* Update octavia from branch 'master'
to 93dd9916c3d9407fd6e8580a166c6a56250389ad
- Merge "devstack: Drop removed services"
- devstack: Drop removed services
glance-registry and nova-objectstore were removed some time ago.
Change-Id: I790bb48291e30a6aa233e082f9e211f18409b3e4
* Update octavia from branch 'master'
to ecbf4ebc8a7cc2f5594250bd3faa6189b263def4
- Merge "Remove executable flag from some files"
- Remove executable flag from some files
These files should not be executable.
Change-Id: If5128deae36f43e40127019f80ab71dd2ac74aeb
* Update octavia from branch 'master'
to 12287c707598e1b08b0bcc65ed0aa81b979cd4d9
- Merge "SQLAlchemy 2.0: Drop use of removed autoload"
- SQLAlchemy 2.0: Drop use of removed autoload
The autoload arugment was removed[1] in SQLAlchemy and only
the autoload_with argument should be passed.
The autoload argument is set according to the autoload_with argument
automatically even in SQLAlchemy 1.x[2] so is not at all needed.
[1] c932123bac
[2] ad8f921e96
Closes-Bug: #2061303
Change-Id: Ic18044b8065d2350c180ad26f5307a77aa99037b
* Update octavia from branch 'master'
to b4e8727159954d2427446153b7d0490ff4ab59ee
- Merge "pyupgrade changes for Python3.8+ (7)"
- pyupgrade changes for Python3.8+ (7)
Result of running
$ pyupgrade --py38-plus $(git ls-files | grep ".py$")
This was inspired by Nova [1]
Fixed PEP8 errors introduced by pyupgrade by running:
$ autopep8 --select=E127,E128,E501 --max-line-length 79 -r \
--in-place octavia
and manual updates.
[1]: https://review.opendev.org/c/openstack/nova/+/896986
Change-Id: I9399730fed16b85686caa586788a1bc03ebd123a
* Update octavia from branch 'master'
to 6f36be9cc615adc14ca1cf9374a370fdd5d88c0c
- Merge "pyupgrade changes for Python3.8+ (6)"
- pyupgrade changes for Python3.8+ (6)
Result of running
$ pyupgrade --py38-plus $(git ls-files | grep ".py$")
This was inspired by Nova [1]
Fixed PEP8 errors introduced by pyupgrade by running:
$ autopep8 --select=E127,E128,E501 --max-line-length 79 -r \
--in-place octavia
and manual updates.
[1]: https://review.opendev.org/c/openstack/nova/+/896986
Change-Id: I3924de7cd8e2d242006ec4f272ece0276053e2ed
* Update octavia from branch 'master'
to ce29065796356b0510fc1399f6068ede40eec4f1
- Merge "pyupgrade changes for Python3.8+ (5)"
- pyupgrade changes for Python3.8+ (5)
Result of running
$ pyupgrade --py38-plus $(git ls-files | grep ".py$")
This was inspired by Nova [1]
Fixed PEP8 errors introduced by pyupgrade by running:
$ autopep8 --select=E127,E128,E501 --max-line-length 79 -r \
--in-place octavia
and manual updates.
[1]: https://review.opendev.org/c/openstack/nova/+/896986
Change-Id: I9aeb3d603a519c3029b5be1ab622a0250f628f7d
* Update octavia from branch 'master'
to 54495575ab3dc3725dfe1208bdd7ca317c844691
- Merge "pyupgrade changes for Python3.8+ (4)"
- pyupgrade changes for Python3.8+ (4)
Result of running
$ pyupgrade --py38-plus $(git ls-files | grep ".py$")
This was inspired by Nova [1]
Fixed PEP8 errors introduced by pyupgrade by running:
$ autopep8 --select=E127,E128,E501 --max-line-length 79 -r \
--in-place octavia
and manual updates.
[1]: https://review.opendev.org/c/openstack/nova/+/896986
Change-Id: I7d69a002c4e4c79fc2f5a13e9056aa2461d0ab7a
* Update octavia from branch 'master'
to 314f2b60dc34da8137eb3501f3aca208f4291eec
- Merge "pyupgrade changes for Python3.8+ (3)"
- pyupgrade changes for Python3.8+ (3)
Result of running
$ pyupgrade --py38-plus $(git ls-files | grep ".py$")
This was inspired by Nova [1]
Fixed PEP8 errors introduced by pyupgrade by running:
$ autopep8 --select=E127,E128,E501 --max-line-length 79 -r \
--in-place octavia
and manual updates.
[1]: https://review.opendev.org/c/openstack/nova/+/896986
Change-Id: Ib160f988cea0c6a27b3c1efeb2b2953f8929dc5c
* Update octavia from branch 'master'
to 85cfb6c2ae974d110712b5ea673cdafcfecb9e69
- Fix negative or 0 limit parameter in pagination
Octavia replace "limit" with None when it is less 1. (for example 0, -1)
However the further code failed to compare None and int values.
This patch fixes it by validation, that limit is None.
Co-Authored-By: Roman Goncharov <gadzhet007@gmail.com>
Closes-Bug: #2060917
Change-Id: I9bb45a1aca6b7b18644752a3dccc3ebfb7c106ef
* Update octavia from branch 'master'
to f91ff6c5a616261f57a15f612e00ba2b879b827e
- Merge "pyupgrade changes for Python3.8+ (2)"
- pyupgrade changes for Python3.8+ (2)
Result of running
$ pyupgrade --py38-plus $(git ls-files | grep ".py$")
This was inspired by Nova [1]
Fixed PEP8 errors introduced by pyupgrade by running:
$ autopep8 --select=E127,E128,E501 --max-line-length 79 -r \
--in-place octavia
and manual updates.
[1]: https://review.opendev.org/c/openstack/nova/+/896986
Change-Id: I4ad020fbedd8106a3a86768c25a0c4dc750ec88a
* Update octavia from branch 'master'
to 29880ec66733b8a9e83f66979a5c18e7b83c11f7
- Merge "pyupgrade changes for Python3.8+ (1)"
- pyupgrade changes for Python3.8+ (1)
Result of running
$ pyupgrade --py38-plus $(git ls-files | grep ".py$")
This was inspired by Nova [1]
Fixed PEP8 errors introduced by pyupgrade by running:
$ autopep8 --select=E127,E128,E501 --max-line-length 79 -r \
--in-place octavia
and manual updates.
[1]: https://review.opendev.org/c/openstack/nova/+/896986
Change-Id: I8560b5440c0c2338e468b12d8c4abcc47a8fb50a
* Update octavia from branch 'master'
to 824b51a1dad80292b7a8ad5d61bf3ce706b1fb29
- Handle empty delay on update healthmonitor
Check that delay field is not UnsetType before further validation
Closes-Bug: #2059894
Change-Id: Ia853d43dc273019c76da09104f31aa7e1b154fec
* Update octavia from branch 'master'
to fa7cc0178783ad4ab9f3ddce893042d5952d0bd8
- Merge "Fix fully-populated API with allowed_cidrs"
- Fix fully-populated API with allowed_cidrs
When creating a LB + a listener with an allowed_cidr with the
fully-populated API, an issue happened when Octavia validated that the
allowed_cidrs and the VIP ip address have the same IP version. The
vip.ip_address value was not updated in the load balancer object,
forcing the expiration of the DB object before entering _graph_create
fixes this issue.
Note: there's no change in the tests, the test function for this feature
exists, looks correct, and passes successfully, the bug is only
reproducible in octavia-api.
Closes-Bug: 2057751
Change-Id: Ia106d81c1b2588e5d938d2238c8a2f6660bf5ef1
* Update octavia from branch 'master'
to e4d7186776b812516f6a473e7984e4ec0b1f40b4
- Update master for stable/2024.1
Add file to the reno documentation build to show release notes for
stable/2024.1.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2024.1.
Sem-Ver: feature
Change-Id: I744c29c1a03aba952b98a9fa3b6772073fa3805c
* Update octavia from branch 'master'
to 9f1a6e47d7eb77492bfcc68adb1392f163ce6d26
- Merge "dib: Remove Ubuntu Forcal support"
- dib: Remove Ubuntu Forcal support
Ubuntu Focal is no longer part of the tested environments, because of
newer LTS available now (Jammy).
Change-Id: I7a6df974762abdd94784416609304618ce702b6e
* Update octavia from branch 'master'
to 6b4975f5b2f82b046d833d7f0b0fdff1c5c47248
- Merge "dib: Remove remaining logic for CentOS/RHEL 8"
- dib: Remove remaining logic for CentOS/RHEL 8
... because CentOS 8 and RHEL 8 is no longer supported.
Change-Id: I90e5b85827a324c0a258fd30cf94b3e8ac8c841f
* Update octavia from branch 'master'
to 411e7c6dbcca08510fa2efd564fb0c108f697cb9
- Check Amphora status on SR-IOV failover flows
As noted on an earlier patch[1], the "SetAmphoraFirewallRules" task was not
checking the Amphora status nor using an API timeout. This could cause failover
flows to take longer than necessary if one of the Amphora is missing.
This patch corrects that issue by honoring both the Amphora status and timeout.
[1] https://review.opendev.org/c/openstack/octavia/+/910101/13/octavia/controller/worker/v2/flows/amphora_flows.py
Change-Id: Ic5e8140b13164267236f0a5d9a48fbd84bcdd688
* Update octavia from branch 'master'
to ffc6f83f07b088fbd8979a5610fa371ff5c6467e
- Merge "Add --wait to Octavia cookbook"
- Add --wait to Octavia cookbook
So far we did not mention the --wait argument when we created Octavia
resources in the cookbook.
This argument will save the user some (loadbalancer show) API calls,
so one won't have to make sure the Octavia resources are ready every
now and then.
Change-Id: If066e420a7ada869f67fbea29c50dc896f8a72ea
* Update octavia from branch 'master'
to 2abab95fa05c7079cfcbf4a81982777d8a5fc27c
- Merge "Fix neutron setting overrides"
- Fix neutron setting overrides
Since 2023.2, we deprecated some settings in the [neutron] section
('endpoint', 'endpoint_type' and 'ca_certificates_file'), they are
respectively replaced by 'endpoint_override', 'valid_interfaces' and
'cafile'. There's some code in Octavia that automatically sets the new
settings if the user still has the old settings (it is required because
keystoneauth uses the CONF objects to establish the sessions).
But some corner cases were not correctly addressed in that patch.
Now Octavia ensures that the override of the parameters is correctly
handled.
Change-Id: Ic37e9f699e32431ae1735ddc9642689967ddc696
Closes-Bug: 2051604
* Update octavia from branch 'master'
to 00e9eac7ebd9434b4d59bbb383491bc1ae476ace
- Merge "Use devstack helper functions in the plugin"
- Use devstack helper functions in the plugin
Using get_or_.*_role functions is useful when deploying 2 devstack
instances in 2 different regions with a unique keystone instance, the
functions ensure that the changes haven't already been applied
Change-Id: I95d75b1bc3a62bb2758a4c5985dcfb9e6cc12449
* Update octavia from branch 'master'
to ef28b2e6295e604ce77e6e531a3ef066d8ac6098
- Merge "Drop direct execution of octavia/cmd/*.py"
- Drop direct execution of octavia/cmd/*.py
We generate scripts using setuptools, and we don't expect users may
launch these processes directly from *.py files.
Change-Id: I31c812b112f587d8273893e565417e9949288d16
* Update octavia from branch 'master'
to 2b8af0dc620d2dac33a7b27fb35fb438af513c65
- Merge "When we failed to load pkcs12 cert print warning"
- When we failed to load pkcs12 cert print warning
Print actual error when we failed to load pkcs12 cert and
falling back to the default implemntation, as exception may
not be related to certificate or its format like an issue
with wrong methods during cryptography version mismatch
*** AttributeError: module 'OpenSSL.crypto' has no attribute 'load_pkcs12'
Related-Prod: PRODX-39931
Change-Id: I85c8a615c4f2e08e28939805ae0e9b2028dadaed
* Update octavia from branch 'master'
to 91ee3d7c86a4e0f026c513ddb98f3e769dfa0652
- Merge "redis: Support multiple sentinel servers"
- redis: Support multiple sentinel servers
Redis Sentinel client implementation support using multiple sentinel
servers for redundancy, but only a single server from the servers list
was passed down to it.
This uses the new taskflow interface to add fallback servers, and
register the remaining servers in the list as fallbacks.
Depends-on: https://review.opendev.org/c/openstack/taskflow/+/907674
Change-Id: I6b281d2520db0048329b12b33108273ba2f96534
* Update octavia from branch 'master'
to c85bdad24d5240c40c560a7cc5655ceb3af235db
- Merge "redis: Add username"
- redis: Add username
Redis introduced ACL feature in 4.0.0, and this feature is supported by
redis-py since 3.4.0[1]. When ACL is enabled, authentication requires
username in addition to password.
Also this removes the default password string because it can confuse
underlying libraries in case a more strict check such as 'is None' is
implemented there.
[1] 8df8cd54d1
Depends-on: https://review.opendev.org/c/openstack/taskflow/+/907667
Change-Id: Ie85589ab4e02046f54864a10b9b8adce6996d82a
* Update octavia from branch 'master'
to 188ed9c46b27655598869031aaafee420b7e13fe
- Merge "Fix duplicate tasks in SRIOV LB Create flow"
- Fix duplicate tasks in SRIOV LB Create flow
There was a mistake in the load balancer create flow where duplicate
tasks were added to the flow when an SRIOV VIP was used. This patch corrects
that by removing the duplicate tasks.
Change-Id: Id3dce30639cce6724d41fd2ccd53612384eba87f
* Update octavia from branch 'master'
to 6b0ca25696b19a6572070558ca60f4332c84598a
- Merge "Add additional-vips to the feature matrix"
- Add additional-vips to the feature matrix
Include additional VIPs feature in the Amphora and OVN provider
matrix since it has already been integrated for both providers.
Change-Id: If43296d81bbaa10bd5e720d7c18920321ab8b743
* Update octavia from branch 'master'
to edfc9803f5e61e7babcf27b3468a7702f71e25e8
- Merge "reno: Update master for unmaintained/victoria"
- reno: Update master for unmaintained/victoria
Update the victoria release notes configuration to build from
unmaintained/victoria.
Change-Id: I1e830e9c06f87125835afe2115d6b32a84fc2b80
* Update octavia from branch 'master'
to dc168aee83951dc6656a210259fcde76d05e3cc5
- Merge "reno: Update master for unmaintained/xena"
- reno: Update master for unmaintained/xena
Update the xena release notes configuration to build from
unmaintained/xena.
Change-Id: I611b21c6a03b01c8dff364b223da324d6e2fb1ac
* Update octavia from branch 'master'
to 1d411539bbc704413c54039538edb3a36689f439
- reno: Update master for unmaintained/wallaby
Update the wallaby release notes configuration to build from
unmaintained/wallaby.
Change-Id: If0336f59e8aa68298cd3efb9b8ee2dd391b90387
* Update octavia from branch 'master'
to 115b18effdb5979a90b6177bff443a4de362dcb6
- Merge "Enable nftables rules for SR-IOV VIPs"
- Enable nftables rules for SR-IOV VIPs
This patch enables setting the nftables rules in Amphora using SR-IOV VIPs.
Change-Id: I554aac422371abafb4bb04e2d0df3fce3fa169d4
* Update octavia from branch 'master'
to 346e65cfeed759ecbd332ad52793c4ab56446a24
- Merge "Add nftables support for SR-IOV VIPs"
- Add nftables support for SR-IOV VIPs
This patch adds the initial nftables support in the amphora for SR-IOV
VIPs. Followup patches will add rules to the nftables chain. As this
point in the patch chain, SR-IOV VIPs will not pass any traffic.
Change-Id: Ib2a1c3f49a26690d2e0e9c7330e047748c0b5105
* Update octavia from branch 'master'
to 9973874afb12c77c1d0ffc15ac36af6a8cc72c6a
- Merge "Add support for SR-IOV ports in Octavia"
- Add support for SR-IOV ports in Octavia
Change-Id: I16622add64076370dad85620043f71077bc9acbb
* Update octavia from branch 'master'
to 3acb24ee9ab0ee6750544176daec37f6640b865f
- Merge "Cap hacking"
- Cap hacking
... following what has been done in the other repos. This also caps
flake8-import-order because hacking usually needs to align with flake8.
Change-Id: Ie9bc993ad84660590455193397b0a3a3d675f8dc
* Update octavia from branch 'master'
to b2f3f77d9e7b88f373cc90413b220399c026c77d
- Merge "Honor connection_recycle_timeout in MysqlPersistenceDriver"
- Honor connection_recycle_timeout in MysqlPersistenceDriver
The taskflow library allows us to customize idle_timeout. This change
makes the option set according to the equivalent option in oslo.db
similarly to the other options such as max_overflow.
Change-Id: I1c50f232c4f0c5c10a3dd5a928466f7ef67a9763
* Update octavia from branch 'master'
to 3f4eddc5cc5c431a4d7884a60562d3ec20b8be9a
- Merge "Add h2 section to Octavia cookbook"
- Add h2 section to Octavia cookbook
So far we did not document h2 load balancing with both pool backend
re-encryption and alpn protocols.
This patch adds that missing h2 section to the Octavia cookbook.
Story 2010581
Task 47365
Change-Id: Iffaf4fa50ae6bf93a8e25e61f6776b1bed343f52
* Update octavia from branch 'master'
to ffc9d83197f103ff8f9f7ca00801dd6d65e8ea4d
- Remove some unused code
These methods and tasks are no longer used in the code, so this patch proposes
to remove them.
Change-Id: Ic7813d3a9073e4b3c1bc6a7839242df34a16d348
* Update octavia from branch 'master'
to 30ce858564904a6217c3a470985a72011adbcb9c
- Merge "Fix pylint error"
- Fix pylint error
pylint 3.1.0 introduced the new check (use-yield-from) and this detects
a few failures in current code. This fixes these failures.
Change-Id: Ia5396895b27e4b28a7d9d8d85a85a8449c21d493
* Update octavia from branch 'master'
to 46f4020e7031a1032d3fb69ab3964a060f4da506
- Merge "Bump hacking in pre commit config"
- Bump hacking in pre commit config
... to 6.1.0 which is the latest version available now.
Change-Id: Ibf919824c27879901067da1cf80b23e3243097e2
* Update octavia from branch 'master'
to c8e5e46e474d902c339e304f7519cdef78477dc4
- reno: Update master for unmaintained/yoga
Update the yoga release notes configuration to build from
unmaintained/yoga.
Change-Id: I8ce1ff627a7d50583f6d2dbca123eb7a88c857f5
* Update octavia from branch 'master'
to bbb4713464eee61add6ce32427621e36fa4086e9
- Merge "Declare we use threads and processes for coverage"
- Declare we use threads and processes for coverage
We should declare to coverage that we use the multiprocessing and thread
libraries in Octavia.
Change-Id: Id0683e20d84a7e3b310e0b7ec88f166b842a1e80
* Update octavia from branch 'master'
to b1c930d41f4390da2f33e91e613f70cbd3730a58
- tests: correct use of has_calls -> assert_has_calls
Newer Python detect 'has_calls' as an incorrect use of assert_has_calls.
Correct the one instance of this in Octavia.
Change-Id: I5c943266332908e00c19b409e3af571680d55c26
* Update octavia from branch 'master'
to 5750e4512d622450f6ecab1c7001ebd5637e0d53
- Merge "Provide Amphora stats for Octavia no-op drivers"
- Provide Amphora stats for Octavia no-op drivers
So far, when Octavia was running with noop drivers, there were no
amphora statistics data provided and 404 was returned as the
AmphoraStatistics object was not created, and therefore not found.
This patch adds fake statistics to amphora noop driver.
Closes-Bug: #2030774
Change-Id: Ib65e459bcd10a5ab877c0cf6f234d634d25d1e55
* Update octavia from branch 'master'
to 663896ce5111638bb0a02d20dc6b0b3655c3526f
- Merge "Update python classifier in setup.cfg"
- Update python classifier in setup.cfg
As per the current release tested runtime, we test
python version from 3.8 to 3.11 so updating the
same in python classifier in setup.cfg
Change-Id: Id1eb84f55d7a78d88e3be19742989cb73c6987ce
* Update octavia from branch 'master'
to 490a65fceb6c247f77d47cbcfcb6bc0bbdd6bdd7
- Merge "Fix issue with certificates with no subject or CN"
- Fix issue with certificates with no subject or CN
This patch fixes an issue where if the user attempts to use a
certificate that does not have a subject or CN, we would fail to create
a listener using the certificate.
Per the x.509 specification, a blank subject is allowed as long as the
subjectAltName extension is present in the certificate.
Octavia will now check for the a valid subAltName if the subject CN can
not be retrieved. If both are missing an appropriate error is raised for
the user.
Closes-Bug: #2043582
Change-Id: I06911f42b9bf29cf9a5f2e76d8333d8a2f1bc60b