Steven Hardy [Tue, 26 Feb 2013 14:20:00 +0000 (14:20 +0000)]
heat engine : loadbalancer resource template, refer to StackId
Use the new AWS::StackId pseudo parameter to refer to the stack for
cfn-hup etc, otherwise the stack lookup by name will fail - using
the AWS::StackId parameter means we'll refer to the stack via the
full ARN and the CFN API will be able to lookup the nested stack.
Steven Hardy [Tue, 26 Feb 2013 14:17:00 +0000 (14:17 +0000)]
heat engine : Re-resolve resource static data before create
Re-resolve the template static data before creating the resource,
or we resolve the wrong value for the AWS::StackId pseudo parameter
which is updated after the parser.Stack gets stored.
Steven Hardy [Tue, 26 Feb 2013 14:55:18 +0000 (14:55 +0000)]
heat engine : Compare runtime resolved resource snippets on update
We need to compare the runtime resolved resource snippet, since that
is what we get back from self.parsed_template. If we don't do this,
then we get a false positive when a Ref to a parameter which gets
updated (e.g AWS::StackId) is used in the resource properties.
Steven Hardy [Mon, 25 Feb 2013 14:47:45 +0000 (14:47 +0000)]
heat engine : Add parser parameter support for AWS::StackId
Adds support for the AWS::StackId pseudo parameter, which will
allow us to to reference the stack ARN in the template, e.g so that
stacks can query their resource metadata via ARN not stack name,
which will solve the problem with nested resource being unable
to query their metadata.
Steven Hardy [Mon, 25 Feb 2013 11:19:19 +0000 (11:19 +0000)]
Add waitcondition to loadbalancer nested template
We want to ensure the LB instance has fully launched before declaring
this resource created, otherwise the resource will not be functional
and attempts to modify config via metadata updates will fail
Steven Hardy [Tue, 26 Feb 2013 16:34:28 +0000 (16:34 +0000)]
heat engine : fix variable/import shadowing in service.py
The resources import is shadowed by a variable declaration in
validate template, which is confusing, so add a prefix to
differentiate the variable from the import
Steven Hardy [Tue, 26 Feb 2013 16:31:12 +0000 (16:31 +0000)]
heat engine : reinstate resources import
Reinstate the resources import removed by 06f4f85, without this
we fail to create any resources (GenericResource is created for
all resources due to no resource plugins being imported).
Angus Salkeld [Mon, 25 Feb 2013 00:44:19 +0000 (11:44 +1100)]
Update the metadata if an alarm action makes changes
The point of this change?
- You have another instances' ip in your metadata and if it
gets restarted you want cfn-hup to see the new ip.
How is it achieved?
- poll for the metadata so you can see these changes (cfn-hup)
- when ever an alarm action is run we make sure the metadata is refreshed.
Steven Hardy [Fri, 22 Feb 2013 11:00:44 +0000 (11:00 +0000)]
heat loadbalancer : make LB nested template create credentials
Create User/AccessKey resources correctly in the LB nested template
so we can create a cfn-credentials file which will allow cfn-hup
to access the CFN API
Steven Hardy [Thu, 21 Feb 2013 17:12:53 +0000 (17:12 +0000)]
heat api : don't store whole request in ec2Credentials context
The ec2token middleware currently dumps the whole request into the
request context when using AWS Auth, when all we really want are
the credentials (accesskey/signature)
Steven Hardy [Thu, 21 Feb 2013 15:58:38 +0000 (15:58 +0000)]
heat tests : fix run_tests.sh pep checks
run_tests.sh parses tox.ini, which has been changed removing the
pep8 version, so remove this test and specify the version in
test-requires. This allows the pep tests to run via run_tests.sh
again, a subsequent patch can reinstate the version check based
on the test-requires version
Steven Hardy [Thu, 21 Feb 2013 10:35:27 +0000 (10:35 +0000)]
heat : bump oslo-config version to fix import error
New oslo config patch causes services to fail to launch, with
"ImportError: No module named oslo.config", bumping to
oslo-config-2013.1b4.tar appears to fix the problem
Steven Hardy [Wed, 20 Feb 2013 15:16:53 +0000 (15:16 +0000)]
heat engine : Update stack dependencies during update
We need to update the stack dependencies each time we modify the
resources list, otherwise in the event of a failure, the resources
returned from the iterator methods don't match with those found via
getitem/contains (which is important for rollback)
Steven Hardy [Wed, 20 Feb 2013 10:24:06 +0000 (10:24 +0000)]
heat engine : fail update immediately on resource update failure
When doing an update, we want to fail immediately, instead of
collecting the resource update errors and continuing. This is
particularly important for update rollback, where we want to
declare failure ASAP to simplify and speed up the rollback
Clint Byrum [Tue, 19 Feb 2013 20:21:07 +0000 (12:21 -0800)]
Add config for boto https_validate_certificates
Boto does not, by default, validate https ceritificates on endpoints. We
now provide a way to specify it in the heat configuration along side
is_secure. Heat deployers may also need to turn this off if boto ever
does make it default and they want to use self signed certs.
Avoid the possibility of returning an empty string (when Exceptions
have not got a string message), or parser.py will treat the error
as success and the resource operation failure will not be correctly
reflected in the resource state.
Steven Hardy [Fri, 15 Feb 2013 18:31:13 +0000 (18:31 +0000)]
heat engine : Only create periodic task on CREATE_COMPLETE
Only create the stack periodic watcher task if the stack create
completed successfully, since we don't want a watcher task if
the stack ended up rolling back (or just in CREATE_FAILED state)
Steven Hardy [Thu, 14 Feb 2013 15:41:14 +0000 (15:41 +0000)]
heat tests : delete stacks from DB in parser tests
The tests which store a stack in the DB should delete it
at the end of the test, otherwise any cut/paste test
which uses the same stack name will always fail
Ian Main [Thu, 14 Feb 2013 23:04:30 +0000 (15:04 -0800)]
Throw a proper error if the flavor is missing.
I ran into a bug which caused a bt when the flavor is missing on the
targetted system. This patch makes it throw a proper exception and a
useful error message.
Fixes: bug #1129388
Change-Id: I545fce32732522053e2a4a113a02883a89045910 Signed-off-by: Ian Main <imain@redhat.com>
Mark McLoughlin [Mon, 18 Feb 2013 17:13:52 +0000 (17:13 +0000)]
Use oslo-config-2013.1b3
The cfg API is now available via the oslo-config library, so switch to
it and remove the copied-and-pasted version.
Add the 2013.1b3 tarball to tools/pip-requires - this will be changed
to 'oslo-config>=2013.1' when oslo-config is published to pypi. This
will happen in time for grizzly final.
Add dependency_links to setup.py so that oslo-config can be installed
from the tarball URL specified in pip-requires.
Remove the 'deps = pep8==1.3.4' from tox.ini as it means all the other
deps get installed with easy_install which can't install oslo-config
from the URL.
Excluded code from oslo-incubator in the pep8 check.
Retain dummy cfg.py file until keystoneclient middleware has been
updated (I18c450174277c8e2d15ed93879da6cd92074c27a).
Steve Baker [Wed, 13 Feb 2013 21:05:11 +0000 (10:05 +1300)]
Implement Internet Gateway and VPC attachment
Please note that this takes a different approach for
all VPC resources types. Previously the resource_id matched
the underlying quantum resource UUID (or a composite of the
underlying UUIDs)
This had some problems, including:
- it was resource_id abuse
- it required extra quantum _list and _show calls to get enough
data to wire up new resources
- it made the already difficult job of mapping VPC <-> quantum
even harder
The new approach is to store all quantum UUIDs in resource metadata.
The resource id is just the resource name, so resources can easily
fetch other resources from the stack by ref/name then look up
their metadata to find the underlying quantum UUIDs to perform
operations with.
Tomas Sedovic [Wed, 13 Feb 2013 10:10:53 +0000 (11:10 +0100)]
Fix policy checks for users without policies
When the User resource doesn't have the `Policies` property specified,
the policy checking code raised an error because it tried to iterate
over `None`.
Change-Id: I1ad0a051c837744d8ec0a343929918c92fa78437 Signed-off-by: Tomas Sedovic <tomas@sedovic.cz>
Code Review / openstack-build / heat-build.git / log