the argument is ignored and all whitelisted tests are executed.
This is not in line with the other testenv's. This patch ensures
that posargs are processed if available, and that we fall back on
the lot of tests when not specified.
Ryan Moats [Mon, 24 Aug 2015 13:49:09 +0000 (08:49 -0500)]
Remove redundant logging statements from RootWrapDaemonHelper
create_process and execute_rootwrap_daemon both current log
the command they are about to run. Remove these statements as
redundant (the log message showing the command's result includes
the command itself)
Signed-off-by: Ryan Moats <rmoats@us.ibm.com>
Change-Id: I8bdea7212f8a32a3b6b0b47c5b824ac1c561d83f
Ryan Moats [Fri, 21 Aug 2015 14:16:52 +0000 (09:16 -0500)]
Rationalize neutron logs to help in troubleshooting router issues
Currently the neutron logs are not very useful for troubleshooting
router issues - this patch adds additional logging statements to
help the triage process.
Change-Id: I014e0119205d4a947a1be142aeeb29940c4de3bd Signed-off-by: Ryan Moats <rmoats@us.ibm.com>
Oleg Bondarev [Mon, 24 Aug 2015 08:29:25 +0000 (11:29 +0300)]
Move db agent schedulers test to a more appropriate place
Current placing is confusing as in fact the tests have little to do
with ml2 and openvswitch.
This was triggered by discussion on https://review.openstack.org/199514
Next step should be to separate dhcp and l3 schedulers tests.
Miguel Angel Ajo [Wed, 19 Aug 2015 13:15:21 +0000 (15:15 +0200)]
Make NeutronDbObjectDuplicateEntry exception more verbose
NeutronObjectDuplicateEntry is an exception derived from Conflict,
which is mapped to HTTPConflict. When such exception is thrown
during an API layer call, we will provide more detail to the caller
about what was exactly duplicated, and for which fields,
the information is extracted from the DB exception.
NeutronObjectDuplicateEntry is renamed into NeutronDbObjectDuplicate
to make clear it is for handling db duplicate exceptions, in
the future we could generalize to a base NeutronObjectDuplicate class
if we need separate handling for other object backings (mem, keystore,
etc).
Marga Millet [Wed, 12 Aug 2015 10:49:09 +0000 (03:49 -0700)]
Support dhcp metadata service for all networks
Vendors implementing Neutron L3 API in their devices may not be able to provide
metadata server access via the Neutron router. In such cases we want to allow
the metadata service as done for non-isolated networks segments.
Neil Jerram [Mon, 27 Jul 2015 13:43:18 +0000 (14:43 +0100)]
ip_lib: support creating Linux dummy interface
This is for use by a DHCP agent interface driver in the
networking-calico project. networking-calico connects VMs without
using bridging, so it needs an unbridged DHCP port interface with
which it can associate the DHCP subnet prefix, and the Linux dummy
interface (in conjunction with use of Dnsmasq's --bridge-interface
feature) is suitable for that purpose.
Ann Kamyshnikova [Fri, 21 Aug 2015 12:13:25 +0000 (15:13 +0300)]
Graceful OVS restart for DVR
Graceful OVS restart that was intoduced in I95070d8218859d4fff1d572c1792cdf6019dd7ea
missed that flows are also dropped in setup_dvr_flows_on_integ_br.
Neil Jerram [Thu, 23 Jul 2015 17:17:12 +0000 (18:17 +0100)]
DHCP agent: clarify logic of setup_dhcp_port
When the DHCP port already exists, the code for finding it is
unhelpfully mixed up with the code for updating its subnet IDs and
fixed IP addresses. Clarify that area by splitting setup_dhcp_port
into 3 subroutines, for each of the existing, reserved and new port
cases.
Sean Mooney [Fri, 26 Jun 2015 09:48:26 +0000 (10:48 +0100)]
Add config option to specify ovs datapath.
This change introduces a new datapath_type parameter
to allow specification of the ovs datapath to be used.
This change introduces new functional and unit tests.
Kevin Benton [Wed, 17 Jun 2015 06:43:59 +0000 (23:43 -0700)]
Neutron RBAC API and network support
This adds the new API endpoint to create, update, and delete
role-based access control entries. These entries enable tenants
to grant access to other tenants to perform an action on an object
they do not own.
This was previously done using a single 'shared' flag; however, this
was too coarse because an object would either be private to a tenant
or it would be shared with every tenant.
In addition to introducing the API, this patch also adds support to
for the new entries in Neutron networks. This means tenants can now
share their networks with specific tenants as long as they know the
tenant ID.
This feature is backwards-compatible with the previous 'shared'
attribute in the API. So if a deployer doesn't want this new feature
enabled, all of the RBAC operations can be blocked in policy.json and
networks can still be globally shared in the legacy manner.
Even though this feature is referred to as role-based access control,
this first version only supports sharing networks with specific
tenant IDs because Neutron currently doesn't have integration with
Keystone to handle changes in a tenant's roles/groups/etc.
Liang Bo [Thu, 20 Aug 2015 06:24:46 +0000 (14:24 +0800)]
Fixed broken link in neutron-server's documents
The neutron-server document contains a link (http://neutron.openstack.org)
which is not exist anymore. This patch updates the link to neutron's doc site
and wiki page.
Miguel Angel Ajo [Thu, 20 Aug 2015 13:57:19 +0000 (15:57 +0200)]
Fix qos api-tests after policy changes
The policy.json update in change
Ide1cd30979f99612fe89dddf3dc0e029d3f4d34a breaks the qos api-tests
due to actions which the default policy won't allow, like qos
rules or policies creation by non-admins.
We removed test_rule_association_nonshared_policy which
is not possible with the default policy.json in favor of
test_policy_create_forbidden_for_regular_tenants.
This commit unblocks the qos api-test re-enablement.
Jakub Libosvar [Thu, 20 Aug 2015 16:02:11 +0000 (16:02 +0000)]
fullstack: use migration scripts to create db schema
Previously, we used create_all() based on models. We don't use
create_all() in production code and there is no guarantee models and
scripts are in sync even though we have a good functional test that
validates that. There are still pieces that can't be compared by
alembic.
John Schwarz [Thu, 20 Aug 2015 14:05:02 +0000 (17:05 +0300)]
Only validate local_ip if using tunneling
Change I4b4527c28d0738890e33b343c9e17941e780bc24 introduced a new
validation to make sure that local_ip holds a valid IP that is present
in one of the interfaces on the machine. However, this test is not
relevant if tunneling is not enabled, since the value is ignored anyway.
This patch changes validate_local_ip to not check local_ip in case
tunneling is not enabled (if no value was put in the 'tunnel_types'
option).
Jakub Libosvar [Tue, 18 Aug 2015 13:42:37 +0000 (13:42 +0000)]
qos: Delete bw limit rule when policy is deleted
We need to add ON DELETE CASCADE to qos_policy_id on bw limit rule table
in order to delete policy successfully. There is a migration script that
creates db scheme with correct foreign key constraint but we miss this in
models. Currently, we have a functional test that guarantees parity
between migration scripts and models but we don't have guaranteed foreign
keys parity due to alembic bug [1].
Yalei Wang [Fri, 7 Aug 2015 14:43:30 +0000 (22:43 +0800)]
Add support for unaddressed port
Neutron could create a port without the IP address when the network doesn't
have a subnet. In this case, neutron will have no L3 knowledgee and we need
remove the L3 filter on it but reserve the L2 filter if there is.
This patch will make L2 agent verify the fixed_ips before converting the
security-group-rules into firewall rules, L3 rules in it will be removed.
And filter like arp-spoofing will be disabled for this port.
Jakub Libosvar [Thu, 20 Aug 2015 12:33:59 +0000 (12:33 +0000)]
Sync FK constraints in db models with migration scripts
We do have a functional test that compares Neutron's db models with
migration scripts. The comparison is based on alembic library that had a
bug which is gonna be solved in the next release [1]. Once we start
using newer alembic, functional test mentioned above will start failing
due to models and scripts are not in sync.
This patch adds needed constraints discovered by running functional test
locally with dev version of alembic.
Note: There is already a patch [2] that fixes QoS.
John Schwarz [Sun, 9 Aug 2015 14:00:57 +0000 (17:00 +0300)]
Add EnvironmentDescription, pass it down
* The EnvironmentDescription class describes an entire fullstack
environment (as opposed to the currently implemented host-only
descriptions). This will allow future patches to signify that a test
should set up an environment that supports tunneling, l2pop, QoS and
more.
* Now, most fullstack fixtures (config and process ones, at least),
expect both the EnvironmentDescription for the current test and the
HostDescription for the 'host' the config/process is on. This allows
for easier and most robust future changes, as now adding a new
parameter to one of the description objects doesn't mean adding that
argument to a number of other objects which are using it.
* Changed HostDescription's default argument of l3_agent to False, since
adding new configurations and defualting them to True forces the
author to go through ALL the tests and explicitly turn them on/off.
However, defaulting new configurations to False only requires
explicitly turning them on, which we ought to do anyway.
Ihar Hrachyshka [Thu, 20 Aug 2015 11:01:46 +0000 (13:01 +0200)]
Dropped release name from migration branch labels
Since the plan is to attach first Mitaka scripts to Liberty branches
with down_revision, and since labels are inherited from all other
revisions in the chain, using release names in branch labels would mean
that the following commands would be valid:
Ann Kamyshnikova [Thu, 20 Aug 2015 08:27:39 +0000 (11:27 +0300)]
Split DRIVER_TABLES in external.py
Split DRIVER_TABLES into separate lists for each driver.
This is needed for easier implementation of ModelMigrationSyncTest
in driver/plugin repositoties that were split out from Neutron.
Oleg Bondarev [Thu, 20 Aug 2015 09:02:55 +0000 (12:02 +0300)]
DVR: make sure snat portion is always scheduled when needed
commit 236e408272bcb9b8e957524864e571b5afdc4623 introduced
a regression where if router without external gateway was already
scheduled to all dvr_snat agents, then when adding external gateway
to the router, snat portion scheduling was skipped.
The patch fixes regression and adds corresponding unit (functional
in fact) test.
Ihar Hrachyshka [Thu, 20 Aug 2015 09:50:09 +0000 (11:50 +0200)]
neutron-db-manage: sync HEADS file with 'current' output
alembic.get_heads() returns all heads for all branches it can find in
scripts dir, while in alembic_version table, it does not store any heads
that were overridden by other branches, even if those depends_on it
instead of having it as down_revision.
To keep 'current' output in sync with what is in HEADS file, we can
attach liberty_* branches explicitly to kilo revision.
It's also a good idea to have a separate 'heads' command that would show
the latest alembic heads based on scripts dir state. See [1] for more
details.
While at it, since different subprojects can link their expand/contract
branches to kilo in different way (some using depends_on the previous
release branch, while others, as suggested in this patch, thru
down_revision to kilo), we kill the check on the number of heads
returned by script.get_heads() since it may differ. If we want to
validate that we don't branch more than twice from kilo, we may add a
separate validation just for that.
In a case when first attempt to fetch default security group
fails and attempt to add it fails too due to a concurrent insertion,
later attempt to fetch the same default sg may fail due to
REPEATABLE READ transaction isolation level.
For this case RetryRequest should be issued to restart the
whole transaction and be able to see default group.
The patch also removes 'while True' logic as it's unsafe
Eugene Nikanorov [Sun, 10 May 2015 23:10:29 +0000 (03:10 +0400)]
Graceful ovs-agent restart
When agent is restarted it drops all existing flows. This
breaks all networking until the flows are re-created.
This change adds an ability to drop only old flows.
Agent_uuid_stamp is added for agents. This agent_uuid_stamp is set as
cookie for flows and then flows with stale cookies are deleted during
cleanup.
Co-Authored-By: Ann Kamyshnikova<akamyshnikova@mirantis.com>
Closes-bug: #1383674
Kevin Benton [Wed, 19 Aug 2015 06:35:46 +0000 (23:35 -0700)]
l2pop: check port mac in pre-commit to stop change
Check that a port mac address hasn't changed during the precommit
phase of the port update rather than the post commit so the resulting
exception actually stops it from happening.
* A note from the legal team: These tests in no way replace
any existing tests. I would never dream of such a thing. Nor
would anyone ever consider calling these 'unit' tests. That
would be mad!
Change-Id: I73c2b2096e767575a196bf08e7d4cc7ec52fdfa3 Co-Authored-By: Lynn Li <lynn.li@hp.com>
Assaf Muller [Fri, 12 Jun 2015 19:07:17 +0000 (15:07 -0400)]
Add a fullstack fake VM, basic connectivity test
* Full stack tests' fake VMs are represented via a namespace,
MAC, IP address and default gateway. They're plugged to an OVS
bridge via an OVS internal port. As opposed to the current
fake machine class used in functional testing, this new fake
machine also creates a Neutron port via the API and sets the
IP and MAC according to it. It also sets additional attributes
on the OVS port to allow the OVS agent to do its magic.
* The functional fake machine and the full stack fake machine
should continue to share commonalities.
* The fullstack fake machine currently takes the IP address
from the port and statically assigns it to the namespace
device. Later when I'll add support for the DHCP agent
in full stack testing this assignment will look for the dhcp
attribute of the subnet and either assign the IP address
via 'ip' or call a dhcp client.
* Added a basic L2 connectivity test between two such machines
on the same Neutron network.
* OVSPortFixture now uses OVSInterfaceDriver to plug the port
instead of replicate a lot of the code. I had to make a
small change to _setup_arp_spoof_for_port since all OVS ports
are now created with their external-ids set.
Sandhya Dasu [Mon, 17 Aug 2015 10:26:53 +0000 (06:26 -0400)]
Final decomposition of ML2 Cisco UCSM driver
The ML2 Cisco UCSM driver's entry point is being switched to the
networking-cisco vendor repo. The definition of the driver's db
file and all references to it in the neutron branch are removed.
Ann Kamyshnikova [Wed, 19 Aug 2015 11:19:11 +0000 (14:19 +0300)]
Fix query in get_reservations_for_resources
For PostgreSQL if you're using GROUP BY everything in the SELECT
list must be an aggregate SUM(...) or used in the GROUP BY.
For reference:
http://www.postgresql.org/message-id/200402271700.28133.dev@archonet.com
Closes-bug: #1486467
Pavel Bondar [Tue, 11 Aug 2015 10:13:28 +0000 (13:13 +0300)]
Move tests for non pluggable ipam backend
Tests specific for non pluggable ipam backend were located in
test_db_base_plugin_v2.
Create appropriate test file and move tests there.
Updated test class name and doc string to match tested class.
Fix contains only tests moving without changes inside tests itself.
Code Review / openstack-build / neutron-build.git / log