Commit Graph

323 Commits

Author SHA1 Message Date
Omer 6cc3e50a74 Add --wait to Octavia cookbook
So far we did not mention the --wait argument when we created Octavia
resources in the cookbook.

This argument will save the user some (loadbalancer show) API calls,
so one won't have to make sure the Octavia resources are ready every
now and then.

Change-Id: If066e420a7ada869f67fbea29c50dc896f8a72ea
2024-03-11 16:20:51 +00:00
Zuul 6b0ca25696 Merge "Add additional-vips to the feature matrix" 2024-03-07 11:30:47 +00:00
Zuul 346e65cfee Merge "Add nftables support for SR-IOV VIPs" 2024-02-29 09:28:17 +00:00
Zuul 9973874afb Merge "Add support for SR-IOV ports in Octavia" 2024-02-29 09:01:03 +00:00
Michael Johnson d83999f4ed Add nftables support for SR-IOV VIPs
This patch adds the initial nftables support in the amphora for SR-IOV
VIPs. Followup patches will add rules to the nftables chain. As this
point in the patch chain, SR-IOV VIPs will not pass any traffic.

Change-Id: Ib2a1c3f49a26690d2e0e9c7330e047748c0b5105
2024-02-28 16:00:12 +00:00
Michael Johnson 75c1bdd104 Add support for SR-IOV ports in Octavia
Change-Id: I16622add64076370dad85620043f71077bc9acbb
2024-02-28 15:56:35 +00:00
Zuul 3f4eddc5cc Merge "Add h2 section to Octavia cookbook" 2024-02-27 16:12:23 +00:00
Omer bb53212d5c Add h2 section to Octavia cookbook
So far we did not document h2 load balancing with both pool backend
re-encryption and alpn protocols.

This patch adds that missing h2 section to the Octavia cookbook.

Story 2010581
Task 47365

Change-Id: Iffaf4fa50ae6bf93a8e25e61f6776b1bed343f52
2024-02-23 00:04:45 +00:00
Fernando Royo d5d8c6bf52 Add additional-vips to the feature matrix
Include additional VIPs feature in the Amphora and OVN provider
matrix since it has already been integrated for both providers.

Change-Id: If43296d81bbaa10bd5e720d7c18920321ab8b743
2024-02-22 23:18:28 +00:00
Zuul 261ee7dcff Merge "Add spec for SR-IOV in Octavia Amphora" 2023-12-06 17:01:12 +00:00
Michael Johnson 8b503d1eaf Add spec for SR-IOV in Octavia Amphora
This patch proposes a specification for adding SR-IOV VF port support to
Octavia Amphora load balancers.

Change-Id: I98961b162ae6811366bb036e6286f972908d785b
2023-12-05 15:50:16 +00:00
Gregory Thiemonge a81cf552ce Added olso_middleware.sizelimit support
Change-Id: I484e4a88993196f63c8c9285dc2772507cc4d8c5
2023-11-28 07:10:53 -05:00
Tom Weininger deeb4acca5 Run codespell on doc directory
Result of running:

$ codespell -w octavia

Change-Id: Ifdcfcaea679d0ddb6b7b0e3c88586a61a5d627cc
2023-10-30 10:40:46 +01:00
Zuul 1f71d1fd96 Merge "Retry to set loadbalancer prov status on failures" 2023-10-09 16:16:35 +00:00
Gregory Thiemonge c4a162ab40 Disable seqdiag in the spec docs
The tls-data-security specs use seqdiag to describe communication between
some components.
seqdiag is unmaintained and doesn't work with recent Pillow releases (10.0.1).
Disable the generation of those diagrams as they are part of old specs.

Also remove the dependency on seqdiag

Disable octavia-grenade-skip-level which will be fixed in another commit

Partial-Bug: #2026345

Change-Id: I6b5c5d6c651dac223a205409c49085faf78cff15
2023-10-06 15:02:46 +02:00
Gregory Thiemonge be91493332 Retry to set loadbalancer prov status on failures
In case of DB outages when a flow is running, an exception is caught and
the flow is reverted. In most of the flows, the revert function of the
first task's (the last to be reverted) unlocks the load balancer by
setting its provisioning status (to ERROR or ACTIVE, depending on the
flow), but it fails if the DB is not reachable, leaving the LB in
a PENDING_* state.
This commit adds tenacity.retry to those functions, Octavia retries to
set the status during ~2h45 (2000 attempts, 1 sec initial delay, 5 sec
max delay).

Closes-Bug: #2036952
Change-Id: I458dd6d6f5383edc24116ea0fa27e3a593044146
2023-10-03 06:13:34 -04:00
Gregory Thiemonge 6d4be198a1 Fix links to the bug tracker in the docs/releasenotes
Change-Id: I7dbd573a6552f2d6f6c73cd582514db3bb39b423
2023-09-14 10:14:48 +02:00
Zuul 25742da290 Merge "Update the bug tracker links in the doc (switch to Launchpad)" 2023-08-23 23:11:45 +00:00
Zuul a904f35304 Merge "Add support for HTTP Strict Transport Security" 2023-08-23 20:23:51 +00:00
Tom Weininger c907547512 Add support for HTTP Strict Transport Security
Closes-Bug: #2017972
Depends-on: https://review.opendev.org/c/openstack/octavia-lib/+/880821
Change-Id: I0f2f2ff6b8c430b2dd06d707097af74bb608dcc9
2023-08-23 18:18:02 +02:00
Gregory Thiemonge 9ba449c9a9 Update the bug tracker links in the doc (switch to Launchpad)
The Octavia has decided to move back to Launchpad for the B release
cycle.

Change-Id: I6f003377824867e74b1a96f9eb3e1df3fdf856da
2023-08-21 10:43:35 +02:00
Michael Johnson ff80e454ab Remove blockdiag from Octavia
The python blockdiag module is unmaintained and will likely be removed from distros.[1]
This patch removes mention of blockdiag from Octavia as it is unused.

[1] https://github.com/blockdiag/blockdiag/pull/171

Change-Id: I88371364b88bec5f1fd42d6ade8b316be3130f3f
2023-07-31 16:16:32 +00:00
Zuul 12d8e0de5d Merge "Update doc for the OVN provider" 2023-07-13 16:33:20 +00:00
Fernando Royo 25fbd4e8e7 Update doc for the OVN provider
Update doc according last improvements on HM for the OVN
provider. Also point to ovn-octavia-provider repo for doc,
instead to networking-ovn.

Change-Id: I8b83e06c89abcc9100085357c2dc265e3178d1c5
2023-04-10 17:18:20 +02:00
Gregory Thiemonge 3b4ef33f14 Merge amphorav2 provider doc into amphora doc
Change-Id: Ica68aa13b7499bc752c9bbcff1fd713ca1081b05
2023-04-07 08:29:31 +00:00
Gregory Thiemonge 6c0515c988 amphorav1 removal
Removing the amphorav1 provider, it was deprecated in Zed and can now be
removed in Bobcat 2023.2.

Change-Id: I2ecfc0f40549d80b3058b76c619ff4ef35aadb97
2023-04-05 09:23:06 +02:00
Pierre Riteau 1d84f2972f Fix typo in docs section title
Change-Id: Ie4a690263a3de6e85a1081c373c56e2992941622
2022-12-09 17:12:29 +01:00
Zuul 6ec76b1282 Merge "Remove unnecessary unicode prefixes" 2022-09-05 06:21:16 +00:00
Adam Harwell 1d19b702b1 Failover stop threshold / circuit breaker
Stop failovers if the count of simultaneously failed
amphora reaches the number configured in the new
failover_threshold option.
This may prevent large scale accidental failover events,
like in the case of network failures or read-only
database issues.

Story: 2005604
Task: 30837
Co-Authored-By: Tatsuma Matsuki <matsuki.tatsuma@jp.fujitsu.com>
Co-Authored-By: Tom Weininger <tweining@redhat.com>

Change-Id: I0d2c332fa72e47e70d594579ab819a6ece094cdd
2022-09-02 17:15:59 +02:00
Zuul 6e24fa6bd3 Merge "Add event notifications for load balancers." 2022-08-18 11:50:37 +00:00
Spencer Harmon 70257eb6b3 Add event notifications for load balancers.
This patch creates tasks for load balancer notifications and adds them to the amphora loadbalancer create/delete/update flows.

Change-Id: I287d89cd83e91473f1375788c969521aa58ca567
2022-07-29 10:07:02 -05:00
Michael Johnson 5ab6e3d30f Move system scoped secure-RBAC to separate file
This patch moves the system scope configuration in the policy override example files out to a separate override file. This way the new default roles can be enabled independently of system scoped tokens. This helps us align to the changes in the secure-RBAC spec[1].

[1] https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html

Change-Id: I1b41780f3ca84ceca563d668ae8bb40011a60bf4
2022-07-15 23:43:07 +00:00
Zuul a94b3101e8 Merge "[doc] Fix client key name in command" 2022-05-10 17:33:15 +00:00
lixuehai b68b113eb4 Remove unnecessary unicode prefixes
Change-Id: Ib72f02450900654518cec9bef1b5dca397cbfb7a
2022-04-27 15:33:47 +08:00
Zuul 2376f68bba Merge "Improve documentation about log offloading" 2022-04-26 22:50:17 +00:00
Dmitriy Rabotyagov a88e86e74b [doc] Fix client key name in command
Copy/paste issue was present, so if following guide you would override
client CA key created on step 9 while generating
client key for certificate.

Change-Id: Icc06b48cfe57929030218555ab4b19b1db1ff68a
2022-04-21 12:39:36 +02:00
Zuul bf007ec4a8 Merge "Add a Grafana dashboard for Octavia load balancers" 2022-04-08 13:37:40 +00:00
Tom Weininger d556c622b1 Documentation updates
Minor corrections and update of the remote debugging guide.

Change-Id: I0d08aaf4f02f5575f1a68b65ebc16aafad8a0270
2022-03-23 10:00:47 +01:00
Tom Weininger 911300d688 Improve documentation about log offloading
Parts of the documentation about log offloading repeated itself.
I added a new "Failover Considerations" section that focuses on that
topic specifically. Therefore, other sections no longer need to show
multi-server configurations.
The new section contains recommendations about
log_retry_count and log_retry_interval values for failover
configurations as well.

Story: 2009876
Task: 44599
Change-Id: If71fce80329fe772c8248bc2eb4445ea15680c5d
2022-03-11 10:40:50 +01:00
Michael Johnson f97c826fed Add a Grafana dashboard for Octavia load balancers
This patch adds a Grafana dashboard for Octavia load balancers that can
be imported into Grafana.

Change-Id: I6d4de38dd44adecc677c637a25233494065ba3fb
2022-02-28 17:27:20 +00:00
Michael Johnson 0d9674bd87 Add the PROMETHEUS protocol to listeners
This patch adds a new protocol for listeners called "PROMETHEUS" that exposes
a Prometheus endpoint. This allows detailed metrics collection from Octavia
load balancers.

Change-Id: I3e27e4e57ad955bcd7728426c91f05171a46ef7f
2022-02-22 01:57:53 +00:00
Tom Weininger 4c5e798cc4 Fix wrong SQL statements in documentation
Story: 2009842
Task: 44444
Change-Id: Ibd4d7e700d43179e28d8aa8ef6fba7fb7276264b
2022-02-16 12:10:50 +01:00
Ade Lee 36a642d9d0 Update scripts to use fips allowed algorithms
Openssl genrsa is deprecated in favor of genpkey, and fails in FIPS mode.
Update the relevant calls to use genpkey instead.

Change-Id: I1aab9faa8afe845e445e620d1800785d2e19ad1e
2022-01-17 14:01:16 -05:00
Gregory Thiemonge 8ac5aa7cbe Fix docs jobs and pep8 errors with pylint 2.6.2
Remove test-requirements.txt from docs dependencies, add hacking in
doc/requirements. It should reduce the duration of the docs job.

Removed some comments that disabled consider-using-with in pylint,
most of the flagged code is now considered as false positive.

Change-Id: Ib550542820163be2bbef97df7b090834a6b6dccd
2021-10-08 14:17:03 +02:00
Zuul e647f6d71a Merge "Edits for "Basic Load Balancing Cookbook"" 2021-07-02 20:17:39 +00:00
Brian Haley 2bcb344fb9 Update contributor documentation
There is a new IRC network in town.

Change-Id: I70fa2fbe5936847e701d2d8dfb6069e33de9c889
2021-06-16 12:36:30 -04:00
Greg Rakauskas a26494bfcb Edits for "Basic Load Balancing Cookbook"
Several edits from early January 2021.
Tech review edits from two devs incorporated. Thanks!
Additional comments from Brian added. Thanks!

Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Change-Id: Iddcbe83dc4b3fec796ac94339f2839818890ab2f
2021-05-04 14:32:24 -04:00
Gregory Thiemonge 815a283823 Spare pool removal
Spare pool feature was deprecated in Victoria, we decided to remove it
during the Xena release cycle.

Change-Id: I830c6a4c49fa47105f788cf99a0f775e5dbdcaea
2021-04-28 09:10:09 +02:00
Greg Rakauskas de352cac20 Edits for "Operator Maintenance Guide"
Several edits from early January 2021.

Co-Authored-By: Michael Johnson <johnsomor@gmail.com>
Change-Id: Ib2408ef82e12b50c112b224b6f02f0e00a441a86
2021-04-20 17:20:57 -04:00
Michael Johnson 6c54eab5b5 Make /healthcheck cache results
The healthcheck endpoint should cache results to reduce the potential load on the backend systems being tested.
This patch adds the caching and a configuration setting for the interval
between cache refreshes.

Change-Id: Ic97a991437144f3a220d9b96839cec5b63565f8c
Story: 2008203
Task: 40987
2021-03-15 21:43:43 +00:00