Our libvirt interface is not eventlet aware and not pure python. So
eventlet monkey patching is not enough. So the libvirt driver
implemented a native polling thread for libvirt and the queue + pipe
mechanism to push event from the native polling thread to the main
thread with the eventlet event loop.
We don't need all of these complications in native thread mode. There we
only need a single thread that poll libvirt for the events. The received
events can be executed directly on the polling thread as that is no
different from any other threads in the system now.
To make the change more understandable the event handling logic is moved
behind an abstraction that is implemented twice, once for eventlet with
the existing implementation just moved around, and once for native
threading with the simplified handling.
Change-Id: If479574cd91975810098afa8e3c220c7316a9431
Signed-off-by: Balazs Gibizer <gibi@redhat.com>
This is needed in order to pass TPM secret information to the
destination over RPC to support the 'host' secret security mode.
The fields are nullable so that secret security modes 'user' and
'deployment' may set them to None.
A setting of None lets the other security modes convey that they are
actively choosing not to pass any data in the vTPM fields. This is
important for interacting with older compute hosts in the middle of a
rolling upgrade. We do not want to backlevel new LibvirtLiveMigrateData
objects involving vTPM because older compute hosts cannot support vTPM
live migration in any capacity.
Related to blueprint vtpm-live-migration
Change-Id: If2ff2a7bb41dea6e0959c965477b79f3f7d633e7
Signed-off-by: melanie witt <melwittt@gmail.com>
Ironic is adding support for VNC consoles tracked under the following
spec[1]. This change provides support for the Nova Ironic driver to
access the consoles created by this feature effort.
This supersedes an existing Nova spec[2] to add VNC console support to
the Ironic driver, so this change can be considered to implement this
spec also. This change can be merged independently of the Ironic work,
as the Ironic driver handles the VNC console not being available.
The pre-requesites for a graphical console being available for an Ironic
driver node is:
- Ironic is configured to enable graphical consoles
- The node ``console_interface`` is a graphical driver such as
``redfish-graphical`` or ``fake-graphical``
- ``nova-novncproxy`` can make network connections to the VNC servers
which run adjacent to ``ironic-conductor``
The associated depends on adds the novnc validation check to the
baremetal basic ops, which is run in job
ironic-tempest-ipa-wholedisk-bios-agent_ipmitool-tinyipa.
In the support matrix console.vnc support is set to partial for ironic
due to the current lack of vencrypt support on the ironic side.
[1] https://specs.openstack.org/openstack/ironic-specs/specs/approved/graphical-console.html
[2] https://specs.openstack.org/openstack/nova-specs/specs/2023.1/approved/ironic-vnc-console.html
Related-Bug: 2086715
Implements: blueprint ironic-vnc-console
Change-Id: Iec26c67e29f91954eafc6a5a81086e36798d3f26
Signed-off-by: Steve Baker <sbaker@redhat.com>
Such mock is too wide and will cause issues with our basic libraries and
test infrastructure leading to race conditions and threads leaked across
tests.
We needed to remove a bunch of such mocks found by the new rule. In some
cases we needed to make the mocking more specific for a given Event
instance, in other case the mock was not needed at all and the test case
was still not taking excessive time.
Related-Bug: #2136815
Change-Id: I3ae3740eb07bade4e0883db3e02c0a81e92b9a36
Signed-off-by: Balazs Gibizer <gibi@redhat.com>
This means authenticating as the Nova service user to Barbican,
so that the latter can make the secret owned by Nova. This requires
the [service_user] config section to be set.
An API block is also added to prevent resizes to change to or from
the ``deployment`` TPM secret security mode. This is because doing so
would require conversion of secret ownership to or from the user to the
Nova service user. The change is complicated and will be implemented
as a separate patch later in the series.
Resizing from ``deployment`` TPM secret security mode to ``deployment``
TPM secret security mode is allowed.
Related to blueprint vtpm-live-migration
Change-Id: I007f9993451d9197f53dee9a5fd29daa307ebe6b
Signed-off-by: melanie witt <melwittt@gmail.com>
When a unit test create a nova.service.Service() and calls start() on
it, nova starts an RPC server with the fake oslo_messaging
implementation. That implementation uses a thread / greenthread to poll
for messages. If the RPC server is not stopped directly or via
Service.stop() at the end of the test case then that poller thread is
remains running during any subsequent test. This can cause interference
between test case.
This patch adds a fixture that tracks the started poller threads and
fail the test case if the poller is still active at the end of the test
case. As a consequence a set of test cases needed fixes to remove the
leak.
Change-Id: I92dc4ad09c77fd0a9e0bb263d355d9b0204be790
Signed-off-by: Balazs Gibizer <gibi@redhat.com>
Currently we have very similar service user authentication code
partially duplicated in the following areas:
* nova/image/glance.py
* nova/network/neutron.py
* nova/volume/cinder.py
* nova/api/metadata/vendordata_dynamic.py
This attempts to commonize and reuse code as much as possible from the
service_auth module in preparation of vTPM live migration patches.
Change-Id: I3a5c00e434eb6ce7956a717dffd11f38f19c5f7d
Signed-off-by: melanie witt <melwittt@gmail.com>
Tackle the create view. This is pretty simple again.
Change-Id: Ib806681a9514c6a2191cad9f6559a9cc2b610065
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Next up, the detail view. The benefits from being a carbon copy of the
show view.
Change-Id: I5bd2a3f41c8814f338a15aff4de8edbbd185186b
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This one focuses on the server index response. It's significantly
simpler than the show response, thankfully.
Change-Id: I5cd61adaf37015743cf463583245b3852e183bc7
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Organize API microversion checks by version and fields by name, so
our schema checks can be more easily diffed against the actual code.
Change-Id: I899befcc09bdb6a2641cba5f5ac314ab515f2897
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Security group handling is very different in the create view versus
other views. Don't try combining them.
Change-Id: I1b7e64e746ef226c8a2ae67310b31dc5703916f9
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
We're going to be reworking this substantially over the next few
changes. Get some style-focused changes out of the way first. This is
mainly a case of condensing things.
Change-Id: Ibb70b7c6fa723c34f2fac20601f22b49c69242df
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This exposes a minor issue in our policy checks. We reportedly assert
that a token scoped for one project cannot fetch quotas for another
project, but we weren't actually checking this. If we were, it wouldn't
have worked since our tests attempt to fetch quotas for the project
specified in the token. We add negative tests cases and update the
comments to clarify this.
Change-Id: I93c60a6bb110ab70f8821d0fbd6e8c5f87453582
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
We also bump the other linters, although these don't change anything.
Change-Id: I07ddb8743804172a4e81a70b1ee4aa897e48dfca
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
We also replace the use of typing.Union and add missing parameters and
returns types for Callable types.
Change-Id: I75ed4d1cc4d84515910a5bd315f8626135258148
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
mypy doesn't know that we dynamically register these: give it a helping
hand.
Change-Id: I73321f67766b67e00038fd8de744f95128c3e6cb
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This avoids the need to duplicate our dependency list in multiple places
and allows us to take advantage of tox's dependency management
infrastructure, to ensure we always get the latest and greatest version
of a package allowed by upper-constraints. It also removes the slowest
pre-commit hook (by some distance), making pre-commit faster.
Change-Id: Ie241768231f180d5a672bf9f8fdc6a1eb8d7dfdb
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This changes the thread pool usage of the ComputeManager to go through
the concurrency mode aware util functions.
The concurrent live migration pool had a seemingly unlimited option
when configured with value 0, but in reality GreenThreadPool has a
default worker size of 1000. In reality it is almost never right to
have more than one live migration running concurrently. Also with
native threading having 1000 worker is just too costly. So we
decided to deprecate the value 0 and changed the implementation of
unlimited to mean 5 threads in native threading mode. We kept the 1000
greenthread in eventlet mode for backward compatibility.
The _sync_power_states periodic task also spawn tasks for each instance
to be synced. As it uses a shared data structure across these tasks
and the caller a lock is needed to avoid race conditions.
Also the default pool size is 1000 for these tasks in our configuration.
That would use a lot of memory on a busy host in native threading mode.
So we changed the default value from 1000 to 5.
Change-Id: I9567d5fabdf086b5d0493103d9f6bde4f66af387
Signed-off-by: Balazs Gibizer <gibi@redhat.com>
Balazs Gibizer