Maru Newby [Thu, 22 Aug 2013 07:57:00 +0000 (07:57 +0000)]
Minimize ovs l2 agent calls to get_vif_port_set()
The ovs l2 agent was previously calling get_vif_port_set() on the
integration bridge once per rpc_loop() iteration and then again in
the periodic _report_state() call that returns the current device
count to the neutron service. Since get_vif_port_set() is an
expensive call (relying on shell commands) and since there
is minimal risk associated with reporting stats that are a few
seconds old, this patch caches the device count for reuse by
_report_state().
The value of auth_url is incorrect, some operators may not change
that value and problem will occur. According to keystone, 35357 is
the port number which the public admin listens on, 5000 should be
used for neutron instead.
Remove calls to policy.check and policy.enforce from plugin code
Completes blueprint make-authz-orthogonal
This patch removes a few explicit policy checks recently added to
the plumgrid and cisco plugins.
They are not necessary as the same checks are already performed
by the policy engine.
ML2 doesn't support ext-gw-mode, resulting in L3 agents not
setting-up NAT rules in neutron routers (currently, l3 agents
will assume enable_snat=false if plugin doesn't provide this
parameter as described in bug 1212868)
This patchset adds the support of ext-gw-mode to ML2 plugin.
In order to support ext-gw-mode alembic migration (as well as
other potential migrations on plugin dbs), folsom_initial
migration script is fixed to include ML2 plugin. Otherwise
databases won't be set-up during migration script (but at
plugin startup by sqlalchemy), resulting in migration failures.
Li Ma [Tue, 13 Aug 2013 16:33:28 +0000 (09:33 -0700)]
Syslog support for neutron metadata proxy
When neutron metadata proxy reads the cli args
which are propagated from its parent processes
(l3-agent and dhcp-agent), if log-dir and log-file
are not defined in the context, it will also
double-check whether syslog is enabled and
its facility in the user-defined configuration
files (/etc/neutron).
As a result, the log behavior of each neutron
component becomes consistent.
File log is the default logging function. The syslog
is enabled when use_syslog is explicitly defined and
file log options are all disabled.
Francois Eleouet [Fri, 16 Aug 2013 11:24:20 +0000 (13:24 +0200)]
Enable SNAT by default in L3 agents
If ext-gw-mode extension isn't supported by plugin, it won't
return enable_snat param in router info. Agent will currently
default to enable_snat = false, which changes from expected
default behaviour prior to ext-gw-mode introduction.
This patch changes L3 agent to enable SNAT by default if plugin
doesn't support ext-gw-mode extension.
Kevin Benton [Tue, 13 Aug 2013 01:11:09 +0000 (18:11 -0700)]
Set BigSwitch plugin to use existing host database model
The BigSwitch plugin had a data model duplicating one
that was recently added into the base portbindings db
file. This patch removes the BigSwitch model and
updates the BigSwitch plugin to reference the plugin-
agnostic model.
Kyle Mestery [Fri, 16 Aug 2013 09:19:25 +0000 (09:19 +0000)]
Fix ML2 VXLAN TypeDriver DB migration
The migration for the ML2 VXLAN TypeDriver was incorrectly setting
primary key attributes on separate lines for 'ip_address' and
'udp_port'. Also, a primary key cannot have autoincrement set, so
add this to 'udp_port' as well.
Unify exception thrown in l3-agent-scheduler fails
Since you can only attach a single l3 agent to a router, when you try
to add another l3 agent to a router that already have one, the l3
agent scheduler raises an exception.
This fix removes the discrimination by id: either it is the same agent
or another one, the router can not be hosted and the same exception is
raised.
Mock os.makdirs to avoid directory creation in unit tests
The directory 'dhcp' under neutron state path should not be
created during unit tests. This patch mocks up calls to
os.makedirs and ensures that methods that rely on it, like
_populate_network_cache, are mocked as well.
Returns 503 if the NVP cluster is in maintenance mode
If the NVP cluster is in 'readonly-mode' during a maintenance
window, some NVP operations may raise a Forbidden error. This
is not currently handled correctly, and Neutron server ends up
returning 500. This patch addresses the problem by ensuring
the right error code is returned.
Carl Baldwin [Tue, 13 Aug 2013 00:11:29 +0000 (00:11 +0000)]
Refactor configuring of floating ips on a router.
This approach to configuring floating ips is stateless and idempotent.
This allows it to handle corner cases, such as reusing a floating ip
address with a different floating ip id in a way that is easier to
understand.
The concept is to wipe the floating ips clean and rebuild them each
time with the following optimizations. To avoid bad performance in
manipulating iptables, it is called in the context of a call to
defer_apply_on. To avoid a disruption in network flow a set
difference is use to determine the set of addresses that no longer
belong on the inteface rather than removing them all blindly.
Code Review / openstack-build / neutron-build.git / log