56 Commits

Author SHA1 Message Date
Michael Johnson
b60b2b2454 Fix the docs page title
Currently the title for the octavia docs page is "Main".
This updates the title to be more descriptive.

This patch also updates the index for Anchor documentation and
our version 1.0 specs.

Change-Id: I1258503b7a778789b77c7ec6c4db1fbd310b6133
2017-01-20 21:43:43 +00:00
He Qing
7468a2a6a4 Remove dumplicated config option 'cert_generator'
There are two 'cert_generator' options in config file. Remove one
of them.

Change-Id: I2daec1baf7832b14e6fe38ee73588bd86d55e060
Closes-Bug: #1629162
2017-01-18 19:21:35 +00:00
Trevor Vardeman
7d933da31e Add quota support to Octavia
Octavia has no quota definitions, but needs them for parity with Neutron LBaaS.
This will provide an endpoint and support for retrieving, updating, and deleting
quotas for projects, as well as adding enforcement of those those quotas.

Adds scenario test that simply validates quotas in a lb graph.

Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Co-Authored-By: Phillip Toohill <phillip.toohill@rackspace.com>
Co-Authored-By: Adam Harwell <flux.adam@gmail.com>

Change-Id: Ia1d85dcd931a57a2fa3f6276d3fe6dabfeadd15e
Closes-Bug: #1596652
2017-01-13 02:45:14 +00:00
Jenkins
59ee58191f Merge "Fix typo in doc/source/api/octaviaapi.rst" 2017-01-05 18:37:36 +00:00
ZhaoBo
8eddb0fd22 Fix multi-typo error in Octavia
This patch fix some typo in Octavia.

Change-Id: I2699f85f07e3207a0438b8127e9992c553fa40fc
2017-01-05 11:56:20 +08:00
da52700
0281872c51 Fix typo in doc/source/api/octaviaapi.rst
Fix typo in doc/source/api/octaviaapi.rst

Change-Id: Ie024bdb865444cc4ff6f757608cb7e650de99589
2017-01-03 17:43:38 +08:00
chen-li
e6507ed080 Add a new API to list loadbalancer statistics
Change-Id: I4521fdaa2f1e2f8f80d5def311ae67937e84479a
Implements: blueprint stats-support
2016-10-16 20:17:24 -05:00
chen-li
5dbff28062 Update listener stats
1. Add request error count
2. Add root element 'listener' in the API response body

Change-Id: I8beb918c176ed848affa264cb036763240d07dcd
Implements: blueprint stats-support
2016-10-09 21:11:42 -05:00
Stephen Balukoff
a27b5c418a Add support for PKCS7 bundles and encrypted keys
This commit adds the ability for Octavia to make use of PKCS7
intermediate certificate bundles. These PKCS7 bundles may be in PEM or
DER format. This feature is being added since barbican specifies that
this is the preferred format for intermediate bundles in secret
containers.

This commit also re-arranges and/or strengthens several of our existing
tests of TLS / SNI functionality and in the process also fixes a bug
where encrypted private keys were not uploaded to amphorae in a format
that haproxy can readily parse. I have also added several sample or
dummy certificates which can be used for an up-coming scenario test
which exercises TLS-termination capabilities of Octavia.

Change-Id: I14e394bbf48456d2e2a7bbefcc777a1b6f4b83e4
Closes-Bug: #1627356
Closes-Bug: #1627367
2016-10-05 19:51:51 -07:00
Stephen Balukoff
47bc57901a Add a cookbook for basic load balancing
While Octavia is capable of doing many things, we presently lack a
simple, straight-forward guide for doing some of the simpler end-user
tasks with load balancing. This commit adds just such a guide.

Change-Id: I30628484893ae9c043e5833f480b99d185e4d362
Closes-Bug: #1558372
2016-09-27 00:02:39 +00:00
Stephen Balukoff
1360c197c9 Adding introduction and developer quick start docs
Octavia is currently missing any documentation designed to help
new developers and operators understand what we're doing with the project
or how to get started using and contributing to it. This patch set aims
to correct this problem.

Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Co-Authored-By: Leslie Lundquist <llundquist@us.ibm.com>
Closes-Bug: #1558368
Change-Id: Idaa37277bd342b644a463d4a0884ea40c2e8d4f5
2016-09-26 14:17:36 -07:00
Stephen Balukoff
bad9b35c3a Add L7 user guides
This includes both an overall description of L7 load balancing as
implemented in Octavia, as well as a cookbook for common L7 usage.
Both of these documents are aimed at end-users.

Change-Id: I01c4484e2276257c97cfb6ba02d6224a25cdbc80
Closes-Bug: 1558377
2016-09-15 01:55:29 -07:00
Michael Johnson
571578c7f3 Update config reference to use auto generate
This patch updates Octavia docs to use the oslo_config.sphinxext
integration to generate the configuration reference.

This patch also links in the "guru meditation report" document.
This document has been present, but was not linked.

I also reorganized the specs to reflect the correct release versions.

Change-Id: Icaf710c1c61277f3ca51efac45a3a80a0d3cce8f
2016-08-25 22:02:08 +00:00
Michael Johnson
7ba33e6ee4 Fixes failover flow with namespace driver
This patch updates the haproxy service scripts to handle the case
where the network interfaces have not yet been plugged.  This can
occur in a failover situation.
This patch also makes sure we don't move the management lan interface
into the network namespace.

Closes-Bug: #1509706
Closes-Bug: #1577963
Change-Id: I04d267bd3cdedca11f0350c5255086233cba14ec
2016-08-19 17:48:46 +00:00
Jenkins
fd8d8f8800 Merge "Fix some typos in the haproxy-amphora-api.rst" 2016-08-12 19:41:15 +00:00
Michael Johnson
bc2e9beb3a Adds a process to generate key flow documentation
Octavia extensively uses TaskFlow flows for orchestration.
To make it easier for developers to understand these flows,
this patch adds a mechanism for generating graphviz representations
of the key Octavia TaskFlow flows.
It also updates our tox docs task to generate this documentation.

This patch depends on a fix to the TaskFlow export_to_dot method.

Added into conf.py as first step of configuration

Closes-Bug: #1561063
Change-Id: I914e1c062b400148565def37ccf618b3d2ea2573
Depends-On: I99f87af0b2bed959fcb43ef611b3186e23bd9549
2016-08-10 21:39:38 +00:00
zhangyanxian
cb6be8e2c3 Fix some typos in the haproxy-amphora-api.rst
Change-Id: I0252cf856924c7546ae76fffd9550e85cffe32a7
2016-08-10 01:02:33 +00:00
Elena Ezhova
d73df70d85 Cleanup deleted load balancers in housekeeper's db_cleanup
When load balancer is deleted the corresponding DB entry is marked
as DELETED and is never actually removed along with a VIP
associated whit this load balancer.

This adds a new method to db_cleanup routine that scans the DB for
load balancers with DELETED provisioning_status and deletes them
from db if they are older than load_balancer_expiry_age. Corresponding
VIP entries are deleted in cascade.

Added new config option `load_balancer_expiry_age` to the `house_keeping`
config section.

Also changed the default value of exp_age argument to
CONF.house_keeping.amphora_expiry_age in check_amphora_expiry_age
method.

DocImpact
Closes-Bug #1573725

Change-Id: I4f99d38f44f218ac55a76ef062ed9ea401c0a02d
2016-07-07 03:03:03 +00:00
Jenkins
140cfca29b Merge "[docs] Fixes to octavia-api docs" 2016-06-07 21:38:43 +00:00
Elena Ezhova
c6a9be4b74 Fix vrrp_success_count help string
Change-Id: I56335b03eddc8c6559e3e279d8ef62922d4eeecf
2016-06-03 14:17:37 +00:00
Elena Ezhova
2a2e1f5ec7 [docs] Fixes to octavia-api docs
Fixes descriptions for a couple of parameters

Change-Id: Ic7506b1ac9fe1be2d1d3fc48630f376a91171441
2016-06-03 17:11:52 +03:00
Kobi Samoray
2194758bcf Implement custom header support for Octavia
Implements support for custom header insertion in Octavia.
A listener may be configured to insert custom headers which are
supported by Octavia. Currently implemented support for
X-Forwarded-For header, and X-Forwarded-Port

Change-Id: I784f4939225c3acef362fcb5df57e77dbfb0f774
2016-05-23 08:34:16 +03:00
Michael Johnson
5d45ce9e41 Adds documentation for the Octavia configuration
This patch moves the Octavia configuration option documentation
into the Octavia repository.  The OpenStack docs team deleted
this documentation from the Mitaka release[1]. The Octavia
team finds value in this documentation so we are moving it into
our repository.

[1] https://review.openstack.org/#/c/259889/

Change-Id: I4fcc2a7dc8fa3ef343456d98202ea7d4f9cd1289
2016-03-18 00:23:59 +00:00
Trevor Vardeman
f828a9b3e5 Single-Create Documentation
Since single-create utilizes the existing objects already documented, I added an
example for the request and response, and indicated to look for more details
in the appropriate object's section.

Change-Id: Icdf7f21867457e22086f9c44ab657f95617bee1a
Closes-Bug: #1551428
2016-03-10 17:37:13 -06:00
Jenkins
178f13b930 Merge "Update doc to make it consistent with the actual api" 2016-03-08 20:20:34 +00:00
Jiahao Liang
8161b885f3 Update doc to make it consistent with the actual api
Closes-Bug: #1552965

Change-Id: I160fb31d40849230010caedd4f79e5cc7c86661a
2016-03-04 14:13:14 -08:00
German Eichberger
62cb739f8e Adds the Cascade Deelete REST API doc
Change-Id: I7dbbb95ae327abb24a3d25376020be41375a4609
Closes-Bug: #1551436
2016-03-02 13:16:53 -08:00
Stephen Balukoff
71c98e72d8 Fix health monitor URL in API documentation
After looking into bug reports of health monitor URLs not
working after the shared pools patch, I was able to verify that
they do in fact work, but that the legacy documentation was wrong.
(This is after checking both the state of Octavia's documentation
and API code prior to the shared pools patch, and checking the
neutron-lbaas octavia driver in master right now.)

This patch updates the octavia API documentation to list the
correct new and legacy URLs for doing health monitor CRUD operations.

Change-Id: I632a0a50de0320ed316ef0bf180b8d7e788f746a
Closes-Bug: 1543364
Closes-Bug: 1543366
2016-02-23 20:13:32 -08:00
Stephen Balukoff
6cd2ca505c Add L7 documentation
This commit adds documentation for the API changes involved in
adding L7 polcy and rule functionality to Octavia. It is the last in
a chain of commits designed to keep the size of each individual commit
manageable / reviewable.

Change-Id: I1f01a2b546dabc8dc8ad3cf512f7be9276243e74
Partially-Implements: blueprint lbaas-l7-rules
Partially-Implements: blueprint layer-7-switching
2016-02-23 17:59:21 -08:00
Franklin Naval
460db136c4 Octavia: API docs Entity Status Fix
* entity statuses were reversed
* added new operating status: NO_MONITOR

Closes-Bug: #1544310

Change-Id: I42f6db569dc266c60dac4a666df053ca3016f555
2016-02-10 16:09:00 -06:00
Stephen Balukoff
c3e97b7630 Shared pools support
This patch introduces shared pools functionality to
Octavia. This means that with this patch, listeners and
pools will have the ability to have a N:M relationship
instead of a simple 1:1 relationship, although they must
still be associated with the same loadbalancer object.

This patch includes a schema change to the database: pools
are now associated directly to loadbalancers instead of
listeners. The migration in this patch includes ETL which
should populate this new field in the pool table correctly.

Extensive API changes were necessary to facilitate this
change. However, all the changes to the API should be
backward compatible.

This patch is a necessary precursor to adding L7 switching
functionality to Octavia.

Partially-Implements: blueprint lbaas-l7-rules
Partially-Implements: blueprint layer-7-switching
Change-Id: I797c718412e756be067dd4c304c989a4d43bb8ef
2016-02-04 23:15:59 -08:00
venkatamahesh
206f5738fe Fix misspellings
Change-Id: I675452fcc43e778f74bdf4bf5615c100d72ce8bf
2016-02-04 14:33:44 +00:00
LiuNanke
fc5f1d3c03 Replace deprecated library function os.popen() with subprocess
os.popen() is deprecated since version 2.6. Resolved with use of
subprocess module.
Closes-bug: #1529836

Change-Id: Ibdb8f13462e8416097006e19eb2214425364910e
2016-01-09 20:07:04 +00:00
Brandon Logan
969f811bd4 Rename tenant_id to project_id
Since openstack is going through renaming tenants to projects
it is best that we do this now while its easier before it becomes
bigger and harder to do.

This also adds project_id to the health_monitor table and models
since this seemed like an oversight.

Change-Id: Icc8034dcb517a3f8d218d83c94e4a2dcc977cc29
2015-12-07 15:39:55 -06:00
Jenkins
86b4f8dcec Merge "Amphora Flows and Drivers for Active Standby" 2015-12-04 16:26:08 +00:00
Sherif Abdelwahab
58cda714ba Amphora Flows and Drivers for Active Standby
This patch implements the Active/Standby blueprint in
https://blueprints.launchpad.net/octavia/+spec/activepassiveamphora

The following points describe the main changes:

1. The patch introduces new flows and subflows to create M amphorae. The
controller worker parses the loadbalancer_topology configuration. If the
loadbalancer_topology value is ACTIVE_STANDBY, the controller invokes a new flow
independent from the SINGLE topology case, which is left untouched. The new
flow uses conditional taskflows to check for spare amphorae at runtime. This
removes the need for the exception workaround we earlier had. The controller
creates the amphorae in parallel using an unordered flow. A new database task
alter an amphora role as either MASTER or BACKUP and assigns a VRRP priority to
each amphora. After the amphorae are created, the controller invokes a separate
flow for post amphora configuration including plug_vip methods, vrrp
configuration upload, and keepalived service start.

2. The patch introduces new data models that include a new table for VRRP group
configuration per loadbalancer, and update the amphora, loadbalancer, and
listener tables to support the new active/standby capability. The VRRPGroup
table hides authentication data, and makes future extensions of VRRP
capabilities easy.

3. This patch updates the existing Haproxy configuration templates  to include
peer synchronization. In case of ACTIVE_STANDBY configuration, the jinja
configuration renders the peer section in the Haproxy configuration and assigns
short names to the amphorae as listener peers. As listeners implies different
Haproxy process, each listener synchronizes on a different port evaluated as
BASE_PORT (1024) + NUMBER_OF_LISTENERS accounting for ports in use.

4. This patch introduces a new Jinja configuration templater and a REST driver
for Keepalived (developed as a Mixin). By default, Keepalived runs "all" check
scripts found in a predefined directory. The keepalived driver is a Mixin that
can be plugged in other services' drivers. It is the responsibility of these
services drivers to introduce their own check scripts. In this patch a
lightweight check script for Haproxy was introduced along with changes in the
amphora agent installation script.

5. The VRRP requires enabling protocol 112 for Master/Backup advertisements,
and enabling protocol 51 for authentication header. This patch enables these
protocols as needed in the loadbalancer security group.

Note: Updates to the failover flow to support active/standby will come in
a dependent patch.
Note: The amphora-agent is pinned to this patch in this patch set.  This
is required so the scenario tests will pass.  It will be removed in a
follow up patch.

Co-Authored-By: Sherif Abdelwahab <sherif.abdelwahab@hp.com>
Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Implements: blueprint activepassiveamphora
Depends-On: Ifdf20378b26cdd13e0a3ff87cec8990fe89c0661
Change-Id: Ic4e04594e114ba682088d68d5f1af3f8f376db83
2015-12-03 23:27:20 +00:00
bharath
d2072ae0ae Anchor support to Octavia
Use Anchor for certificate signing to make the octavia communication
more secure. Anchor Ref url: https://github.com/openstack/anchor

Co-Authored-By: bharath <bharath.stacker@gmail.com>
Co-Authored-By: German Eichberger <german.eichberger@hp.com>

Change-Id: Id77b2b1540377db661f15d4eeafc4922f446d987
2015-12-03 10:06:04 -08:00
Bertrand Lallau
d5e0811926 Add Guru Meditation Report feature
Oslo_reports enables OpenStack projects to dump Guru Meditation
Reports with useful debugging information to files or stderr.

Closes-Bug: #1514504
Change-Id: Id35fb7dc8c31f304cbf1d9cca0d21b9d5e97865a
2015-11-13 12:03:19 +01:00
minwang
4d12d47752 Update Octavia’s Operator API Docs
This patch is to update the octavia operator api doc
(http://docs.openstack.org/developer/octavia/main/octaviaapi.html),
 in this patch we updated the requests and responses content
for each section, such as lb, listener and etc.

Change-Id: Id0f734cb900b3f5e812849ff73e6ca97a8add8eb
2015-11-06 10:36:50 -08:00
Stephen Balukoff
cf79c701de Minor restructuring of documentation tree
This restructuring should hopefully make better sense of the
documentation currently available. This is in preparation for
bringing the version 0.5 component documentation up to date and
adding a getting started and installation guide.

Change-Id: Ie1e27bab4d2b8d7d033f75750fda842dd9dd3de7
2015-10-07 15:00:58 -07:00
Brandon Logan
3b23de32b8 Plug vip and networks by port mac address
Co-Authored-By: German Eichberger <german.eichberger@hp.com>

Change-Id: Ic6206a97ad67f6364d850e033760ee60d7161f6f
2015-09-09 01:58:19 +00:00
German Eichberger
0df52a7a84 Adds the reload on cert change
Adds the functionality to reload the REST agent  when
the certificat to communicate with the controller
changes.

Change-Id: Ifda7ddce5979237b8c00a22a24f73d3c6f993f07
2015-08-06 08:43:07 -07:00
Jenkins
d1e7d31b55 Merge "Adds policy based routing for the amphora" 2015-08-06 15:17:43 +00:00
Michael Johnson
fcc5dcf6e0 Adds policy based routing for the amphora
1. Creates a new element for pyroute2
2. Adds this element to the amphora image
3. Updates the amphora REST interface to pass additional network information
4. Creates the policy based routes and rules on the amp during plug vip
5. Updates the REST API spec

Change-Id: Ibd622ec302cf78c12ae2bd5d76d012ab619939a6
2015-08-05 17:27:56 +00:00
German Eichberger
a62b31ded3 Adds method to update server.pem to Amphora REST spec
In case the certificate for communicating between controller
and amphora expires we need to fail over to a new amphora
right now. This will add a way to change it in place.

Change-Id: I411eafa462976fb4878797fb4812351229feb81e
2015-07-30 16:15:49 -07:00
German Eichberger
1c15a79ebf Adds plug VIP and plug Port to spec
Change-Id: Ic983b184ecac5a37994ee4115a026b42224c3e1a
2015-04-21 14:36:34 -07:00
German Eichberger
e6b9f88fb1 Fixes some inconsistencies
* Fixes inconsistent 404 error messages
* Made status more precise
* Added 404 to upload cert
* Changed start/stop/reload to 202

Change-Id: Ic6c56deea8dcb599e4768aecb5ad8a04e0e69022
2015-03-25 15:53:17 -07:00
Stephen Balukoff
e9a1fe240c Specification of reference haproxy amphora API
Contains the specification of the initial version of
the haproxy amphora RESTful API. Note that this is likely
to be expanded upon later as amphora lifecycle concerns and
network integration strategy become more concrete.

Implements: bp/appliance-api

Change-Id: Iecc2149c5c89fbdc98a3657f32940b30c8169fdb
2015-02-17 11:23:14 -08:00
Brandon Logan
9b989e2f8a Adding network driver interface
Definition of network driver interface.  Also removed
the floating_ip attributes of VIP because they are not
needed at this point.  Also renamed net_port_id to just
port_id and subnet_id to network_id just to be a little
bit more generically clear.

Change-Id: Ic82cb2ab25fbba7dc8caa875552f4caeafb0e4af
Implements: bp/network-driver-interface
2015-01-12 22:40:39 -06:00
Trevor Vardeman
cea3d20381 Creation of Octavia API Documentation
Added operator api documentation file

Change-Id: I13a3258200b807f1d011b25574e40affbc9f29d1
2015-01-09 10:20:44 -06:00