Setting nf_conntrack_buckets in the amphora namespace fails because this
sysctl can only be set in the initial namespace (cf kernel doc at
https://www.kernel.org/doc/Documentation/networking/nf_conntrack-sysctl.txt)
This commit allows to set nf_conntrack_buckets in the initial namespace,
the value is then inherited by other namespaces.
Conntrack is not enabled in the main namespace, the new default value
doesn't affect this namespace behavior.
Story: 2008028
Task: 40682
Change-Id: Ie6ccc4bf0017587df8e8e29d8ee3bf5c19e6d615
With the addition of many new test permutations, the grenade job
is taking more time to run.
Previously grenade ran one smoke test to test basic traffic.
This patch updated the grenade job to run the basic http traffic
test.
This patch also restores the grenade job to voting status.
Change-Id: Ic0446994ffac130c632624a37482393f00fe8714
The move to focal for the tox jobs has raised issues with package
versions supporting python 3.8.
This patch bumps the version for the following packages:
PyMySQL==0.8.0
pyroute2==0.5.13
SQLAlchemy==1.2.19
cffi==1.14.0
cryptography==3.0
pyOpenSSL==19.1.0
oslo.db==8.30
oslo.messaging==12.4.0
This patch makes the grenade job non-voting as there is a chain
of gate fix patches required to fully fix all of the issues.
Change-Id: I95cc182a2dbcb2ea872e822ce9372bf5d7df63bd
Previously the stats driver was responsible for parsing the health
message, which should have been done prior to passing the stats to the
driver interface.
Removed the driver interface for the health updater because it is core
Octavia functionality.
Stats drivers is now a singleton and can load multiple drivers.
Both the amphora health manager AND provider statistics should use the
new driver interface.
Co-Authored-By: Stephanie Djajadi <stephanie.djajadi@gmail.com>
Co-Authored-By: Adam Harwell <flux.adam@gmail.com>
Change-Id: I3a013aebd1eb89cd4f983fbf4f8ae8d6639548cd
Use of the spares pool was originally recommended to increase provisioning
speed, but since Nova's server groups do not support adding existing VMs,
Octavia cannot support use of the spares pool with the Active-Standby
topology. Since this is our recommended topology for production deployments,
and speed is less essential in development/testing environments (the
only place we could recommend the use of Single topology), the overhead of
maintaining spares pool support exceeds its theoretical usefulness.
Change-Id: I7375e9758c7ae80e2370189117e8e63c79446490
This patch adds support for the proxy protocol v2 on pools.
Depends-On: https://review.opendev.org/747296
Change-Id: Ic112c5e71ee9b6433b307fdf27059f217ba4136e
Story: 2005611
Task: 30858
Oslo policy is deprecating[1] the JSON file format for oslo policy
files.
This patch adds an upgrade check that includes a warning if a JSON
policy file is being used with Octavia.
[1] https://review.opendev.org/733650
Depends-On: https://review.opendev.org/733650
Change-Id: I293a30ddef77c09808a204c87a594a91bb6992da
Added checks if amphorav2 provider enabled - persistence backend
and jobboard backend configured properly.
Also small fix of parameter name in ZookeeperTaskFlowDriver.
Change-Id: I9342801bbbc7ec2c99e8698504a2b4c28bc00526
This patch adds an amphora delete API. It can be used to delete
extra "spare" amphora after the feature has been disabled.
A followup patch will be required for the amphorav2 path as the
amphorav2 failover patch, which is required for the amphora delete
flow, has not yet merged.
Story: 2008014
Task: 40666
Change-Id: I32b6561c78c153a4b7e73b1a4b83e045fbe97fb6
This patch adds 'amp_image_tag' to the supported capabilities of the
amphora provider driver. One use case where operators could find this
relevant is on multi CPU architecture clouds.
Task: 40156
Story: 2007854
Change-Id: Id4141e820a8b34e379a8f60b53fc183680c55c79
With this image driver interface, we align our codebase with other
existing driver interfaces like compute, network and volume.
This interface also allows the amphora provider driver to check for
existence of tagged images at API level (e.g. amphora image tag
capability in Octavia flavors).
Change-Id: Id808c082808fafe1a1e004957ff47eca57f97ee8
HTTP/2 requires HAProxy 2.0 or newer in amphora images. The operating
system versions in test as of today (Ubuntu Bionic and CentOS 8) do not
provide HAProxy 2.x in their official repositories. For this reason, the
default listener ALPN protocol list remains unchanged, defaulting to
ALPN protocol IDs "http/1.1" and "http/1.0".
Change-Id: Id29d0d2cd5ab1ae3c7d26194a235af25c2271d62
This patch will update the amphora v2 code for the failover refactor[1].
[1] https://review.opendev.org/705317
Change-Id: I43803d0b750e8ca4722ababe296f2725148da405
The Octavia API sort function was not working correctly for some
columns that have different names in the API vs the data model.
This patch also handles the case where a column may be a compound
object in the data model, such as vip_address->vip.ip_address.
Change-Id: I0c124e80fec2ac9ad813e78df6ad25da6b8e9668
Story: 2007991
Task: 40626
The switch to live drivers ease greenfield deployments by not requiring
deployers to explicitly set live drivers. The switch also helps
deployers identify production-ready from experimental drivers.
Experimental features like volume and distributor remain defaulted to
their noop drivers.
This patch also fixes some tests that were not mocked properly.
Change-Id: I1e4e3c4f0e4142fa0d0d1ac895b10e2349d79c20
ALPN is a TLS extension for application-layer protocol negotiation
within the TLS handshake [1].
This patch extends the Listener API to include a new 'alpn_protocols'
parameter. With this parameter, users can set an ALPN preference list
(descending order of preference).
Presently, the amphora provider driver is limited to http/1.0 and
http/1.1 ALPN protocol IDs. Support for "h2" (HTTP/2 over TLS) depends
on HAProxy 2.0 or newer.
[1] https://tools.ietf.org/html/rfc7301
Change-Id: If08a8169498cdfaa75440e8971ba0caff45ac4c4
When adding a new UDP member or a UDP-CONNECT health-monitor to a UDP
pool, there can be a race condition in the first heartbeat message
sent to the health-manager service.
This message might contain a DOWN status for a working member that
hasn't been checked yet.
This commit introduces a new member status between the amphora-agent and
the health-manager: it indicates that the UDP pool has been updated and
that the status of a member is a transitional state, preventing an
incorrect ERROR status.
Story: 2007792
Task: 40042
Change-Id: Id9e19375ebca6a720e6a85006f5e8948d3aed760
This new diskimage-builder element installs octavia-lib from Git for
source install type image builds rather than from released versions.
To mention some advantages:
1. allow custom octavia-lib versions (useful for development)
2. test unreleased octavia-lib changes in CI
3. install latest changes from master and stable branches
(aligns with approach taken with amphora-agent)
Branch checkout to stable/* from master for octavia-lib DIB element will
be automated on branch create. See https://review.opendev.org/#/c/745877
Change-Id: I6d87b6bd25c536b2bed1994427cd933bdcc091d6
DIB reduced the size of CentOS minimal images to the point CentOS-based
amphora images fit back in the default 2 GB disk.
Change-Id: Icd3ff0162def1820940d49e36308fc976bfde364
