Nova re-generates the resource request of an instance for each server
move operation (migrate, resize, evacuate, live-migrate, unshelve) to
find (or validate) a target host for the instance move. This patch
extends the this logic to support the extended resource request from
neutron.
As the changes in the neutron interface code is called from nova-compute
service during the port binding the compute service version is bumped.
And a check is added to the compute-api to reject the move operations
with ports having extended resource request if there are old computes
in the cluster.
blueprint: qos-minimum-guaranteed-packet-rate
Change-Id: Ibcf703e254e720b9a6de17527325758676628d48
This adds the final missing pieces to support creating servers with
ports having extended resource request. As the changes in the neutron
interface code is called from nova-compute service during the port
binding the compute service version is bumped. And a check is added to
the compute-api to reject such server create requests if there are old
computes in the cluster.
Note that some of the negative and SRIOV related interface attach
tests are also started to pass as they are not dependent on any of the
interface attach specific implementation. Still interface attach is
broken here as the failing of the positive tests show.
blueprint: qos-minimum-guaranteed-packet-rate
Change-Id: I9060cc9cb9e0d5de641ade78c5fd7e1cc77ade46
Take the opportunity to clean up the docs quite a bit, ultimately
combining two disparate guides on the scheduler into one.
Change-Id: Ia72d39b4774d93793b381359b554c717dc9a6994
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
To prepare for the unlikely event that Neutron merges and an operator
enables the port-resource-request-groups neutron API extension before
nova adds support for it, this patch rejects server creation if such
extension is enabled in Neutron. Enabling that extension has zero
benefits without nova support hence the harsh but simple rejection.
A subsequent patch will reject server lifecycle operations in a more
sophisticated way and as soon as we support some operations, like
boot, the deployer might rightfully choose to enable the Neutron
extension.
Change-Id: I2c55d9da13a570efbc1c862116cea31aaa6aa02e
blueprint: qos-minimum-guaranteed-packet-rate
Alembic does lots of new things. Provide docs for how to use this. We
also improve upgrade docs slightly, removing references to ancient
reviews that are no longer really helpful as well as calling out our N
-> N+1 constraint.
Change-Id: I3760b82ce3bd71aa0a760d7137d69dfa3f29dc1d
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Nested allocations are only partially supported in nova-manage placement
heal_allocations CLI. This patch documents the missing support and
blocks healing instances with VGPU or Cyborg device profile request in
the embedded flavor. Blocking is needed as if --forced is used with such
instances then the tool could recreate an allocation ignoring some of
these resources.
Change-Id: I89ac90d2ea8bc268940869dbbc90352bfad5c0de
Related-Bug: bug/1939020
As a prerequisite for blueprint generic-mdevs we need to rename the
existing enabled_vgpu_types options and dynamically generated groups
into enabled_mdev_types.
There is no upgrade impact for existing users, as the original
options are still accepted.
NOTE(sbauza): As we have a lot of methods and objects named gpu-ish
let's just change what we need here and provide followups for
fixing internal tech debt later.
Change-Id: Idba094f6366a24965804b88da0bc1b9754549c99
Partially-Implements: blueprint generic-mdevs
Correct a variety of gaps and other issues seen while improving the
flavor docs.
Change-Id: I8d68016cecb0269a5f9af88b0a08578f85403e23
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
The link of `TLS everywhere` should be 'https://docs.openstack.org/
project-deploy-guide/tripleo-docs/latest/features/tls-everywhere.html'.
Closes-Bug: #1933062
Change-Id: I468b82edeb899b0a780f8b545ad23ee0428a93ea
This change deprecates the AZ filters which is no longer required.
This also enable the use of placement for AZ enforcement by default and
deprecates the config option for removal.
Change-Id: I92b0386432444fc8bdf852de4bdb6cebb370a8ca
We now have good documentation on the PCI NUMA affinity policies
(thanks, artom!) so we can close out this TODO. Hurrah!
Change-Id: I4e6402bd192ea0d2efb26b52a7ceb65d924ec928
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
A new dumping ground for libvirt'y things that can't easily be
categorized or placed elsewhere.
Change-Id: I6999b9d66e12e1df7970aff6ce63e5323de6be45
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Related-Bug: #1843542
Use the formatting established in the style guide. There's a lot of
out-of-date information in here, but that's a battle for another day.
Change-Id: Ieec2c8f450c05a2451179e3bdba77514f2cc956e
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
There's no real need for this to exist as its own standalone document
now that we have a separate CPU models doc. Combine them.
Change-Id: I3a3e19b1f2660dd773fd3d47332abadc0c0e5c55
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
More information taken out of the catchall KVM guide and put into its
own doc, where it belongs.
Change-Id: I4a03561368b945e3aacbef8011b46933cc1fcfd7
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This was previously hidden in the hypervisor configuration guide. Make
it a top-level document.
Change-Id: If402522c859c1413f0d90912e357496a0a67c5cf
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
There's also a PCI passthrough guide. Use that instead, allowing us to
remove the sections for various extra specs from the 'user/flavors'
guide:
- hw:pci_numa_affinity_policy
- pci_passthrough:alias
Change-Id: I5701d284c2cfdadf825f8e2f699651b3f8c0c9ab
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
We have a perfectly good TPM guide. Enhance that, allowing us to remove
the special section dedicated to this from the generic flavor docs.
Change-Id: If484074c01595f747f9201b5ec12164779195b61
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This beefy patch closes a long-standing TODO and allows us to move yet
more information out of the flavors guide and into specific documents.
This, combined with existing documentation in place, means we can remove
the sections for various extra specs from the 'user/flavors' guide:
- hw:cpu_realtime -> doc/source/admin/real-time.rst
- hw:cpu_realtime_mask -> doc/source/admin/real-time.rst
- hw:emulator_threads_policy -> doc/source/admin/cpu-topologies.rst
- hw:cpu_policy -> doc/source/admin/cpu-topologies.rst
- hw:cpu_thread_policy -> doc/source/admin/cpu-topologies.rst
- hw:cpu_sockets -> doc/source/admin/cpu-topologies.rst
- hw:cpu_cores -> doc/source/admin/cpu-topologies.rst
- hw:cpu_threads -> doc/source/admin/cpu-topologies.rst
- hw:cpu_max_sockets -> doc/source/admin/cpu-topologies.rst
- hw:cpu_max_cores -> doc/source/admin/cpu-topologies.rst
- hw:cpu_max_threads -> doc/source/admin/cpu-topologies.rst
- hw:numa_nodes -> doc/source/admin/cpu-topologies.rst
- hw:numa_cpus.N -> doc/source/admin/cpu-topologies.rst
- hw:numa_mem.N -> doc/source/admin/cpu-topologies.rst
- hw:mem_page_size -> doc/source/admin/huge-pages.rst
Multiple improvements to the libvirt extra spec docs are included here,
for want of a better place to include them.
Change-Id: I02b044f8246f4a42481bb5f00259842692b29b71
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This is mostly regurgitated information from the current flavors guide
but we take the opportunity to significantly expand upon what we've
already stated here.
Change-Id: I9ad798427bbc6451fd920d6c08357d6e1eaa5136
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This patch adds the config option 'live_migration_scheme = tls' to the
secure live migration guide.
To let the live migration use the qemu native tls, some configuration of
the compute nodes is needed. The guide describes this but misses the
'live_migration_scheme' config option.
It is necessary to set 'live_migration_scheme' to tls to use the
connection uri for encrypted traffic. Without this parameter everything
seems to work, but the unencrypted tcp-connection is still used for the
live migration.
Closes-Bug: #1919357
Change-Id: Ia5130d411706bf7e1c983156158011a3bc6d5cd6
Introduce two new guides on UEFI and Secure Boot. In addition, update
the flavors guide to document the secure boot feature (though this doc
should really be removed in near term in favour of the auto-generated
docs, as noted inline).
Note that this change includes our first use of the ':nova:extra-spec:'
cross-reference role and highlights a small bug in that implementation.
This is resolved.
Blueprint: allow-secure-boot-for-qemu-kvm-guests
Change-Id: I4eb370b87ba8d0403c8c0ef038a909313a48d1d6
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
These were missed in the original change but add some useful context to
readers of when things have been changed.
blueprint: libvirt-default-machine-type
Change-Id: I64ef0efc80a088385c9ac45a818cc807490d2de1
Zuul