Add the discard flag to libvirt XML when supported by libvirt and qemu,
and when using file backed memory.
The discard flag causes qemu to discard allocated memory via calling
madvise with MADV_REMOVE when using file backed memory, to prevent
writing out dirty instance memory. This is a significant performance
improvement for shutting down instances that have recently written to
significant portions of their memory.
As qemu and libvirt do not guarantee the discard is run, this cannot be
used for security purposes.
Change-Id: Ia7cf4414feb335b3c2e863b4c8b4ff559b275c34
Implements: blueprint libvirt-file-backed-memory
File backed memory is enabled per Nova compute host. When enabled, host
will report 'file_backed_memory_capacity' for available memory.
When enabled, instances will create memory backing files in the
directory specified in libvirt's qemu.conf file 'memory_backing_dir'
config option.
This feature is not compatible with memory overcommit, and requires
'ram_allocation_ratio' to be set to 1.0
Change-Id: I676291ec0faa1dea0bd5050ef8e3426d171de4c6
Implements: blueprint libvirt-file-backed-memory
This adds a new policy rule which defaults to behave in a
backward compatible way, but will allow operators to enforce
that servers created with a zero disk flavor must also be
volume-backed servers.
Allowing users to upload their own images and create image-backed
servers on local disk with zero root disk size flavors can be
potentially hazardous if the size of the image is unexpectedly
large, since it can consume the local disk (or shared storage pool).
It should be noted that disabling the new policy rule will
result in a non-backward compatible API behavior change and no
microversion is being introduced for this because enforcement via
a new microversion would not close the security gap on any previous
microversions.
Related compute API reference and user documentation is updated
to mention the policy rule along with a release note since
this is tied to a security bug, which will be backported to stable
branches.
Change-Id: Id67e1285a0522474844de130c9263e11868f67fb
Closes-Bug: #1739646
Even though the feature is technically virt driver agnostic,
the plumbing happens through the virt drivers, so the feature
is only supported by certain virt drivers (libvirt only at
the time of this patch). So this adds a section to the feature
support matrix about the trusted certs validation feature.
Also updates the certificate validation user docs based on
the nova boot --trusted-image-certificate-id option name
in the dependent python-novaclient change.
Depends-On: https://review.openstack.org/500396/
Related to blueprint nova-validate-certificates
Change-Id: Ic5cb4a98c73cc404c7033cf183f25a97aba3c994
Mention that if no transport_url is provided then the one
in the configuration file will be used for command
``nova-manage cell_v2 simple_cell_setup [--transport-url <transport_url>]``,
just like that for other cell_v2 commands.
Change-Id: Ifededa59f7ffe5887e67e29b93f70fa70dfaef33
If the compute endpoint in the service catalog is configured
for /v2 legacy compat mode, microversions in the request are
silently ignored by the LegacyV2CompatibleWrapper. This
adds a troubleshooting entry for that situation.
At this point, we might want to consider deprecating or at
least logging warnings if microversions are requested and
LegacyV2CompatibleWrapper strips them out, but that's fodder
for a separate change.
Change-Id: Ia7ecbf95d0a3e14c7f82b6a93c2ac4c4cfb89549
Change I496e8d64907fdcb0e2da255725aed1fc529725f2 made nova-scheduler
require placement >= 1.25 so this change updates the minimum required
version checked in the nova-status upgrade check command along with the
upgrade docs.
related to blueprint: granular-resource-requests
Change-Id: I0a17ee362461a8ae2113804687799bb9d9216110
non-FS based Storage Repository will be supported after vdi streaming
patches finished. Remove SR limitation in the document.
Change-Id: Idaf461c849ac28b46e8971e5dd2f0e986a9a5c32
With the new image handler, it creates an image proxy which
will use the vdi streaming function from os-xenapi to
remotely export VHD from XenServer(image upload) or import
VHD to Xenerver(image download).
The existing GlanceStore uses custom functionality to directly
manipulate files on-disk, so it has the restriction that SR's
type must be file system based: e.g. ext or nfs. The new
image handler invokes APIs formally supported by XenServer
to export/import VDI remotely, it can support other SR
types also e.g. lvm, iscsi, etc.
Note:
vdi streaming would be supported by XenServer 6.5 or above.
The function of image handler depends on os-xenapi 0.3.3 or
above, so bump os-xenapi's version to 0.3.3 and also declare
depends on the patch which bump version in openstack/requirements.
Blueprint: xenapi-image-handler-option-improvement
Change-Id: I0ad8e34808401ace9b85e1b937a542f4c4e61690
Depends-On: Ib8bc0f837c55839dc85df1d1f0c76b320b9d97b8
The vif_driver option was deprecated in Ocata:
I599f3449f18d2821403961fb9d52e9a14dd3366b
And can now be removed. The only supported networking
backend is neutron + ovs.
Related to blueprint remove-nova-network
Co-Authored-By: Naichuan Sun <naichuan.sun@citrix.com>
Change-Id: Ia977f115335f00bc36249fa67437b4336d524251
1. url for `Ceilometer` doc is not correct
2. nova-cert has been removed
(change I2c78a0c6599b92040146cf9f0042cff8fd2509c3)
and should no appear in the example
3. phrasing issue in explanation for "used_now" of host resource
usage
4. 'opensack server list' repsonse is different from that of 'nova list'
5. add info about diagnostic statistics format
Change-Id: I6a2a7b396fee2a5cbae633d5c259f5f0961b9b60
There is concern over the ability for compute nodes to reasonably
determine which events should count against its consecutive build
failures. Since the compute may erronenously disable itself in
response to mundane or otherwise intentional user-triggered events,
this patch adds a scheduler weigher that considers the build failure
counter and can negatively weigh hosts with recent failures. This
avoids taking computes fully out of rotation, rather treating them as
less likely to be picked for a subsequent scheduling
operation.
This introduces a new conf option to control this weight. The default
is set high to maintain the existing behavior of picking nodes that
are not experiencing high failure rates, and resetting the counter as
soon as a single successful build occurs. This is minimal visible
change from the existing behavior with default configuration.
The rationale behind the default value for this weigher comes from the
values likely to be generated by its peer weighers. The RAM and Disk
weighers will increase the score by number of available megabytes of
memory (range in thousands) and disk (range in millions). The default
value of 1000000 for the build failure weigher will cause competing
nodes with similar amounts of available disk and a small (less than ten)
number of failures to become less desirable than those without, even
with many terabytes of available disk.
Change-Id: I71c56fe770f8c3f66db97fa542fdfdf2b9865fb8
Related-Bug: #1742102
It's more common to format words like "nova-compute" with "``"
instead of "`", and there is no need to format words like "RPC".
This patch also fixes a few syntax and typo issues.
And as requested, some typos in aggregates.rst are corrected to
improve readability.
Change-Id: I4d9c184e1448c8ea9973302f53e1773a7b66cd1e
This adds a new CLI which will iterate all non-cell0
cells looking for instances that (1) have a host,
(2) aren't undergoing a task state transition and
(3) don't have allocations in placement and try
to allocate resources, based on the instance embedded
flavor, against the compute node resource provider
on which the instance is currently running.
This is meant as a way to help migrate CachingScheduler
users off the CachingScheduler by first shoring up
instance allocations in placement for any instances
created after Pike, when the nova-compute resource
tracker code stopped creating allocations in placement
since the FilterScheduler does it at the time of
scheduling (but the CachingScheduler doesn't).
This will be useful beyond just getting deployments
off the CachingScheduler, however, since operators
will be able to use it to fix incorrect allocations
resulting from failed operations.
There are several TODOs and NOTEs inline about things
we could build on top of this or improve, but for now
this is the basic idea.
Change-Id: Iab67fd56ab4845f8ee19ca36e7353730638efb21
The trusted vf attribute will be exposed to the instance through the
metadata API and on the config drive.
Note the logic when dealing with NetworkInterfaceMetadata devices was
refactored slightly in order to handle the existing cases where these
types of devices are skipped.
Implements blueprint sriov-trusted-vfs
Change-Id: Icbac4f11b2383b3d8295ec3362db0fc60b9c35a9
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@redhat.com>
This patch is the first step in syncing the nova host aggregate
information with the placement service. The scheduler report client gets
a couple new public methods -- aggregate_add_host() and
aggregate_remove_host(). Both of these methods do **NOT** impact the
provider tree cache that the scheduler reportclient keeps when
instantiated inside the compute resource tracker.
Instead, these two new reportclient methods look up a resource provider
by *name* (not UUID) since that is what is supplied by the
os-aggregates Compute API when adding or removing a "host" to/from a
nova host aggregate.
Change-Id: Ibd7aa4f8c4ea787774becece324d9051521c44b6
blueprint: placement-mirror-host-aggregates
Zuul