We have droped the system scope from Nova policy
and keeping the legacy admin behaviour same. This
commit adds the releasenotes and update the policy
configuration documentation accordingly.
Also, remove the upgrade check for policy which was
added for the system scope configuration protection.
Change-Id: I127cc4da689a82dbde07059de90c451eb09ea4cf
Nova does not support renaming a node once it has been deployed.
Previously, this was not mentioned anywhere in our docs. This patches
adds a warning to that effect to the installation guide.
Change-Id: I0f34c89855069119974d75d31833b974ba705306
This command was helpful to assist users FFUing past the Pike release,
however, it's no longer helpful and should be removed now. Do just that.
Change-Id: Ib42f65dbcf61ead571e9107e7ffbba2b29f48d64
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Report a warning during upgrade checks if there are computes older than
the previous major nova release in the system.
So if code is upgraded to Wallaby and the upgrade check was run before
the restart of the services with W code then the check warns for Ussuri
computes in the system.
Change-Id: I873b0c1e6e695ae88241bbf75ac9f80ecc6f5664
Default value of 'CONF.oslo_policy.policy_file' config option
has been changed from 'policy.json' to 'policy.yaml'. If new default
file 'policy.yaml' does not exist but old default 'policy.json' exist
then fallback to use old default file.
An upgrade checks is added to check the policy_file format and
fail upgrade checks if it is JSON formatted.
Added a warning in policy doc about JSON formatted file is deprecated,
also removed all the reference to policy.json file in doc as well as
in tests.
Related Blueprint: policy-json-to-yaml
Closes-Bug: #1875418
Change-Id: Ic4d3b998bb9701cb1e3ef12d9bb6f4d91cc19c18
Not as many of these as I thought there would be. Also, yes, the change
to 'nova.conf.compute' is a doc change :)
Change-Id: I27626984ce94544bd81d998c5fdf141875faec92
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Placement service has to be installed and configured with user and
endpoints before Nova installation. But in
stein release it is not mentioned in the prerequisites of Nova. Added
reference to Placement installation guide in the prerequisites section
of nova installation guide.
Change-Id: I6af43a24dc5b3575016f092268d98cc720249d93
Closes-Bug: #1829032
There are cases where policy file is re-generated freshly
and end up having the new defaults only but expectation is that
old deprecated rule keep working.
If a rule is present in policy file then, that has priority over
its defaults so either rules should not be present in policy file
or users need to update their token to match the overridden rule
permission.
This issue was always present when any policy defaults were changed
with old defaults being supported as deprecated. This is we have
changed all the policy for new defaults so it came up as broken case.
Adding nova-status upgrade check also to detect such policy file.
Related-Bug: #1875418
Change-Id: Id9cd65877e53577bff22e408ca07bbeec4407f6e
This legacy service is no longer used and was deprecated during the
Stein cycle [1]. It's time to say adios and remove them in their
entirety. This is pretty straightforward, with the sole exception of
schema for the 'remote-consoles' API, which has to continue supporting
requests for type 'xvpvnc' even if we can't fulfil those requests now.
[1] https://review.opendev.org/#/c/610076/
Part of blueprint remove-xvpvncproxy
Depends-On: https://review.opendev.org/695853
Change-Id: I2f7f2379d0cd54e4d0a91008ddb44858cfc5a4cf
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
Get excited, people. It's finally dying, for real. There is a lot more
doc work needed here, but this is a start. No need for a release note
modification since we've already said that nova-network has been
removed, so there's no point in saying that the service itself has been
removed since that's implicit.
Change-Id: I18d73212f9d98bc75974a024cf6fd872fdfb1ca4
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
The "Request Spec Migration" upgrade status check was added
in Rocky [1] and the related online data migration was removed
in Stein [2]. Now that we're in Train we should be able to
remove the upgrade status check.
The verify install docs are updated to remove the now-removed
check along with "Console Auths" which were removed in Train [3].
[1] I1fb63765f0b0e8f35d6a66dccf9d12cc20e9c661
[2] Ib0de49b3c0d6b3d807c4eb321976848773c1a9e8
[3] I5c7e54259857d9959f5a2dfb99102602a0cf9bb7
Change-Id: I6dfa0b226ab0b99864fc27209ebb7b73e3f73512
The output of 'nova-manage cell_v2 list_cells' command
has been modified since Idb306e4f854957fd2ded9ae061fc27f0ef768fc0 and
I96a6d5e59d33c65314fc187c0286ce3408d30bdc.
Fix the output of the command in the install documents.
Change-Id: I45d0e2ee1ff182347345af46f9a388f2884ba6cd
Closes-Bug: #1833647
We're going to remove all the code, but first, remove the docs.
Part of blueprint remove-consoleauth
Change-Id: Ie96e18ea7762b93b4116b35d7ebcfcbe53c55527
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
There is an inconsistency for keystone domain names
in the nova doc. ('default' and 'Default')
Replace 'default' with 'Default'.
Change-Id: I437092d04b0cbea78942efd5f565734f34bcbcb2
Closes-Bug: #1821411
In a fairly hack and slash fashion, remove the installation of placement
from the nova install docs. Placement will have its own installation
docs.
Configuring access to placement from the controller and compute nodes is
still described.
The depends-on is to the patch that provides placement install docs.
The output of 'nova-status upgrade check' is updated to reflect the
current state of the output of that command; this means it now
includes a fair bit more than checking cells v2 and the existence
of the placement API.
Depends-On: https://review.openstack.org/#/c/628220/
Change-Id: I9e082a9c6d4b6369f1ec6c17bbd3ccc417a5e97b
The installation of the nova-consoleauth service was erroneously
removed from the docs prematurely. The nova-consoleauth service
is still being used in Rocky, with the removal being possible in
Stein.
This should have been fixed as part of change
Ibbdc7c50c312da2acc59dfe64de95a519f87f123 but was missed.
This is also related to the release note update in Rocky
under change Ie637b4871df8b870193b5bc07eece15c03860c06.
Co-Authored-By: Matt Riedemann <mriedem.os@gmail.com>
Closes-Bug: #1793255
Related-Bug: #1798188
Change-Id: Ied268da9e70bd2807c2dfe7a479181fbec52979d
Placement documents have been published since
I667387ec262680af899a628520c107fa0d4eec24.
So use links to placement documents
https://docs.openstack.org/placement/latest/
in nova documents.
Change-Id: I218a6d11fea934e8991e41b4b36203c6ba3e3dbf
after the changed[1], the nubmers of service components on
controller node should be two rather than three.
[1]: https://review.openstack.org/#/c/604277/
Change-Id: Iada43eb7f36f946d1713b20a50ebdeb8c69d0545
Closes-Bug: #1801444
This is a relic that has long since been replaced by the noVNC proxy
service. Start preparing for its removal.
Change-Id: Icb225dec3ad291b751e475bd3703ce0eb30b44db
Because nova-consoleauth had deprecated since version 18.0.0,
it is better not to give reference of this service in verify operation
documentation file.
Change-Id: I0c3b9cfe96bcc3d7b6106c3e972ee9e2f79e419b
This adds some background, guidelines and structural
notes on writing nova-status upgrade checks.
This is intentionally written with some potentially
redundant information or nova developers as it's
also meant to be consumed outside nova as part of the
community-wide "upgrade-checkers" goal for Stein [1].
Story: 2003570
[1] https://governance.openstack.org/tc/goals/stein/upgrade-checkers.html
Change-Id: I340b25edeab3ac19c5d0bedfc69acd037d57bdd2
The document doesn't follow previous pattern to guide use
in using nova user to execute command and lead to issue
Change-Id: I795706a8f78ab4154bd39ce6259901800b34890e
Closes-Bug: 1781573
Option "os_region_name" from group "placement" is deprecated. Use
option "region_name" from group "placement".
Change-Id: Id44d456bb1bdb0c5564ad4f5d9cdee2f41226052
Related-Bug: #1762106
1. Beginning with the Queens release, the keystone install guide
recommends running all interfaces on the same port. This patch
updates the install guide to reflect that change.
2. update the deprecated neutron auth options
Change-Id: I5c0a6389b759153bae06fa43846f03ac083c3db4
This ensures we have version-specific references to other projects [1].
Note that this doesn't mean the URLs are actually valid - we need to do
more work (linkcheck?) here, but it's an improvement nonetheless.
[1] https://docs.openstack.org/openstackdocstheme/latest/#external-link-helper
Change-Id: Ifb99e727110c4904a85bc4a13366c2cae300b8df
The auth_uri option was deprecated and renamed in Queens:
I0cf11da3d395749df28077427689fdafc8a6b981
The auth_uri option is also no longer necessary, at least
for the purpose of the nova install guide, since all identity
service requests can be served through the single auth_url.
This change removes auth_uri usage and also updates the
auth_url value to match what is in the keystone install
guide:
https://docs.openstack.org/keystone/queens/install/keystone-install-ubuntu.html
Change-Id: Iff332890cbe1ba5b3876874e351b09c377d8dd5d
Closes-Bug: #1765144
It is not uncommon to triage bugs on a weekly basis where the
[neutron] auth credentials are not configured in nova.conf, which
generally leads to a 500 response in the compute API because of
the auth error.
With respect to neutron, the compute install guides really only
say to set use_neutron=True, but don't mention that configuring
the [neutron] section for auth is required. The networking service
install guide does, so it's a bit confusing why people make this
mistake in the first place, but as a reminder, this change adds
links from the compute install guide to the relevant sections
in the networking service install guides.
Change-Id: Id17457bd2770fcbebd6231919ba4002e75410089
Closes-Bug: #1761487
ghanshyam mann