Libvirt has implemented the capability to expose maximum number of
SEV guests and SEV-ES guests in 8.0.0[1][2]. This allows nova to detect
maximum number of memory encrypted guests using that feature.
The detection is not used if the [libvirt] num_memory_encrypted_guests
option is set to preserve the current behavior.
Note that current nova supports only SEV and does not support SEV-ES,
so this implementation only uses the maximum number of SEV guests.
The maximum number of SEV-ES guests will be used in case we implement
support for SEV-ES.
[1] https://gitlab.com/libvirt/libvirt/-/commit/34cb8f6fcd6a56a7bbcef2f7402def1682509e16
[2] https://gitlab.com/libvirt/libvirt/-/commit/7826148a72c97367fc6aaa76397fe92d32169723
Implements: blueprint libvirt-detect-sev-max-guests
Change-Id: I502e1713add7e6a1eb11ecce0cc2b5eb6a14527a
The CPU power management feature of the libvirt driver, enabled with
[libvirt]cpu_power_management, only manages dedicated CPUs and does not
touch share CPUs. Today nova-compute refuses to start if configured
with [libvirt]cpu_power_management=true [compute]cpu_dedicated_set=None.
While this is functionally not limiting it does limit the possibility to
independently enable the power management and define the
cpu_dedicated_set. E.g. there might be a need to enable the former in
the whole cloud in a single step, while not all nodes of the cloud will
have dedicated CPUs configured.
This patch removes the strict config check. The implementation already
handles each PCPU individually, so if there are an empty list of PCPUs
then it does nothing.
Closes-Bug: #2043707
Change-Id: Ib070e1042c0526f5875e34fa4f0d569590ec2514
Some of the object unit tests grub Mock object unintentionally, and
that results in failure during initializing an versioned object,
because the Mock object does not present its version correctly.
This fixes that problem
The sqlalchemy-2x job is made non-voting because this job requires
oslo.utils 6.3.0 which is blocked by this problem.
Closes-Bug: #2043116
Related-Bug: #2042886
Change-Id: Id1c1b77c020e2d8f0ac61c2aee86c9f37d388d53
That's one giant hole in our docs. Whoops.
Change-Id: I8ac6f204dd3ebe424dfe4335a491b8c9df7d0cc4
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
We recently found a rolling-upgrade bug on rebuild so we need to make
sure that grenade-multinode can verify all our instance actions.
Given we pin the compute RPC API version to the N-1 compute one, we are
sure that all RPC calls continue to behave the previous release.
NOTE : Given the previous cycle was already supporting 6.2 RPC version,
we can't test here the previous problems hence why this is the last
patch from the series.
Change-Id: I1d8deb139922494dd74ff32965fd7dd74d1d768b
Related-Bug: #2040264
By I0d889691de1af6875603a9f0f174590229e7be18 we broke rebuild for Yoga
or older computes.
By I9660d42937ad62d647afc6be965f166cc5631392 we broke rebuild for Zed
computes.
Fixing this by making the parameters optional.
Change-Id: I0ca04045f8ac742e2b50490cbe5efccaee45c5c0
Closed-Bug: #2040264
We forgot that we automatically pin our RPC calls to the RPC version
that the older compute supports, so when rolling-upgrading computes, we
continue to use either Yoga or Zed versions for example when upgrading
to 2023.1.
Since the new parameters aren't optional, we broke the
rebuild_instance() method then for Yoga to Zed and Zed to 2023.1.
Change-Id: Icf340f3d4c5ce0a4b7388003f168e7c479e58eee
Related-Bug: #2040264
The nova-cert service was removed during Pike cycle by 2bcee77e3 and
the upgrade_levels option for this service was formally deprecated
during rocky by f0d2925bc7 . The other upgrade_levels options which
were deprecated at the same time were already removed.
Change-Id: I385dc41a3a69c51d60acced21cfdf6c6dd0cc724
The text alignment for one of the code blocks on the unified limits
admin doc page being off by one causes the rendered code block to be
slightly askew.
This fixes the alignment and also adjusts inconsistencies in code block
text alignment throughout the unified limits docs.
Change-Id: I52b61ad63a9788fe6443284db1a4e9012674aafe
This is being reverted because it's overly strict and complaining
that upgrade-related work has not been done before it should have or
needs to have been done. This may be re-added later when we start
depending on these linkages.
Closes-Bug: #2039597
This reverts commit 27f384b7ac.
Change-Id: Ifa5b82ca3b83d0ba481aa7a062827bd8e838989a
Libvirt's node device driver accumulates and reports information
about host devices. Network capabilities reported by node device
driver for NIC contain information about HW offloads supported
by this NIC.
One of possible features reported by node device driver is
switchdev: a NIC capability to implement VFs similar to actual
HW switch ports (also referred to as SR-IOV OVS hardware offload).
From Neutron perspective, vnic-type should be set to "direct" and
"switchdev" capability should be added to port binding profile to
enable HW offload (there are also configuration steps on compute
hosts to tune NIC config).
This patch was written to automatically translate "switchdev" from
VF network capabilities reported by node device driver to Neutron
port binding profile and allow user to skip manual step that
requires admin privileges.
Other capabilities are also translated: they are not used right
now, but provide visibility and can be utilized later.
Closes-bug: #2020813
Closes-bug: #2008238
Change-Id: I3b17f386325b8f42c0c374f766fb21c520161a59
If cpu_power_management_strategy is "cpu_state" and CPU0 is in the
dedicated set, we should just ignore it whenever we go to manage the
state. Since CPU0 cannot be powered off, but may be otherwise suitable
for the dedicated set, we can just skip it whenever we would normally
go to power it up or down.
Change-Id: I995c0953b361c7016bd77482fa2e2f276d239828
Fixes-Bug: #2038840
When we added the all_cells flag to this we just kinda hacked it
into place, leaving a big chunk of the method nested inside a
conditional. This refactors out that chunk into a helper, and also
corrects a naming error that was very confusing when reading the code
(a variable named "service" which was a list of services).
Change-Id: I41ff076864dce9ed826922f6609536ea4545a181
While debugging a field issue recently, we determined that computes
had been pointed at cell0 and created service and node records there.
This makes us warn during service list if we find compute services
in cell0 to tip off operators that they have a configuration problem.
Change-Id: Id95c0d02cc34348623b01997fcd1930628d48ccc
The URLs had the wrong order of "/latest/nova" instead of the correct
one, leading to "404 not found" errors.
Closes-Bug: 2036530
Change-Id: I083381ad2649c06be9443f5ed6a55bddafab4df8
as with the previous commit this change is simply correcting the
usage of backticks for inline literals
Change-Id: Icbfd168266dc1348ee15f7347ed673d220989ceb
Zuul