This patch does a simple fix to the quota DB driver in order
to ensure its compatibility with python3 and adds the quota
enforcement unit tests to the list of those executed as a part
of the py34 test environment.
Add the concept of resource reservation in neutron.
Usage tracking logic is also updated to support reservations.
Reservations are not however available with the now deprecated
configuration-based quota driver.
The base API controller will now use reservations to perform
quota checks rather than counting resource usage and then
invoking the limit_check routine.
The limit_check routine however has not been removed and
depreacated as a part of this patch. In order to ensure all
quota drivers expose a consistent interface, a
make_reservation method has been added to the configuration
based driver as well. This method simply performs "old-style"
limit checks by counting resource usage and then invoking
limit_check.
This merge commit introduces QoS feature into Liberty release of
Neutron.
The feature is documented in: doc/source/devref/quality_of_service.rst
included with the merge patch.
It includes:
- QoS API service plugin with QoS policy and QoS bandwidth limit
(egress) rule support;
- core plugin mechanism to determine supported rule types, with its ML2
implementation;
- new agent extension manager;
- QoS agent extension with pluggable backend QoS drivers (Open vSwitch
and SR-IOV support is included).
To extend network and port core resources with qos_policy_id attribute,
a new ML2 extension driver (qos) was introduced that relies on the QoS
core resource extension (the idea is that eventually we'll get a core
resource extension manager that can be directly reused by core plugins).
Agent-server interaction is based on:
- get_device_details() method that is extended with qos_policy_id;
- a new push/pull mechanism that allows agents and servers to
communicate using oslo.versionedobjects based objects sent on the
wire.
The merge includes the following types of test coverage:
- unit tests;
- functional tests for OVS agent, QoS agent extension, and low level
ovs_lib changes;
- API tests to cover port/network qos_policy_id attribute and new QoS
resources.
This merge also disables qos extension API tests until the service is
enabled in master gate.
Local changes apart from conflicts:
- updated down_revision for qos migration to reflect master expand head;
- disabled qos API tests with gate_hook.sh until we have it enabled in
master gate;
- bumped oslo.versionedobjects requirement to reflect what is in
openstack/requirements' global-requirements.txt
Kyle Mestery [Thu, 13 Aug 2015 16:33:18 +0000 (16:33 +0000)]
lieutenants: Add Neutron infra lieutenants
It's become clear we need to have a centralized contact point
(or points) for Neutron interactions with infra. Lets start out
by making that Doug and Armando for now. Note this list is
alphabetized by last name for those curious on the ordering.
Isaku Yamahata [Tue, 21 Oct 2014 02:30:32 +0000 (11:30 +0900)]
Replace internal calls of create_{network, subnet, port}
When API controller calls method create_{network, subnet, port),
it made sure that the necessary default values for attrs are filled properly
according to attr mapping.
However, internal calls to these methods do not follow the convention,
when extension codes miss these values, exceptions will be thrown.
This patch introduces helper functions to fix up arguments and replaces
the direct callers of those methods.
Co-Authored-By: gong yong sheng <gong.yongsheng@99cloud.net> Co-Authored-By: yalei wang <yalei.wang@intel.com>
Change-Id: Ibc6ff897a1a00665a403981a218100a698eb1c33
Closes-Bug: #1383546
This patch is clean up to prevent future breakage by eliminating
potentially dangerous code.
l3_db and related code use L2 plugin _get_subnet and related method
unnecessarily instead of get_subnet.
It's dangerous because _get_subnet returns ORM db object which allows
the caller to update db rows directly. So the caller of _get_subnet
may update subnet db without notifying L2 plugin unintentionally.
In that case, L2 plugin or ML2 mechanism driver will be confused.
This patch replaces _get_subnet and _get_subnets_by_network with
get_subnet, get_subnets_by_network where possible.
This patch is clean up to prevent future breakage by eliminating
potentially dangerous code.
l3_db uses L2 plugin _get_port method unnecessarily instead of get_port.
It's dangerous because _get_port returns ORM db object which allows
the caller to update db rows directly. So the caller of _get_port may
update port db without notifying L2 plugin unintentionally.
In that case, L2 plugin or ML2 mechanism driver will be confused.
This patch replace _get_port with get_port method where possible.
Kevin Benton [Thu, 13 Aug 2015 23:58:02 +0000 (16:58 -0700)]
Break down _bind_port_if_needed in ML2
Separate the looping and retry logic in _bind_port_if_needed
from the actual binding attempts. This also eliminates the
'while True' loop with a regular for loop counter to make it
a little easier to reason about.
A suggestion to do this came up in a code review for
I437290affd8eb87177d0626bf7935a165859cbdd because the function
was difficult to reason about.
Brian Haley [Thu, 13 Aug 2015 20:57:59 +0000 (16:57 -0400)]
Remove 'action' argument from _handle_fip_nat_rules()
There's only one caller of _handle_fip_nat_rules(), and they
always specify 'add_rules' as the argument, so it's not
necessary any more. Also, the interface passed must be valid
since the caller has already used it, and would have thrown
an exception before this call was made. Found during another
code review.
Guard against potential down_revision interleave by checking that each
revision has the only revision that corresponds to its location in the
migration tree, and that its parent also has that same single label.
John Schwarz [Wed, 12 Aug 2015 10:39:28 +0000 (13:39 +0300)]
Add configurable options for HA networks
The L3 HA mechanism creates a project network for HA (VRRP) traffic
among routers. The HA project network uses the first (default) network
type in 'tenant_network_types'. Depending on the environment, this
combination may not provide a desirable path for HA traffic. For
example, some operators may prefer to use a specific network for HA
traffic to prevent split-brain issues.
This patch adds configurable options that target the network_type and
the physical_network of the created HA network.
Henry Gessau [Sun, 5 Jul 2015 07:29:38 +0000 (03:29 -0400)]
Support for independent alembic branches in sub-projects
Sub-projects shall now register their independent alembic migrations
via entrypoints in setup.cfg, and neutron-db-manage will discover them
and run them automatically.
If a service or sub-project is specified explicitly, then
neutron-db-manage will run on only that service or sub-project.
The advanced services project are just special cases of sub-projects.
For example, specifying the CLI option '--service lbaas' is the same
as specifying '--subproject neutron-lbaas'.
Specifying no service or sub-project will cause neutron-db-manage to
run the command on neutron and all installed sub-projects.
Added and consolidated documentation into devref for alembic migrations.
Kanzhe Jiang [Thu, 13 Aug 2015 03:36:54 +0000 (20:36 -0700)]
Remove bigswitch mech_driver entry point definition
After vendor driver split, the entry point for bigswitch ml2
mechanism_driver is no longer valid. The new entry point is defined in
the networking-bigswitch stackforge repo.
Adolfo Duarte [Fri, 19 Jun 2015 02:50:13 +0000 (19:50 -0700)]
Preserve DVR FIP rule priority over Agent restarts
IP rule priorities assigned to DVR floating IPs need
to be preserved over L3 agent restarts. Reuse
the ItemAllocator class decomposed from Link Local IP
address allocation. Also move commn unit tests to
ItemAllocator class.
Improve callback registry devref documentation and usability
Latest developments have revealed that the registry can be misused
under certain circumstances, and that it can be harder to use by
projects that extend Neutron.
This patch improves the devref documentation so that developers know
what to expect.
John Davidge [Fri, 7 Aug 2015 15:27:47 +0000 (16:27 +0100)]
Fix update_subnet for prefix delegation
A misnamed function call and execution order issue was causing
update_subnet to fail when a PD enabled subnet received a new CIDR.
This patch fixes the issues, and introduces an rpc api test to
ensure the function works. This includes altering the process_prefix_update
RPC handler to expose the issue to the test.
Fix DVR interface delete by port when gateway is set
When removing a DVR interface by port, the subnet_id
passed to delete_csnat_router_interface_ports is None,
and so it deletes all the DVR SNAT ports for the
router.
This patch fixes this issue by passing in the right
subnet_id to the delete_csnat_router_interface_ports.
shihanzhang [Tue, 9 Jun 2015 09:47:39 +0000 (17:47 +0800)]
Destroy ipset when the corresponding rule is removed
if a security group has a rule which allow a remote group access,
but this remote group has no IPv4 and IPv6 members, L2 agent
should not clear the remote group in internal cache of sg_members,
because when above rule is deleted, L2 agent can get the remote group
id from the diff of pre_sg_members-sg_members, then destroy the ipset
set for remote group.
John Schwarz [Mon, 3 Aug 2015 15:55:31 +0000 (18:55 +0300)]
Forbid attaching rules if policy isn't accessible
Following up patch If06de416dfe0eb7115fd4be9feb461fae8e8358d, this patch
continues to make sure all access to QoS policies are attempted safely -
if the policy doesn't exist or it's not accessible (for tenant_id
reasons), then an exception will be raised instead.
Miguel Angel Ajo [Tue, 11 Aug 2015 11:51:16 +0000 (13:51 +0200)]
Fix the low level OVS driver to really do egress
It seems that the Queue + QoS + linux-htb implementation was really
limiting ingress by default. So this patch switches the implementation
to the ovs ingress_policing_rate and ingress_policing_burst parameters
of the Interface table.
Later in time we may want to revise this, to make TC & queueing possible,
but this is good enough for egress limiting.
Also, removed the _update_bandwidth_limit del+set on OvS QoS driver for
the bandwidth limit rule update, since that's not needed anymore.
Moshe Levi [Fri, 7 Aug 2015 14:35:48 +0000 (17:35 +0300)]
SR-IOV: Add Agent QoS driver to support bandwidth limit
This patch adds SR-IOV agent driver which uses eswitch manager to set VF
rate limit. It also updates the agent to call port_delete api of the
extension manager to cleanup when port is deleted.
Yalei Wang [Wed, 5 Aug 2015 17:03:20 +0000 (01:03 +0800)]
Pass the extension driver exception to plugin
The extension driver is intercepted by driver manager currently. It will
cover the errors/exceptions happened in extension drivers. The extension
process will continue even if preceding extension driver get a wrong/useless
extended result, or even no result.
This patch make process_[create|update]_<resource>() and
extend_<resource>_dict() methods return the exception, and log it with proper
level respectively, and also include a minor optimization for the
extend_<resource>_dict() methods.
Miguel Angel Ajo [Tue, 11 Aug 2015 14:47:23 +0000 (16:47 +0200)]
Update documentation acording to last QoS/OvS changes
Change Ie802a235ae19bf679ba638563ac7377337448f2a introduces
a few changes to the low level ovs implementation of QoS,
this patch updates documentation.
Assaf Muller [Tue, 11 Aug 2015 18:20:07 +0000 (14:20 -0400)]
Clean up test_dvr_router_rem_fips_on_restarted_agent
* self._add_fip wasn't actually doing anything useful, it just
throws off the reader by making him/her think that line is
important when it isn't.
* Added an assertion that checks that the FIP namespace exists
before the reconfiguration of the router.
Code Review / openstack-build / neutron-build.git / log