We have a perfectly good TPM guide. Enhance that, allowing us to remove
the special section dedicated to this from the generic flavor docs.
Change-Id: If484074c01595f747f9201b5ec12164779195b61
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This beefy patch closes a long-standing TODO and allows us to move yet
more information out of the flavors guide and into specific documents.
This, combined with existing documentation in place, means we can remove
the sections for various extra specs from the 'user/flavors' guide:
- hw:cpu_realtime -> doc/source/admin/real-time.rst
- hw:cpu_realtime_mask -> doc/source/admin/real-time.rst
- hw:emulator_threads_policy -> doc/source/admin/cpu-topologies.rst
- hw:cpu_policy -> doc/source/admin/cpu-topologies.rst
- hw:cpu_thread_policy -> doc/source/admin/cpu-topologies.rst
- hw:cpu_sockets -> doc/source/admin/cpu-topologies.rst
- hw:cpu_cores -> doc/source/admin/cpu-topologies.rst
- hw:cpu_threads -> doc/source/admin/cpu-topologies.rst
- hw:cpu_max_sockets -> doc/source/admin/cpu-topologies.rst
- hw:cpu_max_cores -> doc/source/admin/cpu-topologies.rst
- hw:cpu_max_threads -> doc/source/admin/cpu-topologies.rst
- hw:numa_nodes -> doc/source/admin/cpu-topologies.rst
- hw:numa_cpus.N -> doc/source/admin/cpu-topologies.rst
- hw:numa_mem.N -> doc/source/admin/cpu-topologies.rst
- hw:mem_page_size -> doc/source/admin/huge-pages.rst
Multiple improvements to the libvirt extra spec docs are included here,
for want of a better place to include them.
Change-Id: I02b044f8246f4a42481bb5f00259842692b29b71
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This is mostly regurgitated information from the current flavors guide
but we take the opportunity to significantly expand upon what we've
already stated here.
Change-Id: I9ad798427bbc6451fd920d6c08357d6e1eaa5136
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This patch adds the config option 'live_migration_scheme = tls' to the
secure live migration guide.
To let the live migration use the qemu native tls, some configuration of
the compute nodes is needed. The guide describes this but misses the
'live_migration_scheme' config option.
It is necessary to set 'live_migration_scheme' to tls to use the
connection uri for encrypted traffic. Without this parameter everything
seems to work, but the unencrypted tcp-connection is still used for the
live migration.
Closes-Bug: #1919357
Change-Id: Ia5130d411706bf7e1c983156158011a3bc6d5cd6
Introduce two new guides on UEFI and Secure Boot. In addition, update
the flavors guide to document the secure boot feature (though this doc
should really be removed in near term in favour of the auto-generated
docs, as noted inline).
Note that this change includes our first use of the ':nova:extra-spec:'
cross-reference role and highlights a small bug in that implementation.
This is resolved.
Blueprint: allow-secure-boot-for-qemu-kvm-guests
Change-Id: I4eb370b87ba8d0403c8c0ef038a909313a48d1d6
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
These were missed in the original change but add some useful context to
readers of when things have been changed.
blueprint: libvirt-default-machine-type
Change-Id: I64ef0efc80a088385c9ac45a818cc807490d2de1
This change simply documents how an operator/admin would go about
changing the underlying [libvirt]hw_machine_type config within an
environment while ensuring existing instances are not impacted.
blueprint: libvirt-default-machine-type
Change-Id: I66003220bf173dfa917a13c5a408b1ea31cbc057
During Icehouse release default value of 'can_set_password' sets
to False for horizon(dashboard) but nova document is not updated
yet and acc. to nova doc default value for above setting is True.
So this patch correct the doc. For more info. please refer [1].
[1] https://docs.openstack.org/releasenotes/horizon/icehouse.html#default-hypervisor-settings-changes
Change-Id: I3007e1f157e329f121b99ceaddd59625c86f428c
This hasn't been validated upstream and there doesn't appear to be
anyone using it. It's time to drop support for this. This is mostly test
and documentation damage, though there is some other cleanup going on,
like the removal of the essentially noop 'pick_disk_driver_name' helper.
Change-Id: I73305e82da5d8da548961b801a8e75fb0e8c4cf1
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This has not been tested in the gate for a long time and was only added
to enable CI in the early days of OpenStack. Time to bid adieu.
Change-Id: I7a157f37d2a67e1174a1725fd579c761d81a09b1
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
The cross-cell resize code does not consider neutron ports with resource
request. To avoid migration failures this patch makes nova to fall back
to same cell resize if the instance has neutron ports with resource
request.
Change-Id: Icaad4b2375b491c8a7e87fb6f4977ae2e13e8190
Closes-Bug: #1907522
Nova and QEMU[1] supports PCI devices with a PCI address that has 16 bit
domain. However there are hypervisors that reports PCI addresses with
32 bit domain. While today we cannot assign these to guests this should
not prevent the nova-compute service to start.
This patch changes the PCI manager to ignore such PCI devices.
Please note that this patch does not change fact that nova does not
allow specifying PCI addresses with 32bit domain in the
[pci]/passthrough_whitelist configuration. Such configuration is still
rejected at nova-compute service startup.
Closes-Bug: #1897528
[1] https://github.com/qemu/qemu/blob/f2a1cf9180f63e88bb38ff21c169da97c3f2bad5/hw/core/qdev-properties.c#L993
Change-Id: I59a0746b864610b6a314078cf5661d3d2b84b1d4
For amending a single value, `--amend` switch is required to be
used. Otherwise Placement will return 400 about required
properties being missing.
Change-Id: Ia94be98dea22f97bc89201ee2a0a1a4e6b54c875
In commit a76277f81a, the introduction
of flavor extra specs, such as 'hw:cpu_policy', 'hw:cpu_thread_policy'
and ... , have been moved to 'doc/source/user/flavors.rst' from
'doc/source/admin/flavors.rst', while in 'cpu-topologiest.rst' this
change hasn't been updated. Apply this change.
Change-Id: I031a5ea6de00a8c5cf67897ddb78075c8bc79c0b
Signed-off-by: Wang Huaqiang <huaqiang.wang@intel.com>
When we introduced the 'ImageMetaProps' o.vo in Liberty, we lost the
ability to consume arbitrary metadata configured for images. This
affects users of the 'AggregateImagePropertiesIsolation' filter, who may
have set such arbitrary metadata and expected their instances to be
restricted to host aggregates matching that metadata.
The world has changed a lot since Liberty was released, and it's
probably too late and maybe even a little unwise to let that genie back
out of its bottle, however, we can and should probably do a better job
of warning people of this change in behavior in our documentation. Do
just this.
Change-Id: If7245a90711bd2ea13095ba26b9bc82ea3e17202
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Related-Bug: #1741810
For attach:
* Generates InstancePciRequest for SRIOV interfaces attach requests
* Claims and allocates a PciDevice for such request
For detach:
* Frees PciDevice and deletes the InstancePciRequests
On the libvirt driver side the following small fixes was necessar:
* Fixes PCI address generation to avoid double 0x prefixes in LibvirtConfigGuestHostdevPCI
* Adds support for comparing LibvirtConfigGuestHostdevPCI objects
* Extends the comparison of LibvirtConfigGuestInterface to support
macvtap interfaces where target_dev is only known by libvirt but not
nova
* generalize guest.get_interface_by_cfg() to work with both
LibvirtConfigGuest[Inteface|HostdevPCI] objects
Implements: blueprint sriov-interface-attach-detach
Change-Id: I67504a37b0fe2ae5da3cba2f3122d9d0e18b9481
policy file default and JSON format 'policy.json' is now
deprecated. Let's replace all the ref and test start using the
policy.yaml.
Change-Id: I78a273576702fb95d831bd9b801b5774fb9fd19e
These are now supported.
Part of blueprint add-emulated-virtual-tpm
Change-Id: I7a6026c157c56fb2f47902e93f83e36d35c91a8e
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This documents how to set up nova and glance so the feature
for direct download from Ceph can be used.
Change-Id: I07509c67c65e988fe5149b625007e90e68488cfd
Make the spec of virtual persistent memory consistent with
the contents of the admin manual, update the dependency of virtual
persistent memory about daxio, and add NOTE for the tested kernel
version.
Closes-Bug: #1894022
Change-Id: I30539bb47c98a588b95c066a394949d60af9c520
These options were deprecated way back in Rocky due to buggy behavior
they introduced. We can remove them now.
Change-Id: I9266edfd4ea6315239c54ff8d91e37d197c760c0
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Not as many of these as I thought there would be. Also, yes, the change
to 'nova.conf.compute' is a doc change :)
Change-Id: I27626984ce94544bd81d998c5fdf141875faec92
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
The 'architecture', 'hypervisor_type', 'hypervisor_version_requires' and
'vm_mode' image metadata properties have had new names for many cycles
now.
The example for the freshly renamed 'img_hv_requested_version' option
has been updated to show a Hyper-V example, since the Xen virt driver is
not tested and will likely be removed in the near future.
Change-Id: I5684d7d462d3f7cecd887216c5618139787ef5d7
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This series implements the referenced blueprint to allow for specifying
custom resource provider traits and inventories via yaml config files.
This fourth commit adds the config option, release notes, documentation,
functional tests, and calls to the previously implemented functions in
order to load provider config files and merge them to the provider tree.
Change-Id: I59c5758c570acccb629f7010d3104e00d79976e4
Blueprint: provider-config-file
What it is, why you'd want it and how you can configure it.
Part of blueprint add-emulated-virtual-tpm
Change-Id: I8e52a397bca8f09e6aaa6cab44eee7dded529c55
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
The RetryFilter was deprecated in Train.
The Aggregate[core|ram|disk] filters were also deprecated in train.
This change removes all four deprecated filters and their docs.
Change-Id: Idc29c759632850d3d767a261c9f385af71348f65
The metadata service is going to be accessible over IPv6 too when
the following Neutron feature merges (still in Victoria, I hope):
https://bugs.launchpad.net/neutron/+bug/1460177
However all end-user facing metadata documentation is in Nova,
so unless we want to refactor/move this, let me propose this doc
change here.
Change-Id: I7e67680090da003e01e106be47b7a807164fecb3
Partial-Bug: #1460177
Before, realtime CPUs could only be combined with dedicated CPUs
in a 'dedicated' policy instance. This patch supports to create
a type of instance that makes realtime CPUs be mixed with shared
CPUs under the 'mixed' CPU allocation policy.
Part of blueprint use-pcpu-and-vcpu-in-one-instance
Change-Id: Iad7864bf375341ef065bfec229a059e444c910e2
Signed-off-by: Wang Huaqiang <huaqiang.wang@intel.com>
Enable the 'hw:cpu_dedicated_mask' flavor extra spec interface, user
can create CPU mixing instance through a flavor with following
extra spec settings:
openstack flavor set <flavor_id> \
--property hw:cpu_policy=mixed \
--property hw:cpu_dedicated_mask=0-3,7
In a topic coming later, we'll introduce another way to create a
mixed instance through the real-time interface.
Part of blueprint use-pcpu-and-vcpu-in-one-instance
Change-Id: I2a3311c08a52eb11859c68ef940a0bd755a94c6b
Signed-off-by: Wang Huaqiang <huaqiang.wang@intel.com>
In I29c5a678efec4fbc4bd7958ebe6d454ae30701cd we made the libvirt driver
to run only on Linux. However we did not have documentation about what
virt driver runs on what Operating System. This patch starts such
documentation.
Change-Id: Iccf4ab14865ac1694d7b0dad5dcb101f1ba152c8
With the new release of sphinx 3.1.0, nova pdf docs build
started failing with "! Dimension too large." error.
That started failing since 10th June when the requirement added
the new constraint for sphinx.
Seems like somewhere TeX memory is exhausted during the pdf
building (I think we are hitting this open sphinx bug[1]).
While reproducing it locally I found that our giant policy sample
file inclusion in pdf doc causing this error.
- https://zuul.opendev.org/t/openstack/build/9c3e835ad5ee4842a07d77fdbaa6c97d/log/sphinx-build-pdf.log#7661
We did skip the sample policy file for pdf in
doc/source/configuration/index.rst but did not do that
in admin configuration file and it start giving the error now.
With this fix, sample policy file in admin config also is included
in html but not in pdf.
Closes-Bug: #1883200
Change-Id: Iae143997138a5169a1e0fc76a74f9a0f09c03626
When file-backed memory is configured, it is the only "memory" reported
by nova and used by instances, with RAM used in caching capacity. We
should be warning users of this and insisting they explicitly configure
the '[DEFAULT] reserved_host_memory_mb' config option to 0. However,
doing so now would be breaking change. Instead, start logging a warning
instead, failing only for the truly broken combination of reserving more
file-backed memory than we have allocated.
Change-Id: I9619338ad0f60253b628d96543f8ce3ac86242e3
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Closes-Bug: #1882821
This adds some details to the image cache page in the admin docs about
how image cache disk usage is (not) considered in the scheduler disk
space calculation. Workarounds and mitigation strategies are provided.
Change-Id: I7f40f167cea073a73cf249a9adfd73e1187c031b
Related-Bug: #1878024
In 21.0.0 Ussuri we were completed the nova-cyborg interaction feature,
but there are some issue when multiple create instances.
Creating servers with accelerators provisioned with the Cyborg service,
if a flavor asks for resources that are provided by nested Resource
Provider inventories (eg. VGPU) and the user wants multi-create (ie. say
--max 2) then the scheduler could be returning a NoValidHosts exception
even if each nested Resource Provider can support at least one specific
instance, if the total wanted capacity is not supported by only one
nested RP.
For example,creating servers with accelerators provisioned with the
Cyborg service, if two children RP have 4 VGPU inventories each:
- you can ask for a flavor with 2 VGPU with --max 2
- but you can't ask for a flavor with 4 VGPU and --max 2
Related-Bug: #1874664
Change-Id: I64647a6ba79c47c891134cedb49f03d3c61e8824
Zuul