Miguel Angel Ajo [Thu, 22 Jan 2015 14:17:30 +0000 (14:17 +0000)]
Move process monitor settings to neutron.conf AGENT section
Instead of defining specific settings on each agent configuration
file for later patches in the series, we provide a single
point of configuration in the AGENT section of the neutron.conf
file, which could yet be overriden per agent config file if needed.
Carl Baldwin [Fri, 16 Jan 2015 19:39:46 +0000 (19:39 +0000)]
Replace FLOATING_IP_CIDR_SUFFIX constant with utils
FLOATING_IP_CIDR_SUFFIX is a global constant used in manipulating ip
addresses and cidrs as string. This patch replaces that with
well-tested utilities for doing the conversions more safely and
readably.
Russell Bryant [Fri, 16 Jan 2015 14:09:48 +0000 (09:09 -0500)]
hyperv: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the hyperv plugin.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 13:52:40 +0000 (08:52 -0500)]
bigswitch: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the bigswitch plugin.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Tue, 13 Jan 2015 18:06:44 +0000 (13:06 -0500)]
Create SecurityGroupServerRpcApi and add some docs
Create SecurityGroupServerRpcApi, which is intended to replace
SecurityGroupServerRpcApiMixin over time. The new class is the same
code, but used as a standalone class. This is needed to be able to
eventually move this API into a messaging namespace.
In passing, add docstrings that show where to find the corresponding
other side of this interface in the code base.
Improve agent-based flat/vlan ml2 port binding failure logging
Port binding failure is an error and should be reported as such.
Additionally, if a port binding fails on a host due to missing
bridge mappings, it's currently quite a mystery to find out. This
should be logged instead of requiring users to debug code. Not
everyone enjoys debugging Python, as weird as that is!
I refactored out the common code in check_segment_for_agent
in order to make logging more robust for all agent-based mechanism
drivers. The OVS and LB mech drivers already log due to a bridge
mappings mismatch and the other agent based mech drivers
will now log as well.
Maru Newby [Tue, 20 Jan 2015 02:23:48 +0000 (02:23 +0000)]
Switch to using abc in the retargetable client
abc is preferable to raising NotImplementedError because it will
prevent instantiation of a subclass that doesn't implement the
required methods rather than failing only when a missing method is
called.
Change-Id: I1043eefde675dd3b653d5b508be22cfd52d2fe8f
Implements: bp retargetable-functional-testing
Simplfy register_model_query_hook() and register_dict_extend_funcs().
Move register_dict_extend_funcs() into CommonDbMixin attribute
because the related class attribute, _dict_extend_functions, is
defined in CommonDbMixin. They should be defined in same class.
Ihar Hrachyshka [Sun, 18 Jan 2015 11:59:39 +0000 (12:59 +0100)]
Drop _test_rootwrap_exec test
It's not a unit test and didn't participate in gating. The test would belong to
functional suite, though since it's pretty trivial, and rootwrap is already
tested as part of other functional tests, it's better to drop it then adopt to
new requirements.
Cedric Brandily [Fri, 16 Jan 2015 23:41:16 +0000 (23:41 +0000)]
Fix pylint unbalanced-tuple-unpacking warning
Pylint last version(1.4.1), at least, reports an
unbalanced-tuple-unpacking warning[1] in keepalived[2] module because
self.authentication is defined as an empty tuple in __init__ method and
unpacked in build_config method as if it was a 2-tuple.
self.authentication references an empty tuple (defined in __init__
method) or a 2-tuple (updated in set_authentication method). Such
warning is a false positive because the unpacking is only performed if
self.authentication is not evaluated to false which only appends if
self.authentication is a 2-tuple.
Defining self.authentication as None in __init__ avoids such warning
without disabling unbalanced-tuple-unpacking warning check.
[1]
W:252,12: Possible unbalanced tuple unpacking with sequence defined at
line 153: left side has 2 label(s), right side has 0 value(s)
(unbalanced-tuple-unpacking)
Carl Baldwin [Mon, 22 Dec 2014 21:01:45 +0000 (21:01 +0000)]
Create DvrRouter and HaRouter as a sub-class of Router
This commit creates them as simple sub-classes and instantiates them
when appropriate. It also moves the basic mixin classes from
RouterInfo. Since all of the properties and attributes from these
mixins are only used in the ha or dvr contexts, this is safe. Future
refactoring will further tease things out until they are properly
encapsulated.
They inherit everything else from their base class so that they all
still share the same code. Creating them up front provides a place
for dvr and ha specific logic to land as methods are moved from the L3
agent and mixins to the new router classes. Eventually, all of the
specific logic will be teased in to the specific classes.
Wrap dhcp agent into its own module and break out configurations and
entry point for better seperation. This lead to some test cleanup
that revealed that options were registered unnecessarily.
When/if the dhcp agent goes through a restructuring along the same
lines of the L3 agent's, this would be the step to start from.
Move Monkey patch back to being as early as possible
Commit 6ca8cb84fd8 moved the patching early in the loading process.
After some reshuffling in the agents, this might not be as early
as possible, so move them closer to their main()'s.
In order to run the API job successfully, must be installed and
configured. Today when using devstack-vm-gate.sh this means that
Tempest will run as well, which we do not want. To fix this problem
there are changes needed both in project-config and devstack-gate.
As a stop-gap solution, we bring in the scripts required and run
them directly within the gate hooks that we already have.
Once changes in devstack-gate and project-config will be accepted, this
solution can be dropped.
Eugene Nikanorov [Mon, 17 Nov 2014 07:00:49 +0000 (11:00 +0400)]
Change transaction isolation so retry logic could work properly
Lower isolation level from REPEATABLE READ to READ COMMITTED for
transaction that is used to create a network.
This allows retry logic to see changes done in other connections
while doing the same query.
Perform that only for mysql db backend.
Sylvain Afchain [Fri, 12 Dec 2014 09:52:43 +0000 (09:52 +0000)]
Refactor the _get_external_device_interface_name method
Currently this method does two things. It returns the
external interface name as its name indicates and
creates some interfaces in the case of the dvr mode.
This patch split these two things into two methods and
refactor a bit the code according to this change.
Miguel Lavalle [Thu, 18 Dec 2014 01:21:53 +0000 (19:21 -0600)]
Refactor of floating ip processing in L3 Agent
Breaks down the processing of floating ip processing in 3 methods. A key goal
is to make the handling of ip tables application deferal more logically cohesive
in the process_router method
Ihar Hrachyshka [Fri, 5 Dec 2014 17:17:15 +0000 (18:17 +0100)]
Migrate to oslo.concurrency
Namespaces are not used anymore, so imports are for oslo_concurrency,
not oslo.concurrency.
lockutils direct call is not supported anymore, so using shipped
lockutils-wrapper instead.
Use ExternalLockFixture to set lock_path for unit testing.
Updated cache and cache/_backends module from oslo-incubator to use
oslo.concurrency and not incubator version of lockutils module.
Dropped lockutils incubator module that is now moved to oslo.concurrency. Not
dropping fixture module that includes lockutils fixture since other fixtures
are still used in the tree.
Kevin Benton [Thu, 15 Jan 2015 07:45:14 +0000 (23:45 -0800)]
Clarify misleading iptables comment
Update the comment for the iptables rule matching the
conntrack INVALID state. The previous entry was misleading
because it sounded like it dropped all new connections.
mathieu-rohon [Thu, 15 Jan 2015 15:19:08 +0000 (16:19 +0100)]
make delete_router send delete_port to core_plugin
Have delete_router API call also delete the gateway port if needed.
Currently, the db_base_plugin_v2 method is called, bypassing the
core_plugin overload of this method. The consequence is that,
in ML2, mechanism drivers are not aware of the port deletion.
In this patch, tha gateway port is deleted through a common
method. This method checks if floating IP and VPN are attached
to the router, so those checks are removed from the delete_router
method.
Gary Kotton [Mon, 29 Dec 2014 09:38:25 +0000 (01:38 -0800)]
VMWare-NSXv: VMWare NSXv extensions
For Kilo, the vendor-specific code should be moved to stackforge repo,
excluding the extensions (https://review.openstack.org/#/c/134680/).
This patch adds the extensions VMWare NSXv plugin from
stackforge/vmware-nsx repo.
There are 2 new extensions:
1. advanced_service_providers - this is required to enabled the NSXv to provide
metadata support (there is no metadata agent)
2. vnic_index - the security group support for the NSXv requires the vNIC index
Currently the test assumes delete_ports_by_device_id deletes ports in
the order they were created but nothing ensures it. This change
updates _test_delete_ports_by_device_id_second_call_failure to avoid
such (incorrect) assumption. The assumption is in general broken in
daughter change which adds a unique constraint on Port table.
Terry Wilson [Mon, 12 Jan 2015 14:21:17 +0000 (08:21 -0600)]
Add ovsdb-related functional tests
This patch adds functional testing of ovsdb-related ovs_lib
functions. This is to ensure that the OVSDB abstract interface
refactor does not accidentally change behavoir.
Carl Baldwin [Mon, 12 Jan 2015 16:36:40 +0000 (16:36 +0000)]
Create arping helper in ip_lib
In trying to restructure the L3 agent in to more modules, some helpers
like arping will be used by several modules. It is better to relocate
it to a common module which all of them will import and use.
Since there is only one spot which passed 'distributed=True', I chose
to break the utility in to two. Also, 'distributed' doesn't really
describe what that argument is for. So, I named the second utility
differently to indicate that it is for sending garps when proxyarp is
in use for the address on the interface.
Kyle Mestery [Mon, 8 Dec 2014 02:18:53 +0000 (02:18 +0000)]
Initial thin ML2 mechanism driver
This commit thins the in-tree OpenDaylight ML2 MechanismDriver. A matching
change to the stackforge/networking-odl project has the backend logic
there.
Tan Lin [Thu, 23 Oct 2014 11:00:22 +0000 (19:00 +0800)]
Enable adding new tag with options
It is useful to add a new tag when update the options
with dnsmasq.
We have a use case in Ironic to support ipxe with dnsmasq.
It looks like this:
dhcp_opts.append({'opt_name': 'tag:!ipxe,bootfile-name',
'opt_value': CONF.pxe.pxe_bootfile_name})
Miguel Angel Ajo [Thu, 15 Jan 2015 00:23:29 +0000 (00:23 +0000)]
Call on dhcp-agent DhcpLocalProcess.restart() breaks dhcp
The bugfix implemented on Ib37651f7f802debd472ab292b148c2a2496063a3
creates the network_conf_dir only during __init__, and restart()
method calls disable(), then enable(), where disable will remove
the config directory and all configuration files.
Previous implementation re-created the network_conf_dir on the
interface_name setter (called from enable) with ensure_conf_dir=True.
Sukhdev [Sat, 10 Jan 2015 01:02:53 +0000 (17:02 -0800)]
Fixs shared networks in Arista ML2 driver
When a shared network is created, it is stored
in arista_provisioned_nets under the tenant_id of
owner of the network. Later, when a different
tenant launches an instance on the shared network,
above mentioned DB is looked to find the network
under requesting tenant's ID, and it is not found,
and hence, the request is rejected.
The fix is made such that when a network is not
found under the requesting tenant's ID, check if
this network is shared network. If yes, then
check the DB to ensure that owner tenant exists
in the DB. If yes, then this is a valid request
and do not reject it. Otherwise reject it - as an
unknown tenant or network is specified in the
request.
Code Review / openstack-build / neutron-build.git / log