As Ubuntu is debian-like platform, there is no reason
to not support building image on Debian platform. Currently diskimage-create.sh is
using head -n 1 to read /etc/os-release to fill platform bash variable.
Bash platform variable is filled with NAME="Ubuntu" string as it is first
line of Ubuntu's /etc/os-release. In debian the first line is for example
PRETTY_NAME="Debian GNU/Linux 10 (buster)".
This commit is fixing this behavior and fill platform bash variable
to exact NAME variable from /etc/os-release.
Change-Id: If7b507c30720516dc8dfd181170476f9ef003748
This patch updates the ListersUpdate task to accept a load balancer
ID instead of a load balancer database object as part of the job board
work.
It also removes a duplicate test that is no longer needed.
Change-Id: I819d44a37cba3ef952d109a675ae6d55e3eb4aa1
This patch corrects a bug with mutli-listener load balancers that
are using either TLS client authentication and/or backend
re-encryption.
Change-Id: Ib7b083e1dfbfd7afcca870ed6f60a871b2e19253
Story: 2006822
Task: 37394
This patch allows listeners on a load balancer to continue to
operate should one listener fail to access secret content in
barbican. Previously if one listener failed to access barbican
content, all of the listeners would be impacted.
This patch also cleans up some unused code and unnecessary comments.
Change-Id: I300839fe7cf88763e1e0b8c484029662beb64f0a
Story: 2006676
Task: 36951
OpenStack is dropping support for xenial[1].
This patch removes references to support for xenial amphora images
and stops the nightly build of xenial amphora test images.
[1] https://review.opendev.org/#/c/695114/
Change-Id: I1bc0a37f35839a5f9a95650af7c82239f6544c50
The Octavia policy enforcer object used by the oslopolicy-policy-generator
must pass the --config-file or --config-dir command line arguments to
oslo.config, otherwise those arguments are ignored.
Change-Id: Ic638c056715f8fcea3b095726964e7224c38eae2
Task: 37743
Story: 2006983
This patch converts the member flows to use the provider driver
data model.
It also stops storing sqlalchemy models in the flow storage in
preparation for enabling jobboard.
Change-Id: Ic15e4311ce244e71b65069359c6c08e49f6b8d00
Story: 2005072
Task: 30810
This patch converts the listener flows to use the provider driver
data model.
It also stops storing sqlalchemy models in the flow storage in
preparation for enabling jobboard.
Change-Id: Ic44019b8877f008e6d7a75ceed1b7fd958e051d0
Story: 2005072
Task: 30808
Use taskflow retry for connectivity wait. [1]
This reqired for redis jobboard implementation as each retry expand
claim for job on worker. This means that worker is proccesing job and
it should not be released for other workers to work on it.
Adopted for v2 flows.
[1] - https://docs.openstack.org/taskflow/latest/user/atoms.html#retry
Story: 2005072
Task: 33477
Change-Id: I2cf241ea965ad56ed70ebde83632ab855f5d859e
API update calls were blocked if the load balancer had a TLS
terminated listener that the secret has been removed from barbican.
This patch corrects this problem allowing users to update the
certificate reference.
Change-Id: I96908e6cbdb523f95298aff463a749d15e98e1ad
Story: 2006676
Task: 37322
RHEL8 and Centos8 refuse to load certificates generated with a 1024-bits
key because of new security policies. Increasing key size to 2048-bits
fixes certificate generation scripts for these distributions.
Story 2006944
Task 37623
Change-Id: I6d5d39c4cf87ac687355f80ca591c1a611f46f41
Adds the ability for admins to create/manage availability_zones
and profiles for use with upcoming functionality. Works like flavors.
Depends-On: https://review.opendev.org/#/c/694057/
Change-Id: I468d9fdf8c9d0898f9e30f04ac233510a10a53fc
The image building process adds some unnecessary network interface
configuration files to /etc/network/interfaces.d. This element cleans those
out as they are not needed because cloud-init will create the required
configuration file.
Change-Id: If5fbfc34ff0e91608f402811aa2b78c9cbcb00ec
When filtering API calls using tags along with other filter parameters
the API could fail with an "Entity has no property" errors.
Also when filtering with tags that contain a comma separated list,
the API would mis-interpret the list of tags as a single string.
This patch resolves both of these issues and adds functional test
coverage for these use cases.
Change-Id: I7153ed9a6214ce352b2ac115001f7f6134d95b39
Story: 2006914
Task: 37559
Currently the API allows an operator to delete a flavor even when it
is in use by a load balancer. This patch corrects this by blocking
the deletion of a flavor that is currently in use by a load balancer.
It also correctly handles load balancers in the "DELETED"
provisioning_status.
Change-Id: Ie6d4f74e36c2fb7cee4e0ff1e198602c5d8394cc
Story: 2006782
Task: 37307
The provided etc/octavia.conf file is typically installed by system
packages. It is important to set correct configuration option names and
default values even when commented out.
Task: 37525
Story: 2006891
Change-Id: Ia9da64d76e31422464af9d24b675094f25350f48
The "Show Provider Flavor Capabilities" would silently ignore
filtering parameters passed into the API. This patch corrects this
such that you can filter the providers capabilities list.
Change-Id: I9a2aa4ed5b4ef60545c60a6d5bd06066ef361a56
Story: 2006817
Task: 37377
There is a potential race condition in the start order for the
amphora-agent service and the certs-ramfs service.
This patch configures an explict ordering for the services.
Change-Id: I8e449b19af72d72f6effd52e0a2debb5754a19b3
Story: 2006823
Task: 37396
Currently the keepalivedlvs_query script calls ipvsadm -Ln --stats
to query the local lvs for connection information. If any of these
values grow large enough they will be abbreviated with human-
friendly suffixes (K, M, G) and cause the get_ipvsadm_info func
to raise an exception when it receives a non-integer value from
its command output. By using the --exact argument in addition to
the existing arguments, we can ensure the output is always expanded
numbers, per the ipvsadm man page, and will only ever offer integer
outputs to the get_ipvsadm_info command.
Change-Id: I2e8c0be2221c0c23b752fdf2cdff065cddf830a5
Story: 2006791
Task: 37331
The single process patch changed the way listeners and load balancers
are deployed inside the amphora. This caused listeners with SNI
enabled to load all of the certificates for all of the TLS enabled
listeners on a load balancer.
This patch corrects that by configuring each listener with a
specific list of certificates.
Change-Id: I2f3c7ab4137dbd84d77a6a6b675975af406249d0
Story: 2006758
Task: 37252
