This is a pure refactor so not having any unit test change actually
signals that the refactor did not change the existing behavior which is
good.
The unit test run on this patch only covers the eventlet mode but higher
in the series we run unit test with native threading mode in a separate
job that will complement the coverage for this patch.
Change-Id: Iafc96c93a0d4c406b77902942b2940653441fe38
Signed-off-by: Kamil Sambor <kamil.sambor@gmail.com>
At the service startup nova need to initialize either the eventlet or
the threading backend of oslo.service. So this patch reuses the existing
logic behind OS_NOVA_DISABLE_EVENTLET_PATCHING.
When OS_NOVA_DISABLE_EVENTLET_PATCHING env variable is set to true the
service will select the threading backend otherwise the eventlet
backend.
Also to avoid later monkey patch calls to invalidated the selection if
the threading backend is selected then the monkey_patch code is
poisoned.
This patch also makes sure that oslo.messaging also initialized with the
matching executor backend.
As this is the last step to make nova-scheduler run in threading mode
this patch adds a release notes as well.
Change-Id: I6e2e6a43df78d23580b5e7402352a5036100ab36
Signed-off-by: Balazs Gibizer <gibi@redhat.com>
This patch adds just the objects and notifications required to
support an extra spec to configure a sound device inside
the guest. This is useful for SPICE consoles using the native
protocol.
Change-Id: I2faeda0fd0fb9c8894d69558a1ccaab8da9f6a1b
Signed-off-by: Michael Still <mikal@stillhq.com>
Due to glance behavioral changes, using the new location API causes
async hashing jobs to create confusion for tooling not expecting
undeletable images.
Revert this until glance can resolve the issue.
This reverts commit eab0de2900.
Change-Id: Ifc4631720a1872cb6d93e9ee490c19edd1a7b98e
This adds support for devices that will be allocated to an instance
once and left in a reserved=total state. An external workflow can
put them back into allocatable state by dropping reserved back to
zero. Note this requires PCI-in-placement tracking for the affected
devices and it is only valid for type-PCI and type-PF devices.
Related to blueprint one-time-use-devices
Depends-On: https://review.opendev.org/c/openstack/requirements/+/946181
Co-Authored-By: Balazs Gibizer <gibi@redhat.com>
Change-Id: Idfe8a746a97d68cd4eae30afb7d22f4e3af80327
iso8601.iso8601.UTC has been equivalent to datetime.timezone.utc in
Python 3. Because python 2 is no longer supported, we can directly use
the built-in implementation.
Also replace iso8601.parse_date by the common function in oslo.utils .
Change-Id: I933cc5dd1fa76e320cd96cd8e9b9a7963ff70375
Currently, even when [libvirt] volume_use_multipath is set to True,
volume attachment silently falls back to single path if multipathd is
not running in the host. This sometimes prevents operators from
noticing the misconfiguration, until they face any issue caused by
missing redundancy.
Introduce the new [libvirt] volume_enforce_multipath option, which
makes the attachment process fail if multipathd is not running.
A similar parameter (enforce_multipath_for_image_xfer) was already
implemented in cinder and this change follows how the parameter is
implemented there.
Also add the check in init phase to detect lack of mulitipath daemon
during initializing driver.
Min version of os-brick has to be bumped due to the interface change
made by 8d919696a9f1b1361f00aac7032647b5e1656082 .
Implements: blueprint enforce-multipath
Change-Id: I828de70ca7b343a4562ace4049d2b3857dbf900a
The netifaces library was abandoned and retired. Replace it by psutil
which is already part of the dependencies.
Note that localhost_supports_ipv6 from openstacksdk should be mocked
now because it uses psutil in recent versions.
Closes-Bug: #2071596
Change-Id: If9268cab8c2b3098d757571c6cab07d13d34a2c2
As the crypt module has been dropped in Python 3.13 switch to
using the oslo.utils crypt_password replacement instead.
Change-Id: Ib8c11db025cd12a9fa86e9185bf9ad172a86ef6d
This patch is inspired by /nova/volume/cinder.py, it is an abstraction to
the manila service.
Manila is the OpenStack Shared Filesystems service.
These series of patches implement changes required in Nova to allow the shares
provided by Manila to be associated with and attached to instances using
virtiofs.
Implements: blueprint libvirt-virtiofs-attach-manila-shares
Depends-On: https://review.opendev.org/c/openstack/openstacksdk/+/889519
Change-Id: I44ab37ec2c15fcfc351c42216660bda39461b163
olso.policy 4.5.0[1] changed the config options policy_file
default value to 'policy.yaml', which means it is changed
for all the OpenStack services and they do not need to
override the default anymore.
NOTE: There is no change in behaviour here, oslo.policy provides
the same configuration that services have overridden till now.
[1] https://review.opendev.org/c/openstack/releases/+/934012
[2] https://review.opendev.org/c/openstack/requirements/+/934295
Change-Id: I6e4c517eb81a50056563189753b21191bbf6b92d
Makes igb vif model supported for hosts with libvirt 9.3.0 and qemu
8.0.0 or higher.
Implements: blueprint igb-vif-model
Depends-On: https://review.opendev.org/c/openstack/os-traits/+/928582
(merged, released as 3.2.0)
Change-Id: I6a1d8058c640e5dc015889610c4ae864ed9a5ccb
Note: Initially this patch was related to new feature, but now it has
become a bug since os-brick's `setup` method is not being called and it
can create problems if os-brick changes.
As a new feature, os-brick now supports setting the location of file
locks in a different location from the locks of the service.
The functionality is intended for HCI deployments and hosts that are
running Cinder and Glance using Cinder backend. In those scenarios the
service can use a service specific location for its file locks while
only sharing the location of os-brick with the other services.
To leverage this functionality the new os-brick code is needed and
method ``os_brick.setup`` needs to be called once the service
configuration options have been loaded.
The default value of the os-brick ``lock_path`` is the one set in
``oslo_concurrency``.
This patch adds support for this new feature in a non backward
compatible way, so it requires an os-brick version bump in the
requirements.
The patch also ensures that ``tox -egenconfig`` includes the os-brick
configuration options when generating the sample config.
Closes-Bug: #2081859
Change-Id: I1b81eb65bd145869e8cf6f3aabc6ade58f832a19
This removes the in-tree format_inspector and makes us use the one in
oslo.utils. Minor changes are required around the behavior of the
safety_check() (raising instead of returning). This also allows images
detected as 'gpt' but registered as 'raw', since that's how everything
currently works. Hopefully later we can start registering in glance as
gpt, and rejecting boots from raw images.
Change-Id: I5b89e17438157690495961c306861a06532c8b4e
Depends-On: https://review.opendev.org/c/openstack/tempest/+/927146
This is the first step to support launching instances with stateless
firmware. At this stage none of the virt drivers report the trait to
support the feature.
Depends-on: https://review.opendev.org/c/openstack/os-traits/+/908885
Partially-Implements: blueprint libvirt-stateless-firmware
Change-Id: I4c1df950af11687ae5a52e4eba7943029ec36e69
RBAC config options enforce_scope and enforce_new_defaults
were disabled by default in oslo.policy and Nova had to override
the default value to enable those by default. Now oslo.policy
(4.4.0 onwards[1]) changed the default values[2] and enabled
by default for all the services. OpenStack service does not need
to override the default anymore.
NOTE: There is no change in behaviour here, oslo.policy provides the
same configuration that Nova has overridden till now.
[1] https://review.opendev.org/c/openstack/releases/+/925032
[2] https://review.opendev.org/c/openstack/oslo.policy/+/924283
Depends-On: https://review.opendev.org/c/openstack/requirements/+/925464
Change-Id: Ic0b5a75f01024e322ecbcd49f8caae0a6ab5c048
These are detected as errors since the clean up was done[1] in
the requirements repository.
[1] 314734e938f107cbd5ebcc7af4d9167c11347406
Bump the minimum versions to avoid installing these known bad versions.
Change-Id: I5ab0c3a1ac208e3967e65c298573079283a7b6cd
Based on the Libvirt and QEMU versions, two traits,
COMPUTE_ADDRESS_SPACE_PASSTHROUGH and COMPUTE_ADDRESS_SPACE_EMULATED,
are controlled. Since the two are supported from the same version on
the Libvirt and QEMU, Nova handles them in the same way.
Blueprint: libvirt-maxphysaddr-support
Depends-On: https://review.opendev.org/c/openstack/os-traits/+/871226
Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp>
Change-Id: If6c7169b7b8f43ad15a8992831824fb546e85aab
This allows us to drop some logic from tests.
Change-Id: Idc11c1ce6e208774314a5a867789958372f0d591
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
sqlalchemy-migrate does not (and will not) support sqlalchemy 2.0. We
need to drop these migrations to ensure we can upgrade our sqlalchemy
version.
Change-Id: I7756e393b78296fb8dbf3ca69c759d75b816376d
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
As discussed in PTG, we need to test the new RBAC in the
integrated gate and accordingly enable the new defaults
and scope check by default. A new integrated testing job
has been added and results show that the new defaults and
scope checks are working fine. During testing, we found a
few bugs in neutron policies but all are fixed now.
enforce_scope and enforce_new_defaults are oslo policy config
options but they are per service level and the default value
can be overridden. Oslo policy 3.11.0 version allows to override
the default value for these config options[1] so upgrading the
oslo policy version in requirements.txt
Depends-On: https://review.opendev.org/c/openstack/devstack/+/869781
Depends-On: https://review.opendev.org/c/openstack/placement/+/869525
[1] https://github.com/openstack/oslo.policy/blob/3.11.0/oslo_policy/opts.py#L125
Change-Id: I977b2daedf880229c8d364ca011f2ea965b86e3a
Without the latest version, nova fails many unit tests (it failed
with os-traits 2.7.0 at least).
Closes-Bug: #1990121
Change-Id: I6b320ae1f9058aaa5bac91c7c7ca60136e0cee5c
The oslo.concurrency 5.0.1 fixes the fair lock we use heavily in the
ResourceTracker.
Closes-Bug: #1988311
Change-Id: I68914b2e21726138ee9a178fdf6a8bb6389c09be
The PowerVM driver was deprecated in November 2021 as part of change
Icdef0a03c3c6f56b08ec9685c6958d6917bc88cb. As noted there, all
indications suggest that this driver is no longer maintained and may be
abandonware. It's been some time and there's still no activity here so
it's time to abandon this for real.
This isn't as tied into the codebase as the old XenAPI driver was, so
removal is mostly a case of deleting large swathes of code. Lovely.
Change-Id: Ibf4f36136f2c65adad64f75d665c00cf2de4b400
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
We no longer support Python 3.6 so there's no need for Python 3.6-only
dependencies.
Change-Id: I139e454a2c6e49a1d5229c90a56d518b0d96ca57
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
The current rootwrap.conf file is outdated and doesn't include some
parameters. This change updates the content to make it consistent with
the latest example file in oslo.rootwrap.
Change-Id: I989b7da5ff6afae0c1a476e01c3df07870be5f74
Local API and DB limits are limits on resources that are counted either
as an API request parameter (example: server metadata items) or as
records in the database (example: server key pairs).
Future patches will make use of this logic, and actually enforce the
limits. This patch just adds the infrastructure to allow for the
enforcement of the limits.
We are moving all existing quotas to be managed via Keystone's
unified limits.
To stop confusion between injected_file_path_length and
injected_file_path_bytes, the unified limit in Keystone will use the
latter name to match the name used the API.
These local limits are all about preventing excessive load on the API
and database and have little to do with resource usage. These limits
are represented by keystone registered limits only, accordingly.
Local limits include things that just limit items in an API request:
* metadata_items
* injected_files
* injected_file_content_bytes
* injected_file_path_bytes
Local limits also include things that are stored in the database:
* key_pairs
* server_groups
* server_group_members
Some resource names have been changed to prepend a prefix of "server_"
in order to disambiguate them from other potential unified limits in
keystone:
* metadata_items => server_metadata_items
* injected_files => server_injected_files
* injected_file_content_bytes => server_injected_file_content_bytes
* injected_file_path_bytes => server_injected_file_path_bytes
* key_pairs => server_key_pairs
Note that each of the above are counted via a different scope. This new
code ensures that key_pairs are counted per user, server_groups are
counted per project and server_group_members are counted per
server_group.
Note: Previously server_group_member were counted per user inside each
server_group, which has proved very confusing, as adding more users into
a project increases the maximum size of allowed for a server_group.
blueprint unified-limits-nova
Change-Id: I0b6f4d29aaee1d71541a95cbecfd0708aac325d2
Balazs Gibizer