4150 Commits

Author SHA1 Message Date
Evgeniy Bykov
3af5401b81 Fix loadbalancer stuck in cascade delete
- Fix loadbalancer stuck in PENDING_DELETE in cascade delete
with TERMINATED_HTTPS listener if TLS storage not available

Closes-Bug: #2077348
Change-Id: Iae2b075de5412bb183db6a21f7f8376801853e00
Signed-off-by: Evgeniy Bykov <chypakabre@gmail.com>
(cherry picked from commit ec9a50599012b99deaf8bb26683fedcd381db1a6)
2024-09-06 08:42:58 +00:00
Gregory Thiemonge
b61c340b09 Add check for duplicate members in batch update
If a user requests a batch update of the members and includes the same
member twice in the body of the request, taskflow triggers an exception
(because of a duplicate Atom) and the load balancer is stuck in
PENDING_UPDATE. Now the API denies such calls and returns a
ValidationException if a member is updated more than once in the same
call.

Story 2010399
Task 46777

Change-Id: Ide2d5e637e5feb2dad43f952d5be1a195da1ae37
(cherry picked from commit d7b090702523cb07ae4aed0338f9e80fe30791a6)
2024-06-06 11:51:32 +02:00
Zuul
ab7712ede5 Merge "Fix listener update when using SRIOV VIP" into stable/2024.1 2024-06-05 17:36:18 +00:00
Zuul
b8053b207e Merge "Removing tips jobs on stable/2024.1" into stable/2024.1 2024-05-22 20:15:36 +00:00
Michael Johnson
c704267c53 Fix listener update when using SRIOV VIP
The previous patch[1] that added a check for Amphora status missed
adding a task that generates the Amphora status information when a
listener is updated.
This patch corrects that by adding the AmphoraeGetConnectivityStatus
task to the firewall rules subflow.

[1] https://review.opendev.org/c/openstack/octavia/+/912599

Change-Id: I325de85b03080db646da847b58c15c3fbbdc6be2
(cherry picked from commit 70f15c54d29d085c6ea4753ac66ee2195c427078)
2024-05-15 18:36:10 +00:00
Gregory Thiemonge
b370e46c18 Pin pylint on 2024.1
new pylint release introduces new checkers.
the policy in Octavia is to pin linters on stable branches.

Change-Id: Ie069ca415e8ff8eab2c9bb3db439a950751d8854
2024-05-15 14:27:26 +02:00
Gregory Thiemonge
32df431444 Removing tips jobs on stable/2024.1
tips jobs are not required on stable branches.

Change-Id: I28d552313f01265169f5b0d19e79a931cf42dc58
2024-05-03 14:33:05 +02:00
Gregory Thiemonge
8d1998299f Fix fully-populated API with allowed_cidrs
When creating a LB + a listener with an allowed_cidr with the
fully-populated API, an issue happened when Octavia validated that the
allowed_cidrs and the VIP ip address have the same IP version. The
vip.ip_address value was not updated in the load balancer object,
forcing the expiration of the DB object before entering _graph_create
fixes this issue.

Note: there's no change in the tests, the test function for this feature
exists, looks correct, and passes successfully, the bug is only
reproducible in octavia-api.

Closes-Bug: 2057751
Change-Id: Ia106d81c1b2588e5d938d2238c8a2f6660bf5ef1
(cherry picked from commit 5d9b23c6021ad961fafc17866c6b8ea50f2dc824)
2024-04-19 11:57:33 +00:00
Zuul
fb7b56048d Merge "Update TOX_CONSTRAINTS_FILE for stable/2024.1" into stable/2024.1 2024-04-18 17:29:44 +00:00
Zuul
186a493551 Merge "Handle empty delay on update healthmonitor" into stable/2024.1 2024-04-16 12:02:34 +00:00
Sergey Kraynev
1945df32d7 Fix negative or 0 limit parameter in pagination
Octavia replace "limit" with None when it is less 1. (for example 0, -1)
However the further code failed to compare None and int values.
This patch fixes it by validation, that limit is None.

Co-Authored-By: Roman Goncharov <gadzhet007@gmail.com>

Closes-Bug: #2060917
Change-Id: I9bb45a1aca6b7b18644752a3dccc3ebfb7c106ef
(cherry picked from commit 85cfb6c2ae974d110712b5ea673cdafcfecb9e69)
2024-04-13 12:55:38 +00:00
Sergey Kraynev
8b4e9e7314 Handle empty delay on update healthmonitor
Check that delay field is not UnsetType before further validation

Closes-Bug: #2059894
Change-Id: Ia853d43dc273019c76da09104f31aa7e1b154fec
(cherry picked from commit 824b51a1dad80292b7a8ad5d61bf3ce706b1fb29)
2024-04-11 19:05:06 +00:00
6b11062d38 Update TOX_CONSTRAINTS_FILE for stable/2024.1
Update the URL to the upper-constraints file to point to the redirect
rule on releases.openstack.org so that anyone working on this branch
will switch to the correct upper-constraints list automatically when
the requirements repository branches.

Until the requirements repository has as stable/2024.1 branch, tests will
continue to use the upper-constraints list on master.

Change-Id: I85ed3a39421a298e7dc08d88f047e537af0f0b78
2024-03-14 19:54:07 +00:00
894023ec95 Update .gitreview for stable/2024.1
Change-Id: Ie206b0bc62039298942a7028e3f5a6d3a04eb4a7
2024-03-14 19:54:05 +00:00
Zuul
9f1a6e47d7 Merge "dib: Remove Ubuntu Forcal support" 14.0.0.0rc1 14.0.0 2024-03-14 06:54:53 +00:00
Zuul
6b4975f5b2 Merge "dib: Remove remaining logic for CentOS/RHEL 8" 2024-03-14 06:28:05 +00:00
Takashi Kajinami
4342c31ae2 dib: Remove Ubuntu Forcal support
Ubuntu Focal is no longer part of the tested environments, because of
newer LTS available now (Jammy).

Change-Id: I7a6df974762abdd94784416609304618ce702b6e
2024-03-13 12:16:59 +09:00
Takashi Kajinami
02a2195e54 dib: Remove remaining logic for CentOS/RHEL 8
... because CentOS 8 and RHEL 8 is no longer supported.

Change-Id: I90e5b85827a324c0a258fd30cf94b3e8ac8c841f
2024-03-13 12:14:36 +09:00
Michael Johnson
411e7c6dbc Check Amphora status on SR-IOV failover flows
As noted on an earlier patch[1], the "SetAmphoraFirewallRules" task was not
checking the Amphora status nor using an API timeout. This could cause failover
flows to take longer than necessary if one of the Amphora is missing.

This patch corrects that issue by honoring both the Amphora status and timeout.

[1] https://review.opendev.org/c/openstack/octavia/+/910101/13/octavia/controller/worker/v2/flows/amphora_flows.py

Change-Id: Ic5e8140b13164267236f0a5d9a48fbd84bcdd688
2024-03-12 17:12:25 +00:00
Zuul
ffc6f83f07 Merge "Add --wait to Octavia cookbook" 2024-03-11 16:54:36 +00:00
Zuul
2abab95fa0 Merge "Fix neutron setting overrides" 2024-03-11 16:47:28 +00:00
Omer
6cc3e50a74 Add --wait to Octavia cookbook
So far we did not mention the --wait argument when we created Octavia
resources in the cookbook.

This argument will save the user some (loadbalancer show) API calls,
so one won't have to make sure the Octavia resources are ready every
now and then.

Change-Id: If066e420a7ada869f67fbea29c50dc896f8a72ea
2024-03-11 16:20:51 +00:00
Zuul
00e9eac7eb Merge "Use devstack helper functions in the plugin" 2024-03-08 20:05:08 +00:00
Zuul
ef28b2e629 Merge "Drop direct execution of octavia/cmd/*.py" 2024-03-08 19:37:35 +00:00
Zuul
2b8af0dc62 Merge "When we failed to load pkcs12 cert print warning" 2024-03-08 14:11:17 +00:00
Zuul
46ce3ef2d0 Merge "Add release note about redis jobboard driver updates" 2024-03-08 14:11:15 +00:00
Zuul
91ee3d7c86 Merge "redis: Support multiple sentinel servers" 2024-03-08 14:11:14 +00:00
Zuul
a26c452f6f Merge "fix: specify endpoint info. for neutron client" 2024-03-08 09:14:52 +00:00
Zuul
c85bdad24d Merge "redis: Add username" 2024-03-08 08:13:44 +00:00
Takashi Kajinami
b7c293656b Add release note about redis jobboard driver updates
This adds a release note to explain updates made recently in redis
jobboard driver[1][2].

[1] 16f6b2e8f65e12ba3bc51529d4a8a828ea2b8b16
[2] bd3ef61a0c0042fb4198ea7746e567ae3ca8a17a

Change-Id: I6c43a0a810f01632696f254a31e9a17c2f2cd73d
2024-03-07 16:45:07 +00:00
Zuul
188ed9c46b Merge "Fix duplicate tasks in SRIOV LB Create flow" 2024-03-07 16:21:44 +00:00
Zuul
6b0ca25696 Merge "Add additional-vips to the feature matrix" 2024-03-07 11:30:47 +00:00
Zuul
edfc9803f5 Merge "reno: Update master for unmaintained/victoria" 2024-03-06 09:09:49 +00:00
Zuul
dc168aee83 Merge "reno: Update master for unmaintained/xena" 2024-03-06 08:47:57 +00:00
5179cc3a2e reno: Update master for unmaintained/xena
Update the xena release notes configuration to build from
unmaintained/xena.

Change-Id: I611b21c6a03b01c8dff364b223da324d6e2fb1ac
2024-03-05 18:59:44 +00:00
1d411539bb reno: Update master for unmaintained/wallaby
Update the wallaby release notes configuration to build from
unmaintained/wallaby.

Change-Id: If0336f59e8aa68298cd3efb9b8ee2dd391b90387
2024-03-05 18:58:35 +00:00
959297dba0 reno: Update master for unmaintained/victoria
Update the victoria release notes configuration to build from
unmaintained/victoria.

Change-Id: I1e830e9c06f87125835afe2115d6b32a84fc2b80
2024-03-05 18:57:25 +00:00
Michael Johnson
c88922315e Fix duplicate tasks in SRIOV LB Create flow
There was a mistake in the load balancer create flow where duplicate
tasks were added to the flow when an SRIOV VIP was used. This patch corrects
that by removing the duplicate tasks.

Change-Id: Id3dce30639cce6724d41fd2ccd53612384eba87f
2024-02-29 18:54:49 +00:00
Takashi Kajinami
bd3ef61a0c redis: Support multiple sentinel servers
Redis Sentinel client implementation support using multiple sentinel
servers for redundancy, but only a single server from the servers list
was passed down to it.

This uses the new taskflow interface to add fallback servers, and
register the remaining servers in the list as fallbacks.

Depends-on: https://review.opendev.org/c/openstack/taskflow/+/907674
Change-Id: I6b281d2520db0048329b12b33108273ba2f96534
2024-02-29 16:57:57 +00:00
Takashi Kajinami
16f6b2e8f6 redis: Add username
Redis introduced ACL feature in 4.0.0, and this feature is supported by
redis-py since 3.4.0[1]. When ACL is enabled, authentication requires
username in addition to password.

Also this removes the default password string because it can confuse
underlying libraries in case a more strict check such as 'is None' is
implemented there.

[1] 8df8cd54d1

Depends-on: https://review.opendev.org/c/openstack/taskflow/+/907667
Change-Id: Ie85589ab4e02046f54864a10b9b8adce6996d82a
2024-03-01 01:57:35 +09:00
Zuul
115b18effd Merge "Enable nftables rules for SR-IOV VIPs" 2024-02-29 09:45:29 +00:00
Zuul
346e65cfee Merge "Add nftables support for SR-IOV VIPs" 2024-02-29 09:28:17 +00:00
Zuul
9973874afb Merge "Add support for SR-IOV ports in Octavia" 2024-02-29 09:01:03 +00:00
Michael Johnson
fc37d8303d Enable nftables rules for SR-IOV VIPs
This patch enables setting the nftables rules in Amphora using SR-IOV VIPs.

Change-Id: I554aac422371abafb4bb04e2d0df3fce3fa169d4
2024-02-28 17:07:05 +00:00
Michael Johnson
d83999f4ed Add nftables support for SR-IOV VIPs
This patch adds the initial nftables support in the amphora for SR-IOV
VIPs. Followup patches will add rules to the nftables chain. As this
point in the patch chain, SR-IOV VIPs will not pass any traffic.

Change-Id: Ib2a1c3f49a26690d2e0e9c7330e047748c0b5105
2024-02-28 16:00:12 +00:00
Michael Johnson
75c1bdd104 Add support for SR-IOV ports in Octavia
Change-Id: I16622add64076370dad85620043f71077bc9acbb
2024-02-28 15:56:35 +00:00
Zuul
3acb24ee9a Merge "Cap hacking" 2024-02-28 06:00:41 +00:00
Zuul
b2f3f77d9e Merge "Honor connection_recycle_timeout in MysqlPersistenceDriver" 2024-02-28 05:27:01 +00:00
Zuul
3f4eddc5cc Merge "Add h2 section to Octavia cookbook" 2024-02-27 16:12:23 +00:00
Michael Johnson
ffc9d83197 Remove some unused code
These methods and tasks are no longer used in the code, so this patch proposes
to remove them.

Change-Id: Ic7813d3a9073e4b3c1bc6a7839242df34a16d348
2024-02-27 03:50:47 +00:00