Bug LP 1863232 introduced a new Apache configuration option called
WSGISocketRotation which allows users to disable wsgi socket
rotation. This patch makes this configurable with a new
wsgi-socket-rotation config option that defaults to the Apache
default and can optionally be set to False.
Closes-Bug: #2021550
Change-Id: I85d48b646b3d0778aae3a7dd3942ad45b4af002d
* sync charm-helpers to classic charms
* change openstack-origin/source default to zed
* align testing with zed
* add new zed bundles
* add zed bundles to tests.yaml
* add zed tests to osci.yaml and .zuul.yaml
* update build-on and run-on bases
* add bindep.txt for py310
* sync tox.ini and requirements.txt for ruamel
* use charmcraft_channel 2.0/stable
* drop reactive plugin overrides
* move interface/layer env vars to charmcraft.yaml
Change-Id: I8f2c34f3a4a0601ee19aa694b323cc0f9ee65616
- Add 22.04 to charmcraft.yaml
- Update metadata to include jammy
- Remove impish from metadata
- Update osci.yaml to include py3.10 default job
- Modify tox.ini to remove py35,py36,py37 tox target and add py310
target.
- ensure that the openstack-origin is yoga
Change-Id: Ia0cdf927a4d4d2339ca1739066bf9a965c97d190
Using affinity/anti-affinity policies sometimes we get into a race
condition on the resources that are available on the hypervisors.
This flag allows to increase the number of retries and hence hosts
to schedule on and therefore allowing the successful scheduling
of instances.
This option was taken from the following URL, while future work
with placement is done to help with scheduling with affinity
https://docs.openstack.org/nova/latest/admin/troubleshooting/affinity-policy-violated.html
Signed-off-by: Arif Ali <arif.ali@canonical.com>
Change-Id: I353dbaa38eb0526014888ede27702b428eb66afd
It's useful to force instance creations to fail if ephemeral drives are
requested when cloud admins want users to use persistent volumes always.
Closes-Bug: #1953561
Change-Id: I1c958b4bcf79512c06de6d81fe55c681bb5f38a7
By default resizing an instance to the same host as the source is
not enabled. This change adds new charm config option that maps
directly to the nova.conf setting which effectively gives a user
possibility to enable/disable this functionality.
Closes-Bug: #1946620
Change-Id: I13d0c332cd0b110344b7a1645e3e4fd250fce33a
The old default of 16:1 was, IMO, really only suitable for test
clouds (or niche use cases where a high over subscription makes sense
with a production workload). Our defaults should make sense for
production and this change reflects that.
Closes-Bug: 1942921
Change-Id: I17b64cab01fb7abe97309f5dbdf0295d72369226
Overhaul the charm README.
The section on SSH host lookup caching in particular
received a lot of attention.
Apart from formatting, the Spaces section was deliberately
left untouched as improvements are part of a separate
documentation effort.
Improve the 'cache-known-hosts' option entry in config.yaml.
Change-Id: I14019ad38a9c4976026c607daca9d768c692535c
This commit introduces a new charm option allowing operators to override
the hardcoded 0.0 that disabled hypervisor demotion on build failures
from pike onward.
In certain environments it may be preferable to retain the upstream
behavior of letting the scheduler work around malfunctional computes and
favor instance building reliability at the cost of a potentially uneven
load distribution.
Change-Id: I2faa5ab8cd505a9d61a9fa26e1b08d16b0c795fb
Closes-Bug: 1892934
Add a note to the configuration file that xvpvnc is not supported
for bionic/ussuri or focal (or later) releases.
Change-Id: Ia3fced85bc544c6ee31474b3f68e067bdd8b5dfe
Closes-Bug: 1885158
New config option count_usage_from_placement is added in Nova from
Train release to enable/disable counting of quota usage from placement
service. Corresponding config parameter is required in nova-cloud-controller
charm.
This patch introduces quota-count-usage-from-placement config parameter in
nova-cloud-controller charm. For openstack releases train or above, this
option is rendered in nova.conf for nova-cloud-controller units.
func-test-pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/250
Change-Id: I57b9335b7b6aecb8610a66a59cb2e4e506e76a5e
Closes-Bug: #1864859
Allow attach between instance and volume in different
availability zones. If False, volumes attached to an
instance must be in the same availability zone
in Cinder as the instance availability zone in Nova.
Change-Id: I21df8e0dfa585133c5ef6a55cdbbc2071c267424
Closes-Bug: #1856776
This patch adds a configuration option for oslo notification format.
Charm Helpers can accept this option to fill the configuration
template appropriately.
Change-Id: I9b41854aca91f5ed42844be8805a941bc686336e
Signed-off-by: Stamatis Katsaounis <skatsaounis@admin.grnet.gr>
This commit introduces option osapi_compute_unique_server_name_scope
which allows operators to ensure VMs are created with unique names per
project or cloud.
Change-Id: Idacb60bb31cd60cb1deaec7cb3ec061f0c04da24
Closes-Bug: #1829782
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@canonical.com>
This new config called spice-agent-enabled is added to inform the spice agent
is not installed in the guest instance, which in conjunction with an image
property hw_pointer_model=usbtablet allows accurate position of the mouse in
Windows guests.
This option is not rendered in the nova.conf local to nova-cloud-controller
units, instead it's passed to related nova-compute units.
Change-Id: Id64699b6d04aa05935b31d55532df45c6d973fa7
Depends-On: https://review.opendev.org/699461
Closes-Bug: #1856602
A new config option called scheduler-host-subset-size was added
to configure FilterScheduler's host_subset_size property, which
size of the subset of best hosts selected by the scheduler.
Change-Id: Ic61917732d50806f74be0b4e7c87a51d738afbe7
Closes-bug: #1846203
This patchset implements policy overrides for nova-cloud-controler.
This change includes a charm-helpers sync to bring in the policyd helper
code.
Note there are no functional tests for this feature as the charm still
uses the old style non-zaza amulet framework. The Related-Bug below is
tracking this issue.
Change-Id: Ia5f3f8189d4a7b7b46a827707d964ebe40740aeb
Closes-Bug: #1741723
Related-Bug: #1845639
This change "flips the switch" by changing the default for caching
knownhosts to true. This means that during deployment host lookups are
only performed once for each related unit. This was experimental for
the previous charm release.
Release note is change-id: Ib3d17b4057dd7f671f123b1da7df21c9f3d7e182
Change-Id: I644df508563f93b661af6bfd5fb668f0e31d5e4d
This change adds caching for the host look ups associated with a
private-address of a unit. This cache is maintained across hook
invocations, and is designed to reduce the time spent in
cloud-compute-relation-changed hooks (which occur as nova-compute units
join and update on the cloud-compute relation).
The feature has been added under an EXPERIMENTAL config flag (with the
default being "don't use the cached values") in case there are any
corner cases around DNS resolution in the deploying cloud during
deployment.
An action is included to allow clearing of the cache at unit,
application and whole relation level. This clears the cache and
re-triggers the host resolution, and relation updates. This is in case
of either 1) DNS changed during the deployment, 2) DNS has been altered
during the running of the cloud.
Change-Id: I5a68bf4c30bf1591184d660d50559c969822ddcf
When using DVR and L3HA neutron deployment options,
Nova API Metadata requests are served from compute nodes,
instead of from neutron-gateway nodes.
This change allows nova-cloud-controller to send vendor_data
configuration values to nova-compute charm relation so it
can write to nova-compute's nova.conf appropriately.
Replaced the existing context logic with inheritance
from a new context created in charm-helpers, so the
logic can be shared across several charms that write
vendor metadata to nova.conf and vendor_data.json.
Also, small fix in the vendor-data and vendor-data-url
descriptions, where it was incorrectly stating that such
configuration would be effective in nova-cloud-controller
on Queens release.
The values set in vendor-data and vendor-data-url config
options will always be propagated to nova-compute regardless
of the OpenStack release. Those values will continue to only
be effective in nova-cloud-controller nodes on Rocky release
or later.
Included sync of charm-helpers code in order to inherit
the refactored vendor metadata contexts.
Change-Id: If8373fc6b2d04dbc29ed07896d385ac920cae3f4
Depends-On: I0c79e1bfac9fbe7009a7e862ad010cfa2de8cfda
Closes-Bug: #1777714
Console TLS will automatically be set up when the Nova API has TLS
enabled, either through configuration (``ssl_*``) or through
certificates relation to vault.
Having multiple knobs to set up the console TLS is not really
necessary and it adds to complexity.
Change-Id: I6efb72bced8473ad52e623318a51ed976c7ac31c
Related-Bug: #1819140
For novnc, need to set novncproxy_port in proxy nodes and
novncproxy_base_url in nova-compute nodes.
For xvpvnc, need to set xvpvncproxy_port in proxy nodes and
xvpvncproxy_base_url in nova-compute nodes.
For spice, need to set spicehtml5proxy_port in proxy nodes and
spicehtml5proxy_base_url in nova-compute nodes.
When release >= Mitaka, novncproxy_port and xvpvncproxy_port
are moved from [default] section into [vnc] section.
spicehtml5proxy_port is renamed to html5proxy_port and moved
to [spice] section.
So eventually the console access port can be customized by:
juju config nova-cloud-controller console-access-protocol=novnc
juju config nova-cloud-controller console-access-port=xx
If console-access-port is not defined, then default port is 6080
for novpc, 6081 for xvpvnc, 6082 for spice.
Change-Id: I4775ad42ba11b0c28163bf7e3718c56d18a2031f
Closes-Bug: #1800753
Signed-off-by: Zhang Hua <joshua.zhang@canonical.com>
Remove support for single-nova-consoleauth operation; this option
managed a single instance of the nova-consoleauth process across
a cluster nova-cloud-controller application using the hacluster
charm. This proves somewhat racey on deployment as the ocf resource
deep checks the operation of nova-consoleauth including connectivity
to AMQP etc.. If the clustering of the service occurs before
other principle relations have been completed, the resource will
fail to start and the hook execution will spin, never returning.
HA deployments should always use memcached to share tokens between
instances of the nova-consolauth daemon; If the 'ha' relation is
detected, then ensure that a memcache relation is then required
for charm operation.
To support evaluation of the memcache relation completeness
the memcache specific code in InstanceConsoleContext was split out
into a new memcache specific class RemoteMemcacheContext.
Existing pacemaker resources will be deleted on upgrade; units will
move into a blocked state until a relation is added to memcached.
The nova-consoleauth service is resumed on upgrade to ensure that
instances run on all nova-cloud-controller units.
Change-Id: I2ac91b2bd92269b761befeb7563ad01cc5431151
Closes-Bug: 1781620
Make the default set of scheduler filters conditional on the release
being deployed; For Pike or later the CoreFilter, RamFilter and
DiskFilter are superfluous to requirements as this filters are in
effect completed by the Placement API.
Add DiskFilter to list of filters for older OpenStack releases.
Change-Id: Iddb4f1f068b982dcd9a70b11b89df1be9f8aaf20
Closes-Bug: 1731302
Closes-Bug: 1732164
In modern hyper-converged architectures the upstream default of
1.5 does not really fit.
Set to 0.98 to give some headroom on the compute nodes and add
a note about the potential need to adjust this value further.
Change-Id: I64e3379686128dd7f222bdfae133a6c90e8f3ef0
Closes-Bug: #1818234
This change implements a new option in config.yaml that allows
services to come up disabled and be manually enabled later.
Change-Id: I345b56e347b63650ee3df07773ccb2e333610355
Closes-Bug: #1758776
Prior to this, the charm config did not support default quota
configurations for compute (ie. instances, compute, ram, etc.).
Default quota configuration changes will not impact existing
projects with modified quotas. Only new projects and projects with
unmodified quotas will adopt the defaults in the configuration file.
The following default quota settings were added:
instances
cores
ram
metadata_items
injected_files
injected_file_content_bytes
injected_file_path_length
key_pairs
server_groups
server_group_members
The functional test added checks that nova.conf quotas are set in
the correct section of the file.
Change-Id: Iae8c84dbfec97e1879d51963125f7674ea20ba22
Closes-Bug: 1386911
Add a service for handling nova metadata api services. This was
previously handled by the neutron-gateway and still is for
deployemnts up to and including Pike, For the neutron metadata
service and the nova service to communicate they need a shared
secret. To achieve this, the change includes:
* A charmhelper sync to get support for multiple wsgi vhosts
* Rendering new wsgi vhost and corresponding haproxy config.
* Setting a shared-secret down the relation with the neutron
gateway.
* Remove fragile keystone authtoken checks as they are failing
after a ch sync and any issues will be caught by the instance
launch functional test.
Change-Id: I5ad15ba782cb87b6fdb3c0941a6482d201670bff
The SameHostFilter and DifferentHostFilter have been present in Nova
since Icehouse; add both of these simple filters to the default
enabled filters to provide simple affinity/anti-affinity hints.
This plugs some holes in our tempest test coverage as tests relating
to these features are currently disabled.
Change-Id: I852f24b21784f6de05232107a5cdf6e779f18b23
Drop support for deployment from Git repositories, as deprecated
in the 17.02 charm release. This feature is unmaintained and has
no known users.
Change-Id: I2fe15b648d485e5b03965a00dee6324669ebe9fa
Remove postgresql DB support; This feature is untested as part
of the charms, is not in use and was deprecated as part of
the 1708 charms release.
Change-Id: I866559f519ace3476e0cc85661d99e5f5491227d
The default HAProxy timeout values are fairly strict. On a busy cloud
it is common to exceed one or more of these timeouts. The only
indication that HAProxy has exceeded a timeout and dropped the
connection is errors such as "BadStatusLine" or "EOF." These can be
very difficult to diagnose when intermittent.
This charm-helpers sync pulls in the change to update the default
timeout values to more real world settings. These values have been
extensively tested in ServerStack. Configured values will not be
overridden.
Partial Bug: #1736171
Change-Id: I0a3a8f0dd2dedcc8e02dd6af2f5486501698833e
We already support configuring ram and cpu overcommit so
this patch adds the ability to control disk overcommit.
Change-Id: Ib172e8b48cb34de4beb9cec1a277dc43ded36eed
Closes-Bug: 1726346
Add a new pci-alias option which supports the use of PCI
devices in flavors. This allows, for example, a GPU or
a SR-IOV device to be automatically allocated to an
instance using a specific flavor.
Change-Id: I249ba04085d37657df0c8e3bb21723a388f08938
Closes-Bug: 1649868
Resync charm-helpers to pickup the capped worker-multiplier
changes when deploying in containers.
Drop the default value for worker-multiplier of 2.0; this
is now handled from within the codebase rather than via a
default configuration value, reflecting the differing
behaviours between container and non-container deployments.
Change-Id: Iec5fa21b0e1b377bcb22ad5193c84aa0ae525f16
Closes-Bug: 1665270
- Remove Precise-Icehouse Amulet test definitions if they exist.
- Add Xenial-Newton Amulet test definitions.
- Add Yakkety-Newton Amulet test definitions.
- Use the percona-cluster charm in tests instead of the mysql charm.
Change-Id: Idab48a7831008c5353eeb56da5deb49ce1305a41
Support access to instances via optionally enabled serial console
feature provided in Nova.
Seria console access is enabled using a new config flag; this flag
plus the required base_url for the nova-serialproxy are also passed
over the cloud-compute relation for use in nova-compute units.
This is only supported in OpenStack Juno or later, and replaces
the standard output to the nova console-log.
Change-Id: I3bfcca88bd6147be337e6d770db7348170b914e6
For OpenStack >= Liberty EC2 and objectstore services aren't installed and
deprecated, but there is no way to disable it, this patch adds a way to
permanently disable and enable them
Change-Id: Ie78ba5af1d953e8ebed9195202522ff73efcde9f
Closes-Bug: #1533255
* openstack-origin is no longer required when using openstack-origin-git.
* Drop kilo from openstack-origin-git default values because upper
constraints doesn't work in kilo for openstack-dashboard and glance.
* Add flag to allow for disabling upper constraints when using
openstack-origin-git with user-specified git repositories.
Change-Id: I903158434d552b50ef8250bbcab8c0b19b82e26e
Change the worker-multiplier to a floating point config option type
instead of integer. This allows users to specify workers to be less
than the number of CPUs, which is useful in deployments with multiple
services deployed into containers on top of bare metal.
The fix is to simply change the config option type and to sync in
the necessary update from lp:charm-helpers.
Partial-Bug: #1602444
Change-Id: I2c846832d24f709a3d019b766f5f23c28c4371f4
Signed-off-by: Billy Olsen <billy.olsen@gmail.com>