gophercloud/gophercloud no longer supports the APIKey authentication
attribute. Removal of this attribute may impact users who were using
the Terraform OpenStack provider in with vendor-modified clouds.
This commit is changing the `volumes` block from being computed to non-computed.
This change makes the Terraform configuration the source of truth about volumes
attached to the instance and therefore is able to correctly detect when a user
detaches a volume during an update.
One thing to be aware of is that if a user attached a volume out of band of an
instance controlled by Terraform, that volume will be detached upon the next
apply. The best thing to do is add a `volume` entry in the instance's
configuration of any volumes that were attached out of band.
This commit also explicitly detaches volumes from an instance before the
instance terminates. Most Block Storage volume drivers account for this
scenario internally, but there are a few that don't. This change is to support
those that don't.
In addition, when volumes are read by the instance, volumes configured in the
Terraform configuration are the source of truth. Previously, a call was being
made to OpenStack to provide the list of attached volumes.
It also adds a few new tests and fixes existing tests for various volume
attach-related scenarios.
When applying or removing 2+ security groups from an instance, an EOF
error will be triggered even though the action was successful. This
patch accounts for and ignores the EOF error. It also adds a test
case.
Security Group and Port documentation are also updated in this
commit.
This commit marks the "member" attribute of the
openstack_lb_pool_v1 resource as being deprecated. Users should begin
migrating to the openstack_lb_member_v1 resource.
This commit cleans up the acceptance test formatting for the lbaas v2
resources. It also modifies the devstack script to enable the lbaas
v2 service for testing. Finally, this commit increases the timeout
for load balancer creation since it takes some time to do within
devstack.
This commit ensures that all monitors have been disassociated from
the load balancing pool before the pool is deleted.
A test has been added to ensure that a full load balancing stack is
capable of handling an update to an instance, causing some components
to be rebuilt.
This commit adds the newly required OS_EXT_GW environment variable to
the devstack acceptance environment build suite. It also fixes some
space formatting in a test.
Allow a cloud admin to target a specific tenant in which to allocate
a floating IP. This is useful when the cloud admin does not want to
delegate network privileges to the tenants or various Q&A scenarios.
The openstack_networking_subnet_v2 resource was originally designed
to have DHCP disabled by default; however, a bug in the original
implementation caused DHCP to always be enabled and never be
disabled. This bug was fixed in #6052.
Recent discussions have shown that users prefer if DHCP is enabled
by default. This commit implements makes the change.
this implements two new resource types:
* openstack_networking_secgroup_v2 - create a neutron security group
* openstack_networking_secgroup_rule_v2 - create a newutron security
group rule
Unlike their nova counterparts the neutron security groups allow a user
to specify the target tenant_id allowing a cloud admin to create per
tenant resources.
Official OpenStack clients commonly support specifing a client
certificate/key to enable SSL client authentication when communicating
with OpenStack services. This patch enables such feature in Terraform
with new parameters and environment variables:
* 'cert' provider parameter or OS_CERT env variable to specify client
certificate file,
* 'key' provider parameter or OS_KEY env variable to specify client
certificate private key file.
This commit patches a few acceptance tests in order to get them to
pass under OpenStack Mitaka.
The devstack dev environment script has also been updated to reflect
OpenStack Mitaka as well as the new Terraform dependency vendoring.
This commit enables the ability to authenticate to OpenStack by way
of a Keystone Token. Tokens can provide a way to use Terraform and
OpenStack with an expiring, temporary credential. The token will need
to be generated out of band from Terraform.
This commit adds a no_gateway attribute. When set, the subnet will
not have a gateway. This is different than not specifying a
gateway_ip since that will cause a default gateway of .1 to be used.
This behavior mirrors the OpenStack Neutron command-line tool.
Fixes#6031
Previously, resizing would only work if the flavor_id changed and
would create an error if the flavor_name changes. This commit fixes
this behavior.
It also quickly refactors the getFlavorID function to use
Gophercloud's IDFromName function. getFlavorID was the basis of
IDFromName so the exact same code is used.
Fixes#5780
This is to just catch possible breakage in the future. The actual
support was done in Gophercloud.
Previously, values of 0 were not allowed since there's no such port
as 0. However, there are ICMP codes of 0.
GH-4812 removed reading server.AccessIPv4 and server.AccessIPv6
because, AFAICT, they are not set by Nova. After removal, a user
reported that they were no longer able to read IPs from access_ip_v4
and access_ip_v6 on Rackspace. It's possible that Rackspace sets
the AccessIPv* attributes, and if that's true, other cloud providers
might as well through custom extensions.
The priority of how access_ip_v* is set might require some tweaks in
the future.