Implement initial support for container-scoped storage-backend
relation to integrate nova-compute with storage providers.
Transition to blocked state if multiple storage backend
relations are connected
Change-Id: I03e67731df0263887d2d0f671750f420d6e62c1c
These updates, on the master branch, are to support testing the caracal
packages and support of the charms for caracal. They do NOT lock the charms
down, and don't change the testing branches to stable branches.
Change-Id: Ib7947ab8dfd4c4b18c482f4df1a7c6f5b5e3756f
This change reworks previous changes [1] and [2] that had
been respectively reverted and abandoned.
When using the config libvirt-image-backend=rbd, VMs
created from image have their disk data stored in ceph
instead of the compute node itself.
When performing live-migrations, both nodes need to
access the same ceph credentials to access the VM's
disk in ceph, but this is currently not possible
if the nodes involved pertain to different
nova-compute charm apps.
This patch changes app name sent to ceph to
'nova-compute-ceph-auth-c91ce26f', a unique name common to
all nova-compute apps, allowing all nova-compute apps to
use the same ceph auth.
This change also ensures newly deployed nodes install
the old credentials first on ceph-joined hook,
and then supercedes it with the new credentials
on ceph-changed hook, therefore also retaining
the old credentials.
This patch also includes the charmhelpers sync
from PR: #840
[1] https://review.opendev.org/889642
[2] https://review.opendev.org/896155
Closes-bug: #2028559
Related-bug: #2037003
Func-Test-Pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/1149
Change-Id: I1ae12d787a1f8e7761ca06b5a80049c1c62e9e90
This reverts commit c3c2cf0349.
Reason for revert: This introduces an undesired behavior when scaling-out that needs to be addressed in a complementary patch.
Change-Id: I21c127aa565e489ba4d93a1efc8ddba63ef32e87
When using the config libvirt-image-backend=rbd, VMs
created from image have their disk data stored in ceph
instead of the compute node itself.
When performing live-migrations, both nodes need to
access the same ceph credentials to access the VM's
disk in ceph, but this is currently not possible
if the nodes involved pertain to different
nova-compute charm apps.
This patch changes app name sent to ceph to 'nova-compute',
allowing all nova-compute apps to use the same ceph auth.
This patch also includes the charmhelpers sync
from PR: #840
Closes-bug: #2028559
Change-Id: I7222661017655fd7225db0c677f1a8f5ebb7984d
Sync from charm-helpers to update [service_user] config to use the
service domain.
The keystone charm currently creates two service users, one for the
service domain (for v3 authentication), and the other for the default
domain (for v2 authentication). The [service_user] config needs to
use the service domain.
Closes-Bug: #2026202
Change-Id: Ia1329a6c53cc4b532436751f0396149139a88172
After evacuations and revert resizes when using rbd storage backend,
the instance folder is usually left behind and causes issues when
migrating the instance back to the host.
With the config option set, the nova-compute service will cleanup
those folders as part of the periodic checks that run for instances
that have been evacuated/migrated.
Closes-bug: #2019141
Change-Id: I846ccb0a95d04139b41fdad6cbf465d303d6cc09
This patch configures Nova to send a service token along with the
received user token on requests to other services. This can allow those
other services to accept the request even if the user token has been
invalidated since received by Nova. Also with this patch Nova will
accept request from other services with invalid user tokens but valid
service tokens. Service tokens exist since Openstack Queens.
Closes-Bug: #1992840
Change-Id: I78b43ef77dc1d7b5976ec81ecddf63c9e6c8b6c1
The subordinate charms should manage the services that
they deploys and configure, not the principle they are related to.
This change switches the approach for restarting services
from having the nova-compute charm doing it directly to having
nova-compute triggering the restart by request a restart down
the existing relations.
Closes-Bug: #1947585
Change-Id: I7419e39d68c70d21a11d03deeff9699421b0571e
OVS introduced a new service called ovs-record-hostname.service which
records the hostname on the first start in the ovs database to identify
the ovn chassis, this is how it achieved a stable hostname and be
resilient to the changes in the FQDN when the DNS gets available.
This change introduces the same approach for nova-compute charm. In the
first run of the NovaComputeHostInfoContext the value passed in the
context as host_fqdn is stored in the unit's kv db, and re-used on every
subsequent call.
This change affects only new installs since the hint to store (or not)
the host fqdn is set in the install hook.
Change-Id: I2aa74442ec25b21201a47070077df27899465814
Closes-Bug: #1896630
It was found that the modules test_actions_openstack_upgrade and
test_actions_package_upgrade were mocking different classes and
functions right before importing the modules under test
(openstack_upgrade and package_upgrade respectively), although these
mocks weren't being reset making tests executions coming after them to
get benefitted (or impacted) by the mocks in memory.
This patch takes advantage of mock.patch() decorator at the class level
and importlib.reload() to make sure the mocks don't outsurvive the
module.
When the teardown was in place it was found a different set of functions
that were relying on that mocking, so they were patched to allow the
tests run in the expected (mock'ed) environment.
Summary of changes:
- Move get_availability_zone() to contexts module, nova_compute_utils
depends on nova_compute_context, the latter shouldn't be importing
code from the former since it breaks the layering, even when the
import is being done within a function's body.
- Mock env variable JUJU_UNIT_NAME per test case, the tests defined
in the test_nova_compute_utils and test_nova_compute_contexts were
relying on the leakage of mocks set by other test modules, this
makes them run in an isolated fashion.
- Move update_nrpe_config testing to its own class, the main class
NovaComputeRelationsTests mocks the function update_nrpe_config()
making it difficult to test it in a test method, hence making the
test part of its own class it's posible to not mock the function
and correctly runs its implementation.
- Teardown mocks made at import level.
Func-Test-Pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/997
Change-Id: I4468ef1a0619befc75c6af2bad8df316125a7cf5
* sync charm-helpers to classic charms
* change openstack-origin/source default to zed
* align testing with zed
* add new zed bundles
* add zed bundles to tests.yaml
* add zed tests to osci.yaml and .zuul.yaml
* update build-on and run-on bases
* add bindep.txt for py310
* sync tox.ini and requirements.txt for ruamel
* use charmcraft_channel 2.0/stable
* drop reactive plugin overrides
* move interface/layer env vars to charmcraft.yaml
Change-Id: I506c53b4956024066bc769665525cb022438a0ae
Enable vTPM support in nova-compute charm. This adds new packages to be
installed swtpm and swtpm-tools as well as updates the nova-compute.conf
file and the qemu.conf file to set appropriate user/groups for swtpm.
func-test-pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/696
Change-Id: Idf0d19d75b9231f029fa6a7dc557d2a9ee04915b
Add an extra-repositories config option to nova-compute in order to
allow configuring additional apt repositories. This is useful when some
packages are not available in the distro or cloud archive.
Change-Id: Ie3b76ff3bc07b83e416c80fab1da2560d48df498
Ubuntu OpenStack Rocky migrated from python2 to python3, the package
python-oslo.privsep provides the privsep-helper program as an
alternative, when having it installed next to python3-oslo.privsep the
first installed will stay as a default.
This change add python-oslo.privsep to the list of packages that need to
be purged on OpenStack>=rocky.
Change-Id: Ib64dfa30b6705a45f82051dfc3634740a5f3a661
Closes-Bug: #1822763
os-brick upstream made some changes and started to use lsscsi for
discovering iSCSI devices. Make sure lsscsi is installed by the charm
until the os-brick package in Ubuntu pulls it as a dependency.
Closes-Bug: #1939390
Change-Id: I509d5edb3c6e3a4c35b7252b567a1672cf5e0bbe
The nova-cloud-controller charm passes allocation ratio defaults
in the format '{cpu,disk,ram}_allocation_ratio' on the cloud-compute
relation.
Ensure that later OpenStack releases (>= Stein) query using this
key rather than one prefixed with 'initial_' which is used for the
target Nova Compute configuration option.
Closes-Bug: 1961065
Change-Id: I7d3e7f9f5c69f7ad06191a20bdfcfd6b5dca50d3
By default resizing an instance to the same host as the source is
not enabled. This change adds new charm config option that maps
directly to the nova.conf setting which effectively gives a user
possibility to enable/disable this functionality.
Closes-Bug: #1946620
Depends-On: I13d0c332cd0b110344b7a1645e3e4fd250fce33a
Change-Id: I2f2e9e44f6bba48e15621a216539089c7e3abc1d
The upstream has 3 min as the timeout (60 retries at 3-seconds
interval). It should work if an image is in a raw format to leverage
Ceph's copy-on-write or an image is small enough to be copied quickly.
However, there are some cases exeeding the 3 min deadline such as a big
enough image with Qcow2 or other formats like Windows images, or storage
backend doesn't have copy-on-write from Glance.
Let's bump the deadline to 15 min (300 retries at 3-seconds interval) to
cover most of the cases out of the box, and let operators tune it
further by exposing those options.
Co-authored-by: Mark Maglana <mark.maglana@canonical.com>
Closes-Bug: 1758607
Change-Id: I6f6da8e90c6bbcd031ee183ae86d88eccd392230
When re-writing files, the apparmor configuration is not written,
this will fix this to ensure that aa-profile-mode is respected
Closes-Bug: 1947389
Change-Id: I79e9625ab4d261845822d4825ba1ed7e31d0b1e0
Services have interdependencies and the order in which
we attempt to resume them is important, otherwise the
resume action may fail.
Uncovered while and validated by running the
openstack-upgrade tests. [1]
[1]: https://github.com/openstack-charmers/charmed-openstack-tester
Change-Id: I12218b47dc56b502ecc8578c6ab13acbd321bf26
Related-Bug: #1927277
Related-Bug: #1952882
For principal - subordinate plugin type relations where the
principal Python payload imports code from packages managed by a
subordinate, upgrades can be problematic.
This change will allow a subordinate charm that have opted into the
feature to inform its principal about all implemented release -
packages combinations ahead of time. With this information in place
the principal can do the upgrade in one operation without risk of
charm relation RPC type processing at a critical moment.
This makes use of
https://github.com/juju/charm-helpers/pull/643
This is similar to
https://review.opendev.org/c/openstack/charm-keystone/+/781822
Also fixed broken link to charm-guide.
Change-Id: Iaf5b44be70ee108cbe88b4a26f0f15f915d507fe
Closes-Bug: #1927277
The config is necessary to calculate available disk space for VMs with
disk-allocation-ratio which is already exposed as a charm option.
Closes-Bug: #1952184
Change-Id: I0ef55987517bded50f855e0dbc5e420cfbff4c1b