This makes 'nova-manage limits migrate_to_unified_limits' scan the API
database for flavors and detect if any resource classes are missing
registered limits in Keystone.
Related to blueprint unified-limits-nova-unset-limits
Change-Id: I431176fd4d09201c551d8f82c71515cd4616cfea
Makes igb vif model supported for hosts with libvirt 9.3.0 and qemu
8.0.0 or higher.
Implements: blueprint igb-vif-model
Depends-On: https://review.opendev.org/c/openstack/os-traits/+/928582
(merged, released as 3.2.0)
Change-Id: I6a1d8058c640e5dc015889610c4ae864ed9a5ccb
The following volume drivers were marked unsupported in cinder, and
subject for removal in future releases.
- Quobyte: 2c1a77056672b35d51ef15242d59a2d81d8a7696
- Windows SMB: c690fe7cbd0d307d92689f4fae03423aa7a91157
- Virtuozzo: cf01d7eaf370485fe3fb834a3bcad13b0773b6e1
Deprecate the libvirt volume drivers specifically used for these
backends, so that we can remove the corresponding volume driver code
from nova when cinder removes these drivers.
Change-Id: Ib5b2fbc3fbf1c076ab1eec611b471f16a5b71c06
Get the shared security groups the tenant has access to by making an
additional Neutron API call with the shared filter, if loaded.
Depends-On: https://review.opendev.org/c/openstack/neutron/+/811242
Related-Bug: #1942615
Implements: blueprint shared-security-groups
Change-Id: I6f2847e89a8e4c32ab7c992d6da229f820c4988d
Python 3.8 is no longer part of tested runtimes since 2024.2 . Removing
support for Python 3.8 allows us to replace deprecated md5 wrapper from
oslo.utils [1] by direct call of hashlib.md5.
[1] https://review.opendev.org/c/openstack/oslo.utils/+/930879
Also add python 3.12 to classifiers because now py312 unit test job is
voting.
Change-Id: I53da305538e27f2ff20a1ecb25960ebb03388011
Note: Initially this patch was related to new feature, but now it has
become a bug since os-brick's `setup` method is not being called and it
can create problems if os-brick changes.
As a new feature, os-brick now supports setting the location of file
locks in a different location from the locks of the service.
The functionality is intended for HCI deployments and hosts that are
running Cinder and Glance using Cinder backend. In those scenarios the
service can use a service specific location for its file locks while
only sharing the location of os-brick with the other services.
To leverage this functionality the new os-brick code is needed and
method ``os_brick.setup`` needs to be called once the service
configuration options have been loaded.
The default value of the os-brick ``lock_path`` is the one set in
``oslo_concurrency``.
This patch adds support for this new feature in a non backward
compatible way, so it requires an os-brick version bump in the
requirements.
The patch also ensures that ``tox -egenconfig`` includes the os-brick
configuration options when generating the sample config.
Closes-Bug: #2081859
Change-Id: I1b81eb65bd145869e8cf6f3aabc6ade58f832a19
The commit c1ccc1a316 introduced
a regression when NUMA live migration was done on shared storage
The live migration support for the power mgmt feature means we need to
call driver.cleanup() for all NUMA instances to potentially offline
pcpus that are not used any more after the instance is migrated away.
However this change exposed an issue with the disk cleanup logic. Nova
should never delete the instance directory if that directory is on
shared storage (e.g. the nova instances path is backed by NFS).
This patch will fix that behavior so live migration will function
Closes-Bug: #2080436
Change-Id: Ia2bbb5b4ac728563a8aabd857ed0503449991df1
This change ensures that if we are upgrading a
InstanceNUMACell object created before victoria
<1.5 that we properly set pcpuset=set() when
loading the object form the db.
This is requried to support instances with a numa
topology that do not use cpu pinning.
Depends-On: https://review.opendev.org/c/openstack/python-openstackclient/+/929236
Closes-Bug: #2080556
Change-Id: Iea55aabe71c250d8c8e93c61421450b909a7fa3d
At present, we can modify the properties in the instance
system_metadata through the sub command image_property of
nova-manage, but there may be inconsistencies between their
values and those in request_specs.
And the migration is based on request_specs, so the same image
properties are also written to request_specs.
Closes-Bug: 2078999
Change-Id: Id36ecd022cb6f7f9a0fb131b0d202b79715870a9
This patch adds the following SPICE-related configuration option
to the 'spice' configuration group:
- require_secure
When set to true, libvirt will be provided with domain XML which
configures SPICE VDI consoles to require secure connections (that
is, connections protected by TLS). Attempts to connect without
TLS will receive an error indicating they should retry the connection
on the TLS port.
Change-Id: Ica7083b0836f8d66cad8a4b4097613103fc91560
This change implements the actual functionality to allow users to
launch instances with stateless firmware (read-only firmware image +
no NVRAM).
Note that this feature is supported by the libvirt virt driver, and
also requires libvirt >= 8.6.0.
Implements: blueprint libvirt-stateless-firmware
Change-Id: I7219bfa11ae98e65c326bec1a99c49d3e245cb9a
We have a lot of special cases all around our code for AMI (et al)
images, in the boot, snapshot, and other areas. It was recently
discussed (after the major CVE which was complicated by AMI support)
that we should drop these special cases and support for AMI with it.
This starts that timer.
Change-Id: I90efaaa35225ce82bada0b427e09c8289adaae1e
Libvirt uses swtpm_ioctl to terminate swtpm processes. If the binary
does not exist, swtpm processes are kept running after the associated
VM terminates, because QEMU does not send shutdown to swtpm.
Closes-Bug: #2052761
Change-Id: I682f71512fc33a49b8dfe93894f144e48f33abe6
A Request-Too-Long error can be raised in case of too many aggregates
are attached to a host. The fix is to split the requests.
The request is executed by host via a periodic task. Result is set in
cache so no performances impact is expected.
The change introduce a new compute configuration option
`compute.sharing_providers_max_uuids_per_request = 200`.
Closes-bug: #2068893
Change-Id: I1355c0813cb99067ead60f9835938566289beb20
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@industrialdiscipline.com>
We have no schemas yet and thus nothing to use this, but we enable it in
our tests for when we start adding these.
Change-Id: I160ee724459403a10516a356ee860831545d7d65
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This address review feedback on change
I7e1d10e66a260efd0a3f2d6522aeb246c7582178 to add some clarifying text
to the docs and release note.
Related to blueprint persistent-mdevs
Change-Id: I472552c64cc2c2ce06896158664faac0199d90bd
After this patch nova rejects the add host to aggregate API action
if the host has instances and the new aggregate for the host would
mean that these instances need to move from one AZ (even from the
default one) to another. Such AZ change is not implemented in nova
and currently leads to stuck instances.
Similarly nova will reject remove host from aggregate API action if the
host has instances and the aggregate removal would mean that the
instances need to change AZ.
Depends-On: https://review.opendev.org/c/openstack/tempest/+/821732
Change-Id: I19c4c6d34aa2cc1f32d81e8c1a52762fa3a18580
Closes-Bug: #1907775
This commit removes the previous limitation on the number of tenants
that can be filtered using the `filter_tenant_id` aggregate property
in the AggregateMultitenancyIsolation scheduler filter.
The `filter_tenant_id` can now be used as a suffix, allowing for an
unlimited number of tenant ID properties to be set on the
aggregate. This update maintains backward compatibility.
Implements: blueprint aggregatemultitenancyisolation-to-support-unlimited-tenant
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@industrialdiscipline.com>
Change-Id: Ic87d142647774b62a6af2cc5eb7a3cd66f9afeb7
As of now, the server show and server list --long output
shows the availability zone, that is, the AZ to which the
host of the instance belongs. There is no way to tell from
this information if the instance create request included an
AZ or not.
This change adds a new api microversion to add support for
including availability zone requested during instance create
in server show and server list --long responses.
Change-Id: If4cf09c1006a3f56d243b9c00712bb24d2a796d3
With the change from ml2/ovs DHCP agents towards OVN implementation
in neutron there is no port with device_owner network:dhcp anymore.
Instead DHCP is provided by network:distributed port.
Closes-Bug: 2055245
Change-Id: Ibb569b9db1475b8bbd8f8722d49228182cd47f85
Now the destination returns the list of the needed mdevs for the
migration, we can change the XML.
Note: this is the last patch of the feature branch.
I'll work on adding mtty support in the next patches in the series
but that's not a feature usage.
Change-Id: Ib448444be09df50c3db5ccda8a49bfd882c18edf
Implements: blueprint libvirt-mdev-live-migrate
With Libvirt v8.7.0+, the <maxphysaddr> sub-element
of the <cpu> element specifies the number of vCPU
physical address bits [1].
[1] https://libvirt.org/news.html#v8-7-0-2022-09-01
New flavor extra_specs and image properties are added to
control the physical address bits of vCPUs in Libvirt guests.
The nova-scheduler requests COMPUTE_ADDRESS_SPACE_* traits
based on them. The traits are already defined in os-traits
v2.10.0. Also numerical comparisons are performed at
both compute capabilities filter and image props filter.
blueprint: libvirt-maxphysaddr-support-caracal
Change-Id: I98968f6ef1621c9fb4f682c119038e26d62ce381
Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp>
When people transition from three ironic nova-compute processes down
to one process, we need a way to move the ironic nodes, and any
associcated instances, between nova-compute processes.
For saftey, a nova-compute process must first be forced_down via
the API, similar to when using evacaute, before moving the associated
ironic nodes to another nova-compute process. The destination
nova-compute process should ideally not be running, but not forced
down.
blueprint ironic-shards
Change-Id: I33034ec77b033752797bd679c6e61cef5af0a18f
melanie witt