This patch checks if HTTPS configuration is enabled in Apache to
determine if the websocket protocol should switch from 'ws' to 'wss' or
not.
Change-Id: I738652373604966b6df079e45a0ad26c83e21688
Closes-Bug: #2039490
Patch out charmhelpers.osplatform.get_platform() and
charmhelpers.core.host.lsb_release() globally in the unit tests to
insulate the unit tests from the platform that the unit tests are being
run on.
Change-Id: I25df688c9ec07168b825815b1e1c27ecf2673d2b
The was removed from upstream nova in the 2023.2 cycle
via commit 5edd805fe2395f35ecdfe5b589a51dc00565852f.
The nova release note states:
The ``AvailabilityZoneFilter`` was deprecated for removal
in 24.0.0 (Xena) and has now been removed.
The functionality of the``AvailabilityZoneFilter`` has been
replaced by the``map_az_to_placement_aggregate`` pre-filter.
The pre-filter was introduced in 18.0.0 (Rocky) and enabled
by default in 24.0.0 (Xena). This pre-filter is now always
enabled and the ``[scheduler] query_placement_for_availability_zone``
config option has been removed.
This change also syncs the charm-helpers change from:
https://github.com/juju/charm-helpers/pull/850
Closes-Bug: #2037751
Closes-Bug: #2036766
Change-Id: I315900a7e32ec66b27fa69961e9b7dcb9fa1f949
This new interface consumes information exposed by openstack-dashboard
to correctly configure nova-serialproxy and allow requests coming from
the web browser that tries to load the serial console.
Change-Id: I2d82abffb9649f16a792f180806cea36cc5e25df
Closes-Bug: #2030094
Using affinity/anti-affinity policies sometimes we get into a race
condition on the resources that are available on the hypervisors.
This flag allows to increase the number of retries and hence hosts
to schedule on and therefore allowing the successful scheduling
of instances.
This option was taken from the following URL, while future work
with placement is done to help with scheduling with affinity
https://docs.openstack.org/nova/latest/admin/troubleshooting/affinity-policy-violated.html
Signed-off-by: Arif Ali <arif.ali@canonical.com>
Change-Id: I353dbaa38eb0526014888ede27702b428eb66afd
It's useful to force instance creations to fail if ephemeral drives are
requested when cloud admins want users to use persistent volumes always.
Closes-Bug: #1953561
Change-Id: I1c958b4bcf79512c06de6d81fe55c681bb5f38a7
By default resizing an instance to the same host as the source is
not enabled. This change adds new charm config option that maps
directly to the nova.conf setting which effectively gives a user
possibility to enable/disable this functionality.
Closes-Bug: #1946620
Change-Id: I13d0c332cd0b110344b7a1645e3e4fd250fce33a
The mock third party library was needed for mock support in py2
runtimes. Since we now only support py36 and later, we can use the
standard lib unittest.mock module instead.
Note that https://github.com/openstack/charms.openstack is used during tests
and he need `mock`, unfortunatelly it doesn't declare `mock` in its
requirements so it retrieve mock from other charm project (cross dependency).
So we depend on charms.openstack first and when
Ib1ed5b598a52375e29e247db9ab4786df5b6d142 will be merged then CI
will pass without errors.
Depends-On: Ib1ed5b598a52375e29e247db9ab4786df5b6d142
Change-Id: Id925078c5c04c2f89a570bdf7171c666839f9e40
stestr runs tests in parallel and this can cause issues with locking
when SQLite is not mocked out properly and gets used in a test. This
patch just switches Storage to use :memory: so that locking does not
occur.
Closes-Bug: #1908282
Change-Id: Iaa1c7b78dee498e0cc6dc6fccf12e74f22225ecd
Includes updates to charmhelpers/charms.openstack for cert_utils
and unit-get for the install hook error on Juju 2.9
* charm-helpers sync for classic charms
* rebuild for reactive charms
* ensure tox.ini is from release-tools
* ensure requirements.txt files are from release-tools
* On reactive charms:
- ensure master branch for charms.openstack
- ensure master branch for charm-helpers
* Remove unit_get mock from unit tests as not in charmhelpers context
Change-Id: Ic828c8d6dd45148a1684c74d3f2b2157cfe6bbc4
This commit introduces a new charm option allowing operators to override
the hardcoded 0.0 that disabled hypervisor demotion on build failures
from pike onward.
In certain environments it may be preferable to retain the upstream
behavior of letting the scheduler work around malfunctional computes and
favor instance building reliability at the cost of a potentially uneven
load distribution.
Change-Id: I2faa5ab8cd505a9d61a9fa26e1b08d16b0c795fb
Closes-Bug: 1892934
Ensure that the public endpoint binding is used to resolve the
path to the SSL certificate and key files as the base access
URL for console access is always via this binding.
Add unit tests to cover the InstanceConsoleContext class.
Change-Id: I27de9445d249b0d670543d250bd02f450764a10f
Closes-Bug: 1871428
New config option count_usage_from_placement is added in Nova from
Train release to enable/disable counting of quota usage from placement
service. Corresponding config parameter is required in nova-cloud-controller
charm.
This patch introduces quota-count-usage-from-placement config parameter in
nova-cloud-controller charm. For openstack releases train or above, this
option is rendered in nova.conf for nova-cloud-controller units.
func-test-pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/250
Change-Id: I57b9335b7b6aecb8610a66a59cb2e4e506e76a5e
Closes-Bug: #1864859
Enable PCI Passthrough Filter if neutron-api charm has enabled
support for hardware offloading.
Change-Id: I0ccb4366b03557b316da1507015112c7f378176e
Depends-On: I1f59012ad2d16af18ca310906f6c6b537bb7ec72
Allow attach between instance and volume in different
availability zones. If False, volumes attached to an
instance must be in the same availability zone
in Cinder as the instance availability zone in Nova.
Change-Id: I21df8e0dfa585133c5ef6a55cdbbc2071c267424
Closes-Bug: #1856776
This commit introduces option osapi_compute_unique_server_name_scope
which allows operators to ensure VMs are created with unique names per
project or cloud.
Change-Id: Idacb60bb31cd60cb1deaec7cb3ec061f0c04da24
Closes-Bug: #1829782
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@canonical.com>
The placement project has split from nova into its own project
in Train. This patch disables the nova placement API as of Stein
when the placement charm relatation joins, and discontinues
nova placement installation as of Train for new installs.
Change-Id: If7c37ef8936e418b5afd21d83c9322563348cbcf
Needed-By: https://review.opendev.org/#/c/687915/
Partial-Bug: 1811681
When using DVR and L3HA neutron deployment options,
Nova API Metadata requests are served from compute nodes,
instead of from neutron-gateway nodes.
This change allows nova-cloud-controller to send vendor_data
configuration values to nova-compute charm relation so it
can write to nova-compute's nova.conf appropriately.
Replaced the existing context logic with inheritance
from a new context created in charm-helpers, so the
logic can be shared across several charms that write
vendor metadata to nova.conf and vendor_data.json.
Also, small fix in the vendor-data and vendor-data-url
descriptions, where it was incorrectly stating that such
configuration would be effective in nova-cloud-controller
on Queens release.
The values set in vendor-data and vendor-data-url config
options will always be propagated to nova-compute regardless
of the OpenStack release. Those values will continue to only
be effective in nova-cloud-controller nodes on Rocky release
or later.
Included sync of charm-helpers code in order to inherit
the refactored vendor metadata contexts.
Change-Id: If8373fc6b2d04dbc29ed07896d385ac920cae3f4
Depends-On: I0c79e1bfac9fbe7009a7e862ad010cfa2de8cfda
Closes-Bug: #1777714
For novnc, need to set novncproxy_port in proxy nodes and
novncproxy_base_url in nova-compute nodes.
For xvpvnc, need to set xvpvncproxy_port in proxy nodes and
xvpvncproxy_base_url in nova-compute nodes.
For spice, need to set spicehtml5proxy_port in proxy nodes and
spicehtml5proxy_base_url in nova-compute nodes.
When release >= Mitaka, novncproxy_port and xvpvncproxy_port
are moved from [default] section into [vnc] section.
spicehtml5proxy_port is renamed to html5proxy_port and moved
to [spice] section.
So eventually the console access port can be customized by:
juju config nova-cloud-controller console-access-protocol=novnc
juju config nova-cloud-controller console-access-port=xx
If console-access-port is not defined, then default port is 6080
for novpc, 6081 for xvpvnc, 6082 for spice.
Change-Id: I4775ad42ba11b0c28163bf7e3718c56d18a2031f
Closes-Bug: #1800753
Signed-off-by: Zhang Hua <joshua.zhang@canonical.com>
Remove support for single-nova-consoleauth operation; this option
managed a single instance of the nova-consoleauth process across
a cluster nova-cloud-controller application using the hacluster
charm. This proves somewhat racey on deployment as the ocf resource
deep checks the operation of nova-consoleauth including connectivity
to AMQP etc.. If the clustering of the service occurs before
other principle relations have been completed, the resource will
fail to start and the hook execution will spin, never returning.
HA deployments should always use memcached to share tokens between
instances of the nova-consolauth daemon; If the 'ha' relation is
detected, then ensure that a memcache relation is then required
for charm operation.
To support evaluation of the memcache relation completeness
the memcache specific code in InstanceConsoleContext was split out
into a new memcache specific class RemoteMemcacheContext.
Existing pacemaker resources will be deleted on upgrade; units will
move into a blocked state until a relation is added to memcached.
The nova-consoleauth service is resumed on upgrade to ensure that
instances run on all nova-cloud-controller units.
Change-Id: I2ac91b2bd92269b761befeb7563ad01cc5431151
Closes-Bug: 1781620
Make the default set of scheduler filters conditional on the release
being deployed; For Pike or later the CoreFilter, RamFilter and
DiskFilter are superfluous to requirements as this filters are in
effect completed by the Placement API.
Add DiskFilter to list of filters for older OpenStack releases.
Change-Id: Iddb4f1f068b982dcd9a70b11b89df1be9f8aaf20
Closes-Bug: 1731302
Closes-Bug: 1732164
Ensure that the haproxy context reflects the services associated
with the specific release of OpenStack being deployment.
< kilo: ec2 and s3 services deployed
>= ocata: placement service deployed
Change-Id: I0d44aa361595f777df625d3a4a0f2a0cd2f81660
Closes-Bug: 1811398
Align formatting of vendordata_providers configuration for nova
with changes in neutron-gateway; values must be strings, delimited
by a comma.
Change-Id: I5293edd77387347f8c012521f4bdeffadc919438
Closes-Bug: 1810953
This change implements a new option in config.yaml that allows
services to come up disabled and be manually enabled later.
Change-Id: I345b56e347b63650ee3df07773ccb2e333610355
Closes-Bug: #1758776
Prior to this, the charm config did not support default quota
configurations for compute (ie. instances, compute, ram, etc.).
Default quota configuration changes will not impact existing
projects with modified quotas. Only new projects and projects with
unmodified quotas will adopt the defaults in the configuration file.
The following default quota settings were added:
instances
cores
ram
metadata_items
injected_files
injected_file_content_bytes
injected_file_path_length
key_pairs
server_groups
server_group_members
The functional test added checks that nova.conf quotas are set in
the correct section of the file.
Change-Id: Iae8c84dbfec97e1879d51963125f7674ea20ba22
Closes-Bug: 1386911
Some major changes:
* the charm has been rebased (from a Python perspective) to be rooted in
the charm directory. This is a single root.
* Imports have been changed so that the don't add lots of imports to the
namespace of the module doing the import.
* The code that used to run at module import time has been made lazy
such that it only has to run if the relevant functions are called.
This includes restart_on_change parameters, the harden function and
the parameters to the guard_map. Appropriate changes will be
submitted to charm-helpers.
* Several tests had to be re-written as (incorrect) mocking meant that
text fixtures didn't actually match what the code was doing. Thus,
the tests were meaningless.
* This has had a net positive impact on the unit tests wrt to importing
modules and mocking.
Change-Id: Id07d9d1caaa9b29453a63c2e49ba831071e9457f
In a cells deployment its possible that the top-level
nova-cloud-controller will have no compute nodes associated with it.
This change fixes the work load status in that scenario.
There is also a drive by fix to return empty contexts for the cell
db and amqp contexts if the relation do not yet exists.
Change-Id: Ia8eeccb6794dd016185eb0cfb05339b76cef9348
Allow json lists to be passed in via the pci-alias charm config
option so that multiple aliases can be set.
Increase amulet timeout due to gate failures
Change-Id: I3b5ea70224536f8d40f9c04482fa676c2b230bdd
Partial-Bug: #1735205
Add a service for handling nova metadata api services. This was
previously handled by the neutron-gateway and still is for
deployemnts up to and including Pike, For the neutron metadata
service and the nova service to communicate they need a shared
secret. To achieve this, the change includes:
* A charmhelper sync to get support for multiple wsgi vhosts
* Rendering new wsgi vhost and corresponding haproxy config.
* Setting a shared-secret down the relation with the neutron
gateway.
* Remove fragile keystone authtoken checks as they are failing
after a ch sync and any issues will be caught by the instance
launch functional test.
Change-Id: I5ad15ba782cb87b6fdb3c0941a6482d201670bff
Fixes code that inadvertently interprets strings as
booleans resulting in them always being True.
PciPassthroughFilter will now only be added to
scheduler_default_filters if sriov is enabled.
Change-Id: Ie2c79e98d7880e8172ac7e77febb51af04732bec
Closes-Bug: 1730369
We already support configuring ram and cpu overcommit so
this patch adds the ability to control disk overcommit.
Change-Id: Ib172e8b48cb34de4beb9cec1a277dc43ded36eed
Closes-Bug: 1726346
Update all nova-manage commands to use subprocess.check_output()
and log subprocess.CalledProcessError.output on failure. This
will help capture nova-manage error details on first failure.
Specify cell1 uuid on discover_hosts call. This doesn't change
behavior, it is just more explicit and useful if we move to
multiple cells in the future.
Introduce an is_cellv2_init_ready() function that uses contexts to
check if cells_v2 is ready to initialize. This cleans up the
corresponding TODOs.
Move checks for cell v2 init readiness to update_cell_db_if_ready(),
also cleaning up corresponding TODOs.
Change-Id: I313edce84d3d249031e020a4fbb4baf216c01ddb
Related-Bug: 1720846
When the percona-cluster charm sets an access-network but the default
unit-get address is not on that network extra shared-db relations get
executed. This is specifically a problem when running upgrades and
trying to avoid API downtime.
The root cause is that the access-network is not checked until the
SharedDBContext is consulted. But then db_joined function will
change it back to the wrong ip on subsequent runs.
This change adds a check for access-network on the relation during the
db_joined function and pushes IP selection off to get_relation_ip.
Charm helpers sync to pull in changes to get_relation_ip.
Partial-bug: #1677647
Change-Id: Ifd4e975d9abbb9f7a8b0f12c8f0a8cf8f78595b6
Support access to instances via optionally enabled serial console
feature provided in Nova.
Seria console access is enabled using a new config flag; this flag
plus the required base_url for the nova-serialproxy are also passed
over the cloud-compute relation for use in nova-compute units.
This is only supported in OpenStack Juno or later, and replaces
the standard output to the nova console-log.
Change-Id: I3bfcca88bd6147be337e6d770db7348170b914e6
For OpenStack >= Liberty EC2 and objectstore services aren't installed and
deprecated, but there is no way to disable it, this patch adds a way to
permanently disable and enable them
Change-Id: Ie78ba5af1d953e8ebed9195202522ff73efcde9f
Closes-Bug: #1533255
Use os_release() instead of get_os_codename_install_source() to
determine the OpenStack release in resolve_services(). This is
needed when deploying from source because it checks both
openstack-origin and openstack-origin-git when determining the
release.
Change-Id: I39a61fc4394967bd70af493f6a69fe9d428274b1
Change the worker-multiplier to a floating point config option type
instead of integer. This allows users to specify workers to be less
than the number of CPUs, which is useful in deployments with multiple
services deployed into containers on top of bare metal.
The fix is to simply change the config option type and to sync in
the necessary update from lp:charm-helpers.
Partial-Bug: #1602444
Change-Id: I2c846832d24f709a3d019b766f5f23c28c4371f4
Signed-off-by: Billy Olsen <billy.olsen@gmail.com>
All contributors to this charm have agreed to the switch
from GPL v3 to Apache 2.0; switch to Apache-2.0 license
as agreed so we can move forward with official project status.
Change-Id: I20448e0370138e103a00c7fcf0f49949c82d33a9
Neutron functionality was deprecated last release; remove
direct support for managing the neutron-server process and
associated plugin support from this charm.
All neutron-server support is now provided by the neutron-api
charm.
Change-Id: Iec7bd5ec6d835b573a15f8163fa5f78842bd672b
Add charmhelpers.contrib.hardening and calls to install,
config-changed, upgrade-charm and update-status hooks.
Also add new config option to allow one or more hardening
modules to be applied at runtime.
Change-Id: Icf48829e010d35d7d7a4ccd547eae6a8c511c04e
Rollup all old configuration file templates, remove any related
to Quantum which was renamed in the Havana release.
Drop references in code to Quantum, refactor unit tests to baseline
on Icehouse rather than anything older.
Drop relation and associated references to nova-volume service;
deprecated in Folsom and removed in Havana.
Drop ml2 migration - this was required when migrating to Icehouse
from older releases.
Change-Id: I6f5d641ffef2599d0dfc8e16a2dce3cc7be88bd4
This change adds the appropriate region information to the conf files
and to the cloud-compute relations in order to ensure that the region
can be configured on all nova components.
Closes-Bug: #1468306