29 Commits

Author SHA1 Message Date
madhusudhan-kandadai
058dbb3097 Octavia: Implement Tempest Plugin
This patch discovers Tempest tests via tempest plugin.
Also included is are the config opt parameters
needed for testing.

Co-Authored-By: Franklin Naval <franklin.naval@gmail.com>

Change-Id: I5c99fc5aa3caeb6bd1a9c90c27d956cf0372180b
2016-08-24 16:47:28 -05:00
zhangyanxian
37fc1a0943 Update the home-page info with the developer documentation
Change-Id: Ia5229a148c7bfd334d6454ea9a3e960c8619e1f9
2016-07-25 01:14:06 +00:00
Yatin Kumbhare
db2178964a Add Python 3.5 classifier and venv
Now that there is a passing gate job, we can claim support for
Python 3.5 in the classifier. This patch also adds the convenience
py35 venv.

Change-Id: I968c8baab6b9f5c1b1b99735e16dc08158f7d8d7
2016-07-12 21:12:59 +05:30
Fei Long Wang
9f6c6d058b Support db-manage command for db migration
blueprint: octavia-db-manage

Change-Id: Ib1c8f47b6af4dd5d86acff68bc56ab660241458a
2016-05-11 09:57:48 +12:00
Stephen Balukoff
2a0a0944bf Delete SSH amphora driver
The old SSH amphora driver is not being used by anyone
anymore, nor is it being maintained. This patch removes it from
the Octavia code tree.

Closes-Bug: 1534218
Change-Id: I006f1c794e1ab0483886d06495ca6649f0afe479
2016-02-17 13:51:11 -08:00
Adam Harwell
0e78993002 Remove dead code around certificate handling
LocalCertManager is unusable because there's no way to get cert data
into the system (the API doesn't accept it) so there's no way we could
store it, which makes it unusable for its original purpose which was to
be a dev tool (it is not suitable for production use in any case).

Barbican does not support certificate generation in a way that makes
sense for us (they do async only) and Anchor will be the way forward.
This driver will never be completed and therefore should be removed.

Change-Id: I78019bc7ad7dffc745055216ed2aace725c58de2
2016-02-08 12:43:57 -06:00
Adam Harwell
29666293a4 Fix event_queue entry in setup.cfg from EventStreamer break
Change-Id: Id30fb6c6eb927d123f3ee6962011945e2c88ff5e
2016-02-04 15:19:40 -06:00
Carlos D. Garza
c84021ac27 Implementing EventStreamer
EvenStream will be used to serialize messages from the octavia
database to neutron-lbaas database via oslo_messaging. Also
renaming update mixin class since its not really a mixin. The
health manager will make changes to the octavia database when
members etc are marked as down and up etc which would result
in databases that were not in sync between neutron-lbaas and
octavia. A mechanism to communicate database changes from
octavia back to neutron is required so this CR attempts
to use a oslo_messaging system to communicate those changes,

Docimpact - /etc/octavia.conf the user can set the option
            event_streamer_driver = neutron_event_streamer
            to setup a queue to connect to neutron-lbaas.
            if this option is left blank it will default to
            the noop_event_streamer which will do nothing
            effectively turning the Queue off.

Co-Authored-By: Brandon Logan <brandon.logan@rackspace.com>
Change-Id: I77a049dcc21e3ee6287e661e82365ab7b9c44562
2016-01-19 00:48:14 -06:00
Adam Harwell
52351a5698 Refactor BarbicanAuth to allow for configurable auth method
There is now a new configuration option "barbican_auth" in the
certificates section, to specify which auth plugin to use when
communicating with Barbican. This is because the default option (using
ACLs inside Barbican to control access) should be ok as a default
workflow, but it might be required to use other methods depending on
your deployment. For example, another possible auth method would be
BarbicanTrustAuth, utilizing Keystone Trusts.

Some deployers may need custom auth methods that do not exist in
upstream Keystone, and will need their own Auth plugin. This should be in line
with the way Octavia's network and compute drivers work already.

While we're in this file, prune the unused (and really bad) method that
would *actually* delete certs from Barbican (not in our scope).
Also do the tenant_id -> project_id rename.

Change-Id: Ic9aef68924bb5c216734afd25403e59476c576e7
2015-12-08 14:56:32 -06:00
Jenkins
86b4f8dcec Merge "Amphora Flows and Drivers for Active Standby" 2015-12-04 16:26:08 +00:00
Sherif Abdelwahab
58cda714ba Amphora Flows and Drivers for Active Standby
This patch implements the Active/Standby blueprint in
https://blueprints.launchpad.net/octavia/+spec/activepassiveamphora

The following points describe the main changes:

1. The patch introduces new flows and subflows to create M amphorae. The
controller worker parses the loadbalancer_topology configuration. If the
loadbalancer_topology value is ACTIVE_STANDBY, the controller invokes a new flow
independent from the SINGLE topology case, which is left untouched. The new
flow uses conditional taskflows to check for spare amphorae at runtime. This
removes the need for the exception workaround we earlier had. The controller
creates the amphorae in parallel using an unordered flow. A new database task
alter an amphora role as either MASTER or BACKUP and assigns a VRRP priority to
each amphora. After the amphorae are created, the controller invokes a separate
flow for post amphora configuration including plug_vip methods, vrrp
configuration upload, and keepalived service start.

2. The patch introduces new data models that include a new table for VRRP group
configuration per loadbalancer, and update the amphora, loadbalancer, and
listener tables to support the new active/standby capability. The VRRPGroup
table hides authentication data, and makes future extensions of VRRP
capabilities easy.

3. This patch updates the existing Haproxy configuration templates  to include
peer synchronization. In case of ACTIVE_STANDBY configuration, the jinja
configuration renders the peer section in the Haproxy configuration and assigns
short names to the amphorae as listener peers. As listeners implies different
Haproxy process, each listener synchronizes on a different port evaluated as
BASE_PORT (1024) + NUMBER_OF_LISTENERS accounting for ports in use.

4. This patch introduces a new Jinja configuration templater and a REST driver
for Keepalived (developed as a Mixin). By default, Keepalived runs "all" check
scripts found in a predefined directory. The keepalived driver is a Mixin that
can be plugged in other services' drivers. It is the responsibility of these
services drivers to introduce their own check scripts. In this patch a
lightweight check script for Haproxy was introduced along with changes in the
amphora agent installation script.

5. The VRRP requires enabling protocol 112 for Master/Backup advertisements,
and enabling protocol 51 for authentication header. This patch enables these
protocols as needed in the loadbalancer security group.

Note: Updates to the failover flow to support active/standby will come in
a dependent patch.
Note: The amphora-agent is pinned to this patch in this patch set.  This
is required so the scenario tests will pass.  It will be removed in a
follow up patch.

Co-Authored-By: Sherif Abdelwahab <sherif.abdelwahab@hp.com>
Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Implements: blueprint activepassiveamphora
Depends-On: Ifdf20378b26cdd13e0a3ff87cec8990fe89c0661
Change-Id: Ic4e04594e114ba682088d68d5f1af3f8f376db83
2015-12-03 23:27:20 +00:00
bharath
d2072ae0ae Anchor support to Octavia
Use Anchor for certificate signing to make the octavia communication
more secure. Anchor Ref url: https://github.com/openstack/anchor

Co-Authored-By: bharath <bharath.stacker@gmail.com>
Co-Authored-By: German Eichberger <german.eichberger@hp.com>

Change-Id: Id77b2b1540377db661f15d4eeafc4922f446d987
2015-12-03 10:06:04 -08:00
Michael Johnson
fc2e5b9458 Update some release related texts
Fixes a typo in the setup.cfg
Sets the development status to Beta
Includes some lines in the README.rst to allow release-tools be
able to create release summary e-mails.
Adds some bling to our README.rst

Change-Id: I6564c8ab661523c60d341a01f3ff431d578621e8
2015-10-01 23:58:03 +00:00
Bertrand Lallau
c4dd8b89fd Enable automatic sample config generation
- Added an entry_point for oslo config generator
- Added a script to enumerate config options
- Added a tox target to invoke config generator

Change-Id: Ibc66efd103e790a73ef6389817e099ede65d4f32
2015-08-28 11:29:19 +02:00
bharath
d74ef6b138 Add Housekeeping to manage spare amphora and DB cleanup
Updating config file to include attributes for spare check and db cleanup
Validate the spare amphora count and create new ones when needed
Perform DB cleanup of the expired amphora

Implements: blueprint housekeeping-manager
Change-Id: I98990fbd3a3cb281a70e0eab97f256c960ca5dcb
2015-08-20 03:04:18 -07:00
ptoohill1
fc427679bd Pluggable controller worker
Change-Id: I11496547431fd5c4d162381afd9bc88b3de7513e
2015-07-30 08:51:30 +00:00
Nir Magnezi
bc75977fdc Install etc/octavia/* files
Instead of enforcing every packager or deployment tool to copy the files
into proper locations, install them as part of usual setuptools
installation process. It's the same as other services do, f.e. neutron.

Change-Id: Ib36dc0b19cf902d8251ab910f84513c57ca324f4
2015-07-07 00:20:19 -05:00
German Eichberger
0abcbc4f7d haproxy reference amphora REST API client
Adds rest driver methods
Adds rest driver tests
Add cert task for generating server certs
Modified compute task/flow
Fixed local certificate stuff
Refactored to use requests-mock inetad of responses
Added a "conditiobal flow" for REST

Cleaned up and changed the code to work with
https://review.openstack.org/#/c/160034/

Replaces:
https://review.openstack.org/#/c/144348/
https://review.openstack.org/#/c/145637/14

Change-Id: Ibcbf0717b785aab4c604deef1061e8b2fa41006c
Co-Authored-By: Phillip Toohill <phillip.toohill@rackspace.com>
Co-Authored-By: German Eichberger <german.eichberger@hp.com>
Co-Authored-By: Stephen Balukoff <sbalukoff@bluebox.net>
Implements: bp/haproxy-amphora-driver
2015-06-29 09:08:37 -07:00
Kyle Mestery
c149ae1cef Update version for Liberty
Remove pre-version setting so we can rely on tags for library
versioning.

Change-Id: I3c04247f096c63c63d5c8fce1f0d955bcbc620e7
Signed-off-by: Kyle Mestery <mestery@mestery.com>
2015-06-18 20:34:17 +00:00
German Eichberger
40440b8a0b Implements the haproxy amphora agent api server
- Added configuration
- Added uploading of haproxy config
- Added start, stop, reload (async)
- Added get_details
- Fixed returns of API -- they are now all spec conform
- Added info, get haproxy file
- Added function to get listener status
- Added class to parse haproxy stats socket
- Added methods to handle certs
- Added client cert validation to the sever
- Added script to generate example certs
- Added init script for agent
- Added network and vip plugging
- Added devstack stuff
- Added diskimage scripts; upstart ini file

Change-Id: Ib1db8da9e019e68e9a0f4a16a622b8b1286afd3e
Implements: blueprint amphora-api
2015-06-02 18:13:39 +00:00
Michael Johnson
f442efa58c Setup stubs for health manager and housekeeping
DevStack will error out during the install with the current
configuration.  This change puts stub services in place so that
DevStack will not error out during the install.

Change-Id: I4d053de933f5d6a576f09fc46e41cc305106ed29
2015-05-14 21:00:24 +00:00
Brandon Logan
9226b29187 Fix queue producer handler to send ids
Also renaming queueworker.py to controllerworker.py to be more
obvious what it is.  This patch should complete the api to queue to
controller worker workflow (i.e. it should work).

Change-Id: Id924e83674dab1a5f13e57533dd5272c3d667b7d
Closes-Bug: #1452141
2015-05-06 17:37:45 -05:00
Jorge Miramontes
65e361613e Implemented Queue Consumer
Co-Authored-By: Jorge Miramontes <jorge.miramontes@rackspace.com>
Co-Authored-By: Brandon Logan <brandon.logan@rackspace.com>

Change-Id: I6e739506f29aa4131d7f3626a66f3ac6ea816863
2015-04-30 16:48:09 -05:00
Michael Johnson
424c320b01 Implements Octavia Controller Worker
Co-Authored-By: Aishwarya Thangappa <aishwarya.thangappa@gmail.com>
Co-Authored-By: German Eichberger <german.eichberger@hp.com>
Implements: blueprint controller-worker
Change-Id: If44a70d6ada43673d827987081e7c760598523bd
2015-04-29 21:34:07 +00:00
Brandon Logan
a48ccb03fb Fix ups so pbr and setup works
Moved octavia/bin directory to octavia/octavia/cmd and renamed octavia-api to
api.py.  This follows the new strucutre most openstack projects are doing.
Also implemented octavia-api being built when doing setup install.

Had to remove the octavia/tests/specs symlink because pbr did not like it and
would not allow anything to be built. Also found out the test_titles test was
not being run on the specs, so that has been added as a separate tox
environment.

Change-Id: I92f2bc6eaa346983f7a2479dc9fa43d2040f2cd5
2015-04-23 16:04:27 -05:00
ptoohill1
6c85431e53 Use stevedore to load API handler
Updates controller base to load handler via stevedore
Updates setup.cfg with entry point
Updates octavia.conf for api_handler default example
Updates config.py for api_handler
Updates requirements.txt for stevedore

Change-Id: I67e3da376fad1d48cec7f56f990c4b13ac7f4b83
2015-04-22 17:59:14 -05:00
Joshua Harlow
674072a2a1 Remove the 2.6 classifier
Octavia is only targeting 2.7 and newer so it shouldn't
have the 2.6 classifier listed in its setup.cfg file.

Change-Id: I68fce657362a54b1953183cd6191d90ffa4815ce
2015-03-03 14:28:50 -08:00
Doug Wiegley
74eee09e4b Initial directory skeleton
Implements: blueprint initial-skeleton
Change-Id: If6559f5e1adf4aee70f5d92b5dfcf9fead86b205
2014-09-04 15:28:10 -06:00
Stephen Balukoff
f77df1766c Populate repository with common initial files
Every repo needs a first commit, eh? Most of this
is based on the neutron and neutron-specs project layouts.

Change-Id: I17a41fc30f8f8499c679afad14019c0755582bc6
2014-07-02 20:30:14 -07:00