In order to support Python 3.7, pylint has to be updated to 2.0.0
minimum. Newer versions of Pylint enforce additional checkers which can
be addressed with some code refactoring rather than silently ignoring
them in pylintrc; except useless-object-inheritance which is required to
be silented so that we stay compatible with Python 2.x.
Story: 2004073
Task: 27434
Change-Id: I52301d763797d619f195bd8a1c32bc47f1e68420
This patch adds a new flavor capability to the amphora driver called
'compute_flavor'. This allows an amphora flavor to specify a compute
(nova) flavor to be used for the load balancer instances.
Change-Id: I8626eebd906c935a47d3e3510d1dfefae307c4e9
Operators want to have the ability to see amphora flavor information.
But they haven't access permisson of octavia configuration file. So
it is necessary to show amphora flavor information as part of command
'openstack loadbalancer amphora list/show'.
Story: 2002896
Task: 22986
Change-Id: Ib3ca05d816747d08ef7055ec532b81746468cbf9
Replace calls to the nova client with calls to the compute driver.
This will help non vm efforts (e.g. zune) and also make the code
easier to break up later.
Change-Id: I7ee175c5ecb98af0ca5e299c2ac10e43eb40ed30
This also fix build-openstack-sphinx-docs, there was a change introduced
in sphinx 1.6.6:
https://github.com/sphinx-doc/sphinx/pull/4335/files
If the size of __init__.py is less than 2, then the module would be
skipped which will cause the sphinx consistency checking failing later.
Change-Id: I9d8764b6e907aceed8bb8a9b04711145d0eb32ad
There was an edge case where if we were not able to extract nova interface
information our code that extracts the nova fault information would be
bypassed. This patch moves the fault extraction to a point where it will
be able to capture the fault string even if it was network interface
related.
Change-Id: Ia46522524e80022cd528e4902585213b1de42a44
This will enable a number of possible features that need to select
amphorae based on their availability zone.
This would allow for quick-lookups on large lists and could be stale,
but it would be expected that future code that uses this would check
with nova for an update if it needs fully accurate data.
Having it be explicitly "cached" should take care of concerns about
users (operators, in this case) being confused about correctness.
Using simply the word "zone" should address concerns about commonality
between compute providers.
Change-Id: I8e26f99bca3496a454ba7bae2570f517e07d5fc2
Story: 2001221
Task: 5732
This patch updates the Octavia documentation in support of the
OpenStack documentation migration[1].
[1] https://specs.openstack.org/openstack/docs-specs/specs \
/pike/os-manuals-migration.html
Change-Id: I97fd038b8050bfe776c3fca8336d9090f8236362
Depends-On: Ia750cb049c0f53a234ea70ce1f2bbbb7a2aa9454
Octavia was not exposing the underlying compute driver exception
information to the operator in the octavia logs. This meant debugging
required examining the compute service logs.
This patch will pass through the fault message provided by the compute
driver in the exceptions raised and clarify in the logs when the
nova driver caused the failure.
Change-Id: If54656c635aac907d78b387a9b191320385d9852
Closes-Bug: #1658900
Some nova deployments automatically select their networks on boot.
We can allow for this by assuming there will be some default network if
the amp_boot_network_list is empty.
Change-Id: I38ccfb45afb93795860c12efaf5a32f9bd1689fd
Remove unneeded import_group lines which are not doing anything and just makes
code harder to understand.
Change-Id: I673dd04dd31ae9771e6af982d184eee0e9cbf2d4
Change methods used in backend to authenticate with keystone.
Use autodetection mechanizm for API version and refactor config
options specified in Octavia.
Change-Id: Id0deee2714040d271f43a537c27f410e2f4e3ef2
Closes-Bug: #1620668
Closes-Bug: #1618691
This patch adds an optional configuration setting that allows an
operator to restrict the amphora glance image selection to a specific
owner id. This is a recommended security setting for clouds that
allow user uploadable images.
Change-Id: I73347b5b3e868d13974cd6ca6bada9cdf75773fe
Closes-Bug: #1620629
_extract_amp_image_id_by_tag should always return the last created
image_id, with the amp_image_tag ("amphora" by default), but it won't.
For the sort='created_at' to work, we should use 'desc' as sorting
direction and take the first element from the images list.
In addition, we now limit the length of the returned images list to 2.
The reason is that we don't need the whole list in order to warn the
system administrator that more than one image has the amp_image_tag.
Closes-Bug #1618921
Change-Id: Ic36213962cf38b032c2d1d8a2ee4abebab3dd82f
Currently the amp_network is a stringOpt and in code it
translates that to a list for processing. It may
be required to deploy with multiple networks,
a listOpt for amp_network option allows this.
Change-Id: I4364c1d03d4c7b560f0d8030b7d66412583a31ae
Currently Octavia cannot validate against SSL service endpoints,
which would be keystone, neutron, nova and glance in this case.
This patch adds a config option under nova, neutron and glance
sections to read the specified CA certificate files
for validation. It's slightly different in the case of glance,
because glance session method invocations depend on the endpoint
URL whether it starts with HTTP or HTTPS.
Also added is the "insecure" option for these services in case
the cert validation needs to be skipped.
For keystone, we read config params from keystone middleware. Thus,
instead of defining a new config option, we can make use of it's
pre-defined "cafile".
Barbican is not added because we do not yet have a barbican endpoint
override in it's config. This could be added in the future as a
separate patch, if needed.
Lastly, unrelated to the above, fixes the amphora REST api default
bind_port in octavia.conf
Change-Id: Id57672a3dc7c962b8ee07db0cb7a743041082c66
Closes-Bug: #1552987
Deprecated amp_image_id option with the new amp_image_tag option.
Also switched devstack plugin to rely on the tag to update the image
used for new load balancers.
Implements: blueprint use-glance-tags-to-manage-image
Change-Id: Ibc28b2220565667e15ca2b2674e55074d6126ec3
https://blueprints.launchpad.net/octavia/+spec/anti-affinity
Added a new column in lb table for server group id;
Added a new task in compute tasks for creating server group;
Added a new task in dtabase tasks to update server
group id info for lb;
Add server group id in create method in nova driver to support
anti-affinity when creating compute instance
Change-Id: If0d3a9ba1012651937a2bda9bc95ab4f4c8852d5
When getting a service catalog from keystone there might be
multiple endpoint types. Adds new parameters to specify
the endpoint type to use in each of the new neutron/nova
groups.
Nova config attributes are removed as the endpoint would be retrieved
from the service catalog with respective endpoint_type and corresponding
roles would define nova access.
CONFIG is added as needed and cfg being removed.
Change-Id: Ie01bd6967eb2003dbe4f7a11ffe8e20a16aa83f5
Nova network (os-networks) is depcrecated and thus its
usage should be replaced by Nova interface (os-interface).
Create corresponding test cases.
Added nova networks back in since RAX still needs it
Ref url: http://developer.openstack.org/api-ref-compute-v2.1.html#listAttachedInterfaces
Change-Id: Iccfd028055e1d3dc13a63d5e48a8c6e3275d42f2
In some implementations overriding the neutron and/or nova endpoint returned in
the keystone catalog will be necessary. Adding this will allow that to happen.
Change-Id: I66a9ed82a895b9fe282ef7b2c4bdfb954af0cc0c
Passing region, or any other service lookup, authentication, authorization to
the drivers from the controller worker doesn't make much sense. The driver
implementation should just pull it from the config if the driver needs it.
Otherwise it doesn't matter. The controller technically should know nothing
about how the driver communicates out, or any setup information like that.
It should be up to the driver to decide that.
Change-Id: Ia6ffcbbe85b97b1ec278ed1ae2d48ca7cedf2834
Closes-Bug: 1539433
The nova compute driver currently raises an exception if the
instance has already been deleted.
This patch logs a warning, but does not raise an exception when
the instance being deleted is not found.
Change-Id: I72e54297b925c5c6ce0dd711a33e19afc74ba37d
Partial-Bug: #1509706
Octavia code base should be more generic, because containers
can be used in a near future.
This patch corrects naming methods and fix some docstrings.
Change-Id: I5157ebaf8a044daf6b0cee5bada5591b7ef50bf1
The noop drivers suffered from not being updated and just not being tested
with being called within flows like normal real op drivers. This gets the noop
drivers to succeed when called liked other drivers. They do not do anything
and will return fake information whenever it is required they return data.
This can be improved later so that they actually do their own data store, but
that would require a much larger update and I'm not sure there's much value
in it.
Change-Id: I2627ed35c0f576f8cfa258b542e5bdb4be03dac8
Closes-Bug: #1501190
Used binary compressed encoding of json dumped object. To reduce
the size needed to send heart beats incase some stats objects
start getting sent later on. Also used sha256 instead of sha1
with hmac.
Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Co-Authored-By: German Eichberger <german.eichbeger@hp.com>
Co-Authored-By: Carlos Garza <carlos.garza@rackspace.com>
Partially implements: health-manager
Change-Id: I932c693101b94c9132e1741291610508876eab43
Added a flow to complete automated failover for an amphora. Added new tasks
to retrieve ports, change port device ids for re-allocating to new amphora,
and added functionality to include existing ports on amphora creation.
Co-Authored-By: Brandon Logan <brandon.logan@rackspace.com>
Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Change-Id: Ic0d3f2b9a48ebf66df78e1ef98aef92ad7ee5057
Octavia does not support keystone regions and can choose an incorrect
endpoint url when multiple regions provides same services.
Change-Id: I5ea9de380419592920555a2c2fe7ac6f6935e700
Closes-Bug: #1487359
This is for fixing the octavia issue.
We ran the Octavia code base through a static code analyser and several issues got flagged.
As an exercise we looked at each issue and are now proposing fixes to the complexity/code style issues.
Change-Id: I2fc0cf213a9f7488e7cf1dff789d98ca2deeb81f
Carlos Goncalves