Merge "Rework Nova service alerts"
diff --git a/README.rst b/README.rst
index 3abd1fb..3cf25d0 100644
--- a/README.rst
+++ b/README.rst
@@ -633,6 +633,18 @@
compute:
cpu_mode: host-model
+Nova compute cpu model
+----------------------
+
+.. code-block:: yaml
+
+ nova:
+ compute:
+ cpu_mode: custom
+ libvirt:
+ cpu_model: IvyBridge
+
+
Nova compute workarounds
------------------------
@@ -741,6 +753,46 @@
ossyslog:
enabled: true
+Inject password to VM
+---------------------
+
+By default nova blocks up any inject to VM because 'inject_partition' param is equal '-2'
+If you want to inject password to VM, you will need to define 'inject_partition' greater or equal to '-1' and define 'inject_password' to 'True'
+
+For example:
+
+ nova:
+ compute:
+ inject_partition: '-1'
+ inject_password: True
+
+# Allow the injection of an admin password for instance only at ``create`` and
+# ``rebuild`` process.
+#
+# There is no agent needed within the image to do this. If *libguestfs* is
+# available on the host, it will be used. Otherwise *nbd* is used. The file
+# system of the image will be mounted and the admin password, which is provided
+# in the REST API call will be injected as password for the root user. If no
+# root user is available, the instance won't be launched and an error is thrown.
+# Be aware that the injection is *not* possible when the instance gets launched
+# from a volume.
+#
+# Possible values:
+#
+# * True: Allows the injection.
+# * False (default): Disallows the injection. Any via the REST API provided
+# admin password will be silently ignored.
+#
+# Related options:
+#
+# * ``inject_partition``: That option will decide about the discovery and usage
+# of the file system. It also can disable the injection at all.
+# (boolean value)
+
+You can read more about injecting the administrator password here:
+ https://docs.openstack.org/nova/queens/admin/admin-password-injection.html
+
+
Documentation and Bugs
======================
diff --git a/nova/files/mitaka/nova-compute.conf.Debian b/nova/files/mitaka/nova-compute.conf.Debian
index a3a8f14..cc052e2 100644
--- a/nova/files/mitaka/nova-compute.conf.Debian
+++ b/nova/files/mitaka/nova-compute.conf.Debian
@@ -136,8 +136,14 @@
{%- else %}
virt_type = kvm
{%- endif%}
-inject_partition=-2
+
+inject_partition={{ compute.libvirt.inject_partition }}
+{%- if compute.libvirt.get('inject_partition', '-2')|string == '-2' %}
inject_password=False
+{%- else %}
+inject_password={{ compute.libvirt.inject_password }}
+{%- endif %}
+
disk_cachemodes="{{ compute.get('disk_cachemodes', 'network=writeback,block=none') }}"
libvirt_inject_password=True
block_migration_flag=VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_NON_SHARED_INC
diff --git a/nova/files/newton/nova-compute.conf.Debian b/nova/files/newton/nova-compute.conf.Debian
index 0d63bae..d1e34b1 100644
--- a/nova/files/newton/nova-compute.conf.Debian
+++ b/nova/files/newton/nova-compute.conf.Debian
@@ -183,14 +183,20 @@
{%- endif %}
[libvirt]
-cpu_mode = {{ compute.get('cpu_mode', 'host-passthrough') }}
+cpu_mode = {{ compute.cpu_mode }}
{%- if compute.libvirt.virt_type is defined %}
virt_type = {{ compute.libvirt.virt_type }}
{%- else %}
virt_type = kvm
{%- endif%}
-inject_partition=-2
+
+inject_partition={{ compute.libvirt.inject_partition }}
+{%- if compute.libvirt.get('inject_partition', '-2')|string == '-2' %}
inject_password=False
+{%- else %}
+inject_password={{ compute.libvirt.inject_password }}
+{%- endif %}
+
disk_cachemodes="{{ compute.get('disk_cachemodes', 'network=writeback,block=none') }}"
libvirt_inject_password=True
block_migration_flag=VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_NON_SHARED_INC
@@ -201,6 +207,9 @@
libvirt_inject_key=True
inject_key=False
vif_driver=nova.virt.libvirt.vif.LibvirtGenericVIFDriver
+{%- if compute.get('libvirt', {}).cpu_model is defined and compute.cpu_mode == 'custom' %}
+cpu_model = {{ compute.libvirt.cpu_model }}
+{%- endif %}
{%- if compute.get('ceph', {}).ephemeral is defined %}
images_type=rbd
diff --git a/nova/files/ocata/nova-compute.conf.Debian b/nova/files/ocata/nova-compute.conf.Debian
index d7854af..bb1af40 100644
--- a/nova/files/ocata/nova-compute.conf.Debian
+++ b/nova/files/ocata/nova-compute.conf.Debian
@@ -5939,14 +5939,20 @@
#
# From nova.conf
#
-cpu_mode = {{ compute.get('cpu_mode', 'host-passthrough') }}
+cpu_mode = {{ compute.cpu_mode }}
{%- if compute.libvirt.virt_type is defined %}
virt_type = {{ compute.libvirt.virt_type }}
{%- else %}
virt_type = kvm
{%- endif%}
-inject_partition=-2
-inject_password=True
+
+inject_partition={{ compute.libvirt.inject_partition }}
+{%- if compute.libvirt.get('inject_partition', '-2')|string == '-2' %}
+inject_password=False
+{%- else %}
+inject_password={{ compute.libvirt.inject_password }}
+{%- endif %}
+
disk_cachemodes="{{ compute.get('disk_cachemodes', 'network=writeback,block=none') }}"
block_migration_flag=VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_NON_SHARED_INC
live_migration_flag=VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST
@@ -6456,7 +6462,11 @@
# This would result in an error and the instance won't be launched.
# * ``virt_type``: Only the virtualization types ``kvm`` and ``qemu`` use this.
# (string value)
+{%- if compute.get('libvirt', {}).cpu_model is defined and compute.cpu_mode == 'custom' %}
+cpu_model = {{ compute.libvirt.cpu_model }}
+{%- else %}
#cpu_model=<None>
+{%- endif %}
# Location where libvirt driver will store snapshots before uploading them to
# image service (string value)
diff --git a/nova/files/pike/nova-compute.conf.Debian b/nova/files/pike/nova-compute.conf.Debian
index 7a1e90a..0e2e958 100644
--- a/nova/files/pike/nova-compute.conf.Debian
+++ b/nova/files/pike/nova-compute.conf.Debian
@@ -5939,14 +5939,20 @@
#
# From nova.conf
#
-cpu_mode = {{ compute.get('cpu_mode', 'host-passthrough') }}
+cpu_mode = {{ compute.cpu_mode }}
{%- if compute.libvirt.virt_type is defined %}
virt_type = {{ compute.libvirt.virt_type }}
{%- else %}
virt_type = kvm
{%- endif%}
-inject_partition=-2
-inject_password=True
+
+inject_partition={{ compute.libvirt.inject_partition }}
+{%- if compute.libvirt.get('inject_partition', '-2')|string == '-2' %}
+inject_password=False
+{%- else %}
+inject_password={{ compute.libvirt.inject_password }}
+{%- endif %}
+
disk_cachemodes="{{ compute.get('disk_cachemodes', 'network=writeback,block=none') }}"
block_migration_flag=VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_NON_SHARED_INC
live_migration_flag=VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST
@@ -6456,7 +6462,7 @@
# This would result in an error and the instance won't be launched.
# * ``virt_type``: Only the virtualization types ``kvm`` and ``qemu`` use this.
# (string value)
-{%- if compute.get('libvirt', {}).cpu_model is defined %}
+{%- if compute.get('libvirt', {}).cpu_model is defined and compute.cpu_mode == 'custom' %}
cpu_model = {{ compute.libvirt.cpu_model }}
{%- else %}
#cpu_model=<None>
diff --git a/nova/map.jinja b/nova/map.jinja
index 03b509f..c2334fc 100644
--- a/nova/map.jinja
+++ b/nova/map.jinja
@@ -15,7 +15,7 @@
{%- if grains.os_family == "Debian" %}
{%- set pkgs_list = [ 'nova-common', 'nova-consoleproxy', 'novnc', 'nova-api', 'nova-conductor', 'nova-consoleauth', 'nova-doc', 'nova-scheduler', 'python-novaclient', 'python-memcache', 'gettext-base', 'python-pycadf'] %}
{%- set services_list = ['nova-api', 'nova-consoleauth', 'nova-scheduler', 'nova-conductor', 'nova-novncproxy'] %}
-{%- if pillar.nova.controller is defined and pillar.nova.controller.get('version',{}) in ["juno", "kilo", "liberty", "mitaka", "newton", "ocata"] %}
+{%- if pillar.nova.controller is defined and pillar.nova.controller.get('version',{}) in ["juno", "kilo", "liberty", "mitaka"] %}
{%- do pkgs_list.append('nova-cert') %}
{%- do services_list.append('nova-cert') %}
{%- endif %}
@@ -124,11 +124,14 @@
libvirt_service: libvirt-bin
bind: compute_bind_defaults
debug: false
- libvirt: []
+ libvirt:
+ inject_partition: '-2'
+ inject_password: False
instances_path: "$state_path/instances"
notification: false
availability_zone:
aggregates: []
+ cpu_mode: host-passthrough
identity:
region: RegionOne
network: {{ compute_network }}
@@ -154,7 +157,9 @@
libvirt_service: libvirtd
bind: compute_bind_defaults
debug: false
- libvirt: []
+ libvirt:
+ inject_partition: '-2'
+ inject_password: False
notification: false
availability_zone:
identity:
diff --git a/tests/pillar/compute_single.sls b/tests/pillar/compute_single.sls
index abaa7ad..08250ba 100644
--- a/tests/pillar/compute_single.sls
+++ b/tests/pillar/compute_single.sls
@@ -1,12 +1,15 @@
nova:
compute:
- version: liberty
+ version: newton
enabled: true
virtualization: kvm
heal_instance_info_cache_interval: 60
vncproxy_url: openstack:6080
vnc_keymap: en-gb
resume_guests_state_on_host_boot: False
+ cpu_mode: custom
+ libvirt:
+ cpu_model: IvyBridge
bind:
vnc_address: 127.0.0.1
vnc_port: 6080