In the instance_create DB API method, it ensures the (legacy) default
security group gets created for the specified project_id if it does
not already exist. If the security group does not exist, it is created
in a separate transaction.
Later in the instance_create method, it reads the default security group
back that it wrote earlier (via the same ensure default security group
code). But since it was written in a separate transaction, the current
transaction will not be able to see it and will get back 0 rows. So, it
creates a duplicate default security group record if project_id=NULL
(which it will be, if running nova-manage db online_data_migrations,
which uses an anonymous RequestContext with project_id=NULL). This
succeeds despite the unique constraint on project_id because in MySQL,
unique constraints are only enforced on non-NULL values [1].
To avoid creation of a duplicate default security group for
project_id=NULL, we can use the default security group object that was
returned from the first security_group_ensure_default call earlier in
instance_create method and remove the second, redundant call.
This also breaks out the security groups setup code from a nested
method as it was causing confusion during code review and is not being
used for any particular purpose. Inspection of the original commit
where it was added in 2012 [2] did not contain any comments about the
nested method and it appeared to either be a way to organize the code
or a way to reuse the 'models' module name as a local variable name.
Closes-Bug: #1824435
[1] https://dev.mysql.com/doc/refman/8.0/en/create-index.html#create-index-unique
[2] https://review.opendev.org/#/c/8973/2/nova/db/sqlalchemy/api.py@1339
Change-Id: Idb205ab5b16bbf96965418cd544016fa9cc92de9
This adds a regression test in our post test hook. We are not able to
do a similar test in the unit or functional tests because SQLite does
not provide any isolation between transactions on the same database
connection [1] and the bug can only be reproduced with the isolation
that is present when using a real MySQL database.
Related-Bug: #1824435
[1] https://www.sqlite.org/isolation.html
Change-Id: I204361d6ff7c2323bc744878d8a9fa2d20a480b1
This builds on change I1233fbbaebd1750f572432bf74759b94408a17e3 which
added a functional test to create 10 servers with 255 BDMs each using
the two images. That scenario results in 2551 calls to the image service
to get the images. While an unrealistic scenario, it shows how
inefficient this can be even in a simple multi-create request where
each server has one or more BDMs that are using one or more of the
same images.
This change adds a simple cache that is used while processing the list
of instances to create and the list of BDMs per instance that are using
a source_type of 'image' to validate the image. This drops the image GET
calls in the functional test from 2551 to 3.
The functional test verifies the cache is being used properly. Existing
unit tests are updated for the method signature changes. Note that some
API controller tests were mocking a bit too deep and ignoring all of the
parameters to the _validate_bdm mock so rather than continue that pattern
the assertions are just changed to assert_called_once() since the tests
clearly don't care about the actual parameters passed to that method.
Change-Id: Ibd51d6fc2d4c9fd142ba17f2f87214bb62f72440
Closes-Bug: #1846777
While discussing rate limiting, or the lack thereof, in the API
the point came up that it's possible to create multiple servers
with a large number of BDMs in a single request and it's not
rate limited nor is there any optimization in the API for not
GETing the same image in the request more than once.
This adds a functional test to demonstrate by wrapping the image
API GET calls and asserting they are not cached within the request.
Related-Bug: #1846777
Change-Id: I1233fbbaebd1750f572432bf74759b94408a17e3
This is a follow up to [1]. The user docs home page has a link
to the admin AZ guide but not a direct link to the user AZ guide
so that is added here.
[1] https://review.opendev.org/#/c/667133/10/doc/source/user/index.rst@75
Change-Id: I4acb120d2e347a43abc584107c7a19bb422af384
These were missed in change If847b0085dbfb4c813d4a8d14d99346f8252bc19.
Change-Id: Iad18f355a20261313ddb3dafd302ed66ebca64bc
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
Changes to docs to handle redirects like [1] should not
trigger functional jobs. Note that functional-irrelevant-files
does not just blindly ignore all changes to the docs/* path
because we do need to run functional test jobs for changes to
doc/notification_samples.
[1] Iad18f355a20261313ddb3dafd302ed66ebca64bc
Change-Id: I4c2cb97de1fc8e1ed80fa22680621fd4f6390cfd
We only need this mocking if we're using nova-network.
Change-Id: Ic22f17764fa3ed3885a68c5928bfd56c3f81f2a7
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
Both _destroy_evacuated_instances and
_error_out_instances_whose_build_was_interrupted queries compute nodes
from the db during init_host. This patch does the query once in
init_host instead and pass down the necessary data to both calls.
Change-Id: I48f3bce6379d6e684d07180f7d7770748319e369
Since Ie991d4b53e9bb5e7ec26da99219178ab7695abf6 move_allocation
handles more than one resource provider, but still does not handle
sharing providers. This patch refines the code comments accordingly.
Change-Id: I7884361e32a8c9765256c0a9b16e54e3f9a82084
Previously any exception while rolling back the connection_info and
attachment_id of volume bdms would result in the overall attempt to
rollback a LM failing. This change refactors this specific bdm rollback
logic into two self contained methods that ignore by default errors
where possible to allow the LM rollback attempt to continue.
Change-Id: I6bc73e8c8f98d9955f33f309beb8a7c56981b553
The only user of put_allocations of the report client is
heal_allocations. It is easy to remove the @safe_connect decorator
from put_allocations as heal_allocations already handles
PlacementAPIConnectFailure exception.
This patch changes heal_allocations to raise
PlacementAPIConnectFailure instead of relying on @safe_connect.
Change-Id: I6b3f61525883a019703cf564e693516b3b61febc
This is a follow-up patch for https://review.opendev.org/676730.
In the TOC of the current PDF file [1], most contents related to
user and admin guides are located under "For Contributors" section.
This is weird. It happens because the latex builder constructs
the document tree based on "toctree" directives even though they
are marked as "hidden".
This commit reorganizes "toctree" per section.
The "toctree" directives must be placed at the end of
individual sections. Otherwise, content of a last section and
content just after "toctree" directive are concatenated
into a same section in the rendered LaTeX document.
This commit also improves the following as well:
* Specify "openany" as "extraclassoptions" to skip blank pages
along with "oneside" to use same page style for odd and even pages.
* Set "tocdepth" and "secnumdepth" to 3 respectively.
"tocdepth" controls the depth of TOC and "secnumdepth" controls
the level of numbered sections in TOC.
Note that this commit does not reorganize file structure under doc/source.
I believe this should be done separately.
[1] https://docs.openstack.org/nova/latest/doc-nova.pdf
Change-Id: Ie9685e6a4798357d4979aa6b4ff8a03663a9c71c
Story: 2006100
Task: 35140
Found this error in heat gate during running grenade test job.
Should not asking to provide cell_uuid if queue.get is timeout.
Closes-Bug: #1847131
Change-Id: I7f9edc9a4b4930f4dce98df271888fa8082a1701
melanie witt