As a followup to I273c3c8299ee329bed425f3e7cd4b583ed1187a4, adding
nova placement services which are mandatory starting Ocata.
Change-Id: I74adfd6aa3bc0cb1061427ef6d66fc8d3c20d776
This patch fixes a few issues with the devstack setup on a multi-node
octavia gate. It makes sure the flavor is present and configured on
both nodes and only clones diskimage-builder on the main node.
Change-Id: I4c24e22798235b6bf795e659516f6864768216a3
Previously octavia API was binding to 127.0.0.1 and in Keystone
was specified other IP depending on the IP specified on host.
Bind to the service host address to enable keystone service catalog usage.
Change-Id: Iead0075c3ac4b2fbc733b8916503d0a8c68dd232
There were only two elements we were using from this repo -
os-svc-install which we werent actually calling anywhere, we only
depended on it needelessly and sysctl. The sysctl element has been moved
in to dib as dib-sysctl so we can now stop depending on
tripleo-image-elements entirely.
Depends-On: If312d199388036d6f4103e94dca99249cb3bcbaf
Depends-On: Ia730850a48e2478fd5461710a9d2619408725cd8
Change-Id: Ie78c4f3ebe506214f0ce7c456fcbbee09d35ba2a
Dib supports a -x argument to output additional tracing information.
Lets support this in our diskimage-create script.
Change-Id: Ifb9f29250475d53ae8c64deef4be01ef8bd584d4
This patch addresses several places where IPv6 and IPv6 link-local
addresses where not considered for communication between amphora and the
controller worker.
In the devstack plugin we permit both IPv4 and IPv6 for health
monitoring and the amphora REST API.
In the amphora's UDP health sender we parse the IP port string in a
manner which permits IPv6 addresses by splitting on the last colon
rather than every colon.
In the controller REST API driver we append an interface scope if using
IPv6 link-local addresses. This interface can be specified by an
operator is they are using an interface other than o-hm0, this only is
required if using IPv6 link-local addresses.
Change-Id: I9d07bec4ac105e8876fadb72a83a590ffd4d2e66
Change methods used in backend to authenticate with keystone.
Use autodetection mechanizm for API version and refactor config
options specified in Octavia.
Change-Id: Id0deee2714040d271f43a537c27f410e2f4e3ef2
Closes-Bug: #1620668
Closes-Bug: #1618691
Flask's default runner (werkzeug) is plagued with bugs.
If we use gunicorn instead, we should have many less problems!
Depends-On: I211dc771aa95147c0f1d9e6ac1a65a7e164b33c2
Change-Id: I59897167f9285bf013f8a155dd2ea4f799ac1d3f
This deploys two controller nodes with an haproxy in
fron of the main API endpoint and workers on both
nodes: primary and subnode1.
Change-Id: Iecc38aa950e8b5a4c42db6b609820443efe437c2
Related-Bug: 1628481
The existing pregenerated certificates (CA) were already expired
and not working on the multinode tests. Those pregenerated
certificates are used so all the nodes share the same CA.
This patch introduces a script to regenerate the certs in the
repo too.
Change-Id: I977c29e3d5867e22efd60d6bdda8a98a26559fc9
Closes-Bug: 1633436
Our devstack plugin assumes the developer is using OVS in their
environment. However, there are sometimes cases where it's useful to run
tests using linuxbridge. This commit adds support for linuxbridge in the
development devstack environment.
Change-Id: Id8fa3f9882bd5dfee7ca5af7060b9c4624363a8e
Co-Authored-By: Dustin Lundqiust <dustin@null-ptr.net>
Replacing existing bash and netcat based test HTTP server with a golang
implementation, to permit testing of connection limits. While desirable
to avoid introducing an additional testing dependency, employing golang
here solves several problems. The static linked binary works well with
CirrOS images for testing, since not other files need be included in the
CirrOS image. The implementation can scale to large number of
connections (5k in a m1.tiny instance, and in excess of the 20k limit
imposed by Apache Bench in a m1.large) and tracks the maximum number of
concurrent connections reached, this allows connection_limit testing.
Change-Id: Ib1320559142ca05177c5cb93f22baee401c17470
The Octavia devstack plugin is using deprecated nova secgroup-list.
This patch updates the plugin.sh to use the new openstack client
where it can.
Change-Id: I000eff4b2692953fcdaac581aaafe683e9289388
Closes-Bug: #1631087
In Newton nova call to image-list was deprecated and
it's not available anymore.
I've switched the cli call to openstack image list which
does the job perfectly.
Change-Id: I2091328998d8b5fbf383f3d32b2d3c0cc24ca618
There are gate issues pulling get-pip from its upstream location on some
build hosts. However, it's pre-cached on the nodes, so use it if it's
there.
Change-Id: Iaa242331ed72212b05f2c817ffff5e68840cd97b
Diskimage-builder has an element called pip-and-virtualenv that
specifies https://bootstrap.pypa.io/get-pip.py as the url to
dowload the get-pip.py file. This patch checks if a version
is cached locally by infra on the gate hosts and will use that
location instead of downloading it.
Depends-On: I6f071984c1b26498223fc9a6f3528280ab064244
Change-Id: I78d77835b988d0076c10d205b25f0033ffbc01c7
Octavia is currently missing any documentation designed to help
new developers and operators understand what we're doing with the project
or how to get started using and contributing to it. This patch set aims
to correct this problem.
Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Co-Authored-By: Leslie Lundquist <llundquist@us.ibm.com>
Closes-Bug: #1558368
Change-Id: Idaa37277bd342b644a463d4a0884ea40c2e8d4f5
TESTING: Devstack plugin changes to run scenarios
Adds: Structure for tempest testing
Adds: Required tempest files and configuration for tempest testing
Adds: Octavia clients for communication with the API
Adds: Utilities for tempest testing
Adds: Mock session in method test_update_health_no_status_change of test_update_db
Co-Authored-By: Franklin Naval <franklin.naval@gmail.com>
Co-Authored-By: Madhusudhan Kandadai <madhusudhan.openstack@gmail.com>
Co-Authored-By: min wang <swiftwangster@gmail.com>
Change-Id: Ifd821ad0d94131e7dc42f2a52746ec094cf4153e
This patch adds an optional configuration setting that allows an
operator to restrict the amphora glance image selection to a specific
owner id. This is a recommended security setting for clouds that
allow user uploadable images.
Change-Id: I73347b5b3e868d13974cd6ca6bada9cdf75773fe
Closes-Bug: #1620629
Change default output directory to working directory (systemwide script
would by default try to create images in /usr/bin)
Canonicalize output filename parameter, else relative paths would
generate images in temporary directory)
Clean devstack plugin to use the -o option again
Fix yum package detection ("yum list" reports success if the package
exists in enabled repositories)
Add python-pip to the needed packages (for later pip calls)
Change-Id: Iff22a83f4a73e7aa36ee892773c01f13738f7a43
OCTAVIA_HM_LISTEN_PORT is used for amphore to talk with o-hm.
This port need to be enabled in security group.
Change-Id: I686e49a502a1abf9afa5fc6b10d444fda98dc0d5
The main octavia node will need the OCTAVIA_NODES setting
in the following format to setup the octavia API haproxy
in front of all of them.
OCTAVIA_NODES=main:<ip-address>,second:<ip-address>
Change-Id: I4a88dae4aa47c508559fd7464f127a23b089af2a
This commit introduces a new parameter "OCTAVIA_NODE", which
is standalone by default. Only the main (for ha) or standalone
nodes create resources like accounts, the management network,
images, etc.
We also introduce a multinode vagrant configuration.
A follow up patch will introduce an haproxy in front of the octavia
API endpoints.
Change-Id: I835ee7e0e925232b55f3c14eeed98aeb0f0ce463
DevStack is used mostly for development purposes that
often involve frequent creation and deletion of resources.
That is why having a lot of stale resources like amphorae and
load balancers is quite confusing.
Keeping them around for a week makes sense in production but in
DevStack deployments it is reasonable to decrease expiry age
to 1 hour by default.
Change-Id: I1b78963256467175537caffd46a863da9f5fb018
Devstack plugin creates the health manager port with no device owner.
This is unusual as this value usually has some meaningful value, and
although the port name is quite descriptive, a distro could use the
device owner value to lookup the health manager port.
Closes-bug: #1592007
Change-Id: I8f75c5f70837dbc2f66d3e34c52a39a25614ada3
Aviod warning message:
oslo_config.cfg [-] Option "rabbit_hosts" from group "oslo_messaging_rabbit"
is deprecated for removal. Its value may be silently ignored in the future.
Change-Id: Ibe591f104367e3c3e8d26c7a22be25cf53991599
Otherwise, in a multiple controller devstack deployment, all services
point to localhost, which won't work.
While we're at it I removed oslo_messaging_rabbit rabbit_port, since
rabbit_hosts option overrides the former setting.
Change-Id: Ib3c9b75a24ae9351ac7e6f2b4b748ccd6bcb2236
This patch is part of a series that will allow the deployment
of a simple multinode octavia devstack, where the certs and
ssh keys are uniform over all the controllers.
Orchestrating the deployment of the same ssh keys or certificates
becomes difficult without making use of tools like ansible otherwise.
The provided certificate is valid for 10 years.
Change-Id: I45e8e54d58a725281636a61fdb769265de50d9ba
Remove uncommenting the 'username' option in sample config that actually
does not exist in config since commit 42c12d7e8c5b7dd4ba4f0c7630ad5124f63441e9
Change-Id: I6dc8aef8d2a9f12c6d0a067ecf0b63e532303255
