Commit Graph

369 Commits

Author SHA1 Message Date
Jean-François Pucheu c084b7d522 Correct Proxy setting for openstack provider: issue 8735 2016-09-20 20:53:56 +02:00
Joe Topjian 49bda267c9 Merge pull request #8172 from jtopjian/openstack-volumeattach-fix
provider/openstack: Volume Attachment and Detachment Fixes
2016-08-24 09:36:23 -06:00
Joe Topjian beee89c521 provider/openstack: Fix Volume Attachment Detection in Instances
This commit is changing the `volumes` block from being computed to non-computed.
This change makes the Terraform configuration the source of truth about volumes
attached to the instance and therefore is able to correctly detect when a user
detaches a volume during an update.

One thing to be aware of is that if a user attached a volume out of band of an
instance controlled by Terraform, that volume will be detached upon the next
apply. The best thing to do is add a `volume` entry in the instance's
configuration of any volumes that were attached out of band.

This commit also explicitly detaches volumes from an instance before the
instance terminates. Most Block Storage volume drivers account for this
scenario internally, but there are a few that don't. This change is to support
those that don't.

In addition, when volumes are read by the instance, volumes configured in the
Terraform configuration are the source of truth. Previously, a call was being
made to OpenStack to provide the list of attached volumes.

It also adds a few new tests and fixes existing tests for various volume
attach-related scenarios.
2016-08-24 15:21:59 +00:00
Joe Topjian a41ae4b9ac provider/openstack: docs and tests for allowed_address_pairs 2016-08-23 02:13:37 +00:00
Joe Topjian 9e4fc09365 Merge pull request #8257 from FedericoCeratto/allowed_address_pairs
provider/openstack: Add allowed_address_pairs
2016-08-22 20:06:33 -06:00
Federico Ceratto 5bc8736dc8 Add allowed_address_pairs
Original code from Rob Wilson <roobert@gmail.com>
2016-08-18 16:23:01 +01:00
Joe Topjian 9a324f1399 Merge pull request #8181 from fatmcgav/openstack_add_valuespec_subnet_v2_provider
provieder/openstack: Add 'value_specs' support for openstack_networki…
2016-08-16 13:25:59 -06:00
Gavin Williams ee56f1d075 provieder/openstack: Add 'value_specs' support for openstack_networking_subnet_v2 provider.
Updated provider documentation to support.
2016-08-15 08:28:37 +01:00
Gruendler, Daniel (415) 698000eb84 Fix typo in OpenStack LBaaSv2 pool resource 2016-08-14 20:56:53 +02:00
Joe Topjian a254aeaf9c Merge pull request #8155 from fatmcgav/openstack_network_add_value_specs
provider/openstack: Add support for 'value_specs' param on 'openstack_networking_network_v2' provider.
2016-08-13 12:45:22 -06:00
Gavin Williams 90efe68ce3 provider/openstack: Add support for 'value_specs' param on 'openstack_networking_network_v2' provider.
This can be used to pass additional custom values to the netowrk
resource upon creation.
2016-08-12 09:14:38 +01:00
Joe Topjian 38f0e62430 Merge pull request #8070 from fatmcgav/openstack_router_update_external_gw
provider/openstack: Add support for updating the External GW assigned to a Neutron router
2016-08-10 09:03:52 -06:00
Joe Topjian 1c09918191 provider/openstack: Fixing acc test for external gw update 2016-08-10 15:54:31 +01:00
Gavin Williams b9eaa23f60 Add support for updating the External Gateway assigned to a Neutron router.
Added a simple acceptance test, but doesn't work.
2016-08-10 15:54:31 +01:00
Giovanni Paolo Gibilisco ba42737e26 add acceptance test for issue #8040 2016-08-10 12:35:53 +02:00
Joe Topjian 30273faf20 Merge pull request #7649 from jtopjian/openstack-boot-volume-fix
provider/openstack: Fixing boot volume interference
2016-07-20 08:23:09 -06:00
Joe Topjian 411ad21fd8 provider/openstack: Fixing boot volume interference
This commit fixes the situation where instances with both a
bootable volume and attached block storage volumes were reporting
an inconsistent state.
2016-07-15 15:29:44 +00:00
Joe Topjian f7da261294 provider/openstack: Support Import of OpenStack LBaaS V1 Resources (#7660) 2016-07-15 09:49:31 +01:00
Joe Topjian bc5a8b827f provider/openstack: Support Import of OpenStack Networking Resources (#7661)
Router-based resources are not included. They will be added later.
2016-07-15 09:47:11 +01:00
dkalleg 72660750fd Setting admin_state_up default to true
This is to be inline with OpenStack defaulting admin_state_up to true.
2016-07-12 18:08:16 -07:00
Joe Topjian 8b80d05103 provider/openstack: Support Import of OpenStack Block Storage Volumes (#7347) 2016-07-12 09:13:52 +01:00
Joe Topjian 480542d2ab provider/openstack: Support Import openstack_compute_keypair_v2 (#7346) 2016-07-03 16:39:20 +01:00
Joe Topjian 713c0daa52 provider/openstack: Support Import openstack_compute_floatingip_v2 (#7348) 2016-07-03 16:38:38 +01:00
Joe Topjian 0466520626 provider/openstack: Support Import openstack_compute_servergroup_v2 (#7349) 2016-07-03 16:38:21 +01:00
Joe Topjian c1e4d297f3 provider/openstack: Support Import openstack_compute_secgroup_v2 (#7350) 2016-07-03 16:37:58 +01:00
Joe Topjian 8d8becdfdb provider/openstack: Support Import of OpenStack FWaaS Resources (#7471) 2016-07-03 16:37:35 +01:00
Joe Topjian bc6be73c1d provider/openstack: Fix Security Group EOF Error
When applying or removing 2+ security groups from an instance, an EOF
error will be triggered even though the action was successful. This
patch accounts for and ignores the EOF error. It also adds a test
case.

Security Group and Port documentation are also updated in this
commit.
2016-07-02 14:18:04 +00:00
Joe Topjian 4ca5c948b6 provider/openstack: Deprecate openstack_lb_pool_v1 member attribute
This commit marks the "member" attribute of the
openstack_lb_pool_v1 resource as being deprecated. Users should begin
migrating to the openstack_lb_member_v1 resource.
2016-06-30 02:12:15 +00:00
Joe Topjian 10e2786038 Merge pull request #6997 from jtopjian/openstack-lb-pool-disassociate
provider/openstack: Disassociate Monitors from Pool Before Deletion
2016-06-26 13:20:16 -06:00
Joe Topjian 69743450d0 Merge pull request #7194 from scrossan/master
provider/openstack: Change rules type to List
2016-06-23 22:18:24 -06:00
Dmytro Aleksandrov c32d152495 Implemented stop_before_destroy behavior
Docs and acceptance test included
2016-06-23 09:20:41 +03:00
Steven Crossan ca2d230a2c provider/openstack: Change rules type to List
Allows for ordering of rules that are applied to the firewall policy,
including addition and removal of rules in certain positions.
2016-06-16 12:27:01 +01:00
Joe Topjian f563b24002 provider/openstack: lbaas v2 updates
This commit cleans up the acceptance test formatting for the lbaas v2
resources. It also modifies the devstack script to enable the lbaas
v2 service for testing. Finally, this commit increases the timeout
for load balancer creation since it takes some time to do within
devstack.
2016-06-11 04:20:44 +00:00
dkalleg 8467f5219e OpenStack LBaaS v2 Support
CRUD, tests and Docs for managing a LoadBalancer, Listener,
Pool, Member, and Monitor resources.
2016-06-09 13:19:52 -07:00
Joe Topjian c62dc3f72f provider/openstack: Disassociate Monitors from Pool Before Deletion
This commit ensures that all monitors have been disassociated from
the load balancing pool before the pool is deleted.

A test has been added to ensure that a full load balancing stack is
capable of handling an update to an instance, causing some components
to be rebuilt.
2016-06-03 02:34:14 +00:00
Joe Topjian 8691f2477d Merge pull request #6921 from jtopjian/openstack-blockdevice-forcenew
provider/openstack: Enforce ForceNew on Instance Block Device
2016-06-02 20:30:46 -06:00
Joe Topjian ead1fed897 provider/openstack: Enforce ForceNew on Instance Block Device
This commit causes openstack_compute_instance_v2 resources to be
destroyed and recreated upon changes to any block_device argument.
2016-06-03 02:16:40 +00:00
Joe Topjian c1ec286ff7 Merge pull request #6919 from jtopjian/openstack-lb-pool-provider
provider/openstack: Add lb_provider argument to lb_pool_v1 resource
2016-06-02 20:05:06 -06:00
Joe Topjian e0d343906d provider/openstack: Add lb_provider argument to lb_pool_v1
This commit adds the lb_provider argument to the lb_pool_v1 resource.
This argument can be used to specify a backend load balancing system.
2016-05-28 21:53:27 +00:00
Joe Topjian c7107e2228 provider/openstack: Devstack and fmt fixes
This commit adds the newly required OS_EXT_GW environment variable to
the devstack acceptance environment build suite. It also fixes some
space formatting in a test.
2016-05-28 21:32:49 +00:00
Joe Topjian 3aadc19e02 Merge pull request #6837 from carlpett/f-openstack-floatingip-fixed-binding
provider/openstack: Implement fixed_ip on floating ip allocations
2016-05-28 15:30:08 -06:00
Joe Topjian 6430d790e7 Merge pull request #6844 from jtopjian/openstack-instance-network-fnr
provider/openstack: Rebuild On Network Changes
2016-05-28 15:10:26 -06:00
Calle Pettersson 00be33eb40 Implement fixed_ip on floating ip allocations 2016-05-25 13:50:32 +02:00
Joe Topjian 9f53f77ad9 provider/openstack: Ensure CIDRs Are Lower Case (#6864)
This commit ensures that CIDR arguments are converted into lower
case values, specifically for IPv6 addresses.
2016-05-25 11:24:07 +01:00
Cristian Calin d2b33d51b8 provider/openstack allow specifying tenant_id on a floatingip resource
Allow a cloud admin to target a specific tenant in which to allocate
a floating IP. This is useful when the cloud admin does not want to
delegate network privileges to the tenants or various Q&A scenarios.
2016-05-24 16:31:09 +03:00
Joe Topjian 803522a7ce provider/openstack: Rebuild On Network Changes
This commit makes it so that openstack_compute_instance_v2 resources
are recreated when any network setting (except Floating IPs) is
changed.
2016-05-24 03:47:27 +00:00
Joe Topjian f674179109 Merge pull request #6693 from jtopjian/openstack-blockstorage-v2
provider/openstack: openstack_blockstorage_volume_v2 resource
2016-05-23 15:18:23 -06:00
Joe Topjian 93cc77e67f provider/openstack: Enable DHCP By Default
The openstack_networking_subnet_v2 resource was originally designed
to have DHCP disabled by default; however, a bug in the original
implementation caused DHCP to always be enabled and never be
disabled. This bug was fixed in #6052.

Recent discussions have shown that users prefer if DHCP is enabled
by default. This commit implements makes the change.
2016-05-23 20:44:34 +00:00
Kirill Shirinkin 2dc254af13 provider/openstack Increase timeouts 2016-05-19 11:28:55 +02:00
John Bresnahan 99ab233740 Fixes an vet error. 2016-05-17 06:23:53 -10:00
Joe Topjian b204d35e19 provider/openstack openstack_blockstorage_volume_v2 resource
This commit adds an openstack_blockstorage_volume_v2 resource. This
resource is able to create volumes using the OpenStack Block Storage
v2 API.
2016-05-17 13:20:26 +00:00
Joe Topjian f69d95d01f Merge pull request #6579 from Fodoj/reassociate-fip-on-update
provider/openstack: Reassociate FIP on network changes
2016-05-14 21:55:16 -05:00
Joe Topjian b53c74a9ae Merge pull request #6279 from ZZelle/support-client-cert
provider/openstack: Support client certificates
2016-05-14 20:44:57 -05:00
Kirill Shirinkin e24550bb6c Reassociate FIP on network changes 2016-05-10 11:12:19 +02:00
Cristian Calin 6fe82696d2 provider/openstack: Neutron security group resources
this implements two new resource types:
* openstack_networking_secgroup_v2 - create a neutron security group
* openstack_networking_secgroup_rule_v2 - create a newutron security
  group rule
Unlike their nova counterparts the neutron security groups allow a user
to specify the target tenant_id allowing a cloud admin to create per
tenant resources.
2016-05-03 09:18:48 +00:00
Cedric Brandily 94d3ed08c7 provider/openstack: Support client certificates
Official OpenStack clients commonly support specifing a client
certificate/key to enable SSL client authentication when communicating
with OpenStack services. This patch enables such feature in Terraform
with new parameters and environment variables:

* 'cert' provider parameter or OS_CERT env variable to specify client
   certificate file,
* 'key' provider parameter or OS_KEY env variable to specify client
   certificate private key file.
2016-04-21 09:43:11 +00:00
Joe Topjian 62a744a45e provider/openstack: Fix admin_state_up on openstack_lb_member_v1
admin_state_up was never being passed to a load balancing member
during creation.
2016-04-20 19:11:48 +00:00
Joe Topjian 1047df948c Merge pull request #6224 from jtopjian/openstack-mitaka-patches
provider/openstack: OpenStack Mitaka Patches
2016-04-20 08:04:55 -06:00
Roberto Jung Drebes 65987a4b28 static routing entries for routers 2016-04-19 21:26:09 +00:00
Joe Topjian b70b4487bf provider/openstack: OpenStack Mitaka Patches
This commit patches a few acceptance tests in order to get them to
pass under OpenStack Mitaka.

The devstack dev environment script has also been updated to reflect
OpenStack Mitaka as well as the new Terraform dependency vendoring.
2016-04-18 19:32:29 +00:00
Joe Topjian db3e731cf3 Merge pull request #6081 from jtopjian/openstack-token-auth
provider/openstack: Enable Token Authentication
2016-04-16 22:57:01 -06:00
Joe Topjian 9d10028d43 provider/openstack: Fix Access Address Detection
This commit fixes how access ip addresses are detected. The previous
logic used was flawed and would detect the IPs in the wrong order.
2016-04-17 04:38:49 +00:00
Kirill Shirinkin 5824036ca6 provider/openstack: Add value_specs for routers 2016-04-11 10:23:01 +02:00
Joe Topjian a8a3bd71df provider/openstack: Enable Token Authentication
This commit enables the ability to authenticate to OpenStack by way
of a Keystone Token. Tokens can provide a way to use Terraform and
OpenStack with an expiring, temporary credential. The token will need
to be generated out of band from Terraform.
2016-04-10 03:20:49 +00:00
Seth Vargo 68a2a2299e Use schema funcs for reading values from the env 2016-04-08 17:28:54 -04:00
Joe Topjian 28f98c3701 provider/openstack: Allow subnets with no gateway
This commit adds a no_gateway attribute. When set, the subnet will
not have a gateway. This is different than not specifying a
gateway_ip since that will cause a default gateway of .1 to be used.
This behavior mirrors the OpenStack Neutron command-line tool.

Fixes #6031
2016-04-08 03:12:49 +00:00
Joe Topjian 82c6afc5a7 Merge pull request #6052 from jtopjian/openstack-fix-disable-dhcp
provider/openstack: Fix Disabling DHCP on Subnets
2016-04-07 20:41:43 -06:00
Joe Topjian d15a0eb752 provider/openstack: Fix Disabling DHCP on Subnets
This commit fixes a bug where "false" was not correctly being passed to
the subnet creation and therefore enabling DHCP on all subnets.
2016-04-06 21:00:27 +00:00
Joe Topjian 23b953eea3 provider/openstack: Allow resizing when Flavor Name changes
Previously, resizing would only work if the flavor_id changed and
would create an error if the flavor_name changes. This commit fixes
this behavior.

It also quickly refactors the getFlavorID function to use
Gophercloud's IDFromName function. getFlavorID was the basis of
IDFromName so the exact same code is used.

Fixes #5780
2016-04-05 15:31:14 +00:00
Paul Frybarger d8c9e448d4 Fix create/delete statuses in load balancing resources for openstack provider. 2016-03-10 09:35:38 -06:00
Joe Topjian 65d96ef58a provider/openstack: Account for a 403 reply from os-tenant-networks 2016-03-02 21:17:59 +00:00
Joe Topjian 9332a1ddac provider/openstack: Add test for ICMP SecGroup rules with type zero
This is to just catch possible breakage in the future. The actual
support was done in Gophercloud.

Previously, values of 0 were not allowed since there's no such port
as 0. However, there are ICMP codes of 0.
2016-03-01 03:29:14 +00:00
Joe Topjian 7d6116d7c2 provider/openstack: Re-Add server.AccessIPv4 and server.AccessIPv6
GH-4812 removed reading server.AccessIPv4 and server.AccessIPv6
because, AFAICT, they are not set by Nova. After removal, a user
reported that they were no longer able to read IPs from access_ip_v4
and access_ip_v6 on Rackspace. It's possible that Rackspace sets
the AccessIPv* attributes, and if that's true, other cloud providers
might as well through custom extensions.

The priority of how access_ip_v* is set might require some tweaks in
the future.
2016-02-28 21:39:45 +00:00
Joe Topjian d82a4c9259 provider/openstack: Safely typecast network during instance update
This commit protects against unsafe typecasting when an instance is
updating its network configuration.
2016-02-28 19:02:53 +00:00
Joe Topjian 866e49455f provider/openstack: Add detaching as valid pending state
This commit allows "detaching" to be a valid pending state when
detaching a volume. Despite being obvious pending state, it also
helps in race situations when a volume is implicitly being detached
by Nova.
2016-02-27 23:48:52 +00:00
Joe Topjian e872c3d8ba provider/openstack: Instance Block Device cleanup
This commit fixes and cleans up instance block_device configuration.

Reverts #5354 in that `volume_size` is only required in certain
block_device configuration combinations. Therefore, the actual
attribute must be set to Optional and later checks done.

Doc upates, too.
2016-02-27 06:05:01 +00:00
Joe Topjian ed9e7de901 provider/openstack: multi ephemeral support
This commit adds the ability to create instances with multiple
ephemeral disks. The ephemeral disks will appear as local block
devices to the instance.
2016-02-27 04:56:27 +00:00
Joe Topjian cb9099e28a Merge pull request #5355 from jtopjian/openstack-domain-env-vars
provider/openstack: Add Support for Domain environment variables
2016-02-26 21:42:05 -07:00
Joe Topjian 8d00ee3836 provider/openstack: Add Support for Domain environment variables
This commit adds the ability to specify the Domain ID and Domain Name
by OS_DOMAIN_ID and OS_DOMAIN_NAME respectively.
2016-02-27 04:34:17 +00:00
Joe Topjian 41e6851c15 provider/openstack: Making Block Device Size Required
The `volume_size` of a `block_device` was originally set to Optional,
but it's a required parameter in the OpenStack/Nova API. While it's
possible to infer a default size of the block device, making it required
more closely matches the Nova CLI client as well as provides consistent
experience when working with multiple block_devices.
2016-02-27 04:13:26 +00:00
Joe Topjian a230213b33 Merge pull request #5106 from kars7e/master
Add optional cacert_file parameter to openstack provider
2016-02-18 20:26:44 -07:00
Trevor Pounds 79742fc367 Enable `go vet -composites` check and fix warnings. 2016-02-17 11:59:50 -08:00
Kirill Shirinkin 63016155ea Add distributed routers support 2016-02-12 19:55:27 +01:00
Karol Stepniewski 88fb724af8 Add optional cacert_file parameter to openstack provider
Official OpenStack clients support specifing custom CA certificate file
that should be used when communicating with OpenStack server. This patch
adds similar behavior to Terraform OpenStack provider, by:
- Using OS_CACERT environmental variable, if available
- Using cacert_file provider parameter, if configured
2016-02-11 22:56:11 -08:00
Trevor Pounds 0cd0ff0f8e Use built-in schema.HashString. 2016-02-07 16:29:34 -08:00
Joe Topjian 7ccaaa12be provider/openstack: Fix crash when access_network was not defined 2016-02-02 22:59:16 +00:00
Joe Topjian aefd22ed9b provider/openstack Fix LB Member Errors
Fixing Load Balancer Member errors caused by not rebasing with master
before committing.
2016-01-31 22:51:26 +00:00
Joe Topjian baeaee0103 Merge pull request #4359 from jtopjian/jtopjian-openstack-lb-member
provider/openstack: Load Balancing Member Resource
2016-01-31 15:40:15 -07:00
Joe Topjian 1ccd0491ff Merge pull request #4812 from jtopjian/openstack-per-network-floating-ip
provider/openstack: Per-network Floating IPs
2016-01-31 15:24:59 -07:00
Joe Topjian df660a26a1 provider/openstack: Per-network Floating IPs
This commit adds the ability to associate a Floating IP to a specific
network. Previously, there only existed a top-level floating IP
attribute which was automatically associated with either the first
defined network or the default network (when no network block was
used).

Now floating IPs can be associated with networks beyond the first
defined network as well as each network being able to have their own
floating IP.

Specifying the floating IP by using the top-level floating_ip
attribute and the per-network floating IP attribute is not possible.

Additionally, an `access_network` attribute has been added in order
to easily specify which network should be used for provisioning.
2016-01-31 22:17:51 +00:00
Joe Topjian b488541ee9 provider/openstack Add Acceptance Test for No Port IP 2016-01-31 22:04:06 +00:00
Yo Takezawa 17e6e5d118 provider/openstack Convert FixedIPS from struct to map for ResourceData 2016-01-29 14:23:03 +09:00
Yo Takezawa 0aff8e28a5 provider/openstack Changing the port resource to mark the ip_address as Optional 2016-01-27 17:36:29 +09:00
Ian Duffy 47ac10d66b Change resource.StateChangeConf to use an array for target states
Signed-off-by: Ian Duffy <ian@ianduffy.ie>
2016-01-21 01:20:41 +00:00
Joe Topjian 7b4e17708a Merge pull request #4623 from jtopjian/openstack-instance-personality
provider/openstack: Add Instance Personality
2016-01-12 22:04:14 -07:00
Joe Topjian 4a4f2ad9e5 provider/openstack: Add Instance Personality
This commit adds the "personality" attribute which is used to provision
destination files on the instance.
2016-01-11 03:53:30 +00:00
Joe Topjian f1b55de7c8 Merge pull request #4617 from ebsco/master
Fix to not put fixed_ip in request if not defined
2016-01-10 19:39:21 -07:00
Cliff Pracht 1de2fde147 Fix to not put fixed_ip in request if not defined 2016-01-07 09:55:43 -05:00
Joe Topjian 2503f0b01d provider/openstack: Ensure valid Security Group Rule attribute combination
This commit ensures that a valid combination of security group rule attributes
is set before creating the security group.
2015-12-30 18:44:56 +00:00
Joe Topjian 8d5a2d05a4 provider/openstack: Load Balancing Member Resource
This commit adds the openstack_lb_member_v1 resource. This resource models a
load balancing member which was previously coupled to the openstack_lb_pool_v1
resource.

By creating an actual member resource, load balancing members can now be
dynamically managed through terraform.
2015-12-17 07:29:58 +00:00