1fe342d2bdf1301dd89ab7dfaa8e6a23e69c252b
An issue has been observed several times when amphora VM failed
to get, although its creation was successful.
Add retry to avoid stop loadbalancer creation.
Change-Id: Ic94d226ad6e25323b94bc85f3ad847937b3be218
Story: 2007637
Task: 39690
The default value for timeout parameters in the BaseListenerType was
not correctly set because the class was defined before reading the
config file.
Story 2008666
Task 41953
Change-Id: Ia4aa2047a79ad6fc3e33c7ebe2da9438914f7a88
pylint 2.7.0 added additional checks for inconsistent-return-statements:
- inconsistent-return-statements message is now emitted if one of
try/except statement is not returning explicitly while the other do.
Change-Id: I196e13996ce4bce93d9a8eed87f6c3cb8ef3cea1
Also removed a block of shell code in install-ubuntu.rst,
because the block triggered an error in the doc job and it was unused.
Change-Id: I41033e8cd9710a91b9502db11577b1f1cb85fa46
The health manager displayed some incorrect statistics about failed
failovers, they were marked as "successfully completed failovers".
The exception from the failover_amphora function was not reraised when
called from health-manager, now the exception is reraised, allowing the
health-manager to compute correct statistics.
Story 2008636
Task 41876
Change-Id: Icb1430a3709566796e39fbfa962c2541c504b9ae
There was a bug that would cause a pool to go into ERROR if you attempted
to update the CRL or client certificate on the pool.
Change-Id: I736816247131715f5c385b4680614ec3218a2ad7
Story: 2008295
Task: 41180
{admin,tenant}_log_targets options are configured with
MGMT_PORT_IP in devstack, which contains the IP address
of the local management interface. In multinode setup,
it means that the second node should run a rsyslog
service to receive logs from amphorae that have been
spawned by its worker.
Change-Id: If2841720009c2e402127e2e0080efdd56b68f6c9
The secure RBAC work requires the of oslo.policy's scope_types argument,
which was made available in 1.32.0. This commit updates to version 2.1.0
so that we're using something more relevant.
Required oslo.context bump.
Change-Id: I48e8882f629886d1b8abadff6e60aad91d1169c7
This allows us to use the Wallaby release marker in versionutils for
deprecations.
Required some other bumps to satisfy lower-constraints.
Change-Id: I3c2be8a5189dcda24c42ed7ab4d8fa33a03c5d3e
NetworkManager in Centos images configures new network devices as soon
as they appear in the default namespace, it means that we might have
conflicts between the management interface's routes and address and the
new VIP or member interfaces' routes and addresses during a small period
of time before they are moved to the amphora-haproxy namespace.
Now, the "no-auto-default=*" option is enabled in NetworkManager, it
disables the configuration of new interfaces, while the management
interface is still enabled/configured through cloud-init.
Story 2008599
Task 41773
Change-Id: I6dd8e99b07ff557674871cb503dece96a9df3ada
Some IPv6 UDP members were incorrectly marked in ERROR status because of
a formatting issue between the keepalived configuration file and the
ipvsadm output. Both are used to compute the state of the members and
when a member's address contained '*:0:*', parsing was incorrect. Now
the health message generation function uses only the compressed IPv6
notation instead of mixing notations.
Story: 2008604
Task: 41783
Change-Id: I2fe94cd4c000f143c59c69e82d03c690acf5e0c3
The user can set flavor_id and provider, but the provider of the flavor
profiles must match the provider parameter.
Change-Id: I6453c177408e6d9db46317e3b3de26df3e44671c
Add SCTP support in the Amphora (with keepalived).
Add amphora-health-checker script for customized SCTP health checks
(INIT/INIT-ACK/ABORT).
Change-Id: I30997ae6cc6b8ec724f0e9dcfdfe49356b320ff4
Story: 2007884
Task: 40932
