Sripriya [Thu, 21 May 2015 00:24:16 +0000 (17:24 -0700)]
Fix minor errors in the Vyatta L3 Plugin:
update management_network to management_network_id in vrouter.ini
Fix copyright header to refer to Brocade in vrouter_neutron_plugin.py
Fix neutron.service_plugins brocade_vyatta_l3 entry in setup.cfg
Ihar Hrachyshka [Wed, 20 May 2015 21:17:19 +0000 (23:17 +0200)]
Remove middleware oslo-incubator module
The module was used during Kilo cycle to provide backwards compatibility
for users that upgrade to the release without updating their
api-paste.ini. We have issued the deprecation warning for a cycle now,
so we should be ok to just drop the compatibility layer.
Note that the change may require a notion in release notes to make sure
everyone is notified, even if they don't look through their logs.
Kevin Benton [Sat, 16 May 2015 02:44:16 +0000 (19:44 -0700)]
Match order of iptables arguments to iptables-save
The way we were forming our iptables rules was not matching
the output of iptables-save. This caused the logic that preserves
counters to miss many of the rules.
This patch corrects the order for the comments and the allowed address
pairs to match the output order of iptables-save.
Gary Kotton [Fri, 15 May 2015 15:12:54 +0000 (08:12 -0700)]
VMware NSXV: update configuration file
Update the configuration file to show the variables for configuring
the Edge username and password. This is very useful for administrators
when they wish to debug issues.
The function `xrange` was renamed to `range` in Python 3.
* Remove `xrange` occurences so that Python 3 tests can pass. Use
`six.moves.range` instead to get the right function in both cases.
* Generalize the use of the efficient `range` (ex-`xrange`) in
critical sections (when iterating over large lists).
* Simplify code.
* Add a hacking check to prevent future usage of `xrange`.
Assaf Muller [Fri, 15 May 2015 21:58:13 +0000 (17:58 -0400)]
Optimize IptablesManager._find_last_entry
As it turns out calling .strip() thousands of times can be expensive.
I'll defer to security groups and iptables experts to try and find ways
to call the method less often, cache the results, or any other clever
trick.
Moving strip to the return statement speeds up the method by more than
x2.
Take Daemon stdin/stdout/stderr args as file objects
Previously Daemon constructor took stdin/stdout/stderr as
paths (defaulting to '/dev/null') and opened them as regular files.
This greatly limits the type of filehandles supported (no pipes, for
example), and doesn't allow simple things like reusing existing fds.
This change switches to accepting file objects rather than strings,
and uses a sentinal value to represent the previous "open /dev/null"
default behaviour.
Jeremy Stanley [Thu, 14 May 2015 21:38:20 +0000 (21:38 +0000)]
Replace ci.o.o links with docs.o.o/infra
The http://ci.openstack.org/ documentation site has been deprecated,
replaced by redirects to corresponding paths within
http://docs.openstack.org/infra/ where other Project Infrastructure
documentation already resides.
Jakub Libosvar [Tue, 5 May 2015 12:32:21 +0000 (14:32 +0200)]
Refactor initialize() of sriov mech driver
This patch rewrites checking correctness of supported_pci_vendor_devs
config value from C-style to Python-style. Patch also adds some tests
for wrong values passed.
Oleg Bondarev [Thu, 14 May 2015 12:03:54 +0000 (15:03 +0300)]
Don't pass namespace name in disable_isolated_metadata_proxy
It's not always possible/convenient to get namespace name
when need to disable some process (like metadata process for stale
router, see related bug). Since namespace name is not required
for process manager to disable process we can remove this parameter
from disable_isolated_metadata_proxy()
Moshe Levi [Wed, 22 Apr 2015 11:17:28 +0000 (14:17 +0300)]
Add client id option support to dhcp agent
According to the dnsmasq man client id option should be
written to dhcp-hostsfile and not to the dhcp-optsfile.
Also this patch update the dhcp_release command to take
into account the client id when releasing old leases.
ankitagrawal [Thu, 14 May 2015 09:06:39 +0000 (02:06 -0700)]
Remove use of contextlib.nested
Removed use of contextlib.nested call from codebase, as it has been
deprecated since Python 2.7.
There are also known issues with contextlib.nested that were addressed
by the native support for multiple "with" variables. For instance, if
the first object is created but the second one throws an exception,
the first object's __exit__ is never called. For more information see
https://docs.python.org/2/library/contextlib.html#contextlib.nested
contextlib.nested is also not compatible with Python 3.
Multi-patch set for easier chunks. This one addresses the
neutron/tests/unit/agent/test_securitygroups_rpc.py tests.
Line continuation markers (e.g. '\') had to be used or syntax
errors were thrown. While using parentheses is the preferred way
for multiple line statements, but in case of long with statements
backslashes are acceptable.
Ryan Tidwell [Mon, 4 May 2015 22:56:41 +0000 (15:56 -0700)]
Block subnet create when a network hosts subnets allocated from different pools
This change will ensure that all subnets with the same ip_version on a given
network have been allocated from the same subnet pool or no pool. This
provides cleaner subnet overlap detection.
Henry Gessau [Tue, 31 Mar 2015 14:54:51 +0000 (10:54 -0400)]
Allow unit tests to be run independently
Add various initializations and imports so that unit tests can be run
independently.
This change fixes the following test cases which could not be run
independently, that is running any individual unit test case by going
in to the py27 venv and running
"unit2 neutron.tests.unit.module.Class.test_case":
DietTestCase catches SystemExit while running tests, interprets it as a
test failure, and then carry on with the next test (without exiting).
This greatly upsets forked child python processes, which may call exit()
legitimately, and expect that to result in process exit.
This change re-raises the SystemExit if the current process ID is not
the original pid.
Robert Collins [Tue, 12 May 2015 19:49:15 +0000 (07:49 +1200)]
Update build hooks.
The pbr setup_hook has not been needed for a while, so remove it. The
neutron hook has been broken for a while: it places a setup_requires
build dependency on everything in neutron/__init__.py, which is
non-empty, but setup_requires is handled by easy install so we try
very hard to avoid it. Instead, we can use environment markers to
selectively include the win32 dependencies without requiring that
neutron be importable during setup.py execution. This is unusual
in OpenStack and will eventually be moved to a regular
requirements.txt dependency with the same marker - once we've finished
the integration work to make markers work properly in
requirements.txt.
shihanzhang [Fri, 8 May 2015 00:51:19 +0000 (08:51 +0800)]
setup port filters when sg rules change
when security group rules change, the l2 agents which have the
ports in this security group should reload iptables, this bug
was introduced by patch#118274.
tests: don't allow oslo.config to autodiscover config files
oslo.config makes attempts to autodiscover configuration files using
find_config_files() helper. If e.g. /etc/neutron/neutron.conf exists,
and is not readable, the following test failure can be experienced:
oslo_config.cfg.ConfigFilesPermissionDeniedError: Failed to open some
config files: /etc/neutron/neutron.conf
Unit tests must not rely on any external state of the system and run
successfully no matter whether neutron is actually installed on the
system, or not.
Moshe Levi [Sat, 9 May 2015 15:53:59 +0000 (18:53 +0300)]
mlnx MD: mlnx_direct removal
mlnx_direct is deprecated from Juno release. sriov-nic-switch
with macvtap port is the replacement for it.
This patch removes the mlnx_direct from mlnx MD and
from the supported vif_types.
Robert Kukura [Wed, 1 Apr 2015 21:11:59 +0000 (17:11 -0400)]
Add unit tests for ML2 DVR port binding and fix PortContext inconsistencies
Extends the existing ML2 port binding unit tests to cover the
distributed port bindings used for DVR. Within the test mechanism
driver, bindings are tracked per-host, and additional assertions are
added.
Fixes issues with PortContext attributes that were exposed by these
new tests. Adds new vif_type, original_vif_type, vif_details, and
original_vif_details PortContext attributes, similar to the exising
host, original_host, status, and original_status attributes, to
reflect host-specific details of distributed (or normal) port
bindings. Also fixes original_host and original_status to return None
when in the context of an operation other than an update, and fixes
original_host to reflect the specific host being bound for a
distributed port.
Carl Baldwin [Mon, 11 May 2015 18:58:34 +0000 (12:58 -0600)]
Make it clear the rfe tag is lower-case
This tripped me up, I tried adding RFE to my bug and was denied.
It seems the tag was added with lower-case letters. This is fine with
me as it is consistent with most, if not all, other tags in the
project. If it stays lower-case, we should at least make the quoted
tag in the policy document lower-case.
Cyril Roelandt [Thu, 7 May 2015 13:00:38 +0000 (13:00 +0000)]
Allow users to run 'tox -epy34'
With this commit, it is possible to successfully run 'tox -epy34', even though
only a small amount of tests will actually be run. This is a required step in
making Neutron compatible with Python 3, as described in the 'Porting to Python
3' specification.
This commit:
- fixes some broken imports, while making sure they still work with Python 3;
- updates a call to gettext.install;
- adds a py34 target in tox.ini.
Deprecate quota_items, register resources upon REST initialization
Register 'core' resources when the respective rest controllers are
instantiated, rather than at module load time.
Since in this way there will not be any need to iterate over
quota_items, the option is being deprecated.
This patch does not supply unit tests as the already-existing
routine for registering a resource from quota_items is being
deprecated as well (and was not covered by any unit test beforehand).
blueprint ipv6-router (ChangeID:Iaefa95f788053ded9fc9c7ff6845c3030c6fd6df),
supports an IPv6 Router where the router gateway port has no subnet.
The BP implements the following. If an external network (without any subnet)
is attached to the Neutron router, it reads the ipv6_gateway config parameter
(LLA of upstream router) from l3_agent.ini file and adds a default route that
points to this LLA. If the ipv6_gateway config value is not configured, it
would configure the gateway interface to accept router advts from upstream
router to build the default route.
For an HA router, we would have to configure keepalived to perform this
operation. This patch extends the functionality to an HA router.
Catch ObjectDeletedError and skip port or subnet removal
When network is deleted service ports are deleted in the scope of
delete_network. Service ports could also be deleted by other entities
such as DHCP agent releasing dhcp port.
That could rarely lead to a race condition when port object used in
_delete_ports helper is already deleted causing ObjectDeletedError
exception.
Need to handle it and prevent object deletion in that case.
Eugene Nikanorov [Sun, 10 May 2015 21:34:35 +0000 (01:34 +0400)]
Randomize tunnel id query to avoid contention
When networks are created rapidly, neutron-servers compete
for segmentation ids which creates too much contention and
may lead to inability to choose available id in hardcoded amount
of attempts (11)
Randomize tunnel id selection so that condition is not hit.
Kevin Benton [Sat, 2 May 2015 12:08:26 +0000 (05:08 -0700)]
Add capability to wait for IPv6 address in ip_lib
When an IPv6 address is added to an interface, it
goes into a tentative state for a couple of seconds
for duplicate address detection. During this time,
use of the address will fail. This is an issue for
functional tests where they may add an address to
an interface and then immediately run a ping and
expect success.
This patch adds a new wait_until_address_ready function
to ip_lib that will poll the interface every 200 ms until
the status transitions off of tentative or until a time limit
is exceeded. If the time limit is exceeded, it will raise an
exception.
It also adds unit tests and updates a functional test to
make use of the new feature.
Assaf Muller [Fri, 1 May 2015 17:29:26 +0000 (13:29 -0400)]
Extenuate register_dhcp_agent code duplication in tests
Non-obvious changes:
* Change helpers.register_agent to use a slimmed down version
of a plugin that knows how to register an agent. This allows
the helper to be used with tests that do not register a core
plugin.
Sergey Belous [Thu, 15 Jan 2015 15:19:51 +0000 (18:19 +0300)]
Refactor checks for device existence
The code calling driver.plug() shouldn't check for the device existence,
it's a duplicate and it's an expensive call.
Move check for device existence to base LinuxInterfaceDriver.plug()
to remove code duplication. Make plug_new() abstract instead.
Kevin Benton [Sun, 3 May 2015 06:10:52 +0000 (23:10 -0700)]
Check for missing network in _bind_devices
_bind_devices was making the assumption that the ports it
was operating had local VLAN map entries for their network.
This wasn't the case when a network was deleted right before
_bind_ports was called because the VLAN was reclaimed.
This patch just checks to see if the the network ID has an entry
in the map. If not, it skips the port. The port will be handled
on the next scan_ports iteration when the agent will discover that
the port is no longer defined on the plugin and it will be placed
in the DEAD vlan.
Dane LeBlanc [Tue, 14 Apr 2015 13:18:18 +0000 (09:18 -0400)]
Reuse caller's session in ML2 DB methods
This patch changes the get_port_from_device_mac() and
get_sg_ids_grouped_by_port() methods in ML2 db.py module so that
they do not create a new database session (via get_session()), but
instead reuse the session associated with the caller's context.
In order to make the session that is associated with the caller's
context available to these ML2 DB methods, the
get_ports_from_devices plugin API in securitygroups_rps_base.py
needs to be modified so that the context can be passed down to the
ML2 plugin. (A similar change is made to the get_port_from_device
plugin API for consistency.)
Code Review / openstack-build / neutron-build.git / log