Many bugs around nova-compute rebalancing are focused around
problems when the compute node and placement resources are
deleted, and sometimes they never get re-created.
To limit this class of bugs, we add a check to ensure a compute
node is only ever deleted when it is known to have been deleted
in Ironic.
There is a risk this might leave orphaned compute nodes and
resource providers that need manual clean up because users
do not want to delete the node in Ironic, but are removing it
from nova management. But on balance, it seems safer to leave
these cases up to the operator to resolve manually, and collect
feedback on how to better help those users.
blueprint ironic-shards
Change-Id: I2bc77cbb77c2dd5584368563dc4250d71913906b
This enables use of ephemeral encryption for swap disks.
The 'encrypted' attribute is intended to be read-only, so we will raise
an error if something attempts to save it later.
DriverImageBlockDevice and DriverEphemeralBlockDevice are already not
saving updates to their 'encrypted' attributes, so the same error
checking is added to them as well for consistency.
Related to blueprint ephemeral-encryption-libvirt
Change-Id: Id30577699928180eff6a5b78390ce9e3efa28b16
RDP console was only for HyperV driver so removing the
API. As API url stay same (because same used for other
console types API), RDP console API will return 400.
Cleaning up the related config options as well as moving its
API ref to obsolete seciton.
Keeping RPC method to avoid error when old controller is used
with new compute. It can be removed in next RPC version bump.
Change-Id: I8f5755009da4af0d12bda096d7a8e85fd41e1a8c
Now that the source knows that both the computes support the right
libvirt version, it passes to the destination the list of mdevs it has
for the instance. By this change, we'll verify if the types of those
mdevs are actually supported by the destination.
On the next change, we'll pass the destination mdevs back to the
source.
Partially-Implements: blueprint libvirt-mdev-live-migrate
Change-Id: Icb52fa5eb0adc0aa6106a90d87149456b39e79c2
This chnage adds the pre-commit config and
tox targets to run codespell both indepenetly
and via the pep8 target.
This change correct all the final typos in the
codebase as detected by codespell.
Change-Id: Ic4fb5b3a5559bc3c43aca0a39edc0885da58eaa2
Many bugs around nova-compute rebalancing are focused around
problems when the compute node and placement resources are
deleted, and sometimes they never get re-created.
To limit this class of bugs, we add a check to ensure a compute
node is only ever deleted when it is known to have been deleted
in Ironic.
There is a risk this might leave orphaned compute nodes and
resource providers that need manual clean up because users
do not want to delete the node in Ironic, but are removing it
from nova management. But on balance, it seems safer to leave
these cases up to the operator to resolve manually, and collect
feedback on how to better help those users.
blueprint ironic-shards
Change-Id: I7cd9e5ab878cea05462cac24de581dca6d50b3c3
Based on the Libvirt and QEMU versions, two traits,
COMPUTE_ADDRESS_SPACE_PASSTHROUGH and COMPUTE_ADDRESS_SPACE_EMULATED,
are controlled. Since the two are supported from the same version on
the Libvirt and QEMU, Nova handles them in the same way.
Blueprint: libvirt-maxphysaddr-support
Depends-On: https://review.opendev.org/c/openstack/os-traits/+/871226
Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp>
Change-Id: If6c7169b7b8f43ad15a8992831824fb546e85aab
When we are loading our ComputeNode objects by UUID according to what
the virt driver reported, we can sanity check the DB records against
the virt driver's hostname. This covers the case where our CONF.host
has not changed but the hostname reported by the virt driver has,
assuming we can find the ComputeNode object(s) that match our
persistent node uuid.
Related to blueprint stable-compute-uuid
Change-Id: I41635210d7d6f46b437b06d2570a26a80ed8676a
This adds a get_available_node_uuids() method to the virt driver
interface. This aims to eventually replace the nodename-based
interface, but currently provides an implementation that will work
for most drivers. Any driver that does not override this method
will get the locally-persistent UUID from nova.virt.node.
Ironic obviously needs to override this (which is easy), as well as
the fake driver because it supports multiple nodes for testing. The
libvirt driver overrides it only because we test multiple libvirt
driver instances on a single host and we need each instantiation
of it to "capture" the UUID we have mocked out at the time it is
started.
Change-Id: Ibe14d2b223c737d82c217a74bc94e41603271a9d
This patch adds the plumbing for rebuilding a volume backed
instance in compute code. This functionality will be enabled
in a subsequent patch which adds a new microversion and the
external support for requesting it.
The flow of the operation is as follows:
1) Create an empty attachment
2) Detach the volume
3) Request cinder to reimage the volume
4) Wait for cinder to notify success to nova (via external events)
5) Update and complete the attachment
Related blueprint volume-backed-server-rebuild
Change-Id: I0d889691de1af6875603a9f0f174590229e7be18
In order to support remote-managed ports the following is needed:
* Nova compute driver needs to support this feature;
* For the Libvirt compute driver, a given host needs to have the right
version of Libvirt - the one which supports PCI VPD (7.9.0
https://libvirt.org/news.html#v7-9-0-2021-11-01).
Therefore, this change introduces a new capability to track driver
support for remote-managed ports.
Change-Id: I7ea96fd85d2607e0af0f6918b0b45c58e8bec058
The legacy block_device_info format has not been used for a while in the
virt drivers and the Fake virt drivers shouldn't be using it anymore.
Some compute tests have been updated as they were previously asserting
the legacy format incorrectly. TODOs are also left to remove support for
the legacy format in a follow up change.
Change-Id: I066fb5617bae944a03273049117fc2b5bf329283
Merge these, removing an unnecessary layer of abstraction, and place
them in the new 'nova.db.main' directory. The resulting change is huge,
but it's mainly the result of 's/sqlalchemy import api/main import api/'
and 's/nova.db.api/nova.db.main.api/' with some necessary cleanup. We
also need to rework how we do the blocking of API calls since we no
longer have a 'DBAPI' object that we can monkey patch as we were doing
before. This is now done via a global variable that is set by the 'main'
function of 'nova.cmd.compute'.
The main impact of this change is that it's no longer possible to set
'[database] use_db_reconnect' and have all APIs automatically wrapped in
a DB retry. Seeing as this behavior is experimental, isn't applied to
any of the API DB methods (which don't use oslo.db's 'DBAPI' helper),
and is used explicitly in what would appear to be the critical cases
(via the explicit 'oslo_db.api.wrap_db_retry' decorator), this doesn't
seem like a huge loss.
Change-Id: Iad2e4da4546b80a016e477577d23accb2606a6e4
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This change adds a simple optional kwarg to the virt driver signature of
destroy and cleanup to allow for callers to control when secrets should
be removed.
Change-Id: I856268b371f7ba712b02189db3c927cd762a4dc3
This patch addresses outstanding nits from the bp/pci-socket-affinity
series. The most important is how the libvirt driver handles reporting
the new COMPUTE_SOCKET_PCI_NUMA_AFFINITY trait. Previously, this was
done by directly adding the trait in static_traits(). This patch
switches it to use driver capabilities.
Change-Id: I89d742ae01d65ab4e16fd8bd86b761f4c5d54d54
Currently only the Hyper-V driver supports this, so that's the only
thing that will report True. Future changes will extend this
functionality to libvirt.
Blueprint: allow-secure-boot-for-qemu-kvm-guests
Change-Id: I314f50a253317b6d80e1fcdd1b5932534841c57f
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Replace six.text_type with str.
A subsequent patch will replace other six.text_type.
Change-Id: I23bb9e539d08f5c6202909054c2dd49b6c7a7a0e
Implements: blueprint six-removal
Signed-off-by: Takashi Natsume <takanattie@gmail.com>
This one is a little more involved because there are persistent objects
and versioned notifications to worry about, neither of which we can
remove right now.
Change-Id: Ic7c330ee1cccdc44a2a555c16cb6090eecbf6ce1
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This one is tied into an admin action in the server actions API, which
means we must remove that API action also. Otherwise, this isn't too
crazy.
Change-Id: I58343b94b67915062d044fa0f53aeab01b77738f
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This was used to propagate the metadata changes to the hypervisor. For
all non-XenAPI drivers, we still allow updating instance metadata via
the API (i.e. '/servers/{server_id}/metadata') but this simply changes
what is exposed via the metadata API.
Change-Id: Ibd0ffd9906e7d7f22a9233539091d450e8023f07
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
During the implementation of blueprint request-filter-image-types,
I left a FIXME to follow-up and add an ability for an operator to
configure compute nodes to not expose image formats that they *can*
support, for situations where they may not be desired. Consider a
remote compute node which *can* support raw images, but for which
you want to require that the user use qcow2 for transfer efficiency.
This adds a new compute-level config option which allows excluding
image types, which will be filtered out of the traits list in a
general way, to avoid having to honor the list in each driver.
Change-Id: Iabe6246dba212b1a287a82cc0cf16e2e8c8a24b8
Another pretty trivial one. This one was intended to provide an overview
of instances that weren't properly tracked but were running on the host.
It was only ever implemented for the XenAPI driver so remove it now.
Change-Id: Icaba3fc89e3295200e3d165722a5c24ee070002c
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
These were used to broadcast aggregate changes to XenAPI pools and
aren't used by any other in-tree driver. Remove them.
Change-Id: I18a01032a89bff84d71e879c5207157393849b7e
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Remove references to the feature from various comments scattered
throughout the code.
Change-Id: Ic353a2489389c557859c249218eaf6060974e1a9
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This is no longer used by any in-tree virt drivers and can be removed.
The equivalent RPC API now always raises 'NotImplementedError', which
was the behavior with virt drivers that didn't support the feature.
Change-Id: Iab881ef4f52eff4815e781f10204497968f8a06b
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
If rollback_live_migration failed, the migration status is set to
'error', and there might me some resource not be cleaned up like vpmem
since rollback is not completed. So we propose to track those 'error'
migrations in resource tracker until they are cleaned up by periodic
task '_cleanup_incomplete_migrations'.
So if rollback_live_migration succeeds, we need to set the migration
status to 'failed' which will not be tracked in resource tracker. The
'failed' status is already used for resize to indicated a migration
finishing the cleanup.
'_cleanup_incomplete_migrations' will also handle failed
rollback_live_migration cleanup except for failed resize/revert-resize.
Besides, we introduce a new 'cleanup_lingering_instance_resources' virt
driver interface to handle lingering instance resources cleanup
including vpmem cleanup and whatever we add in the future.
Change-Id: I422a907056543f9bf95acbffdd2658438febf801
Partially-Implements: blueprint vpmem-enhancement
This change extends the conductor manager
to append the cyborg resource request to the
request spec when performing an evacuate.
This change passes the ARQs to spawn during rebuild
and evacuate. On evacuate the existing ARQs will be deleted
and new ARQs will be created and bound, during rebuild the
existing ARQs are reused.
This change extends the rebuild_instance compute rpcapi
function to carry the arq_uuids. This eliminates the
need to lookup the uuids associated with the arqs assinged
to the instance by quering cyborg.
Co-Authored-By: Wenping Song <songwenping@inspur.com>
Co-Authored-By: Brin Zhang <zhangbailin@inspur.com>
Implements: blueprint cyborg-rebuild-and-evacuate
Change-Id: I147bf4d95e6d86ff1f967a8ce37260730f21d236
These are all XenAPI-only APIs and can be removed in the near future
when that driver goes away. Highlight this fact now.
Change-Id: I04f6bd4000f58b9da2e4165aa2d623e795845d4e
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Zuul