Commit Graph

318 Commits

Author SHA1 Message Date
Joe Topjian f69d95d01f Merge pull request #6579 from Fodoj/reassociate-fip-on-update
provider/openstack: Reassociate FIP on network changes
2016-05-14 21:55:16 -05:00
Joe Topjian b53c74a9ae Merge pull request #6279 from ZZelle/support-client-cert
provider/openstack: Support client certificates
2016-05-14 20:44:57 -05:00
Kirill Shirinkin e24550bb6c Reassociate FIP on network changes 2016-05-10 11:12:19 +02:00
Cristian Calin 6fe82696d2 provider/openstack: Neutron security group resources
this implements two new resource types:
* openstack_networking_secgroup_v2 - create a neutron security group
* openstack_networking_secgroup_rule_v2 - create a newutron security
  group rule
Unlike their nova counterparts the neutron security groups allow a user
to specify the target tenant_id allowing a cloud admin to create per
tenant resources.
2016-05-03 09:18:48 +00:00
Cedric Brandily 94d3ed08c7 provider/openstack: Support client certificates
Official OpenStack clients commonly support specifing a client
certificate/key to enable SSL client authentication when communicating
with OpenStack services. This patch enables such feature in Terraform
with new parameters and environment variables:

* 'cert' provider parameter or OS_CERT env variable to specify client
   certificate file,
* 'key' provider parameter or OS_KEY env variable to specify client
   certificate private key file.
2016-04-21 09:43:11 +00:00
Joe Topjian 62a744a45e provider/openstack: Fix admin_state_up on openstack_lb_member_v1
admin_state_up was never being passed to a load balancing member
during creation.
2016-04-20 19:11:48 +00:00
Joe Topjian 1047df948c Merge pull request #6224 from jtopjian/openstack-mitaka-patches
provider/openstack: OpenStack Mitaka Patches
2016-04-20 08:04:55 -06:00
Roberto Jung Drebes 65987a4b28 static routing entries for routers 2016-04-19 21:26:09 +00:00
Joe Topjian b70b4487bf provider/openstack: OpenStack Mitaka Patches
This commit patches a few acceptance tests in order to get them to
pass under OpenStack Mitaka.

The devstack dev environment script has also been updated to reflect
OpenStack Mitaka as well as the new Terraform dependency vendoring.
2016-04-18 19:32:29 +00:00
Joe Topjian db3e731cf3 Merge pull request #6081 from jtopjian/openstack-token-auth
provider/openstack: Enable Token Authentication
2016-04-16 22:57:01 -06:00
Joe Topjian 9d10028d43 provider/openstack: Fix Access Address Detection
This commit fixes how access ip addresses are detected. The previous
logic used was flawed and would detect the IPs in the wrong order.
2016-04-17 04:38:49 +00:00
Kirill Shirinkin 5824036ca6 provider/openstack: Add value_specs for routers 2016-04-11 10:23:01 +02:00
Joe Topjian a8a3bd71df provider/openstack: Enable Token Authentication
This commit enables the ability to authenticate to OpenStack by way
of a Keystone Token. Tokens can provide a way to use Terraform and
OpenStack with an expiring, temporary credential. The token will need
to be generated out of band from Terraform.
2016-04-10 03:20:49 +00:00
Seth Vargo 68a2a2299e Use schema funcs for reading values from the env 2016-04-08 17:28:54 -04:00
Joe Topjian 28f98c3701 provider/openstack: Allow subnets with no gateway
This commit adds a no_gateway attribute. When set, the subnet will
not have a gateway. This is different than not specifying a
gateway_ip since that will cause a default gateway of .1 to be used.
This behavior mirrors the OpenStack Neutron command-line tool.

Fixes #6031
2016-04-08 03:12:49 +00:00
Joe Topjian 82c6afc5a7 Merge pull request #6052 from jtopjian/openstack-fix-disable-dhcp
provider/openstack: Fix Disabling DHCP on Subnets
2016-04-07 20:41:43 -06:00
Joe Topjian d15a0eb752 provider/openstack: Fix Disabling DHCP on Subnets
This commit fixes a bug where "false" was not correctly being passed to
the subnet creation and therefore enabling DHCP on all subnets.
2016-04-06 21:00:27 +00:00
Joe Topjian 23b953eea3 provider/openstack: Allow resizing when Flavor Name changes
Previously, resizing would only work if the flavor_id changed and
would create an error if the flavor_name changes. This commit fixes
this behavior.

It also quickly refactors the getFlavorID function to use
Gophercloud's IDFromName function. getFlavorID was the basis of
IDFromName so the exact same code is used.

Fixes #5780
2016-04-05 15:31:14 +00:00
Paul Frybarger d8c9e448d4 Fix create/delete statuses in load balancing resources for openstack provider. 2016-03-10 09:35:38 -06:00
Joe Topjian 65d96ef58a provider/openstack: Account for a 403 reply from os-tenant-networks 2016-03-02 21:17:59 +00:00
Joe Topjian 9332a1ddac provider/openstack: Add test for ICMP SecGroup rules with type zero
This is to just catch possible breakage in the future. The actual
support was done in Gophercloud.

Previously, values of 0 were not allowed since there's no such port
as 0. However, there are ICMP codes of 0.
2016-03-01 03:29:14 +00:00
Joe Topjian 7d6116d7c2 provider/openstack: Re-Add server.AccessIPv4 and server.AccessIPv6
GH-4812 removed reading server.AccessIPv4 and server.AccessIPv6
because, AFAICT, they are not set by Nova. After removal, a user
reported that they were no longer able to read IPs from access_ip_v4
and access_ip_v6 on Rackspace. It's possible that Rackspace sets
the AccessIPv* attributes, and if that's true, other cloud providers
might as well through custom extensions.

The priority of how access_ip_v* is set might require some tweaks in
the future.
2016-02-28 21:39:45 +00:00
Joe Topjian d82a4c9259 provider/openstack: Safely typecast network during instance update
This commit protects against unsafe typecasting when an instance is
updating its network configuration.
2016-02-28 19:02:53 +00:00
Joe Topjian 866e49455f provider/openstack: Add detaching as valid pending state
This commit allows "detaching" to be a valid pending state when
detaching a volume. Despite being obvious pending state, it also
helps in race situations when a volume is implicitly being detached
by Nova.
2016-02-27 23:48:52 +00:00
Joe Topjian e872c3d8ba provider/openstack: Instance Block Device cleanup
This commit fixes and cleans up instance block_device configuration.

Reverts #5354 in that `volume_size` is only required in certain
block_device configuration combinations. Therefore, the actual
attribute must be set to Optional and later checks done.

Doc upates, too.
2016-02-27 06:05:01 +00:00
Joe Topjian ed9e7de901 provider/openstack: multi ephemeral support
This commit adds the ability to create instances with multiple
ephemeral disks. The ephemeral disks will appear as local block
devices to the instance.
2016-02-27 04:56:27 +00:00
Joe Topjian cb9099e28a Merge pull request #5355 from jtopjian/openstack-domain-env-vars
provider/openstack: Add Support for Domain environment variables
2016-02-26 21:42:05 -07:00
Joe Topjian 8d00ee3836 provider/openstack: Add Support for Domain environment variables
This commit adds the ability to specify the Domain ID and Domain Name
by OS_DOMAIN_ID and OS_DOMAIN_NAME respectively.
2016-02-27 04:34:17 +00:00
Joe Topjian 41e6851c15 provider/openstack: Making Block Device Size Required
The `volume_size` of a `block_device` was originally set to Optional,
but it's a required parameter in the OpenStack/Nova API. While it's
possible to infer a default size of the block device, making it required
more closely matches the Nova CLI client as well as provides consistent
experience when working with multiple block_devices.
2016-02-27 04:13:26 +00:00
Joe Topjian a230213b33 Merge pull request #5106 from kars7e/master
Add optional cacert_file parameter to openstack provider
2016-02-18 20:26:44 -07:00
Trevor Pounds 79742fc367 Enable `go vet -composites` check and fix warnings. 2016-02-17 11:59:50 -08:00
Kirill Shirinkin 63016155ea Add distributed routers support 2016-02-12 19:55:27 +01:00
Karol Stepniewski 88fb724af8 Add optional cacert_file parameter to openstack provider
Official OpenStack clients support specifing custom CA certificate file
that should be used when communicating with OpenStack server. This patch
adds similar behavior to Terraform OpenStack provider, by:
- Using OS_CACERT environmental variable, if available
- Using cacert_file provider parameter, if configured
2016-02-11 22:56:11 -08:00
Trevor Pounds 0cd0ff0f8e Use built-in schema.HashString. 2016-02-07 16:29:34 -08:00
Joe Topjian 7ccaaa12be provider/openstack: Fix crash when access_network was not defined 2016-02-02 22:59:16 +00:00
Joe Topjian aefd22ed9b provider/openstack Fix LB Member Errors
Fixing Load Balancer Member errors caused by not rebasing with master
before committing.
2016-01-31 22:51:26 +00:00
Joe Topjian baeaee0103 Merge pull request #4359 from jtopjian/jtopjian-openstack-lb-member
provider/openstack: Load Balancing Member Resource
2016-01-31 15:40:15 -07:00
Joe Topjian 1ccd0491ff Merge pull request #4812 from jtopjian/openstack-per-network-floating-ip
provider/openstack: Per-network Floating IPs
2016-01-31 15:24:59 -07:00
Joe Topjian df660a26a1 provider/openstack: Per-network Floating IPs
This commit adds the ability to associate a Floating IP to a specific
network. Previously, there only existed a top-level floating IP
attribute which was automatically associated with either the first
defined network or the default network (when no network block was
used).

Now floating IPs can be associated with networks beyond the first
defined network as well as each network being able to have their own
floating IP.

Specifying the floating IP by using the top-level floating_ip
attribute and the per-network floating IP attribute is not possible.

Additionally, an `access_network` attribute has been added in order
to easily specify which network should be used for provisioning.
2016-01-31 22:17:51 +00:00
Joe Topjian b488541ee9 provider/openstack Add Acceptance Test for No Port IP 2016-01-31 22:04:06 +00:00
Yo Takezawa 17e6e5d118 provider/openstack Convert FixedIPS from struct to map for ResourceData 2016-01-29 14:23:03 +09:00
Yo Takezawa 0aff8e28a5 provider/openstack Changing the port resource to mark the ip_address as Optional 2016-01-27 17:36:29 +09:00
Ian Duffy 47ac10d66b Change resource.StateChangeConf to use an array for target states
Signed-off-by: Ian Duffy <ian@ianduffy.ie>
2016-01-21 01:20:41 +00:00
Joe Topjian 7b4e17708a Merge pull request #4623 from jtopjian/openstack-instance-personality
provider/openstack: Add Instance Personality
2016-01-12 22:04:14 -07:00
Joe Topjian 4a4f2ad9e5 provider/openstack: Add Instance Personality
This commit adds the "personality" attribute which is used to provision
destination files on the instance.
2016-01-11 03:53:30 +00:00
Joe Topjian f1b55de7c8 Merge pull request #4617 from ebsco/master
Fix to not put fixed_ip in request if not defined
2016-01-10 19:39:21 -07:00
Cliff Pracht 1de2fde147 Fix to not put fixed_ip in request if not defined 2016-01-07 09:55:43 -05:00
Joe Topjian 2503f0b01d provider/openstack: Ensure valid Security Group Rule attribute combination
This commit ensures that a valid combination of security group rule attributes
is set before creating the security group.
2015-12-30 18:44:56 +00:00
Joe Topjian 8d5a2d05a4 provider/openstack: Load Balancing Member Resource
This commit adds the openstack_lb_member_v1 resource. This resource models a
load balancing member which was previously coupled to the openstack_lb_pool_v1
resource.

By creating an actual member resource, load balancing members can now be
dynamically managed through terraform.
2015-12-17 07:29:58 +00:00
Joe Topjian 669ddbfc5c Merge pull request #4288 from jtopjian/jtopjian-openstack-bfv-set2list
provider/openstack: Convert block_device from TypeSet to TypeList
2015-12-16 23:05:00 -07:00
Joe Topjian 03a7926198 Merge pull request #4298 from jtopjian/jtopjian-openstack-devstack
provider/openstack: DevStack Deploy Script
2015-12-16 11:44:12 -07:00
Joe Topjian 1ff403347b provider/openstack: Fix set hash for security group test 2015-12-13 03:15:52 +00:00
Joe Topjian 7cbd18a88d provider/openstack: DevStack Deploy Script
This commit includes a script to deploy a standardized devstack environment
for use with development and testing.
2015-12-13 02:58:29 +00:00
Joe Topjian 4716451617 provider/openstack: Convert block_device from TypeSet to TypeList
This change better reflects how block devices are passed to the Nova API
and allows for future enablement of block_device features. It also resolves
an interpolation bug.
2015-12-12 22:18:23 +00:00
Joe Topjian 3dc45039d1 Merge pull request #4204 from jtopjian/jtopjian-openstack-deleting-volume
provider/openstack: Handle volumes in "deleting" state
2015-12-08 22:58:32 -07:00
Nic Grayson ef9838c796 increased openstack 10 minute timeouts to 30 minutes 2015-12-08 16:03:33 -06:00
Joe Topjian c3f6bbcece provider/openstack: Handle volumes in "deleting" state
This commit prevents Terraform from erroring when an attempt is made
to delete a volume already in a "deleting" state. This can happen when
the volume is the root disk of an instance and the instance was
terminated.
2015-12-08 06:33:06 +00:00
Joe Topjian f9dd42ddce provider/openstack: Add State Change support to LBaaS Resources
This commit adds State Change support to the LBaaS resources which should
help with clean terminations.

It also adds an acceptance tests that builds out a 2-node load balance
service.
2015-11-19 04:33:53 +00:00
Joe Topjian b4242e6f35 provider/openstack: Clean up some attributes in LBaaS VIP resource
This commit makes a few attributes computed so the generated information
is accessible after creation.

It also fixes the "persistence" attribute, which previously had a typo.

Finally, it converts "admin_state_up" to a Boolean to match the majority
of other attributes of the same name.
2015-11-14 21:16:23 +00:00
Radek Simko e7c88eab35 openstack: fix go vet error (bool modifier is %t) 2015-11-14 08:19:22 +00:00
Joe Topjian 19fc2193f4 Merge pull request #3904 from jtopjian/jtopjian-openstack-port-attr-cleanup
provider/openstack: Make Networking Port attributes more intuitive
2015-11-13 20:15:29 -07:00
Joe Topjian f2a5064538 Merge pull request #3857 from jtopjian/jtopjian-openstack-secgroup-rule-fix2
provider/openstack: Security Group Rule fixes
2015-11-13 20:13:46 -07:00
Joe Topjian edd8e722bf provider/openstack: Make Networking Port attributes more intuitive
This commit makes some quick updates to the port attributes to make them
more intuitive:

* `security_groups` to `security_group_ids`: since the port is expecting
IDs and not security group names like in other areas of OpenStack.

* `admin_state_up`: change to Boolean to match this same attribute on
other resources.

* `fixed_ips` to `fixed_ip`: while multiple `fixed_ip` blocks can be
specified, only one fixed IP can be specified in each block.
2015-11-13 04:46:12 +00:00
Joe Topjian 4d6e3289bc provider/openstack: adding test for router interface port 2015-11-13 04:04:05 +00:00
Kirill Shirinkin 3a1a242a7a provider/openstack: Allow port_id for router interface 2015-11-13 03:13:12 +00:00
Joe Topjian 3db7922b53 provider/openstack: Security Group Rule fixes
This commit fixes an issue with security group rules where the rules
were not being correctly computed due to a typo in the rule map.

Once rules were successfully computed, the rules then needed to be
converted into a Set so they can be correctly ordered.
2015-11-12 03:15:52 +00:00
Joe Topjian 29636dc51d provider/openstack: Revert Security Group Rule Fix
This commit reverts the patch from #3796.

It has been discovered that multiple rules are being reported out
of order when the configuration is applied multiple times. I feel
this is a larger issue than the bug this patch originally fixed,
so until I can resolve it, I am reverting the patch.
2015-11-09 17:31:40 +00:00
Joe Topjian 37d4316c13 Merge pull request #3801 from jtopjian/jtopjian-openstack-secgroup-computed
provider/openstack: Make Security Groups Computed
2015-11-07 12:31:15 -07:00
Joe Topjian 98a441314b provider/openstack: Make Security Groups Computed
This commit makes security groups in the openstack_compute_instance_v2
resource computed. This fixes issues where a security group is omitted
which causes the instance to have the "default" group applied. When
re-applying without this patch, an error will occur.
2015-11-07 04:01:50 +00:00
Joe Topjian 0e9397fc74 provider/openstack: Security Group Rules Fix
This commit fixes how security group rules are read by Terraform and
enables them to be correctly removed when the rule resource is
modified.
2015-11-06 21:52:30 +00:00
Joe Topjian 4c1083c9c5 provider/openstack: fix test formatting 2015-11-06 17:32:30 +00:00
Kirill Shirinkin d5e6929118 Fix tests 2015-11-06 11:10:44 +01:00
Kirill Shirinkin 3a63b48f97 provider/openstack: fixed_ips implementation for ports 2015-11-05 19:23:05 +01:00
Joe Topjian 312d371ce9 provider/openstack: Additions to the OpenStack Port resource
This commit adds further work to the OpenStack port resource:

* Makes relevant fields computed
* Adds state change functions
* Adds acceptance tests
* Adds Documentation
2015-11-03 06:07:32 +00:00
Jean Mertz 7d11b4b7e7 provider/openstack: openstack_networking_port_v2 resource 2015-11-03 05:35:05 +00:00
Joe Topjian cc54d9e0fd provider/openstack: State Changes for Networking Resources
This commit adds create and delete state change checks for the "core"
networking resources.
2015-11-03 05:12:22 +00:00
Joe Topjian 4a5cd0b415 provider/openstack: Fixing Image ID/Name areas
This commit cleans up areas that configure the image_id and image_name.

It enables the ability to not have to specify an image_id or image_name
when booting from a volume.

It also prevents Terraform from reporting an error when an image name is no
longer able to be resolved from an image ID. This usually happens when the
image has been deleted, but there are still running instances that were based
off of it.

The image_id and image_name parameters no longer immediately take a default
value from the OS_IMAGE_ID and OS_IMAGE_NAME environment variables. If no other
resolution of an image_id or image_name were found, then these variables will
be referenced. This further supports booting from a volume.

Finally, documentation was updated to take into account booting from a volume.
2015-10-31 22:45:34 +00:00
Joe Topjian 3d3f8122a9 provider/openstack: Volume Cleanup
This commit cleans up the volume and block device handling in the instance
resource. It also adds more acceptance tests to deal with different workflows
of attaching and detaching a volume through the instance's lifecycle.

No new functionality has been added.
2015-10-31 22:45:34 +00:00
Joe Topjian e75553fd9d provider/openstack: Fixes Boot From Volume
This commit fixes the previously broken "boot from volume" feature. It also
adds an acceptance test to ensure the feature continues to work.

The "delete_on_termination" option was also added.
2015-10-31 22:45:28 +00:00
Joe Topjian cc2b3677e6 Merge pull request #3091 from berendt/openstack_subnet_ip_default
provider/openstack: use '4' as default for ip_version of subnet
2015-10-31 22:15:48 +09:00
Joe Topjian 776f15f0f3 provider/openstack: added acceptance test to test security group order 2015-10-30 22:31:41 +00:00
Joe Topjian beab5619e2 Merge pull request #3651 from Sheile/ignore-sg-order
provider/openstack: Ignore order of security_groups in instance
2015-10-30 22:35:06 +09:00
Joe Topjian c4c480bb92 provider/openstack: Safe SecGroup Delete
This commit enables security groups to be deleted in a safe way by
checking their state over a period of time.

This fixes occurrences when the API says the instance is deleted but
it is still in the process of being deleted by OpenStack and thus the
security group returns an error saying that there are still instances
attached to the group.
2015-10-30 13:03:26 +00:00
Joe Topjian fd8dba4827 provider/openstack: add state 'creating' to blockstorage_volume_v1
This commit adds the "creating" status to the Pending phases of creating a
block storage device.

Closes #3224
2015-10-29 19:01:24 -05:00
Paul Hinze fe2bf2d473 Merge pull request #3440 from ggiamarchi/openstack/idempotency
Fix OpenStack provider idempotency bugs
2015-10-29 18:57:02 -05:00
Yo Takezawa 59828deb0f provider/openstack: Use security_groups as native set when update 2015-10-28 10:12:05 +09:00
Yo Takezawa d2cf45a057 provider/openstack: Ignore order of security_groups in instance 2015-10-27 15:57:28 +09:00
Panagiotis Moustafellos e4845f75cc removed extra parentheses 2015-10-08 15:48:04 +03:00
Guillaume Giamarchi e453decec8 Fix OpenStack provider idempotency bugs 2015-10-07 22:39:12 +02:00
Radek Simko f9efede852 gofmt files from recently merged PRs 2015-10-07 13:35:06 -07:00
Paul Hinze 5b4bbf08d0 Merge pull request #1788 from JeanMertz/openstack-floatingip-port
OpenStack: add functionality to attach FloatingIP to Port
2015-10-05 14:30:26 -05:00
Paul Hinze 50b8161da1 Merge pull request #2008 from dupuy/secgrp-delta-remove-then-add
remove security groups (by name) before adding security groups (by id)
2015-09-24 14:14:48 -05:00
Anthony Scalisi 198e1a5186 remove various typos 2015-09-11 11:56:20 -07:00
Christian Berendt 3af3ce4242 provider/openstack: use '4' as default for ip_version of subnet 2015-08-27 18:27:14 +02:00
Christian Berendt b38f0e2f67 provider/openstack: add state 'downloading' to resource 'blockstorage_volume_v1'
When using an image as the source of new volume the state 'downloading'
prior to the state 'available' is fine.

It is also fine to destroy a volume in the state 'downloading'.

Closes-bug: #2865
Co-Authored-By: Joe Topjian <joe@topjian.net>
2015-08-24 08:21:35 +02:00
Joe Topjian 5251193f87 Allow empty api_key and endpoint_type
These two provider options are optional though if they are not set,
the user will be prompted to enter values.

By changing them to use the envDefaultFuncAllowMissing, the values
are still passed in the environment if they are set and safely
discarded if they are not.
2015-07-06 03:14:13 +00:00
Mitchell Hashimoto ebc33d874a providers/openstack: fix vet issue 2015-06-24 23:16:06 -07:00
Mitchell Hashimoto ede6af8763 Merge pull request #1921 from jtopjian/openstack-servergroup-schedulerhints
provider/openstack: scheduler_hints and servergroups
2015-06-24 23:13:25 -07:00
Mitchell Hashimoto d1d2a90158 Revert "provider/openstack: change security groups to set"
This reverts commit 646fd76e07.
2015-06-24 23:10:30 -07:00
Mitchell Hashimoto 38151229b1 Merge pull request #2285 from cvvs/b_provider_openstack_router_adminbool
provider/openstack: change router resource admin_state_up from string to bool
2015-06-24 23:09:14 -07:00