Commit Graph

1697 Commits

Author SHA1 Message Date
Alex Kavanagh f3bf6be831 Updates for caracal testing support
These updates, on the master branch, are to support testing the caracal
packages and support of the charms for caracal.  They do NOT lock the charms
down, and don't change the testing branches to stable branches.

Change-Id: Ib7947ab8dfd4c4b18c482f4df1a7c6f5b5e3756f
2024-02-24 19:57:46 +00:00
Zuul ab35c61165 Merge "AppArmor policy update for NVMeoF" 2024-02-14 16:29:54 +00:00
Rodrigo Barbieri 650f3a5d51 [v2] Fix migration across nova-compute apps using ceph
This change reworks previous changes [1] and [2] that had
been respectively reverted and abandoned.

When using the config libvirt-image-backend=rbd, VMs
created from image have their disk data stored in ceph
instead of the compute node itself.

When performing live-migrations, both nodes need to
access the same ceph credentials to access the VM's
disk in ceph, but this is currently not possible
if the nodes involved pertain to different
nova-compute charm apps.

This patch changes app name sent to ceph to
'nova-compute-ceph-auth-c91ce26f', a unique name common to
all nova-compute apps, allowing all nova-compute apps to
use the same ceph auth.

This change also ensures newly deployed nodes install
the old credentials first on ceph-joined hook,
and then supercedes it with the new credentials
on ceph-changed hook, therefore also retaining
the old credentials.

This patch also includes the charmhelpers sync
from PR: #840

[1] https://review.opendev.org/889642
[2] https://review.opendev.org/896155

Closes-bug: #2028559
Related-bug: #2037003

Func-Test-Pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/1149

Change-Id: I1ae12d787a1f8e7761ca06b5a80049c1c62e9e90
2024-01-05 15:23:50 +00:00
Felipe Reyes 0f9c730817 AppArmor policy update for NVMeoF
When using NVMeoF feature with nova-compute apparmor in enforce
mode, nova-compute is denied from running /usr/sbin/nvme and
/usr/sbin/blkid, and reading /etc/nvme/hostnqn.

Change-Id: Ia23fbf341d5b7ad469337d8a0c65c18ec519a891
Closes-Bug: #2039161
2024-01-05 02:23:31 +00:00
Olivier Dufour-Cuvillier 4d6f4c07c9 Update apparmor profile for nova-compute
Nova-compute uses ssh and scp commands extensively and this
patch allows the process to read the configuration too in
/etc/ssh/ssh_config.d/ directory.

Closes-Bug: #2044983
Change-Id: I336ce64d493c549096d0b8706996e0f17a2728fb
2023-11-28 17:06:07 +09:00
Alex Kavanagh d90d6ee847 Improve platform mocking
Patch out charmhelpers.osplatform.get_platform() and
charmhelpers.core.host.lsb_release() globally in the unit tests to
insulate the unit tests from the platform that the unit tests are being
run on.

Change-Id: I33d473d83a7c8f4f23840b6b6bcf153ed423ccdc
2023-10-24 12:33:41 +01:00
Zuul e70f228916 Merge "Revert "Fix migration across apps when using VMs created from image"" 2023-10-05 13:17:46 +00:00
Rodrigo Barbieri 11845c7aab Revert "Fix migration across apps when using VMs created from image"
This reverts commit c3c2cf0349.

Reason for revert: This introduces an undesired behavior when scaling-out that needs to be addressed in a complementary patch.

Change-Id: I21c127aa565e489ba4d93a1efc8ddba63ef32e87
2023-10-05 09:22:10 +00:00
Zuul ccea3ee467 Merge "Fix migration across apps when using VMs created from image" 2023-08-30 13:56:27 +00:00
Rodrigo Barbieri c3c2cf0349 Fix migration across apps when using VMs created from image
When using the config libvirt-image-backend=rbd, VMs
created from image have their disk data stored in ceph
instead of the compute node itself.

When performing live-migrations, both nodes need to
access the same ceph credentials to access the VM's
disk in ceph, but this is currently not possible
if the nodes involved pertain to different
nova-compute charm apps.

This patch changes app name sent to ceph to 'nova-compute',
allowing all nova-compute apps to use the same ceph auth.

This patch also includes the charmhelpers sync
from PR: #840

Closes-bug: #2028559
Change-Id: I7222661017655fd7225db0c677f1a8f5ebb7984d
2023-08-22 10:33:06 -03:00
Zuul f6892d228c Merge "Do not manage subordinate service restarts" 2023-08-22 13:32:57 +00:00
Zuul 191670b0aa Merge "Add 2023.2 Bobcat support" 2023-08-07 15:16:59 +00:00
Corey Bryant b270391d80 Add 2023.2 Bobcat support
* sync charm-helpers to classic charms
* change openstack-origin/source default to bobcat
* add mantic to metadata series
* align testing with bobcat
* add new bobcat bundles
* add bobcat bundles to tests.yaml
* add bobcat tests to osci.yaml
* update build-on and run-on bases
* drop kinetic
* update charmcraft_channel to 2.x/stable

Change-Id: Iae47ffbcec08d40f430e6c942e332d56211a300a
2023-08-02 14:18:23 -04:00
Zuul cc7ffa9884 Merge "Drop the path from the auth_url." 2023-08-01 14:49:19 +00:00
Zuul c1115f4c5a Merge "Set nova config for rbd instance folder cleanup after evacuations" 2023-08-01 14:01:15 +00:00
Jadon Naas 8d560b3ff5 Drop the path from the auth_url.
The template previously could use v2.0 depending on the value of
api_version. This was causing issues in newer releases of OpenStack
where the value of api_version was reporting as something other than
"3", and the generated Ironic config tried to use the v2.0 Keystone API.

This patch removes the optional logic in the template for v2.0 and rely
on the global default just like templates/parts/section-placement does.

Closes-Bug: #1995778
Change-Id: I8e0270b933f9c8fb5d6a65f9ebb930a0b21fead8
2023-07-27 16:43:06 -04:00
Zuul 71df10c44b Merge "Add docs key and point at Discourse" 2023-07-14 17:14:09 +00:00
Jadon Naas 28688d7a69 Add docs key and point at Discourse
Add the 'docs' key and point it at a Discourse topic
previously populated with the charm's README contents.

When the new charm revision is released to the Charmhub,
this Discourse-based content will be displayed there. In
the absense of the this new key, the Charmhub's default
behaviour is to display the value of the charm's
'description' key.

Change-Id: I73c3ffa7632bbb2903b9c81d94af7dabae0b19da
2023-07-11 15:35:51 -04:00
Corey Bryant 1e4112d1d6 Use service_domain in [service_user] section
Sync from charm-helpers to update [service_user] config to use the
service domain.

The keystone charm currently creates two service users, one for the
service domain (for v3 authentication), and the other for the default
domain (for v2 authentication). The [service_user] config needs to
use the service domain.

Closes-Bug: #2026202
Change-Id: Ia1329a6c53cc4b532436751f0396149139a88172
2023-07-05 16:00:29 -04:00
Rodrigo Barbieri e61d89aa47 Set nova config for rbd instance folder cleanup after evacuations
After evacuations and revert resizes when using rbd storage backend,
the instance folder is usually left behind and causes issues when
migrating the instance back to the host.
With the config option set, the nova-compute service will cleanup
those folders as part of the periodic checks that run for instances
that have been evacuated/migrated.

Closes-bug: #2019141
Change-Id: I846ccb0a95d04139b41fdad6cbf465d303d6cc09
2023-06-06 10:15:41 -03:00
Jorge Merlino 3c53110282 Add support for using service tokens
This patch configures Nova to send a service token along with the
received user token on requests to other services. This can allow those
other services to accept the request even if the user token has been
invalidated since received by Nova. Also with this patch Nova will
accept request from other services with invalid user tokens but valid
service tokens. Service tokens exist since Openstack Queens.

Closes-Bug: #1992840
Change-Id: I78b43ef77dc1d7b5976ec81ecddf63c9e6c8b6c1
2023-05-03 12:32:06 +00:00
Corey Bryant d9fc4b69c1 Enable jammy-antelope voting and drop kinetic-zed tests
* Voting was turned on for jammy-antelope in the
  project-template for charm-functional-jobs in zosci-config
* Voting for jammy-antelope bundles with non-standard names
  is turned on in individual charms
* Kinetic-zed bundles/tests are removed

Change-Id: Ic290801451f6537e25dfb0330a81598bbafa7135
2023-03-29 22:16:06 +00:00
Jorge Merlino cc5d6234c7 Sync with charm-helpers
This sync includes this patch to charm helpers:

https://github.com/juju/charm-helpers/pull/757

which is an extension of this one:

https://github.com/juju/charm-helpers/pull/740

and both are meant to include templates to configure service tokens
in juju charms as shown in this lp bug:

Related-Bug: #1992840

Change-Id: I5a5564f3e50fc09dc905b6a8f49256886d3c6a69
2023-03-27 10:39:04 -03:00
Corey Bryant dc7ecbc6ec Add Antelope support
* sync charm-helpers to classic charms
* change openstack-origin/source default to antelope
* align testing with antelope
* add new antelope bundles
* add antelope bundles to tests.yaml
* add antelope tests to osci.yaml and .zuul.yaml
* update build-on and run-on bases

Change-Id: I6795ce22f1330309771f4d8d43cee255e27c2a10
2023-03-07 20:28:58 +00:00
Liam Young cb04103e08 Do not manage subordinate service restarts
The subordinate charms should manage the services that
they deploys and configure, not the principle they are related to.
This change switches the approach for restarting services
from having the nova-compute charm doing it directly to having
nova-compute triggering the restart by request a restart down
the existing relations.

Closes-Bug: #1947585

Change-Id: I7419e39d68c70d21a11d03deeff9699421b0571e
2023-03-02 13:54:15 +00:00
Jorge Merlino 7e3ead3389 Adding mke2fs to apparmor
This is needed as all mkfs.* variants end up calling mke2fs.
Closes-bug: #2008391
Related-Bug: #1960231

Change-Id: I940bf0ca9cd330ae0b45b53d0d19844806a4bbbb
2023-02-23 16:48:18 -03:00
Zuul ce62f79a48 Merge "Use a stable hostname to render nova.conf" 2023-02-21 13:17:03 +00:00
Zuul 4a26466235 Merge "Refactor unit tests to avoid leaks of mocks." 2023-02-21 12:55:42 +00:00
Felipe Reyes 2bad8a0522 Use a stable hostname to render nova.conf
OVS introduced a new service called ovs-record-hostname.service which
records the hostname on the first start in the ovs database to identify
the ovn chassis, this is how it achieved a stable hostname and be
resilient to the changes in the FQDN when the DNS gets available.

This change introduces the same approach for nova-compute charm. In the
first run of the NovaComputeHostInfoContext the value passed in the
context as host_fqdn is stored in the unit's kv db, and re-used on every
subsequent call.

This change affects only new installs since the hint to store (or not)
the host fqdn is set in the install hook.

Change-Id: I2aa74442ec25b21201a47070077df27899465814
Closes-Bug: #1896630
2023-02-20 11:37:14 -03:00
Felipe Reyes 75a3dbd0ef Refactor unit tests to avoid leaks of mocks.
It was found that the modules test_actions_openstack_upgrade and
test_actions_package_upgrade were mocking different classes and
functions right before importing the modules under test
(openstack_upgrade and package_upgrade respectively), although these
mocks weren't being reset making tests executions coming after them to
get benefitted (or impacted) by the mocks in memory.

This patch takes advantage of mock.patch() decorator at the class level
and importlib.reload() to make sure the mocks don't outsurvive the
module.

When the teardown was in place it was found a different set of functions
that were relying on that mocking, so they were patched to allow the
tests run in the expected (mock'ed) environment.

Summary of changes:

 - Move get_availability_zone() to contexts module, nova_compute_utils
   depends on nova_compute_context, the latter shouldn't be importing
   code from the former since it breaks the layering, even when the
   import is being done within a function's body.
 - Mock env variable JUJU_UNIT_NAME per test case, the tests defined
   in the test_nova_compute_utils and test_nova_compute_contexts were
   relying on the leakage of mocks set by other test modules, this
   makes them run in an isolated fashion.
 - Move update_nrpe_config testing to its own class, the main class
   NovaComputeRelationsTests mocks the function update_nrpe_config()
   making it difficult to test it in a test method, hence making the
   test part of its own class it's posible to not mock the function
   and correctly runs its implementation.
 - Teardown mocks made at import level.

Func-Test-Pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/997
Change-Id: I4468ef1a0619befc75c6af2bad8df316125a7cf5
2023-02-20 11:37:01 -03:00
Jorge Merlino 046a9169c2 Sync with charm-helpers
Change-Id: I45f120c455881a0fa879812563b805dadbf666fc
2023-02-15 16:34:12 +00:00
Edward Hope-Morley 98191ea5bf Make virt_mkfs configurable with ext4 default
Closes-Bug: #1960231
Change-Id: Ia2ac7318f1164a9015bdf9e7ce7d20a129e22af4
2023-01-18 15:51:16 +00:00
Hemanth Nakkina 83497e833d Use enabled option for vnc
vnc_enabled, novnc_enabled are depreacted but should
be in DEFAULT section. Commit [1] moved the deprecated
options under vnc group so they dont have any effect.
This leads to vnc as True which is default option
in nova.

Change the template to use enabled option instead of
deprecated ones

[1] 73edc4f817

Closes-Bug: #1998300
Change-Id: I4193c042f6b3a55dfb1dc57f0f4d3bc71e19006f
2023-01-05 06:17:55 +00:00
Billy Olsen 966e522dc5 Upin the versions of tox
Unpin the versions of tox, setuptools, etc. This removes the issue
with tox 4.x breaking the virtualenv dependencies.

Change-Id: I103e16c70aee394331b37ec0cf323e014011d3ae
2023-01-04 20:48:11 -07:00
Marcus Boden a3da54fb41 Move default_ephemeral_format to [DEFAULT] section
The default_ephemeral_format line in nova.conf was not in the [DEFAULT]
section in the templates and has therefore been ignored ny nova-compute.
This change moves it to the correct section for all releases.

Closes-Bug: #1992386
Change-Id: Idc0602f95e5378be1243926aa88dc7b5282ee844
2022-11-17 12:51:20 +01:00
Felipe Reyes 6a710c86a3 [s390x] Set pointer_model to ps2mouse
On s390x environments there is no usb controller, hence the default
pointer model (usbtable) produces failures when launching new instances
with the following error:

    unsupported configuration: USB is disabled for this domain,
    but USB devices are present in the domain XML

Change-Id: I58f7f1148096d703384e089292959718fd413157
Closes-Bug: #1962381
2022-10-24 18:38:59 -03:00
Felipe Reyes f414dbdf0a Update testing bundles.
- Drop extra-repositories from jammy-zed bundle. The repository
  ppa:openstack-charmers/swtpm is only needed when running on Focal,
  the Ubuntu Archive >= Jammy contains the needed packages.
- Drop 'source' config key from rabbitmq-server and
  mysql-innodb-cluster. The infrastructure support charm are sourced
  from 'distro' and they don't need to configure an UCA source.

Change-Id: Ia60e46b8b2d35034767a2932176ec799c2e086bf
Closes-Bug: #1994055
2022-10-24 18:38:27 -03:00
Corey Bryant d031a489a7 Add Kinetic and Zed support
* sync charm-helpers to classic charms
* change openstack-origin/source default to zed
* align testing with zed
* add new zed bundles
* add zed bundles to tests.yaml
* add zed tests to osci.yaml and .zuul.yaml
* update build-on and run-on bases
* add bindep.txt for py310
* sync tox.ini and requirements.txt for ruamel
* use charmcraft_channel 2.0/stable
* drop reactive plugin overrides
* move interface/layer env vars to charmcraft.yaml

Change-Id: I506c53b4956024066bc769665525cb022438a0ae
2022-08-31 20:27:43 +01:00
Zuul 467fa1b8e9 Merge "Update nova.conf for OpenStack Yoga" 2022-07-27 19:16:45 +00:00
NucciTheBoss 73edc4f817 Update nova.conf for OpenStack Yoga
This merge request focuses on fixing the VNC config for OpenStack Yoga
on the Focal and Jammy series. Originally, the Yoga version of this
charm was using a template nova.conf file from Train which did not use
the new [vnc] required for Yoga. Train had the VNC config in the
[DEFAULT] section, which is depreciated in Yoga.

Itemized changes to charm below:

 * Create templates/yoga
 * Move VNC config to [vnc] section in nova.conf
 * Rename VNC config keys to follow the Yoga specification.

Closes-Bug: #1974082
Closes-Bug: #1734683

Change-Id: Ic100528f9f38bbc0c83e4f563166113024e3db59
2022-07-25 17:47:50 +00:00
Alex Kavanagh 960520b199 Pin tempest for different python versions
Change-Id: I236ed757a93c7f3bb1942eb16ed859999f8fd318
2022-07-25 08:41:52 +00:00
ljhuang fadbf178fd Replace deprecated assert_ with assertTrue
The assert_ method alias has been deprecated in unittest since version 3.2[1].

[1] https://docs.python.org/3/library/unittest.html#deprecated-aliases

Change-Id: I7aa4862c93feb0d6be2e3080a6689d49ca756cc3
2022-07-21 12:46:13 +08:00
Nobuto Murata cf0f464391 AppArmor policy update for os-brick and iSCSI
In iSCSI usecases including cinder-lvm, os-brick requires lock files
such as:
  - /run/lock/nova/os-brick-connect_volume
  - /run/lock/nova/os-brick-connect_to_iscsi_portal-192.168.0.1

and lsscsi requires following access to compose a rescan command such as
"/sys/bus/scsi/drivers/sd/2:0:0:0/rescan":
  - /dev/
  - /sys/bus/scsi/devices/

Closes-Bug: #1979812
Related-Bug: #1939390
Change-Id: Id2db3a70b8d1287bda006f1bbc5442038f7070f1
2022-06-24 23:58:32 +09:00
Corey Bryant 06856f151c Ensure vgpu services restarted in package_upgrade action
Change-Id: I51382f70f019071f4442f717dbc749ff2e7b8202
2022-05-16 15:05:06 +00:00
Zuul da2142cca3 Merge "Add package-upgrade action" 2022-05-16 10:00:06 +00:00
Billy Olsen f6c536baec Render correct driver in nova-compute.conf
Commit abe5a289 fixed the rendering of the ironic driver in the
nova-compute.conf file for OpenStack versions >= Wallaby. However, it
always renders the nova-compute.conf file for train and above, which is
hard-coded to the Ironic libvirt driver.

This adds additional templating logic to the nova-compute.conf driver in
order to render the correct driver to use.

Related-Bug: #1968547
Change-Id: I12cd4bf5953170d227d52793764c49f3871e25f9
2022-04-19 20:00:02 -07:00
Zuul 1655b04178 Merge "charmhelpers sync for yoga release" 2022-04-13 19:07:08 +00:00
Zuul 7e362f3482 Merge "Only render qemu.conf for hypervisors using qemu" 2022-04-12 15:49:38 +00:00
Liam Young abe5a289ed Only render qemu.conf for hypervisors using qemu
Change-Id: I02a250c27d1b52d5cc9df3f1d6256bfc3ab982ea
Closes-Bug: #1968547
2022-04-11 10:37:24 +00:00
Alex Kavanagh 6a11a54dde charmhelpers sync for yoga release
Charmhelpers sync and remove impish tests.

Change-Id: I2e392d6f249bb6fcebf5c964eabbc8162016dc9f
2022-04-08 20:41:18 -07:00