The basic cookbook document implied that pools without a health
monitor would eventually remove a failed member from the pool.
This will not happen as if there is not health monitor, the members
are assumed as ONLINE.
Change-Id: I6c52f163d8ac0456b4faf7d9bf5cc4a19ee6eeb7
Oslo.policy is moving away from using json format policy files[1].
This patch updates the Octavia documentation, policy configuration file, and
legacy admin-or-owner policy file to be in yaml format.
Octavia will continue to honor and support the json format file as long
as oslo.policy does, but this patch will encourage new deployments
to use the yaml format.
[1] https://docs.openstack.org/oslo.policy/latest/admin/policy-json-file.html
Change-Id: I925cc05981e677c0552b18f845fdbc512d2af22c
We missed updating the provider driver feature matrix for a few
new Octavia features. This patch updates the matrix.
Change-Id: I328830df19fb8df6ea93cee2ad2f0dbda03279a1
Switch to openstackdocstheme 2.2.1 and reno 3.1.0 versions. Using
these versions will allow especially:
* Linking from HTML to PDF document
* Allow parallel building of documents
* Fix some rendering problems
Update Sphinx version as well.
Set openstackdocs_pdf_link to link to PDF file. Note that
the link to the published document only works on docs.openstack.org
where the PDF file is placed in the top-level html directory. The
site-preview places the PDF in a pdf directory.
Disable openstackdocs_auto_name to use 'project' variable as name.
Change pygments_style to 'native' since old theme version always used
'native' and the theme now respects the setting and using 'sphinx' can
lead to some strange rendering.
openstackdocstheme renames some variables, so follow the renames
before the next release removes them. A couple of variables are also
not needed anymore, remove them.
See also
http://lists.openstack.org/pipermail/openstack-discuss/2020-May/014971.html
Change-Id: I87889f73207ecd940963fbe601ccbb79863b96ac
In the section about creating a key pair for the amphora instance, there
were a few small typos. This change fixes those.
TrivialFix
Change-Id: Ic6af32cc566abb6931ef61c979407780121e4bb6
Signed-off-by: Raimund Hook <openstack@sting-ray.za.net>
Introduce TaskFlowServiceController which uses taskflow
jobboard feature and saves jobs info into persistence backend.
Jobboard could be operated via RedisTaskFlowDriver or
ZookeeperTaskFlowDriver, that could be set via the config.
RedisTaskFlowDriver is intoduced as default backend for jobboard.
Usage of jobboard allows to resume jobs in case of restart/stop
of Octavia controller services.
Persistence backend saves state of flow tasks that required in
case of resuming job. SQLAlchemy backend is used here.
Bump taskflow version to 3.7.1 and add dependency to
SQLAlchemy-Utils (required for taskflow sqlalchemy
backend support).
Story: 2005072
Task: 30806
Task: 30816
Task: 30817
Change-Id: I92ee4e879e98e4718d2e9aba56486341223a9157
healthcheck middleware adds a /healthcheck url that allows
unauthenticated access to provide a simple check when running
octavia-api behind a load balancer
https://docs.openstack.org/oslo.middleware/latest/reference/healthcheck_plugins.html
Co-authored-by: Michael Johnson <johnsomor@gmail.com>
Change-Id: I10db6226750f7b7c703067d2ab82eea3a9875112
We missed a line when removing the requirement to grant Octavia
access to the secret in barbican.
This patch corrects that oversight.
Change-Id: I3c6459becc415d6dc0792c44ca75e717b239cd92
This patch adds a warning box to the load balancer cookbook clarifying
that the health monitor type of 'PING' should only be used in specific
cases.
This was called out in release notes, but was not clear in the cookbook.
Change-Id: I6b95891bec82e01c44b288cbe9796b1f87a07c32
Add a section to the basic cookbook that explains how to setup a UDP
load balancer with UDP-CONNECT health monitor.
And fix typos
Change-Id: Ib67a5c9437e3190f640a953c30f791cb34690910
This takes care of the last details for dropping py27
support by adding a proper min version of python in setup.cfg.
Change-Id: I693db277d802b2a54084cc1be11d8ce04ad9be2e
The diskimage-create.sh tool will now default to CentOS 8 when building
CentOS-based amphora images.
This patch also removes leftover references to support for Ubuntu Trusty
and Xenial.
Change-Id: I3aba59c8dd86aeeee28cc6a67af93697912fb55b
Fix an issue that prevents graceful shutdown of controller workers.
cotyledon.Service.terminate function is by definition the graceful
termination function and doesn't have any 'graceful' optional boolean
argument (https://cotyledon.readthedocs.io/en/latest/api.html).
Because of this error, message_listener.wait() was never called in the
consumers' termination functions, so flows could be interrupted before
completion and could leave resources such as load balancer in a
PENDING_* provisioning state.
By default cotyledon.Service terminates the server after a timeout if
the worker could not shutdown itself gracefully. The default value
for the timeout is 300 seconds (set in devstack plugin) and can be
overriden using the graceful_shutdown_timeout setting in octavia.conf
The default value will be updated to a lower value when work on
persistant taskflow will be merged.
Story: 2006603
Task: 36770
Change-Id: I3f776bd018246897c9a889699a2d0ecbbfbb7098
If the list of changes was empty, the worker would fail to fetch the
pool because it was retrieved implicitly from one of the changed
members. Pass it explicitly instead, and also short-circuit on NOOPs.
Story: 2006719
Task: 37090
Depends-On: https://review.opendev.org/#/c/688546/
Change-Id: I161a522abad4a2aa521ea46cb1065c5b05a2cd2e
This patch adds a cookbook section for creating backend re-encryption
pools with optional client authentication.
Change-Id: If2a732d7b692f3cd6c422efbb1f71103ffecc4c9
This patch adds a cookbook section for creating client authentication
enabled listeners.
It also removes two references to granting access to secrets in
barbican that are no longer required.
Change-Id: Iaada1b5d519bfc57528aa15bae8c0ee2b55f0567
This patch adds the Amphora image building guide from the
diskimage-create README.rst to the Administration documentation.
It also re-organizes the Adminstration guides to be broken down
by category as the old page was becoming a long list of guides.
(I like that kind of problem)
The diskimage-create README has a few formating corrections to make
it render better for the documentation.
Change-Id: Ice4071e1f872c8c0d0595427cff6f02ffbcf7968
LB_ALGORITHM_SOURCE_IP_PORT is an algorithm used by OVN
Load Balancer [0]. This patch adds its support to the API.
[0] https://review.opendev.org/#/c/660369
Depends-On: I605f44f0f50219aa003df477de9bae4062f3c308
Change-Id: I436a6e553065d1755d465d20ad36f7ba2cbb8eba
Task: 35952
Story: 2006264
This patch extends the listener API to include the new parameter
'allowed_cidrs'. This parameter is a list of IPv4 or IPv6 CIDRs. Leaving
this list unset defaults to the traditional behavior of allowing all
ingress traffic to the listener. Setting it will deny all traffic but
all CIDRs set in the 'allowed_cidrs' list.
Note that the API will validate that all CIDRs match the same IP version
of the VIP. This may change later as part of work to allow multiple VIPs
per LB (Change-Id Id7153dbf33b9616d7af685fcf13ad9a79793c06b).
Task: 26210
Story: 2003686
Change-Id: Id2b560df1cde9ce9403afbd593bbaa6cae5f06d6
This patch adds support for long-running provider driver agents to
the Octavia driver-agent.
It will fork a process for all of the enabled provider driver
agents at startup.
Change-Id: Ib7042bcc48b1dd5b37b671dd5e64728b71ab9542
Story: 2006250
Task: 35863
This patch adds support for the octavia-lib to get objects by ID.
Change-Id: I98b399891488e5972ea4d332c06b55b34f20fb11
Story: 2005870
Task: 33680
Co-Authored-By: Adam Harwell <flux.adam@gmail.com>
The "basic load balancing cookbook" still had a reference to
neutron-lbaas and an old DVR bug.
This patch corrects those issues.
Change-Id: I9299084402a0b09104e81f48e998b77a195745a0
Story: 2006470
Task: 36401
