This new interface consumes information exposed by openstack-dashboard
to correctly configure nova-serialproxy and allow requests coming from
the web browser that tries to load the serial console.
Change-Id: I2d82abffb9649f16a792f180806cea36cc5e25df
Closes-Bug: #2030094
This patch configures nova-cloud-controller to send a service token
along with the received user token on requests sent to other services.
This allows those other services to accept the request even if the user
token has been invalidated since received by the nova services running
in nova-cloud-controller units, the same applies for incoming requests
from other services. Service tokens exist since Openstack Queens.
Change-Id: I95021600da8af12cb75ef5681fb5af8780ade4f8
Closes-Bug: #1992840
Using affinity/anti-affinity policies sometimes we get into a race
condition on the resources that are available on the hypervisors.
This flag allows to increase the number of retries and hence hosts
to schedule on and therefore allowing the successful scheduling
of instances.
This option was taken from the following URL, while future work
with placement is done to help with scheduling with affinity
https://docs.openstack.org/nova/latest/admin/troubleshooting/affinity-policy-violated.html
Signed-off-by: Arif Ali <arif.ali@canonical.com>
Change-Id: I353dbaa38eb0526014888ede27702b428eb66afd
It's useful to force instance creations to fail if ephemeral drives are
requested when cloud admins want users to use persistent volumes always.
Closes-Bug: #1953561
Change-Id: I1c958b4bcf79512c06de6d81fe55c681bb5f38a7
By default resizing an instance to the same host as the source is
not enabled. This change adds new charm config option that maps
directly to the nova.conf setting which effectively gives a user
possibility to enable/disable this functionality.
Closes-Bug: #1946620
Change-Id: I13d0c332cd0b110344b7a1645e3e4fd250fce33a
On multi-region deployments, Nova may talk to the wrong
neutron endpoint (from the wrong region) if the region
is unspecified.
The issue that requires this fix is most apparent when
doing live migrations, as the Conductor tries to call
Neutron to perform port bindings.
Closes-bug: #1903210
Change-Id: Id118f6a5794de298c31debf6e31ffe92271982d1
This commit introduces a new charm option allowing operators to override
the hardcoded 0.0 that disabled hypervisor demotion on build failures
from pike onward.
In certain environments it may be preferable to retain the upstream
behavior of letting the scheduler work around malfunctional computes and
favor instance building reliability at the cost of a potentially uneven
load distribution.
Change-Id: I2faa5ab8cd505a9d61a9fa26e1b08d16b0c795fb
Closes-Bug: 1892934
Upstream Nova introduced multiple scheduler support in Rocky. Apply the
number of scheduler workers based on worker-multiplier so users can
control resource consumption instead of having the same number of
workers with the available CPU threads.
Change-Id: Ia6f14a98ce3e5649f290561f59d691ded3d19177
Closes-Bug: #1889756
If debug is enabled we will also want oslo_messaging
debug logs and this allows for that. A previous patch
added this for >= Pike but it is also needed if these
logs are wanted in >= Mitaka.
Change-Id: I8d916e6082ee6fa6140406e1f69bab6bde01b65e
Related-Bug: #1817290
New config option count_usage_from_placement is added in Nova from
Train release to enable/disable counting of quota usage from placement
service. Corresponding config parameter is required in nova-cloud-controller
charm.
This patch introduces quota-count-usage-from-placement config parameter in
nova-cloud-controller charm. For openstack releases train or above, this
option is rendered in nova.conf for nova-cloud-controller units.
func-test-pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/250
Change-Id: I57b9335b7b6aecb8610a66a59cb2e4e506e76a5e
Closes-Bug: #1864859
Allow attach between instance and volume in different
availability zones. If False, volumes attached to an
instance must be in the same availability zone
in Cinder as the instance availability zone in Nova.
Change-Id: I21df8e0dfa585133c5ef6a55cdbbc2071c267424
Closes-Bug: #1856776
Currently, Apache ports.conf file is not being configured by this
charm. This patch changes the ports.conf default file with another one
that does not open port 80 on SSL environments..
Change-Id: Id0b3ce106e2779ce6a44b59c0b08fb1011dfdd54
Closes-bug: #1845665
In commit e245c0bad4 we updated the Rocky
template only. We have Queens deployments that also requires this
functionality. Pike is the extant template to affect Queens.
In order to have nova-metadata-api use the same dns-domain as neutron
when nova-metadata-api runs on nova-cloud-controller we must recieve
the dns-domain on the neutron-api relation.
Change-Id: I9364cf57664695b08411cc3c6a101e132ea58cc7
Partial-Bug: #1805645
This patch adds a configuration option for oslo notification format.
Charm Helpers can accept this option to fill the configuration
template appropriately.
Change-Id: I9b41854aca91f5ed42844be8805a941bc686336e
Signed-off-by: Stamatis Katsaounis <skatsaounis@admin.grnet.gr>
This commit introduces option osapi_compute_unique_server_name_scope
which allows operators to ensure VMs are created with unique names per
project or cloud.
Change-Id: Idacb60bb31cd60cb1deaec7cb3ec061f0c04da24
Closes-Bug: #1829782
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@canonical.com>
With this change, we are enabling OpenStack compute services
to automatically determine the highest available RPC level
to use based on the service versions in the deployment.
Change-Id: I4e08de92ab8d0641398f3b54d7ea87d83c3b050a
Closes-Bug: #1825999
Openstack services don't use the default ports (80 and 443), so
change Apache to not open them.
Change-Id: I518465cd2d6f53e229ab81ebd751f311f8627f83
Closes-bug: #1845665
The placement config may eventually be shared among more than one
charm as more services begin to use it. This patch drops the local
sectional config and uses the same sectional config that now exists
in charm-helpers.
charm-helpers was synced to pick up this change.
Change-Id: I42b415d7c4834cd74887c27b2f4a4daeb8eae636
Related-Bug: 1850691
A new config option called scheduler-host-subset-size was added
to configure FilterScheduler's host_subset_size property, which
size of the subset of best hosts selected by the scheduler.
Change-Id: Ic61917732d50806f74be0b4e7c87a51d738afbe7
Closes-bug: #1846203
Ensure "rabbit_use_ssl" is specified in the [oslo_messaging_rabbit]
config section instead of "ssl" for Ocata, since "ssl" was not yet
introduced.
Change-Id: I27f89f3780a60c6fbb26d8aad637853403bddeb1
Closes-Bug: #1838696
The domain is missing from the credentials that nova cloud
controller passes to the compute nodes. This change adds it in.
Closes-Bug: 1830536
Change-Id: I2ad82b9b271d83e1b49691187c620d7b976e5ff0
This commit uses .keys syntax instead of iterkeys
for fixing a traceback when setting nova_alchemy_flags != None.
Change-Id: I7efcf3f39e7dcd632b3d2a4b7b8f3e8befd7f5de
Closes-Bug: #1828085
Pike onwards defaults to setting oslo_messaging logger
to INFO and we have no way to set it to DEBUG currently.
This patch will set it to DEBUG when debug is enabled.
Also sets glance.debug=True if debug enabled
Change-Id: I9216325f8e96cb9ee06cddbe75cdd15e98fb0827
Closes-Bug: #1817290
For novnc, need to set novncproxy_port in proxy nodes and
novncproxy_base_url in nova-compute nodes.
For xvpvnc, need to set xvpvncproxy_port in proxy nodes and
xvpvncproxy_base_url in nova-compute nodes.
For spice, need to set spicehtml5proxy_port in proxy nodes and
spicehtml5proxy_base_url in nova-compute nodes.
When release >= Mitaka, novncproxy_port and xvpvncproxy_port
are moved from [default] section into [vnc] section.
spicehtml5proxy_port is renamed to html5proxy_port and moved
to [spice] section.
So eventually the console access port can be customized by:
juju config nova-cloud-controller console-access-protocol=novnc
juju config nova-cloud-controller console-access-port=xx
If console-access-port is not defined, then default port is 6080
for novpc, 6081 for xvpvnc, 6082 for spice.
Change-Id: I4775ad42ba11b0c28163bf7e3718c56d18a2031f
Closes-Bug: #1800753
Signed-off-by: Zhang Hua <joshua.zhang@canonical.com>
Disable the BuildFailureWeigher used when weighting hosts during
instance scheduling. A single build failure will result in a
-1000000 weighting which effectively excludes the hypervisor
from the scheduling decision.
A bad image can result in build failures resulting in a heavy
load on hypervisors which have not had a build failure with
those that have effectively being ignored; the build failure
count will be reset on a successful build but due to the high
weighting this won't happen until all resources on known good
hypervisors have been completely consumed.
Change-Id: I4d4367ef20e2a20aee1e26d4a0ec69cad2ac69d6
Closes-Bug: 1818239
Ensure a good distribution of instances across candidate hypervisors
by randomly sampling from the full set of allocation candidates
returned when scheduling new instances
Change-Id: I15b824cddef1978d910f72cd6cbb884460223ce6
Closes-Bug: 1817877
The stein version of python-oslo.messaging (9.0.0+) has removed
the following config options from the [oslo_messaging_rabbit]
section:
rabbit_host, rabbit_port, rabbit_hosts, rabbit_userid,
rabbit_password, rabbit_virtual_host rabbit_max_retries, and
rabbit_durable_queues.
The above change requires a sync from charm-helpers.
These have been deprecated since Ocata, therefore this change
will be provided to pre-Stein templates in order to drop
deprecation warnings.
See release notes at:
https://docs.openstack.org/releasenotes/oslo.messaging/index.html
Change-Id: Id4a31a8ccfb2735d76dffe30c91c3ae733baa76b
Closes-Bug: #1817672
This change implements a new option in config.yaml that allows
services to come up disabled and be manually enabled later.
Change-Id: I345b56e347b63650ee3df07773ccb2e333610355
Closes-Bug: #1758776
Due to an issue in python3 oslo_cache+eventlet when using
memcached. As workaroud for Rocky it has been decided to run service
nova-api-os-compute from systemd to apache2.
Closes-Bug: #1812672
Depends-On: https://review.openstack.org/#/c/633218
Depends-On: https://review.openstack.org/#/c/633482
Change-Id: I3bf279638c5decf1020345f3d2e876e379144997
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@canonical.com>
Currently we directly use the one provided by charmhelper which does
not allow to reuse it for an other service. In this commit we symlink
a new template called wsgi-placement-api.conf to
charmhelper/../wsgi-openstack-api.conf.
The disable_package_apache2_site() call has been added in
do_openstack_upgrade() since previously it was not necessary to have
it during this step.
The disable_package_apache2_site() call has been added in
upgrade-charm to ensure that we remove old wsgi config for users which
are already using bionic-rocky and are upgrading their charm.
Partial-Bug: #1812672
Change-Id: Idc3cad9304eaf9b610db20650c32cd754f016358
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@canonical.com>
Prior to this, the charm config did not support default quota
configurations for compute (ie. instances, compute, ram, etc.).
Default quota configuration changes will not impact existing
projects with modified quotas. Only new projects and projects with
unmodified quotas will adopt the defaults in the configuration file.
The following default quota settings were added:
instances
cores
ram
metadata_items
injected_files
injected_file_content_bytes
injected_file_path_length
key_pairs
server_groups
server_group_members
The functional test added checks that nova.conf quotas are set in
the correct section of the file.
Change-Id: Iae8c84dbfec97e1879d51963125f7674ea20ba22
Closes-Bug: 1386911
In order to have nova-metadata-api use the same dns-domain as neutron
when nova-metadata-api runs on nova-cloud-controller we must recieve
the dns-domain on the neutron-api relation.
Change-Id: I22c88a6fea87c56efdb5d93474a5ec7d2a6432d0
Partial-Bug: #1805645
Some major changes:
* the charm has been rebased (from a Python perspective) to be rooted in
the charm directory. This is a single root.
* Imports have been changed so that the don't add lots of imports to the
namespace of the module doing the import.
* The code that used to run at module import time has been made lazy
such that it only has to run if the relevant functions are called.
This includes restart_on_change parameters, the harden function and
the parameters to the guard_map. Appropriate changes will be
submitted to charm-helpers.
* Several tests had to be re-written as (incorrect) mocking meant that
text fixtures didn't actually match what the code was doing. Thus,
the tests were meaningless.
* This has had a net positive impact on the unit tests wrt to importing
modules and mocking.
Change-Id: Id07d9d1caaa9b29453a63c2e49ba831071e9457f
The neutron template fragment in charmhelpers has support for
metadata, so bring the pike template inline witt all the other
nova.conf templates in the charm and use parts/section-neutron.
Change-Id: I35514988aa9d2c289ec20dd3394846386cb1559e
Closes-Bug: 1796405
Allow json lists to be passed in via the pci-alias charm config
option so that multiple aliases can be set.
Increase amulet timeout due to gate failures
Change-Id: I3b5ea70224536f8d40f9c04482fa676c2b230bdd
Partial-Bug: #1735205
Add a service for handling nova metadata api services. This was
previously handled by the neutron-gateway and still is for
deployemnts up to and including Pike, For the neutron metadata
service and the nova service to communicate they need a shared
secret. To achieve this, the change includes:
* A charmhelper sync to get support for multiple wsgi vhosts
* Rendering new wsgi vhost and corresponding haproxy config.
* Setting a shared-secret down the relation with the neutron
gateway.
* Remove fragile keystone authtoken checks as they are failing
after a ch sync and any issues will be caught by the instance
launch functional test.
Change-Id: I5ad15ba782cb87b6fdb3c0941a6482d201670bff
Beginning in the Pike release, Nova started sending both versioned
and unversioned notifications. The verioned notification queues do
not have any consumers so this causes some queues to fill up until
either the messages expire or they are flushed. This changes the
nova configuration to only send unversioned (legacy) notifications.
Change-Id: Ibaef9dfd75cf2ce6c20d92746b3cf7b37bac24b9
Related-bug: #1665449
Ensure that oslo.middleware parses any proxy information
forwarded from haproxy/apache with regards to protocol;
this ensures that https connections are correctly detected.
Includes charm helper sync to bring in oslo middleware
template.
Change-Id: I1232d089ab91572ec31c1b2172881165097af5fb
Closes-Bug: 1758675