Allow ClusterTemplate to explicitly specify a driver to use for creating
Clusters.
This is initially sourced from the image property 'magnum_driver', but
may be improved to be specified via client in the future.
Falls back to old driver discovery using (coe, server_type, os) tuple to
keep existing behaviour.
Change-Id: I9e206b589951a02360d3cef0282a9538236ef53b
Label validator function has been left behind, although it's not
checking for anything right now - might be useful in future.
Change-Id: I74c744dc957d73aef7556aff00837611dadbada7
We noticed that from the user perspective it is hard
to know when a cluster_template provided by the cloud
admin is mature enough for a production release.
This field will allow the administrator to add an
annotation to the cluster template like
{deprecated, recommended, testing} giving further
usefull information to the end user about the
template's life cycle
This patch adds the necessary database column and
API objects to handle the new argument.
story: 2007857
task: 40160
Change-Id: I5d1c4221f089bc5cd12b25f620aa01771a029df9
Signed-off-by: Diogo Guerra <diogo.filipe.tomas.guerra@cern.ch>
Currently master_lb_enabled can be enabled at cluster creation but validation
is only done for cluster_template.
We need to validate in cluster.
Fix testing
task: 41535
story: 2007634
story: 2008487
Change-Id: Icf32de2b803aa160dc3b7993e128deff11d02fcb
Adding the master_lb_enabled option when creating a cluster,
which will benefit both the cloud provider side and the end
user side. For cloud prodiver, they don't have to maintain
separate cluster templates with or w/o master_lb_enabled enabled.
For end user, they can easily use one single template to create
different clusters with different configs.
Task: 39680
Story: 2007634
Change-Id: I0b586f05168ece84fd340ef7493a56688191053d
The original design of k8s cluster health status is allowing
the health status being updated by Magnum control plane. However,
it doesn't work when the cluster is private. This patch supports
updating the k8s cluster health status via the Magnum cluster
update API by a 3rd party service so that a controller (e.g.
magnum-auto-healer) running inside the k8s cluster can call
the Magnum update API to update the cluster health status.
Task: 38583
Story: 2007242
Change-Id: Ie7189d328c4038403576b0324e7b0e8a9b305a5e
Adds support for upgrading nodegroups. All non-default nodegroups,
are allowed to be upgraded using the CT set in the cluster. The
only label that gets upgraded for now is kube_tag. All other labels
in the new cluster_template are ignored.
Change-Id: Icade1a70f160d5ec1c0e6f06ee642e29fe9b02ff
This adds the changes needed in the API and conductor level to support
creating updating and deleting nodegroups.
Change-Id: I4ad60994ad6b4cb9cac18129557e1e87e61ae98c
Since each nodegroup will be one independent stack, we have to add
more fields to the table and object in order to track each stack
contained in the cluster. This adds the stack_id, version, status,
status_reason and version fields to the nodegroup object.
Change-Id: I6d36b2d3bc6476efbef6a9f702ffc73cfa0fab8c
When using a public cluster template, user still need the capability
to reuse their existing network/subnet, and they also need to be
able to turn of/off the floatingip to overwrite the setting in the
public template. This patch supports that by adding those three
items as parameters when creating cluster.
Story: 2006208
Task: 35797
Change-Id: I11579ff6b83d133c71c2cbf49ee4b20996dfb918
Magnum is sending notifications like cluster create but has no
details regarding the cluster, like cluster UUID. Notifications
from other OpenStack projects contain full detailed information
(e.g. instance UUID in Nova instance create notification).
Detailed notifications are important for other OpenStack
projects like Searchlight or third party projects that cache
information regarding OpenStack objects or have custom actions
running on notification. Caching systems can efficiently update
one single object (e.g. cluster), while without notifications
they need to periodically retrieve object list, which is
inefficient.
Change-Id: I820fbe0659222ba31baf43ca09d2bbb0030ed61f
Story: #2006297
Task: 36009
This commit removes the fields node_addresses, master_addresses,
node_count and master_count from the cluster object since this info
will be stored in the nodegroups. At the same time, provides the way
to adapt existing clusters to the new schema.
story: 2005266
Change-Id: Iaf2cef3cc50b956c9b6d7bae13dbb716ae54eaf7
This changes the existing cluster APIs and the cluster conductor to
take into consideration nodegroups:
* create: now creates the default nodegroups for the cluster
* update: updates the default nodegroups of the cluster
* delete: deletes also the nodegroups that belong to the cluster
* cluster_resize: takes into account the nodegroup provided by the API
story: 2005266
Change-Id: I5478c83ca316f8f09625607d5ae9d9f3c02eb65a
Add a new hidden flag to cluster templates. This allows an operator to
keep a cluster public (accessible to all users) while not showing them
in cluster template listing.
Story: 2004941
Task: 29342
Change-Id: Ia2717ca960041753f6e772bf2d41c7f5a196dae6
this commit introduces a new `Federation` table to
Magnum database, as well as the necessary DB layer
APIs to access and manage it.
this belongs to the first phase of the implementation
of the federation api. check [1] for more details.
[1] https://review.openstack.org/#/c/489609/
Change-Id: Ie8a68cd3198c8fc7930069fd2e55f1cad55b6c9b
Partially-Implements: blueprint federation-api
Add flavor_id as an option during cluster create. If not given,
the default is taken from the cluster template.
Add flavor_id in the Cluster object and use that instead
of the one from ClusterTemplate.
Update both magnum and magnum cli documentation to reflect the above changes.
Partial-Bug: #1699245
Change-Id: Ib60c05cce1cf2639ca4740abdd264403033433f9
Add master_flavor_id as an option during cluster create. If not given,
the default is taken from the cluster template.
Add master_flavor_id in the Cluster object and use that instead
of the one from ClusterTemplate.
Update both magnum and magnum cli documentation to reflect the above changes.
Partial-Bug: #1699247
Change-Id: Id1d973167b381538121583a0a9691304b39e98de
Add labels as an option during cluster create. If not given,
the default is taken from the cluster template.
Add labels in the Cluster object and use that instead
of the one from ClusterTemplate.
Update both magnum and magnum cli documentation to reflect the above changes.
Partial-Bug: #1697651
Implements: blueprint flatten-attributes
Change-Id: I8990c78433dcbbca5bc4aa121678b02636346802
Add docker_volume_size as an option during cluster create. If not given,
the default is taken from the cluster template.
Add docker_volume_size in the Cluster object and use that instead
of the one from ClusterTemplate.
Update both magnum and magnum cli documentation to reflect the above changes.
Partial-Bug: #1697648
Implements: blueprint flatten-attributes
Change-Id: Ic6d77e6fdf5b068fa5319b238f4fd98b4d499be4
This is patch 3 of 3 to change the internal usage of the terms
Bay and BayModel. This patch updates Bay to Cluster in DB and
Object as well as all the usages. No functionality should be
changed by this patch, just naming and db updates.
Change-Id: Ife04b0f944ded03ca932d70e09e6766d09cf5d9f
Implements: blueprint rename-bay-to-cluster
This patch is the first of 3 patches to change the internal
usage of the terms Bay and BayModel. This patch updates
BayModel to ClusterTemplate. No functionality should be
changed by this patch, just naming and db updates.
Change-Id: I0803e81be6482962be2878a8ea2c7480f89111ac
Implements: blueprint rename-bay-to-cluster
This patch adds floating_ip_enabled field to baymodel to specify
whether floating ip is used or not.
Change-Id: I99677221250480b43a4b95ebf460c43bc77090ad
Partially-Implements: blueprint bay-with-no-floating-ips
Following the removal of service [1], pod [2] and container [3], remove
COE specific object ReplicationController.
This change also removes k8s_conductor.
[1] I4f06bb779caa0ad369a2b96b4714e1bf2db8acc6
[2] I8c2499ccb97aae39d80868ce02fbef292d762c10
[3] I288fa7a9717519b1ae8195820975676d99b4d6d2
Change-Id: Ica100c8d2dfdd7dc709feb1f5cdc5a3f3d6c7318
Partially-Implements: blueprint delete-container-endpoint
Partially-Implements: blueprint bay-drivers
Following on from removing the k8s specific APIs in
I1f6f04a35dfbb39f217487fea104ded035b75569 the objects associated with
these APIs need removal.
Remove the container object, drop the db table and remove references to
the container object. The docker_conductor has also been removed as this
was used for managing containers using Magnum objects.
Change-Id: I288fa7a9717519b1ae8195820975676d99b4d6d2
Partially-Implements: blueprint delete-container-endpoint
Co-Authored-By: Spyros Trigazis <strigazi@gmail.com>
The periodic task unneccessarily lists Heat stacks in the
global tenant (across all tenants) which the Magnum service
user may lack permission for. Also, the most restrictive way
to let it use global stack-list is chose a Keystone role and
open that operation to any user in any project holding that
role.
This commit substitutes a direct lookup of all bays' stack_id
attributes for this global stack list. This direct lookup will
yield the same net result. In order to get the neccessary
permissions it will use each bay's stored Keystone trust to
act on behalf of the bay's creating user.
Co-Authored-By: Jiri Suchomel <jiri.suchomel@suse.com>
Closes-Bug: #1589955
Change-Id: I67b176c137c463e37e037970cc4e468d51db30c9
This patch adds an environment file and a couple of template resources
to allow the LBaaS resources to be conditionally enabled/disabled.
Change-Id: I40ef0839dca84f398efb02022fa7c1de821fb1a3
Partially-Implements: blueprint decouple-lbaas
Partially-Implements: blueprint bay-with-no-floating-ips
Bay_create_timeout default is 0 and means that magnum create bay
without timeout. But heat create stack with timeout absolutely.
So it is impossible to create bay without timeout. And I had send
a patch which allow heat to create stack without timeout, but the
core of heat did not agree with it.
The patch is: https://review.openstack.org/#/c/334138/
Change-Id: Iebc9915dcf2894a2dbed912244a2c7c308b4d9d7
Closes-bug: #1590636
Ironic template needs to specify fixed subnet name/ID.
And also user sometimes want to build his cluster on
his network which he built.
This patch adds fixed_subnet field to baymodel to specify
fixed subnet which bay will build on.
Change-Id: Ia21ad6e3e1472a0d078d08369ef62601034fcc17
Partial-Implements: blueprint magnum-baremetal-full-support
master_lb_enabled is a boolean field that determines if a bay's master
nodes should be load balanced. Defaults to False.
Change-Id: Icf8317432dec70c99c29a3af9edb0499bfd2439d
Partially-Implements: blueprint decouple-lbaas
Following on from removing the k8s specific APIs in
I1f6f04a35dfbb39f217487fea104ded035b75569 the objects associated with
these APIs need removal.
Remove the service object, drop the db table and remove references to
the service object.
Change-Id: I4f06bb779caa0ad369a2b96b4714e1bf2db8acc6
Partially-Implements: blueprint delete-container-endpoint
* This parameter will be optional and users will be able to select
a supported driver, otherwise the default configuration will be
used.
* Add docker storage driver enum field to baymodel
* Add db upgrade file
* Update heat templates for kubernetes and swarm allowing only
devicemapper and overlay as docker_storage_driver values.
* Add configuration for OverlayFS on Fedora Atomic, if overlay is
incompatible bay creation will result a CREATE_FAILED status.
* Factor out configuration of docker storage drivers
* Update tests
* Add Release Notes
Partially-Implements: blueprint support-for-different-docker-storage-driver
Change-Id: Ib58cb734c4e9c90d5d83574852213d2e97359e92
This patch does following:
* Removes X509keypair controller as there is already Certificate
controller for same purpose.
* Removes X509keypair conductor.
* Removes name, ca_cert and bay_uuid from x509keypair model as
Bay model already holds certificate references.
* Add intermediates and private_key_passphrase to x509keypair
model.
* Remove related tests and changes.
Change-Id: I9271221cd1d07c672c4a380a4ae3593237fca66a
Partially-Implements: blueprint barbican-alternative-storeX
Following on from removing the k8s specific APIs in
I1f6f04a35dfbb39f217487fea104ded035b75569 the objects associated with
these APIs need removal.
Remove the pod object, drop the db table and remove references to the
pod object.
Change-Id: I8c2499ccb97aae39d80868ce02fbef292d762c10
Partially-Implements: blueprint delete-container-endpoint
Adding new column of `insecure_registry`, it indicates using insecure
registry when deploying a bay, it should be a validate url with port.
Partially-Implements: blueprint support-insecure-registry
Change-Id: Iaa28d6409264d1d2acd992a7fa14630bb6394852
Introduce Quota Table and Quota list/create API's. With
this concept it will be possible to set quota on a
resource within a project. Fox example X number
of bay creation within a project and if the request
exceeds X bay creation will not be allowed. This change
only introduces the db layer changes.
Change-Id: I8990052df48bdbf6eee426e88ed6c9c2f8cfd344
Partially-Implements: bp resource-quota
Docker registry, k8s load balancer and volume driver have a similar
need to use trust, so we need to create a trustee for each bay.
Change-Id: If034e74ce2ea80a7faa886d4edf789e576c30eb5
Partially-Implements: blueprint create-trustee-user-for-each-bay
The node object represents either a bare metal or virtual machine
node that is provisioned with an OS to run the containers, or
alternatively, run kubernetes. Magnum use Heat to deploy the nodes,
so it is unnecessary to maintain node object in Magnum. Heat can do
the work for us. The code about node object is useless now, so let's
remove it from Magnum.
Closes-Bug: #1540790
Change-Id: If8761b06a364127683099afb4dc51ea551be6f89
Adds volume_driver to the following:
1. api baymodel attribute
2. a new column to the baymodel db
3. objects.Note: Updates baymodel object version
4. Unit tests
Co-Authored By: Kai Qiang Wu(Kennan)<wkqwu@cn.ibm.com>
Co-Authored By: Ton Ngo<ton@us.ibm.com>
Partially-Implements: blueprint magnum-integrate-with-cinder
Change-Id: I25506bd39ab4be513ef99c39f8c52a502b300d92
All bays use the same trustee_user and different trust. A trust is
created for a bay when the bay is created, and is deleted when the
bay is deleted.
Partially-Implements: blueprint registryv2-in-master
Change-Id: Iab2037677f683fe4c562915b98303da02c59c299
Currently bay-show command always shows "0" in bay_create_timeout, this
is confusing for users, store bay_create_timeout into db so that bay-show
will return correct bay_create_timeout value.
Change-Id: Icaea11d7d298bd6245a50c464bff6ff20292e092
Closes-Bug: #1521146
Docker run support an option to set environment variables
to a container. container-create in Magnum also needs this.
This will help for the user to create a container with some
environment variables. Also, swarm use some special environments
to scheduler. This patch add support to do this.
Implements: blueprint support-to-set-env-variables
Change-Id: Ifa46eb6d0e528eadca44d265e906c92ee752af43
In its current state of art, the Baymodel is created
with only "VM" server type. This value is hardcoded in the
code and a tech debt bug was filed to clean it off. Also
this feature can be useful to allow bay model creation with
various server type like virtual machines, baremetal etc.
Client side changes will be provided as part of seperate
patch.
Partial-Bug: #1491003
Change-Id: I8981031d097fc41c94ad509c7b090f0a57a90525
Michal Nasiadka