There can be a delay between the interface being created,
and an IP address getting assigned,
which previously caused a race condition where
the config could be rendered before the IP address was ready
resulting in the health manager bind_ip to be empty.
This ensures that the IP address will be ready before continuing,
which will ensure that the config rendering will not happen until ready,
and the configure-resources action will only return once it's all done.
Closes-Bug: #1961088
Change-Id: I2cae5f0e307c8cd14f1831f3416d890ad604b705
This will ensure that mtu is set whenever setup_hm_port()
is called regardless of if the port has just been created
or not. Also checks mtu in update-status hook.
Change-Id: I80b5cea812becd1724fcfe2a8a232253eac76735
Closes-Bug: #2018998
Prior to this change, big bang upgrades were not being run
when openstack-origin was updated to a new release.
Closes-Bug: #1979553
Change-Id: I5cda72d55b7aba51d087bababa94435e53c2201b
Due to a build problem with the reactive plugin, this change falls back
on overriding the steps and doing a manual build, but it also ensures
the CI system builds the charm using charmcraft. Changes:
- add a build-requirements.txt
- modify charmcraft.yaml
- modify osci.yaml
-> indicate build with charmcraft
- modify tox.ini
-> tox -e build does charmcraft build/rename
-> tox -e build-reactive does the reactive build
- modify bundles to use the <charm>.charm artifact in tests.
and fix deprecation warning re: prefix
- tox inception to enable tox -e func-test in the CI
- Unit test fix
Depends-On: https://review.opendev.org/c/openstack/charm-keystone/+/830986
Depends-On: https://review.opendev.org/c/openstack/charm-interface-keystone/+/830988
Change-Id: Iadd11634d1fe44731ecf0a6104561b4aeebff23f
Co-authored-by: Aurelien Lourot <aurelien.lourot@canonical.com>
The mock third party library was needed for mock support in py2
runtimes. Since we now only support py36 and later, we can use the
standard lib unittest.mock module instead.
Note that https://github.com/openstack/charms.openstack is used during tests
and he need `mock`, unfortunatelly it doesn't declare `mock` in its
requirements so it retrieve mock from other charm project (cross dependency).
So we depend on charms.openstack first and when
Ib1ed5b598a52375e29e247db9ab4786df5b6d142 will be merged then CI
will pass without errors.
Depends-On: Ib1ed5b598a52375e29e247db9ab4786df5b6d142
Change-Id: Ib9cd965d84654a4ff3a5c24814d8a171865b2db1
JUJU_DEPARTING_UNIT will be set in leader unit as well when removing one
unit, so update_controller_ip_port_list can use it to delete hm port and
update neutron ip list. Besides, cluster.{connected,available} will be
set by interface-openstack-ha when relation-{broken,departed} is changed,
so update_controller_ip_port_list will also have a change to run.
In other words, as long as update_controller_ip_port_list is triggered
for various reasons, the cleanup will be completed.
and pin cffi to 1.14.6 and pyparsing<3.0.0 for python < 3.6
Closes-Bug: 1915512
Func-Test-Pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/600
Change-Id: I88c61b8d2d0b573df7df071ed7978e83b6803c5c
Subnets were not assigned if they already existed and were not created,
but the router creation code for the configure-resources depends on the
subnets variable for iteration. Initialize the subnets from the query
for the subnets for the case of existing subnets.
Additionally, the octavia charm uses a service user which can see other
subnets that are tagged 'charm-octavia'. Narrow the scope of the subnet
listing to the network being used by the charm.
Closes-Bug: #1866126
Change-Id: Id88a68a398a50532e11daff33fb774caf65a0c0a
Co-authored-by: Aurelien Lourot <aurelien.lourot@canonical.com>
Octavia supports multiple provider drivers. The reference Amphora
provider driver is distributed as part of the Octavia software,
and is enabled by default.
Add a configuration option which allows to not enable the Amphora
provider driver. This is useful for use cases where a different
driver is desired, and removes the checks for Amphora related
mandatory configuration options.
Change-Id: I4d14056bf901d813ac53fde9ccd4e8bdb56e3c55
Put charm into a blocked state if the unit local port to mgmt.
network does not come up.
Add workaround in functional test that allows to re-enable
bionic-ussuri gate. Drop proposed from bionic-ussuri
bundles.
Closes-Bug: #1893446
Change-Id: I098e449723bce128e8c2efda1e9fafc9156a71e5
The driver is unreliable at Ussuri.
Also ensure we restart the ovn-driver-agent when configuration is
written to disk.
Ensure Port Security is enabled as this is a requirement for
reliable operation of the Amphora driver also exercised by the
functional tests.
Enable focal/groovy-victoria gates and re-enable Ussuri OVS gate.
Closes-Bug: #1927960
Closes-Bug: #1927962
Related-Bug: #1927959
Change-Id: I1bafd9eecb83aefb425bc5286f23d47c0885ac8e
Due to a 'quirk' being fixed, the octavia-driver-agents don't get
installed if the ovsdb-subordinate relation is the last to be made.
This is due to the update-status hook gating the reactive handler from
running which 'fixed' the issue. Looking deeper, if the handler isn't
the first to run, then the charm's packages won't get initialised
properly.
This patch fixes that by using the dynamic properties 'all_packages' and
'full_service_list' available in charms.openstack core for the Charm
class. This means that it doesn't matter when the flag is set, as long
as it is before the property is accessed. Looking at the handler, this
will be in the right place for the install.
func-test-pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/514
Change-Id: I5fd75c9d371390bca402d6a3a264421a44fd092a
Closes-Bug: #1916764
Defer hm port setup to main charm code instead of
doing it as part of action. This means we get to
avoid the error prone action method of creating
the port.
Closes-Bug: #1902765
Change-Id: Ieab07308103c791f899ec9cb8066283540f9d96e
This patch gates many of the 'active' handlers when the update-status
hook is running. This is to prevent the charm from making changes to
services, re-rendering configs, or updating relations (or attempting to
act on them) during an update-status hook. This also speeds up the
update status so that it only does checking. The related bug is an
example of what can happen if handlers are not masked during
update-status.
Change-Id: Ibabc74f9cd8c0130bcea76c455c179af31bc96a7
Related-Bug: #1895628
The docs says that those flags are currently being cleared by the
framework but that this behavior might change in the future. Hence,
clear the flags to allow for changing those configs several times.
Change-Id: Ia3d40cf128a0a5e7f59b1644cbb4f318b398720e
Remove tactical workarounds for missing binary packages that are
now present in both Ussuri UCA and Focal.
Update test-requirements and improve mocking, unpin flake8 to
allow lint to run on Python 3.8 systems.
Change-Id: I195c8c796a52eadf288f0927f2f41166a5768640
At present the ``use-internal-endpoints`` configuration option
have no effect.
Change-Id: Ia85609f70819b27241e43de27614624697622370
Closes-Bug: #1869463
For use cases that do not require TLS termination or load balancing
based on higher layer characteristics, there is a Octavia OVN provider
driver that delegates load balancing to the network itself and does
not require VMs to handle the traffic.
Use the common ``parts/section-keystone-authtoken`` for keystone
auth in templates.
Change-Id: I1b9704c9e040eef821cef1e4f16faa0b18dce85e
The ``ConnectionRefused`` exception was removed from
``python-novaclient`` in the following commit:
81ec72ecf8c32b409afedc60e013f9b4c47d5bae
Change-Id: I3c7540e53f6ddbf4dcc9736bae72e27b7d6fdd27
Closes-Bug: #1863071
Allows a public key to be added to Amphora instances
to allow ssh access for e.g. debug purposes.
Without the ability to have amphora vms allow ssh access,
it can be impossible to debug issues that occur inside
the vm since it is not possible to modify an existing
image or vm without the vm being recreated. Adding
support for providing a key allows admins to have the
option to access amphora vms should something go
wrong. The default remains to not provide access.
Change-Id: I1d91741eeec9b20b80bbb907a8aeb9166831acbe
Closes-Bug: #1843625
When using Octavia with more than one Openstack Region, it does not found
resources (network, neutron port and ip). It is necessary to specify the
region it should search for network and other resources with tag
charm-octavia.
This patch add support to specify region to search for tagged resources.
Change-Id: I33d362840efc8fe2f64e41678a1790557ed268dd
Closes-Bug: #1854365
Add legacy configure_ssl to octavia_handlers
Pin pyparsing to 2.4.2 in wheelhouse.txt
Update render unit test
Closes-Bug: 1851487
Change-Id: I4dd055d43e62556692dca3f58f255769dab95287
When creating a Neutron port the value of ``binding:host_id`` needs
to match the host identity of the Neutron OpenvSwitch subordinate.
Depends-On: I3b11eec3f1c4b8a673ccb6f9e6320d79dbde8f7a
Change-Id: I6bec4c5a5dade1295414ff8eefc070e2e8127f37
Closes-Bug: #1845303
Previously the default ``certificates.available`` handler was
enabled without the charm authors intervention, this was changed
in I12f45236632b608e07fdd35d31b90b84ca92eb1f.
Change-Id: I4c1c7f6ba64c55cdceed52bb2c8c882190b96a91
The current implementation relies on DNS to resolve the hostname
associated with the ``private-address`` IP of the unit.
This does not always provide a reliable result.
Change-Id: I3a3a3cddd35354944196a155ca0b239e680333d3
Closes-Bug: #1823000
The charm bundles its dependencies to avoid the boundary
violation of the charm being dependent on the software it
manages.
As a side effect the charm will not use the distro packaged
version of ``python3-certifi`` which contains a patch [0] to
make consumers load the system wide CA Certificate bundle.
As a workaround we explicitly point our OpenStack client
operations to the system wide bundle.
0: https://git.launchpad.net/ubuntu/+source/python-certifi/tree/debian/patches/0001-Use-Debian-provided-etc-ssl-certs-ca-certificates.cr.patch
Change-Id: Iad466c7ff6cf680f74168852afea4a67815d0249
Closes-Bug: #1819205
Add configuration option and associated template updates to
support pooling of spare Amphorae to reduce load balancer
service creation time.
Change-Id: Idb49b632c5728c2bbace4124897fde7369cb803e
End user is expected to run the `configure-resources` action
after the deployment is complete and the cloud APIs are
reliably available.
The end user may rely on our defaults or may create the
required resources themselves. The same action is used to
prompt configuration of the Octavia service and whether it
does creation or just discovery depends on the setting of
`create-mgmt-network` and `custom-amp-flavor-id` configuration
options.
Switch to using the more recent ``section-database`` part
for database configuration.
Change-Id: I9529a8a633ef0ba696c22570ec388991ba408ac4
Manage the Nova flavor Octavia should use when launching its instances.
The end user may choose to override this by manually creating the
flavor and configure it through the ``custom-amp-flavor-id``
configuration option.
Change-Id: Id2cbbc2936996c689fb5a2221a9d22ecf93f510e
Send name and URL down the relation to make ``neutron-api``
configure and point the ``lbaasv2-proxy`` service at us.
Change-Id: Ib013afdd7a0b635ab65de8d1cd2f5e83512a6a2a