The python blockdiag module is unmaintained and will likely be removed from distros.[1]
This patch removes mention of blockdiag from Octavia as it is unused.
[1] https://github.com/blockdiag/blockdiag/pull/171
Change-Id: I88371364b88bec5f1fd42d6ade8b316be3130f3f
Update doc according last improvements on HM for the OVN
provider. Also point to ovn-octavia-provider repo for doc,
instead to networking-ovn.
Change-Id: I8b83e06c89abcc9100085357c2dc265e3178d1c5
Removing the amphorav1 provider, it was deprecated in Zed and can now be
removed in Bobcat 2023.2.
Change-Id: I2ecfc0f40549d80b3058b76c619ff4ef35aadb97
Stop failovers if the count of simultaneously failed
amphora reaches the number configured in the new
failover_threshold option.
This may prevent large scale accidental failover events,
like in the case of network failures or read-only
database issues.
Story: 2005604
Task: 30837
Co-Authored-By: Tatsuma Matsuki <matsuki.tatsuma@jp.fujitsu.com>
Co-Authored-By: Tom Weininger <tweining@redhat.com>
Change-Id: I0d2c332fa72e47e70d594579ab819a6ece094cdd
This patch creates tasks for load balancer notifications and adds them to the amphora loadbalancer create/delete/update flows.
Change-Id: I287d89cd83e91473f1375788c969521aa58ca567
This patch moves the system scope configuration in the policy override example files out to a separate override file. This way the new default roles can be enabled independently of system scoped tokens. This helps us align to the changes in the secure-RBAC spec[1].
[1] https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html
Change-Id: I1b41780f3ca84ceca563d668ae8bb40011a60bf4
Copy/paste issue was present, so if following guide you would override
client CA key created on step 9 while generating
client key for certificate.
Change-Id: Icc06b48cfe57929030218555ab4b19b1db1ff68a
Parts of the documentation about log offloading repeated itself.
I added a new "Failover Considerations" section that focuses on that
topic specifically. Therefore, other sections no longer need to show
multi-server configurations.
The new section contains recommendations about
log_retry_count and log_retry_interval values for failover
configurations as well.
Story: 2009876
Task: 44599
Change-Id: If71fce80329fe772c8248bc2eb4445ea15680c5d
This patch adds a new protocol for listeners called "PROMETHEUS" that exposes
a Prometheus endpoint. This allows detailed metrics collection from Octavia
load balancers.
Change-Id: I3e27e4e57ad955bcd7728426c91f05171a46ef7f
Openssl genrsa is deprecated in favor of genpkey, and fails in FIPS mode.
Update the relevant calls to use genpkey instead.
Change-Id: I1aab9faa8afe845e445e620d1800785d2e19ad1e
Remove test-requirements.txt from docs dependencies, add hacking in
doc/requirements. It should reduce the duration of the docs job.
Removed some comments that disabled consider-using-with in pylint,
most of the flagged code is now considered as false positive.
Change-Id: Ib550542820163be2bbef97df7b090834a6b6dccd
Several edits from early January 2021.
Tech review edits from two devs incorporated. Thanks!
Additional comments from Brian added. Thanks!
Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Change-Id: Iddcbe83dc4b3fec796ac94339f2839818890ab2f
Spare pool feature was deprecated in Victoria, we decided to remove it
during the Xena release cycle.
Change-Id: I830c6a4c49fa47105f788cf99a0f775e5dbdcaea
The healthcheck endpoint should cache results to reduce the potential load on the backend systems being tested.
This patch adds the caching and a configuration setting for the interval
between cache refreshes.
Change-Id: Ic97a991437144f3a220d9b96839cec5b63565f8c
Story: 2008203
Task: 40987
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:
1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.
2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.
[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
Change-Id: I8b78c7b640ab18ddfc809cb4603decc739d494d1
Also removed a block of shell code in install-ubuntu.rst,
because the block triggered an error in the doc job and it was unused.
Change-Id: I41033e8cd9710a91b9502db11577b1f1cb85fa46
Add SCTP support in the Amphora (with keepalived).
Add amphora-health-checker script for customized SCTP health checks
(INIT/INIT-ACK/ABORT).
Change-Id: I30997ae6cc6b8ec724f0e9dcfdfe49356b320ff4
Story: 2007884
Task: 40932
ALPN is a TLS extension for application-layer protocol negotiation
within the TLS handshake [1].
This patch extends the Pool API to include a new 'alpn_protocols'
parameter. With this parameter, users can set an ALPN preference list
(descending order of preference) to be advertised by load balancer to
members.
This patch also adds HTTP/2 over TLS support to TLS-enabled pools to the
Amphora provider driver, although default the pool ALPN protocol list
configuration setting has HTTP/2 disabled similarly to the default
listener ALPN protocol list value added in Victoria release.
[1] https://tools.ietf.org/html/rfc7301
Change-Id: I91924486bab22601c15c538c8a5282ad8bc54700
Add SCTP support in the API for listeners, pools, health-monitors
resources.
Story: 2007884
Task: 40255
Change-Id: I57a3c528a20943724bdcd36422c689f496068330
Use of the spares pool was originally recommended to increase provisioning
speed, but since Nova's server groups do not support adding existing VMs,
Octavia cannot support use of the spares pool with the Active-Standby
topology. Since this is our recommended topology for production deployments,
and speed is less essential in development/testing environments (the
only place we could recommend the use of Single topology), the overhead of
maintaining spares pool support exceeds its theoretical usefulness.
Change-Id: I7375e9758c7ae80e2370189117e8e63c79446490
This patch adds support for the proxy protocol v2 on pools.
Depends-On: https://review.opendev.org/747296
Change-Id: Ic112c5e71ee9b6433b307fdf27059f217ba4136e
Story: 2005611
Task: 30858
As Octavia allows to use RedisTaskFlowDriver or
ZookeeperTaskFlowDriver we should install python clients that
allows to work with redis and zookeeper backends.
Story: 2007892
Change-Id: I7312c8c1057618e909339aa7a4dfeb836f4b8f33
This patch will update the amphora v2 code for the failover refactor[1].
[1] https://review.opendev.org/705317
Change-Id: I43803d0b750e8ca4722ababe296f2725148da405
ALPN is a TLS extension for application-layer protocol negotiation
within the TLS handshake [1].
This patch extends the Listener API to include a new 'alpn_protocols'
parameter. With this parameter, users can set an ALPN preference list
(descending order of preference).
Presently, the amphora provider driver is limited to http/1.0 and
http/1.1 ALPN protocol IDs. Support for "h2" (HTTP/2 over TLS) depends
on HAProxy 2.0 or newer.
[1] https://tools.ietf.org/html/rfc7301
Change-Id: If08a8169498cdfaa75440e8971ba0caff45ac4c4
