Neutron now needs to have a router attached to the subnet to provide
the router advertisement messages needed for slaac address
This patch adds this router to the lb-mgmt-network, allowing
the amphora instances to configure an IPv6 address.
The recent patch that adds a neutron subnet lookup using the user
context is not honoring the interface/endpoint_type or region_name
settings for neutron in the octavia configuration file.
This is causing problems for deployments that use the "internal"
endpoint for neutron and the current code will always return
the "public" endpoint.
This patch corrects this problem by including those filter
parameters when the neutron endpoint is looked up in keystone.
Running amphora failover against the amphora noop driver was raising a
TypeError (reload() takes from 2 to 3 positional arguments but 4 were
Remove net.ipv4.tcp_tw_recycle because it has been
removed from kernel since 4.12.
Change for tcp_timeout_time_wait/tcp_timeout_fin_wait
Signed-off-by: Mikhail Ushanov <email@example.com>
This patch refactors the failover flows to improve the performance
and reliability of failovers in Octavia.
Specific improvements are:
* More tasks and flows will retry when other OpenStack services are
* Failover can now succeed even when all of the amphora are missing
for a given load balancer.
* It will check and repair the load balancer VIP should the VIP
port(s) become corrupted in neutron.
* It will cleanup extra resources that may be associated with a
load balancer in the event of a cloud service failure.
This patch also removes some dead code.
There was a bug in the CADF audit map file for the "failover" action.
This patch corrects the audit map file to handle "failover" correctly
and stop keystonemiddleware from raising an exception.
Assertions were using the same expressions on both side: optionals and
lb_listener are both parameters to the API (and the lb_listener dict
contains all optionals items).
Those assertions should compare the parameters to the API results.
We run the octavia scenario test failed when the OpenStack env
enable TLS. So we need add the verify for the session.
Change I7ebf4137feb04827490dffc0dac3d6e4c8888075 added 'set -e' in
devstack/plugin.sh, but on devstack cleanup, some commands may fail
because of non-working services (i.e after a reboot).
This commit allows 'openstack keypair delete' to fail on clean up.
The basic cookbook document implied that pools without a health
monitor would eventually remove a failed member from the pool.
This will not happen as if there is not health monitor, the members
are assumed as ONLINE.
The mock third party library was needed for mock support in py2
runtimes. Since we now only support py36 and later, we can use the
standard lib unittest.mock module instead.
Also added and enabled a hacking check that would have caught this.
In https://review.opendev.org/#/c/613709/ octavia was
changed to use octavia-lib for a lot of API driver-related
code and deprecation warnings put in place. Now that
we're in Victoria remove all the deprecation shims and
use octavia-lib exclusively.