Turns out we've a *lot* of disparate metadata systems. Attempt to both
link them somewhat through extensive cross-referencing and extract out
deployment-specific stuff from user-facing docs. Lots of changes here,
but in summary:
- Split out admin-focused content from the metadata API, config drive,
user data and vendordata docs.
- Merge the config drive, metadata service, vendordata and user-data
user docs, which are mostly talking about the same thing and are
fairly barren without the deployment components
- Make use of various oslo.config and Sphinx roles
Side note: I miss when we have tech writers to do this stuff for us :(
Change-Id: I4fb2b628bd93358a752e2397ae353221758e2984
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
In May 2019, four new microprocessor security flaws, known as "MDS"
(Microarchitectural Data Sampling) have been discovered. These flaws
affect unpatched Nova Compute nodes and instances running on Intel
x86_64 CPUs. The said security flaws are also referred to as "RIDL"
(Rogue In-Flight Data Load) and "Fallout".
Refer to the following pages for further details:
- https://access.redhat.com/security/vulnerabilities/mds
- https://mdsattacks.com/
- https://zombieloadattack.com/
* * *
If we're adding the guide for "MDS" flaws, then it begs the
question: "What about mitigation guides for previous vulnerabilities?"
Two points:
(a) Write the mitigation document for rest of the previous
vulnerabilities too, for completeness' sake. (In April 2018 I wrote
this doc[1] for Meltdown — polish it and submit it. Parts of that
document's content is already incorporated into the help text for
the config attribute `cpu_model_extra_flags`.)
(b) For now, we can live with the cliché, "something is better than
nothing"; we'll add the other docs "when we get to it". Meanwhile,
operators get mitigation details from various other places —
processor vendors, Linux distributions, etc.
[1] https://kashyapc.fedorapeople.org/Reducing-OpenStack-Guest-Perf-Impact-from-Meltdown.txt
Change-Id: I1bb472c3438cc9a91945999d2350b2c59fa6a1f3
Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
Adds a section in the admin guide with the config options related to
down cells.
Related to blueprint handling-down-cell
Change-Id: I6a6cc71e83896aaccd5dd98bc2ea024d6f22d528
There is some important stuff in the admin/configuration
docs sub-tree like information about configuring hypervisor
drivers and scheduler filters/weighers but it wasn't easily
found since it wasn't in the admin toc tree. This adds it
to the overall admin home page and adds a TODO that we need
to organize that admin page into sections somehow.
Change-Id: I5952a2dd590407b1ce56805df6f90a472cc878bf
Add a document about using the "native TLS" encryption feature of QEMU
and libvirt to secure live migration data transports — including disks
that are on non-shared storage ("block migration"). This ties into the
newly introduced Nova configuration attribute,
``[libvirt]/live_migration_with_native_tls``, to that end.
Blueprint: support-qemu-native-tls-for-live-migration
Change-Id: Ic1af52bc3608f8f586244dd26dad1f47604e3278
Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
Import the user guide cli-use-snapshots-to-migrate-instances
available on the old openstack-manuals repository.
This user guide describe how to migrate an instance based on a cloud
to another.
It is updated with openstack cli commands.
Change-Id: I17c87ee90b3d271a54026b8bdbad066bdc750c38
Now that we have this information, we can use it as a pre-filtering for
suitable hosts.
With this patch we complete the blueprint. As a result, documentation
and release notes are bundled in the patch and previously inactive tests
are now enabled.
Part of blueprint numa-aware-vswitches
Change-Id: Ide262733ffd7714fdc702b31c61bdd42dbf7acc3
The explanation of NUMA topology feature of nova exited in both
numa.rst and cpu-topologies.rst under doc/source/admin/.
This patch merges them for cleaning up.
Change-Id: I35e23b2e1ac55c74faf4f0542498e45f2957e4d3
There are currently two docs describing flavors in 'admin', which
contain a lot of overlapping information. Fix this by keeping the
configuration guide (how to create, delete, modify flavors) in
'admin', while moving the reference-style parts into 'user'. We
cross-reference the two internally.
Given that large chunks of this needed to be rewritten, we've taken the
opportunity to fix a poor description for the RXTX factor, closing a
longstanding bug in the process.
Change-Id: Ia57c93ef1e72ccf134ba6fc7fcb85ab228d68a47
Closes-Bug: #1688054
The ec2 / euca2ools command references definitely don't work any more,
this deletes most of them. The exception is the policy reference doc
which is over a year out of date, and needs more then surgical removal
of ec2 from it.
Change-Id: I963170f99037d5ed085e8c676ab55750c7f6372e
Import the following documents from the admin guide [1]:
- cli-manage-flavors.rst
- cli-nova-evacuate.rst
- cli-nova-manage-projects-security.rst
- cli-nova-manage-services.rst
- cli-nova-numa-libvirt.rst
- cli-nova-specify-host.rst
- cli-set-quotas.rst
- cli-set-compute-quotas.rst
- cli-os-migrate.rst
- cli-os-migrate-cfg-ssh.rst
- ts-no-emulator-x86-64.rst
- ts-multipath-warn.rst
- ts-failed-connect-vol-FC-SAN.rst
- ts-failed-attach-vol-no-sysfsutils.rst
- ts-failed-attach-vol-after-detach.rst
- ts-vol-attach-miss-sg-scan.rst
These were missed in the original import [2]. All 'ts-' files are merged
into a single 'support-compute' document, which is already in-tree.
[1] https://github.com/openstack/openstack-manuals/tree/stable/ocata/doc/admin-guide/source
[2] https://review.openstack.org/#/c/477497/
Change-Id: Ifa0039e270e54ea2fb58ab18ce6724e5e8e061a1
Closes-Bug: #1708666
Import all docs from openstack-manuals.
Part of bp: doc-migration
Change-Id: I28bb8ce1f4a8653f176a554d2e95b4423c437972
Co-Authored-By: Stephen Finucane <sfinucan@redhat.com>
Stephen Finucane