The sample file has been empty for a little while now since default
policies are registered in code. Shipping an empty file may be
confusing, so let's remove it. A README has been added explaining how to
generate an actual sample policy file.
Change-Id: I23c934d2b610a451d6ebbd4276721c455365cedc
Depends-On: I85a251376dfe38caa4b100861bf764014a98bc37
- Fix indentation
- Add 'min' parameter to 'num_retries' configuration option. Users have
been warned about this since 2014
Change-Id: Icf1bdc2b9331cfb2f5a699f626c25ebb6d7648b2
Libvirt has "domainSetUserPassword" callback and virtuozzo driver
has an implementation for it. So in this patch we allow to use this
functionality for virtuozzo hypervisor.
Change-Id: Ia398afadfd9fd9544c5d843338ab25c0930d9f74
Implements: blueprint virtuozzo-instance-admin-password
When booting an instance there is logic in the conductor to check if a
delete has been issued. This is done by looking for a BuildRequest
object and discontinuing the build if it's not found. However the
conductor then deletes the BuildRequest so a reschedule attempt will not
find the BuildRequest object. This incorrectly stops the reschedule.
The filter_properties dict is updated with the number of scheduling
attempts for each reschedule so by looking at the value found there we
know if a reschedule is being attempted. If that's the case then bypass
the logic that checks for, and deletes, the BuildRequest object.
Change-Id: Ibf28d1d8f54703b465ccc497281419356cd0136e
Closes-Bug: 1628530
The archive_deleted_rows command in nova-manage is often-broken and
not well tested by us. We can test it to some degree in functional tests,
but running it against a real database with real deleted stuff in it
is a good idea. This adds a post-test hook and runs the archive so that
after a full test run in the gate, we'll see the output. Later, we should
make a failed run of this fatal, but for now, just run it so we can see
how close we are to being able to gate on it.
Change-Id: I16b2e00eede6af455cb74ca4e6ca951d56fdbcbc
The check_img_metadata_properties_quota validation method not
only checks quota for image metadata but also the type of the
metadata object in the request (dict) and the key length of
the metadata items in the dict - such that they were between length
1 and 255.
The metadata schema property handles all of that validation for
us so we don't need to do it in python, which was probably a carry
over from the legacy v2 API which didn't use json schema validation.
Now that the legacy v2 API code is gone, we can remove the explicit
python code checks in check_img_metadata_properties_quota and just
let the schema validator do it's job.
Change-Id: Ibec92e278887cd06e91687ca91e75f9b7b28098c
This is something I expect has been very broken for a long time. We
have rows in tables such as instance_extra, instance_faults, etc that
pertain to a single instance, and thus have a foreign key on their
instance_uuid column that points to the instance. If any of those
records exist, an instance can not be archived out of the main
instances table.
The archive routine currently "handles" this by skipping over said
instances, and eventually iterating over all the tables to pull out
any records that point to that instance, thus freeing up the instance
itself for archival. The problem is, this only happens if those extra
records are actually marked as deleted themselves. If we fail during
a cleanup routine and leave some of them not marked as deleted, but
where the instance they reference *is* marked as deleted, we will
never archive them.
This patch adds another phase of the archival process for any table
that has an "instance_uuid" column, which attempts to archive records
that point to these deleted instances. With this, using a very large
real world sample database, I was able to archive my way down to
zero deleted, un-archivable instances (from north of 100k).
Closes-Bug: #1622545
Change-Id: I77255c77780f0c2b99d59a9c20adecc85335bb18
The following warning appears in the unit test logs a number of times.
"UserWarning: This test uses methods that set internal oslo_db
state, but it does not claim to use the database. This will conflict
with the setup of tests that do use the database and cause failures
later."
This patch fixes all the warnings from:
nova.tests.unit.api.openstack.compute.test_instance_actions.py
Note that this warning is only emitted once per unit test worker, so new
offenders will show up in the logs each time you fix a test until they
are all gone.
Change-Id: I4ed976cac15de31fe975b7a15496bf2f2faea40b
Related-Bug: #1568414
The libvirt driver currently requires libvirt 1.2.1
and QEMU 1.5.3. In the Newton cycle we did not
announce any version bump for Ocata, so that will
not change.
This patch announces a version bump that will be
done in the Pike release, with predicted min versions
setting libvirt to 1.2.9 and QEMU to 2.1.0. These
are the versions present in Debian Jessie.
Out of the major distros currently supported, this
would eliminate support for:
- Ubuntu Trusty. Workaround: enable the "Cloud Archive"
the addon repository
- SLES 12. Workaround: upgrade to 12SP1
- RHEL 7.1. Workaround: upgrade to 7.2 or newer
Change-Id: I4a644aabf193d79c81e8fdae46e5def3526f78d4
The following warning appears in the unit test logs a number of times.
"UserWarning: This test uses methods that set internal oslo_db
state, but it does not claim to use the database. This will conflict
with the setup of tests that do use the database and cause failures
later."
This patch fixes all the warnings from:
nova.tests.unit.api.openstack.compute.test_serversV21.py
Note that this warning is only emitted once per unit test worker, so new
offenders will show up in the logs each time you fix a test until they
are all gone.
Change-Id: I88264e54fd135e56612ae3066e1c160f6643f9c4
Related-Bug: #1568414
The following warning appears in the unit test logs a number of times.
"UserWarning: This test uses methods that set internal oslo_db
state, but it does not claim to use the database. This will conflict
with the setup of tests that do use the database and cause failures
later."
This patch fixes all the warnings from:
nova.tests.unit.api.openstack.compute.test_shelve.py
Note that this warning is only emitted once per unit test worker, so new
offenders will show up in the logs each time you fix a test until they
are all gone.
Change-Id: I39cca6587f99cfe6f980b6d8fe857618fac6bb5a
Related-Bug: #1568414
Hyper-V supports UEFI SecureBoot since the 2012 R2 version
for Windows guests and this has been extended to Linux
guests as well with the upcoming release. This blueprint
implements UEFI SecureBoot for Linux guests.
DocImpact: The nova flavor extra specs docs needs to be updated
to include 'os:secure_boot' and its possible values. The
image metadata property docs needs to be updated to include
"os_secure_boot" property and its possible values.
Co-Authored-By: Claudiu Belu <cbelu@cloudbasesolutions.com>
Implements: blueprint hyper-v-uefi-secureboot
Change-Id: I1ea96930018d997820df2b7b4640fe1f241ee8d6
In commit 4df0869, a ClientRouter was added to cache client connections
to cell message queues. The periodic task for removing stale clients
is called with an empty RequestContext, but this overwrites the copy
in thread local storage unless overwrite=False is specified.
This adds overwrite=False to the empty RequestContext to prevent it
from overwriting the thread local context. All of the other periodic
tasks use get_admin_context() which also creates a RequestContext with
overwrite=False.
Closes-Bug: #1627838
Change-Id: I48024952865fe017e0cb786567b5b445b05e7659
Some unit-tests of libvirt driver use context module
instead of context object, this patch fixes that.
TrivialFix
Change-Id: Ia44e663719acf6769676db412623934d233bb592
Andrew Laski