This change reworks previous changes [1] and [2] that had
been respectively reverted and abandoned.
When using the config libvirt-image-backend=rbd, VMs
created from image have their disk data stored in ceph
instead of the compute node itself.
When performing live-migrations, both nodes need to
access the same ceph credentials to access the VM's
disk in ceph, but this is currently not possible
if the nodes involved pertain to different
nova-compute charm apps.
This patch changes app name sent to ceph to
'nova-compute-ceph-auth-c91ce26f', a unique name common to
all nova-compute apps, allowing all nova-compute apps to
use the same ceph auth.
This change also ensures newly deployed nodes install
the old credentials first on ceph-joined hook,
and then supercedes it with the new credentials
on ceph-changed hook, therefore also retaining
the old credentials.
This patch also includes the charmhelpers sync
from PR: #840
[1] https://review.opendev.org/889642
[2] https://review.opendev.org/896155
Closes-bug: #2028559
Related-bug: #2037003
Func-Test-Pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/1149
Change-Id: I1ae12d787a1f8e7761ca06b5a80049c1c62e9e90
Patch out charmhelpers.osplatform.get_platform() and
charmhelpers.core.host.lsb_release() globally in the unit tests to
insulate the unit tests from the platform that the unit tests are being
run on.
Change-Id: I33d473d83a7c8f4f23840b6b6bcf153ed423ccdc
This reverts commit c3c2cf0349.
Reason for revert: This introduces an undesired behavior when scaling-out that needs to be addressed in a complementary patch.
Change-Id: I21c127aa565e489ba4d93a1efc8ddba63ef32e87
When using the config libvirt-image-backend=rbd, VMs
created from image have their disk data stored in ceph
instead of the compute node itself.
When performing live-migrations, both nodes need to
access the same ceph credentials to access the VM's
disk in ceph, but this is currently not possible
if the nodes involved pertain to different
nova-compute charm apps.
This patch changes app name sent to ceph to 'nova-compute',
allowing all nova-compute apps to use the same ceph auth.
This patch also includes the charmhelpers sync
from PR: #840
Closes-bug: #2028559
Change-Id: I7222661017655fd7225db0c677f1a8f5ebb7984d
After evacuations and revert resizes when using rbd storage backend,
the instance folder is usually left behind and causes issues when
migrating the instance back to the host.
With the config option set, the nova-compute service will cleanup
those folders as part of the periodic checks that run for instances
that have been evacuated/migrated.
Closes-bug: #2019141
Change-Id: I846ccb0a95d04139b41fdad6cbf465d303d6cc09
This patch configures Nova to send a service token along with the
received user token on requests to other services. This can allow those
other services to accept the request even if the user token has been
invalidated since received by Nova. Also with this patch Nova will
accept request from other services with invalid user tokens but valid
service tokens. Service tokens exist since Openstack Queens.
Closes-Bug: #1992840
Change-Id: I78b43ef77dc1d7b5976ec81ecddf63c9e6c8b6c1
The subordinate charms should manage the services that
they deploys and configure, not the principle they are related to.
This change switches the approach for restarting services
from having the nova-compute charm doing it directly to having
nova-compute triggering the restart by request a restart down
the existing relations.
Closes-Bug: #1947585
Change-Id: I7419e39d68c70d21a11d03deeff9699421b0571e
OVS introduced a new service called ovs-record-hostname.service which
records the hostname on the first start in the ovs database to identify
the ovn chassis, this is how it achieved a stable hostname and be
resilient to the changes in the FQDN when the DNS gets available.
This change introduces the same approach for nova-compute charm. In the
first run of the NovaComputeHostInfoContext the value passed in the
context as host_fqdn is stored in the unit's kv db, and re-used on every
subsequent call.
This change affects only new installs since the hint to store (or not)
the host fqdn is set in the install hook.
Change-Id: I2aa74442ec25b21201a47070077df27899465814
Closes-Bug: #1896630
It was found that the modules test_actions_openstack_upgrade and
test_actions_package_upgrade were mocking different classes and
functions right before importing the modules under test
(openstack_upgrade and package_upgrade respectively), although these
mocks weren't being reset making tests executions coming after them to
get benefitted (or impacted) by the mocks in memory.
This patch takes advantage of mock.patch() decorator at the class level
and importlib.reload() to make sure the mocks don't outsurvive the
module.
When the teardown was in place it was found a different set of functions
that were relying on that mocking, so they were patched to allow the
tests run in the expected (mock'ed) environment.
Summary of changes:
- Move get_availability_zone() to contexts module, nova_compute_utils
depends on nova_compute_context, the latter shouldn't be importing
code from the former since it breaks the layering, even when the
import is being done within a function's body.
- Mock env variable JUJU_UNIT_NAME per test case, the tests defined
in the test_nova_compute_utils and test_nova_compute_contexts were
relying on the leakage of mocks set by other test modules, this
makes them run in an isolated fashion.
- Move update_nrpe_config testing to its own class, the main class
NovaComputeRelationsTests mocks the function update_nrpe_config()
making it difficult to test it in a test method, hence making the
test part of its own class it's posible to not mock the function
and correctly runs its implementation.
- Teardown mocks made at import level.
Func-Test-Pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/997
Change-Id: I4468ef1a0619befc75c6af2bad8df316125a7cf5
Commit abe5a289 fixed the rendering of the ironic driver in the
nova-compute.conf file for OpenStack versions >= Wallaby. However, it
always renders the nova-compute.conf file for train and above, which is
hard-coded to the Ironic libvirt driver.
This adds additional templating logic to the nova-compute.conf driver in
order to render the correct driver to use.
Related-Bug: #1968547
Change-Id: I12cd4bf5953170d227d52793764c49f3871e25f9
Enable vTPM support in nova-compute charm. This adds new packages to be
installed swtpm and swtpm-tools as well as updates the nova-compute.conf
file and the qemu.conf file to set appropriate user/groups for swtpm.
func-test-pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/696
Change-Id: Idf0d19d75b9231f029fa6a7dc557d2a9ee04915b
Add an extra-repositories config option to nova-compute in order to
allow configuring additional apt repositories. This is useful when some
packages are not available in the distro or cloud archive.
Change-Id: Ie3b76ff3bc07b83e416c80fab1da2560d48df498
The nova-cloud-controller charm passes allocation ratio defaults
in the format '{cpu,disk,ram}_allocation_ratio' on the cloud-compute
relation.
Ensure that later OpenStack releases (>= Stein) query using this
key rather than one prefixed with 'initial_' which is used for the
target Nova Compute configuration option.
Closes-Bug: 1961065
Change-Id: I7d3e7f9f5c69f7ad06191a20bdfcfd6b5dca50d3
By default resizing an instance to the same host as the source is
not enabled. This change adds new charm config option that maps
directly to the nova.conf setting which effectively gives a user
possibility to enable/disable this functionality.
Closes-Bug: #1946620
Depends-On: I13d0c332cd0b110344b7a1645e3e4fd250fce33a
Change-Id: I2f2e9e44f6bba48e15621a216539089c7e3abc1d
The upstream has 3 min as the timeout (60 retries at 3-seconds
interval). It should work if an image is in a raw format to leverage
Ceph's copy-on-write or an image is small enough to be copied quickly.
However, there are some cases exeeding the 3 min deadline such as a big
enough image with Qcow2 or other formats like Windows images, or storage
backend doesn't have copy-on-write from Glance.
Let's bump the deadline to 15 min (300 retries at 3-seconds interval) to
cover most of the cases out of the box, and let operators tune it
further by exposing those options.
Co-authored-by: Mark Maglana <mark.maglana@canonical.com>
Closes-Bug: 1758607
Change-Id: I6f6da8e90c6bbcd031ee183ae86d88eccd392230
This change aims to make resolving of the unit's
FQDN more consistent. Python's standard
`socket.getfqdn()` can "fail" in some conditions
and return only hostname, without the domain
part, even in cases when `hostname -f` would
return correct fqdn.
This new approach provides behavior consistent
with executing `hostname -f`
Closes-Bug: #1955164
Change-Id: Icc39b32b3e471c1960402dfcba61bed5ce309a6f
The package-upgrade action performs package upgrades for the current
OpenStack release.
The code path used is similar to the openstack-upgrade action, with the
difference being that package-upgrade will not execute if an openstack
upgrade is available (based on the openstack-origin setting).
This change includes a charm-helpers sync.
Change-Id: I88ccffad7af2d2e9cddc1f6514ebd07898e117dc
The mock third party library was needed for mock support in py2
runtimes. Since we now only support py36 and later, we can use the
standard lib unittest.mock module instead.
Note that https://github.com/openstack/charms.openstack is used during tests
and he need `mock`, unfortunatelly it doesn't declare `mock` in its
requirements so it retrieve mock from other charm project (cross dependency).
So we depend on charms.openstack first and when
Ib1ed5b598a52375e29e247db9ab4786df5b6d142 will be merged then CI
will pass without errors.
Depends-On: Ib1ed5b598a52375e29e247db9ab4786df5b6d142
Change-Id: Ibefa1987730d29c04beb41f6e129e47f5524d49a
When re-writing files, the apparmor configuration is not written,
this will fix this to ensure that aa-profile-mode is respected
Closes-Bug: 1947389
Change-Id: I79e9625ab4d261845822d4825ba1ed7e31d0b1e0
Services have interdependencies and the order in which
we attempt to resume them is important, otherwise the
resume action may fail.
Uncovered while and validated by running the
openstack-upgrade tests. [1]
[1]: https://github.com/openstack-charmers/charmed-openstack-tester
Change-Id: I12218b47dc56b502ecc8578c6ab13acbd321bf26
Related-Bug: #1927277
Related-Bug: #1952882
For principal - subordinate plugin type relations where the
principal Python payload imports code from packages managed by a
subordinate, upgrades can be problematic.
This change will allow a subordinate charm that have opted into the
feature to inform its principal about all implemented release -
packages combinations ahead of time. With this information in place
the principal can do the upgrade in one operation without risk of
charm relation RPC type processing at a critical moment.
This makes use of
https://github.com/juju/charm-helpers/pull/643
This is similar to
https://review.opendev.org/c/openstack/charm-keystone/+/781822
Also fixed broken link to charm-guide.
Change-Id: Iaf5b44be70ee108cbe88b4a26f0f15f915d507fe
Closes-Bug: #1927277
The config is necessary to calculate available disk space for VMs with
disk-allocation-ratio which is already exposed as a charm option.
Closes-Bug: #1952184
Change-Id: I0ef55987517bded50f855e0dbc5e420cfbff4c1b
Especially with arm64/aarch64, the default value limits the number of
volume attachments to two usually. And when more than two volumes are to
be attached, it will fail with "No more available PCI slots". There is
no one-size-fits-all value here so let operators override the default
value.
Closes-Bug: #1944214
Change-Id: I9b9565873cbaeb575704b94a25d0a8556ab96292
Fix use of ephemeral-device with instances-path to ensure that
the configured block device is mounted in the desired location.
Ensure instances-path directory actually exists.
Change-Id: I81725f602ba3086bc142d59104e4bfc80918d8cf
Closes-Bug: 1909141
If an ephemeral-device storage configuration has been provided,
ensure that the nova-compute service will not start until the
mountpoint (currently /var/lib/nova/instances) has actually
been mounted. If this does not happen the nova-compute service
will fail to start in a failsafe condition.
Change-Id: Ic16691e119e430faec9994f6e207596629e47bb6
Closes-Bug: 1863358
Rodrigo Barbieri