We are gleeful to announce the release of: octavia 14.0.0: OpenStack Octavia Scalable Load Balancer as a Service This release is part of the caracal release series. The source is available from: https://opendev.org/openstack/octavia Download the package from: https://pypi.org/project/octavia Please report issues through: https://storyboard.openstack.org/#!/project/908 For more details, please see below. Changes in octavia 13.0.0..14.0.0 --------------------------------- 4342c31a dib: Remove Ubuntu Forcal support 02a2195e dib: Remove remaining logic for CentOS/RHEL 8 411e7c6d Check Amphora status on SR-IOV failover flows 6cc3e50a Add --wait to Octavia cookbook b7c29365 Add release note about redis jobboard driver updates 5179cc3a reno: Update master for unmaintained/xena 1d411539 reno: Update master for unmaintained/wallaby 959297db reno: Update master for unmaintained/victoria c8892231 Fix duplicate tasks in SRIOV LB Create flow bd3ef61a redis: Support multiple sentinel servers 16f6b2e8 redis: Add username fc37d830 Enable nftables rules for SR-IOV VIPs d83999f4 Add nftables support for SR-IOV VIPs 75c1bdd1 Add support for SR-IOV ports in Octavia ffc9d831 Remove some unused code 6d352dd3 Fix pylint error bb53212d Add h2 section to Octavia cookbook d5d8c6bf Add additional-vips to the feature matrix 96846e7b When we failed to load pkcs12 cert print warning c8e5e46e reno: Update master for unmaintained/yoga 7352dc8f fix: specify endpoint info. for neutron client 380540a7 Use devstack helper functions in the plugin 7bb6096e Fix neutron setting overrides 1e0f59f5 Drop direct execution of octavia/cmd/*.py f2e1f90d git : Ignore generated octavia.conf 2e4c088a Bump hacking in pre commit config b1c930d4 tests: correct use of has_calls -> assert_has_calls 4d2ab9fc Cap hacking 7bbe3a3b Update python classifier in setup.cfg 2a327582 Unpin flake8-import-order 8b503d1e Add spec for SR-IOV in Octavia Amphora 73cdee50 Fix issue with certificates with no subject or CN a81cf552 Added olso_middleware.sizelimit support 7df86e12 Add publish amphora image job for Jammy 8e7c2737 Fix TLS-HELLO healthmonitors in the amphora-driver c28eb84d Fix health-monitors with ALPN members ff1b201d Honor connection_recycle_timeout in MysqlPersistenceDriver 333f035e Fix DB deadlock in quotas 2a1c4709 Cleanup duplicate DB sessions for quotas 657e7b8b Declare we use threads and processes for coverage d1d7fe71 Use cryptography to load PKCS12 certificates 0c367b4f Provide Amphora stats for Octavia no-op drivers 7310986d Add Noop Certificate Manager deeb4acc Run codespell on doc directory 753c30f1 diskimage-create: Fix tox.ini not compatible with tox 4.x d92ea016 diskimage-create: Remove unnecessary requirements 7ab75bfd Run codespell on octavia package directory e756866a Fix Amphora Configure API call 7261730d Fix health monitor information retrieval in API response 248cf289 Fix amphorae in ERROR during the failover ca70587f Reduce duration of failovers with amphora in ERROR c4a162ab Disable seqdiag in the spec docs 738f7599 Fix the octavia-grenade-skip-level issue be914933 Retry to set loadbalancer prov status on failures 5c051a6a Fix incorrect masquerade rules in multivip LBs 96870916 Fix error when deleting LB with broken amp 95774d47 Cleanup py27 support af86e24e Update master for stable/2023.2 8a47577b Fix race condition in members batch update API call 6d4be198 Fix links to the bug tracker in the docs/releasenotes 8b33b521 Fix remaining usage of [neutron] endpoint_type 7cea6043 Fix Zuul warnings with regexps cce34804 Fix timeout duration in start_vrrp_service during failovers 4e6e8f0c Add support for Rocky Linux Diffstat (except docs and test files) ------------------------------------- .coveragerc | 1 + .gitignore | 1 + .pre-commit-config.yaml | 2 +- api-ref/source/parameters.yaml | 8 + .../v2/examples/loadbalancer-create-response.json | 3 +- .../loadbalancer-full-create-response.json | 3 +- .../v2/examples/loadbalancer-show-response.json | 3 +- .../v2/examples/loadbalancer-update-response.json | 3 +- .../v2/examples/loadbalancers-list-response.json | 3 +- api-ref/source/v2/loadbalancer.inc | 4 + devstack/plugin.sh | 32 ++- diskimage-create/README.rst | 7 +- diskimage-create/diskimage-create.sh | 14 +- diskimage-create/requirements.txt | 2 - diskimage-create/tox.ini | 43 +++- .../feature-classification/feature-matrix-lb.ini | 8 + .../feature-matrix-listener.ini | 2 +- .../feature-classification/feature-matrix-pool.ini | 2 +- elements/amphora-agent/package-installs.yaml | 7 - elements/amphora-agent/pkg-map | 25 +- .../post-install.d/10-enable-network-scripts | 16 -- .../post-install.d/90-remove-build-deps | 2 +- elements/amphora-fips/environment.d/95-enable-fips | 2 +- .../amphora-fips/post-install.d/10-enable-fips | 2 +- .../environment.d/80-kernel-cpu-affinity | 2 +- .../post-install.d/80-disable-makecache | 2 +- .../post-install.d/20-haproxy-user-group-config | 2 +- .../haproxy-octavia/pre-install.d/01-repositories | 21 -- etc/config/octavia-config-generator.conf | 1 + .../backends/agent/api_server/lvs_listener_base.py | 2 +- .../amphorae/backends/agent/api_server/osutils.py | 10 +- octavia/amphorae/backends/agent/api_server/plug.py | 5 +- .../backends/agent/api_server/rules_schema.py | 52 ++++ .../amphorae/backends/agent/api_server/server.py | 29 ++- octavia/amphorae/backends/utils/interface.py | 51 +++- octavia/amphorae/backends/utils/interface_file.py | 15 +- octavia/amphorae/backends/utils/nftable_utils.py | 125 +++++++++ octavia/amphorae/drivers/driver_base.py | 27 ++ .../amphorae/drivers/haproxy/rest_api_driver.py | 52 +++- octavia/amphorae/drivers/health/heartbeat_udp.py | 4 +- .../drivers/keepalived/vrrp_rest_driver.py | 3 +- octavia/amphorae/drivers/noop_driver/driver.py | 25 ++ octavia/api/app.py | 3 + octavia/api/common/pagination.py | 4 +- .../api/drivers/amphora_driver/flavor_schema.py | 7 +- octavia/api/root_controller.py | 5 +- octavia/api/v2/controllers/health_monitor.py | 1 - octavia/api/v2/controllers/l7policy.py | 1 - octavia/api/v2/controllers/l7rule.py | 1 - octavia/api/v2/controllers/listener.py | 1 - octavia/api/v2/controllers/load_balancer.py | 20 +- octavia/api/v2/controllers/member.py | 9 +- octavia/api/v2/controllers/pool.py | 13 +- octavia/api/v2/types/load_balancer.py | 6 +- octavia/api/v2/types/pool.py | 2 +- octavia/certificates/common/pkcs12.py | 18 +- octavia/certificates/manager/barbican.py | 40 +-- octavia/certificates/manager/castellan_mgr.py | 19 +- octavia/certificates/manager/local.py | 8 +- octavia/certificates/manager/noop.py | 106 ++++++++ octavia/cmd/driver_agent.py | 2 +- octavia/cmd/health_checker.py | 4 - octavia/cmd/health_manager.py | 6 +- octavia/cmd/house_keeping.py | 2 +- octavia/cmd/interface.py | 4 - octavia/cmd/octavia_worker.py | 4 - octavia/cmd/prometheus_proxy.py | 5 - octavia/cmd/status.py | 6 - octavia/common/base_taskflow.py | 2 +- octavia/common/clients.py | 18 +- octavia/common/config.py | 30 ++- octavia/common/constants.py | 34 +++ octavia/common/data_models.py | 4 +- octavia/common/exceptions.py | 11 + .../haproxy/combined_listeners/templates/macros.j2 | 12 +- octavia/common/keystone.py | 14 +- octavia/common/tls_utils/cert_parser.py | 34 ++- octavia/common/utils.py | 6 + octavia/common/validate.py | 4 +- octavia/compute/drivers/nova_driver.py | 28 +- octavia/controller/worker/task_utils.py | 34 ++- octavia/controller/worker/v2/controller_worker.py | 64 +++-- .../controller/worker/v2/flows/amphora_flows.py | 141 +++++++++-- octavia/controller/worker/v2/flows/flow_utils.py | 28 +- .../controller/worker/v2/flows/listener_flows.py | 100 +++++++- .../worker/v2/flows/load_balancer_flows.py | 104 +++++--- .../worker/v2/taskflow_jobboard_driver.py | 18 +- .../worker/v2/tasks/amphora_driver_tasks.py | 169 ++++++++++-- .../controller/worker/v2/tasks/compute_tasks.py | 2 +- .../controller/worker/v2/tasks/database_tasks.py | 113 ++++++--- .../controller/worker/v2/tasks/lifecycle_tasks.py | 138 +++++++--- .../controller/worker/v2/tasks/network_tasks.py | 117 +++++---- octavia/controller/worker/v2/tasks/shim_tasks.py | 28 ++ ...4a4ceed6_add_l7policy_action_redirect_prefix.py | 2 +- ..._add_cert_expiration__infor_in_amphora_table.py | 2 +- ...6742ca1b27c2_add_l7policy_redirect_http_code.py | 2 +- .../versions/db2a73e82626_add_vnic_type_for_vip.py | 36 +++ octavia/db/models.py | 1 + octavia/db/prepare.py | 2 +- octavia/db/repositories.py | 87 ++++--- octavia/distributor/drivers/driver_base.py | 2 +- octavia/network/base.py | 19 +- octavia/network/data_models.py | 5 +- .../drivers/neutron/allowed_address_pairs.py | 53 ++-- octavia/network/drivers/noop_driver/driver.py | 33 +-- .../backend/agent/api_server/test_server.py | 37 +++ .../backends/agent/api_server/test_osutils.py | 6 +- .../unit/amphorae/backends/utils/test_interface.py | 202 ++++++++++++++- .../backends/utils/test_keepalivedlvs_query.py | 2 +- .../amphorae/backends/utils/test_nftable_utils.py | 194 ++++++++++++++ .../drivers/haproxy/test_rest_api_driver.py | 32 ++- .../drivers/haproxy/test_rest_api_driver_1_0.py | 17 +- .../drivers/keepalived/test_vrrp_rest_driver.py | 17 ++ .../amphorae/drivers/noop_driver/test_driver.py | 3 +- .../unit/certificates/manager/test_barbican.py | 6 +- .../haproxy/combined_listeners/test_jinja_cfg.py | 33 ++- .../sample_configs/sample_configs_combined.py | 8 +- .../unit/controller/worker/test_task_utils.py | 60 ++++- .../worker/v2/flows/test_amphora_flows.py | 33 ++- .../worker/v2/flows/test_listener_flows.py | 80 ++++-- .../worker/v2/flows/test_load_balancer_flows.py | 58 ++++- .../worker/v2/tasks/test_amphora_driver_tasks.py | 282 +++++++++++++++++++-- .../worker/v2/tasks/test_database_tasks.py | 102 +++++++- .../worker/v2/tasks/test_database_tasks_quota.py | 38 +-- .../worker/v2/tasks/test_network_tasks.py | 147 ++++++++--- .../controller/worker/v2/tasks/test_shim_tasks.py | 33 +++ .../controller/worker/v2/test_controller_worker.py | 127 +++++++--- .../drivers/neutron/test_allowed_address_pairs.py | 99 ++++---- .../unit/network/drivers/neutron/test_utils.py | 2 + .../network/drivers/noop_driver/test_driver.py | 7 - playbooks/image-build/run.yaml | 1 + ...d-support-for-SR-IOV-VIPs-862858ec61e9955b.yaml | 9 + ...andle-blank-cert-subjects-b660d403ce56b0b8.yaml | 4 + .../Use-nftables-is-now-True-e1da3f92a4907b8c.yaml | 4 + ...ron-client-interface-info-06faaaad92886b8c.yaml | 4 + .../add-noop-amphora-stats-2cc64717f85eb9a8.yaml | 5 + .../add-noop-cert-manager-7018d3933a0ce9c6.yaml | 4 + .../add-rockylinux-support-ac6e410b979e622e.yaml | 8 + .../add-sizelimit-middleware-91dc6078522f81ec.yaml | 7 + ...x-amphora-update-api-call-d90853d7f75304a4.yaml | 6 + ...on-delete-with-broken-amp-10d7f4e85754d7ee.yaml | 6 + ...retrieval-in-api-response-d3b2e02a3a966f60.yaml | 7 + ...thmonitor-with-alpn-pools-82249b2b9a025068.yaml | 7 + ...-in-PENDING-on-DB-failure-1ffea71a86cd4ea9.yaml | 7 + ...de-rules-in-dualstack-lbs-94f97606c5804b36.yaml | 6 + .../fix-neutron-overrides-710ed047ebf0c45c.yaml | 8 + ...ition-member-batch-update-1aed0e06004c5dad.yaml | 7 + ...eout-dict-when-start-vrrp-278d4837702bd247.yaml | 6 + ...-tls-hello-healthmonitors-a4b98a80f6de8394.yaml | 4 + ...is-driver-updates-caracal-49fd98c16e727910.yaml | 10 + ...tence-driver-idle_timeout-23a481d304c3d283.yaml | 5 + .../reduce-duration-failover-636032433984d911.yaml | 7 + ...-standby-amphora-in-error-3c1d75bc7d9b169f.yaml | 5 + .../remove-forcal-support-2f7991f2d435876f.yaml | 5 + releasenotes/source/2023.2.rst | 6 + releasenotes/source/conf.py | 2 +- releasenotes/source/index.rst | 1 + releasenotes/source/victoria.rst | 2 +- releasenotes/source/wallaby.rst | 2 +- releasenotes/source/xena.rst | 2 +- releasenotes/source/yoga.rst | 2 +- requirements.txt | 3 +- setup.cfg | 5 +- setup.py | 8 - specs/template.rst | 13 - specs/version0.5/tls-data-security.rst | 12 +- specs/version14.0/SRIOV.rst | 220 ++++++++++++++++ test-requirements.txt | 4 +- tox.ini | 3 +- zuul.d/jobs.yaml | 39 ++- zuul.d/projects.yaml | 13 +- 199 files changed, 4352 insertions(+), 1171 deletions(-) Requirements updates -------------------- diff --git a/requirements.txt b/requirements.txt index e20ed6e1..d3acbd82 100644 --- a/requirements.txt +++ b/requirements.txt @@ -41 +40,0 @@ python-cinderclient>=3.3.0 # Apache-2.0 -pyOpenSSL>=19.1.0 # Apache-2.0 @@ -44 +43 @@ Jinja2>=2.10 # BSD License (3 clause) -taskflow>=4.4.0 # Apache-2.0 +taskflow>=5.5.0 # Apache-2.0 diff --git a/test-requirements.txt b/test-requirements.txt index 051ebbdf..fa31c123 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -4 +4 @@ -hacking>=3.0 # Apache-2.0 +hacking>=6.1.0,<6.2.0 # Apache-2.0 @@ -8 +8 @@ fixtures>=3.0.0 # Apache-2.0/BSD -flake8-import-order==0.12 # LGPLv3 +flake8-import-order>=0.18.0,<0.19.0 # LGPLv3