Configure rsyslog to forward logs to a target host
Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Story: 1665069
Task: 33646
Change-Id: I00703f86555cbb574b943794b14a36fbc644f1b2
Commit I3082962841d3b645f3cbd1a6b41fc7fb28dcf7e6 removed
octavia/tests/tempest directory
This patch removed other references to this path.
Change-Id: I665503aa4f69308ff31be53824b26faea13d2ad1
Includes some updates to docs and configs and related files to remove
references to neutron-lbaas. Also remove handlers.
Change-Id: I3082962841d3b645f3cbd1a6b41fc7fb28dcf7e6
This is the base patch that updates octavia to use the new octavia-lib.
It is backwards compatible by using debtcollector moves.
It adds a new controller process called the "driver-agent".
This patch also adds unit test coverage for a few additional modules.
Depends-On: https://review.openstack.org/#/c/641180/
Change-Id: I438e1548ec0fb6111d1ab85b05015007d9d0a006
This patch adds Cloud Auditing Data Federation (CADF) auditing support to the
Octavia API. This is implemented using the keystonemiddleware audit filter.
Change-Id: I87a7e15171dfaf28b6ed97ca71d4423d18fbdbea
Update the diskimage-create.sh to have a "-l" option to pass into
dib's "--logfile" option. In the devstack job, use this to redirect
the dib output to a separate logfile. Turn on verbose logging by
default for this log.
Copy this in the v1 jobs. v2 jobs are covered by a similar change in
octavia-tempest-plugin: I5bc0d9a3b071733cbe31d618f7236a3c2285b3e5
Depends-On: https://review.openstack.org/612865
Change-Id: Ie639af4266152d4626f8312b1849deeba5048348
Load balancer topology options are SINGLE and ACTIVE_STANDBY. We default
to SINGLE as it is the default in-code too.
Change-Id: Id5af2397122ca3c031e9a5becccfcdd75506876f
Apparmor will block dhclient from accessing the o-hm0 configuration file
under /etc/octavia. This patch moves our dhclient.conf under /etc/dhcp/octavia
to allow the dhclient to access the file when apparmor is running.
Change-Id: I3153f8bd9237470f406a9edeb4e2a0767fc747b8
Story: 1673269
Task: 5434
We were using neutron lib/neutron-legacy on our devstack plugin as we
were enabling legacy services. This commit changes it so we rely on
lib/neutron.
Co-Authored-By: Carlos Goncalves <cgoncalves@redhat.com>
Change-Id: I159dd4b371b870dc752fa01f738a2910263e3918
keystonemiddleware has deprecated the "signing_dir" configuration
option [1].
This patch also removes reference to it from octavia.
[1] https://review.openstack.org/#/c/391405
Change-Id: Idda46ab1459584eafd58097ec42b9f0fcea41759
This patch is to enable the API to run in a WSGI server like
apache2/httpd.
Co-Authored-By: Adam Harwell <flux.adam@gmail.com>
Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Change-Id: I296c046f653dcf78cdca2d0df1896d27f2ba1544
There were only two elements we were using from this repo -
os-svc-install which we werent actually calling anywhere, we only
depended on it needelessly and sysctl. The sysctl element has been moved
in to dib as dib-sysctl so we can now stop depending on
tripleo-image-elements entirely.
Depends-On: If312d199388036d6f4103e94dca99249cb3bcbaf
Depends-On: Ia730850a48e2478fd5461710a9d2619408725cd8
Change-Id: Ie78c4f3ebe506214f0ce7c456fcbbee09d35ba2a
Dib supports a -x argument to output additional tracing information.
Lets support this in our diskimage-create script.
Change-Id: Ifb9f29250475d53ae8c64deef4be01ef8bd584d4
Change methods used in backend to authenticate with keystone.
Use autodetection mechanizm for API version and refactor config
options specified in Octavia.
Change-Id: Id0deee2714040d271f43a537c27f410e2f4e3ef2
Closes-Bug: #1620668
Closes-Bug: #1618691
Flask's default runner (werkzeug) is plagued with bugs.
If we use gunicorn instead, we should have many less problems!
Depends-On: I211dc771aa95147c0f1d9e6ac1a65a7e164b33c2
Change-Id: I59897167f9285bf013f8a155dd2ea4f799ac1d3f
This deploys two controller nodes with an haproxy in
fron of the main API endpoint and workers on both
nodes: primary and subnode1.
Change-Id: Iecc38aa950e8b5a4c42db6b609820443efe437c2
Related-Bug: 1628481
The main octavia node will need the OCTAVIA_NODES setting
in the following format to setup the octavia API haproxy
in front of all of them.
OCTAVIA_NODES=main:<ip-address>,second:<ip-address>
Change-Id: I4a88dae4aa47c508559fd7464f127a23b089af2a
This commit introduces a new parameter "OCTAVIA_NODE", which
is standalone by default. Only the main (for ha) or standalone
nodes create resources like accounts, the management network,
images, etc.
We also introduce a multinode vagrant configuration.
A follow up patch will introduce an haproxy in front of the octavia
API endpoints.
Change-Id: I835ee7e0e925232b55f3c14eeed98aeb0f0ce463
DevStack is used mostly for development purposes that
often involve frequent creation and deletion of resources.
That is why having a lot of stale resources like amphorae and
load balancers is quite confusing.
Keeping them around for a week makes sense in production but in
DevStack deployments it is reasonable to decrease expiry age
to 1 hour by default.
Change-Id: I1b78963256467175537caffd46a863da9f5fb018
This patch is part of a series that will allow the deployment
of a simple multinode octavia devstack, where the certs and
ssh keys are uniform over all the controllers.
Orchestrating the deployment of the same ssh keys or certificates
becomes difficult without making use of tools like ansible otherwise.
The provided certificate is valid for 10 years.
Change-Id: I45e8e54d58a725281636a61fdb769265de50d9ba
Deprecated amp_image_id option with the new amp_image_tag option.
Also switched devstack plugin to rely on the tag to update the image
used for new load balancers.
Implements: blueprint use-glance-tags-to-manage-image
Change-Id: Ibc28b2220565667e15ca2b2674e55074d6126ec3
When running the health manager on single host devstack machine, the
hosts IP cannot simply be used as if the health manager is running
on a host by itself. The solution here is to create a neutron port
on the lb-mgmt-net which sets up necessary ovs ports and also
reserves an IP. Then the script creates an ovs port for and sets
and interface with the information the neutron port create allocated.
There are some flaws with this but its a starting point and can and
probably will be improved on in the future. However it works for
now.
Change-Id: Ic3d3d1d63a5cc352c5fc00dea58bb16915754a7c
Closes-Bug: #1490033
We also set request_poll_timeout to be 3000 in neutron.conf;
This can help to resolve the error for could not ssh to instance for octavia gate-setting.
This patch is needed by https://review.openstack.org/#/c/209675/
Change-Id: I90002a8913dd7db375ff5740a3f9cd5566b82054
Used binary compressed encoding of json dumped object. To reduce
the size needed to send heart beats incase some stats objects
start getting sent later on. Also used sha256 instead of sha1
with hmac.
Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Co-Authored-By: German Eichberger <german.eichbeger@hp.com>
Co-Authored-By: Carlos Garza <carlos.garza@rackspace.com>
Partially implements: health-manager
Change-Id: I932c693101b94c9132e1741291610508876eab43
By increasing te times of amphora active retries,we are targeting for octavia gate setting to work.
Change-Id: If81cc13966a0a24368225b89c9678f6b0fdc1a7b
At some point a VAR we depended on was removed or changed upstream. This
patch updates to fixes that so the users fields are populated again.
Change-Id: Ie58b478d13b758e020df0655e6e3462ab4755f9a
- Added configuration
- Added uploading of haproxy config
- Added start, stop, reload (async)
- Added get_details
- Fixed returns of API -- they are now all spec conform
- Added info, get haproxy file
- Added function to get listener status
- Added class to parse haproxy stats socket
- Added methods to handle certs
- Added client cert validation to the sever
- Added script to generate example certs
- Added init script for agent
- Added network and vip plugging
- Added devstack stuff
- Added diskimage scripts; upstart ini file
Change-Id: Ib1db8da9e019e68e9a0f4a16a622b8b1286afd3e
Implements: blueprint amphora-api
The current settings file has a hard coded admin username
and password. This change pulls the admin password and username
in from the devstack environment.
Change-Id: If2bbd62fa4c92ac1b26d0aaf74e0cd26c553fa75
DevStack will error out during the install with the current
configuration. This change puts stub services in place so that
DevStack will not error out during the install.
Change-Id: I4d053de933f5d6a576f09fc46e41cc305106ed29
Updates plugin.sh with method to add octavia service endpoint
Updates settings for protocol and port
Change-Id: Ie2a36f7a7f487c411d35f4a39cae336090caad33