Eugene Nikanorov [Tue, 24 Dec 2013 11:08:22 +0000 (15:08 +0400)]
Fix race in get_network(s) in OVS plugin
Load network bindings eagerly with networks.
Otherwise a different db query could try to fetch network bindings
for already deleted networks. The issue is reproducible with
concurrent tempest network API tests.
nicira: fix db integrity error during port deletion
Due to the fact that plugin port operations are not
transactional (as they involve non synchronized DB
and Controller operations), concurrent (interleaved)
port requests may accidentally cause the insertion
of the mapping entry (neutron-port-id, nvp-port-id)
more than once. In case this occurs, it's safe to
expect the failure and continue the normal process
of the operation being requested.
Kevin Benton [Thu, 19 Dec 2013 03:52:20 +0000 (03:52 +0000)]
BigSwitch: Fixes floating IP backend updates
Changes BigSwitch plugin to correctly use
admin context on floating IP updates to the
backend controller so they correctly contain
floating IPs for all tenants.
Maru Newby [Tue, 10 Dec 2013 16:10:42 +0000 (16:10 +0000)]
Send DHCP notifications regardless of agent status
The Neutron service, when under load, may not be able to process
agent heartbeats in a timely fashion. This can result in
agents being erroneously considered inactive. Previously, DHCP
notifications for which active agents could not be found were
silently dropped. This change ensures that notifications for
a given network are sent to agents even if those agents do not
appear to be active.
Additionally, if no enabled dhcp agents can be found for a given
network, an error will be logged. Raising an exception might be
preferable, but has such a large testing impact that it will be
submitted as a separate patch if deemed necessary.
Previous default for eswitch/daemon_endpoint would set a TCP port (5001)
which is in the range of the well known ports.
Change to unreserved port (60001) will avoid that conflict.
Dave Cahill [Tue, 17 Dec 2013 05:52:48 +0000 (05:52 +0000)]
Midonet plugin: Fix source NAT
Source NAT rule was being applied on the incorrect port.
It was being applied to the Neutron gateway port, not to
the MidoNet tenant / provider router link port.
This is a feature patch (2 of 3) that adds support for
Metadata services provided by the NSX (aka NVP) platform.
It also implements the handling of port events so that
dhcp and metadata configuration in NSX/NVP is updated
if port attributes such as fixed_ips and device_id are
updated.
Aaron Rosen [Fri, 13 Dec 2013 01:02:06 +0000 (17:02 -0800)]
Nicira: Fix core_plugin path and update default values in README
The following patch fixes the core_plugin path in the README file
which broke during the rename of quantum to neutron here ee3fe4e8.
This patch also updates a few of the default values and removes
the promise of adding support for multiple control clusters.
This patch adds the logical switch identifier in the model class
for describing mappings between neutron and nsx switch ports.
This will allow for a better handling of the chained logical switch
use case.
This patch also moves the routines for retrieving nsx identifiers
in a separate module in preparation for the introduction of async
operations and renames relevant model classes, attributes, and
functions from 'nvp' to 'nsx'.
Related to blueprint nvp-async-backend-communication
Related to blueprint nicira-plugin-renaming
dekehn [Tue, 3 Dec 2013 22:28:55 +0000 (15:28 -0700)]
extra_dhcp_opt add checks for empty strings
When passing extra-dhcp-opt into the port-create where an empty string
is provided as opt_value=' ', the create and update routine will load the
empty string into the DB. The result when written to the opts file is:
"tag:ece4c8aa-15c9-4f6b-8c42-7d4e285734bf,option:server-ip-address", which
when read by dnsmasq has been tested to cause dnsmasq to segment fault.
NVP plugin: Do backend router delete out from db transaction
Performing the NVP API operation from within a DB transaction
increases the risk of a deadlock between sqlalchemy and eventlet.
With this patch, the operation is moved outside of the db transaction
and appropriate mechanism are put in place for:
i) ensuring neutron db consistency in case of NVP failures
ii) avoiding deleting from backend if neutron logic does not allow it
This patch also synchronizes the routine for removing a router
gateway port from NVP.
NVP plugin: Avoid timeouts if creating routers in parallel
There is a well-known issue of eventlet causing deadlocks with
mysql transactions; such condition might occur when
creating NVP routers in parallel.
To avoid this, this patch moves the long-running method
_update_router_gw_info outside of the mysql transaction, adding
the appropriate failure management code, and adds a lock to the
method _nvp_create_ext_gw_port, to ensure serial access to it.
Unit tests for verifying correct behaviour in case of failures
are added as well.
Sushil Kumar [Mon, 9 Dec 2013 14:02:49 +0000 (14:02 +0000)]
Updates tox.ini to use new features
tox 1.6 allows us to skip the sdist step, which is slow. This does that.
It also allows us to override the install line. In this case, it's
important as it allows us to stop getting pre-release software we
weren't asking for.
Original patch by Monty Taylor, talked about here:
http://lists.openstack.org/pipermail/openstack-dev/2013-September/015495.html
Aaron Rosen [Mon, 7 Oct 2013 22:34:38 +0000 (15:34 -0700)]
Add X-Tenant-ID to metadata request
Previously, one could update a port's device_id to be that of
another tenant's instance_id and then be able to retrieve that
instance's metadata. In order to prevent this X-Tenant-ID is now
passed in the metadata request to nova and nova then checks that
X-Tenant-ID also matches the tenant_id for the instance against it's
database to ensure it's not being spoofed.
DocImpact - When upgrading OpenStack nova and neturon, neutron
should be updated first (and neutron-metadata-agent
restarted before nova is upgraded) in order to minimize
downtime. This is because there is also a patch to nova
which has checks X-Tenant-ID against it's database
therefore neutron-metadata-agent needs to pass that
before nova is upgraded for metadata to work.
Do not trigger agent notification if bindings do not change
The method _process_port_bindings for the ml2 plugin should not
return True when the host binding does not change, otherwise an
unnecessary notification will be sent to the agent
Yong Sheng Gong [Mon, 9 Dec 2013 13:01:17 +0000 (21:01 +0800)]
move rpc_setup to the last step of __init__
rpc setup should be the last stuff in agent initialization
so that the rcp message handler(the agent instance itself)
can have a fully initialized agent instance.
Morgan Fainberg [Tue, 10 Dec 2013 22:03:12 +0000 (14:03 -0800)]
Sync global requirements to pin sphinx to sphinx>=1.1.2,<1.2
Sync the global requirements to pin sphinx. This addresses an issue
where Sphinx 1.2 is not building documents correctly and causing
check/gate to fail.
This patch removes new definitions of common network type constants (TYPE_FLAT,
TYPE_LOCAL, etc.) and modifies uses of aforementioned constants to a common
place where constants are defined (neutron.plugins.common.constants). This
patch does not change values that are equal in value but different in name:
NETWORK_TYPE_FLAT vs TYPE_FLAT. A second changeset will be made to handle that
case.
Unit tests were modified as well when they referred to the constant.
Finally, the ovs agent code refers to the OVS plugin constants directly and
these had to be changed as well. A TODO flag was put in that file due to use
of another plugin specific constant.
Network types that were only defined in a single plugin, such as mellanox's
infiniband (IB) network type was not carried over to the common constants file.
Oleg Bondarev [Tue, 6 Aug 2013 08:52:34 +0000 (12:52 +0400)]
LBaaS: unify haproxy-on-host plugin driver and agent
Unifies haproxy reference implementation to make common agent based plugin driver
which is suitable for all vendors who wants to use async mechanism.
- Agent API as well as device driver API changed to handle
loadbalancer objects individually;
- Agent loads device drivers according to config;
- LogicalDeviceCache class was removed from agent as it was used only
as a list - to put and remove entries ant check whether entry is in or not.
It was replaced with instance_mapping dict in agent to store known instances and
corresponding device_drivers;
- Agent reports which device drivers are supported (needs for scheduling on plugin side);
- Agent-to-plugin API was extended to provide an ability for agent to update
statuses of pools/vips/members/health_monitors;
- Vendor should only implement device driver; plugin driver just needs
to inherit AgentBasedPluginDriver and override device_driver member;
- This patch doesn't move files to make review easier;
all rename/replace will be done in a subsequent patch;
DocImpact
NOTE: Since the change in the agent RPC API is backward-incompatible
(major RPC version change), LBaaS server-agent communications will be
completely broken until both sides are upgraded so users will be unable to
create new or update existing HAProxy loadbalancer instances during upgrade
Maru Newby [Sat, 26 Oct 2013 11:42:09 +0000 (11:42 +0000)]
Add post-mortem debug option for tests
Post-mortem debugging, the ability to drop into a debugger with the
execution state that triggered the exception, is very useful in
diagnosing failure conditions. Our previous test runner, nose,
provided the ability to enable post-mortem debugging on test
failures (via --pdb-failure) and errors (via --pdb). testr
lacks these options at present, so this change adds support
for enabling post-mortem debugging via an environment variable.
All test-triggered exceptions will result in a post-mortem debugger
being invoked if OS_POST_MORTEM_DEBUG is set to "1" or "True".
Akihiro Motoki [Mon, 9 Dec 2013 17:07:54 +0000 (02:07 +0900)]
Remove root_helper config from plugin ini
As root_helper is defined in neutron.conf, root_helper in plugin ini
is unnecessary and brings confusion when configuring the parameter.
This patch updates plugin ini of NEC plugin and Brocade plugin.
Roman Podoliaka [Wed, 27 Nov 2013 16:57:56 +0000 (18:57 +0200)]
Fix a race condition in agents status update code
Code handling agents status updates coming via RPC checks,
if a corresponding entry for the given (agent_type, host)
pair already exists in DB and updates it. And if it doesn't
exist, a new entry is created.
Without a unique constraint this can cause a race condition
resulting in adding of two agent entries having the same value
of (agent_type, host) pair.
Note, that it's already not allowed to have multiple agents of
the same type having the same host value, but currently it's
enforced only at code level, not at DB schema level, which
effectively makes race conditions possible.
Sylvain Afchain [Tue, 26 Nov 2013 21:24:33 +0000 (22:24 +0100)]
Add LeastRouters Scheduler to Neutron L3 Agent
Allow scheduling of a virtual router on an L3 Agent node with the least
number of routers currently scheduled. This scheduler can be used
instead of the default random scheduler.
Also refactor the l3_agent_scheduler to allow for adding new schedulers.
Aaron Rosen [Fri, 6 Dec 2013 19:12:33 +0000 (11:12 -0800)]
Remove dead code _arp_spoofing_rule()
This code should have been removed when the allowed_address_pair
extension was added here (0efce6195fa7be80e110bd841dc9b3537a94c376).
The arp spoofing rules are handled in the method _setup_spoof_filter_chain().
Reported by: Amir Sadoughi that this was crud I left behind :)
Code Review / openstack-build / neutron-build.git / log