This patch adopts several measures to prevent _sync_routers_task
and _rpc_loop from hanging because of subprocess.Popen.communicate
not returning.
1) Perform a sleep everytime a command is completed, similarly to
what is done in openstack.common.processutils.execute
2) Disable by default GARP, as kernel crashes caused by arping
have been observed
3) Prevent a non-critical keyerror in _router_removed from triggering
again a full sync, which might put the system under significant load.
This patch also adds debug log statements aimed at improving the
ability of debugging similar failures.
Ralf Haferkamp [Thu, 29 Aug 2013 18:50:55 +0000 (20:50 +0200)]
Avoid race with udev during ovs agent startup
After taking down the veth link between the physical bridge and the integration
bridge call udevadm settle to wait for any udev events to be completely
processed by the operating system before recreating the veth pair.
Some distributions (e.g. openSUSE) have udev rules installed by default that
call e.g. ifdown <interface> during the remove event. If that is processed
after the ovs agent already brought up the veth pair again the veth pair's
link will be down after the agent completed startup and networking will be
broken for all VM instances.
Quota driver is now loaded in lazy mode, i.e. the driver is loaded
the first time the driver is accessed. This is to make unit tests
work. Some unit tests like extension test cases need to use Config
Quota driver (previous default) but QuotaEngine is initialized
when quota.py is imported. Thus the unit tests had no chance to
specify quota_driver.
Ben Nemec [Tue, 1 Oct 2013 23:15:23 +0000 (23:15 +0000)]
Disable lazy translation
Late in the Havana cycle bug 1225099 was found in the lazy
translation code, and to be safe it was decided to disable lazy
translation for Havana. This change does that.
Cisco plugin should check for switch - vlan bindings
This commit fixes the issue where the Cisco plugin tries to create a
vlan twice on a switch if the first create is not bound to a port.
Also fixes an issue where the plugin tried to untrunk vlans from
a port for SVI interfaces.
Should not add metadata filter rules if disable metadata proxy
The metadata filter rules should not be added into iptables if Neutron
metadata proxy is disabled.
This patchset fixes this issue by adding a condition when adding metadata
filter rules to iptables.
Bob Kukura [Fri, 27 Sep 2013 21:54:45 +0000 (17:54 -0400)]
Fix auto-deletion of ports and subnets in ML2
When a network is deleted, certain ports and any subnets referencing
it are auto-deleted. The implementation of
NeutronDBPluginV2.delete_network() does this at the DB level, so ML2's
mechanism drivers were not being called.
Ml2Plugin.delete_network() is changed to not use the base class's
method, and to auto-delete ports and subnets by calling its own
delete_port() and delete_subnet() methods outside of the
transaction. A loop avoids race conditions with ports or subnets being
asynchronously added to the network.
Fix to enable delete of firewall in PENDING_CREATE state
Firewall will in PENDING_CREATE state if there is no underlying router in the
tenant. When the router and an associated i/f is created then with a sequence
of msgs it is set to ACTIVE state by the plugin. If a delete is triggered when
in PENDING_CREATE state in such a situation, the msg was ignored - fixing this to
account for the fact that a delete makes sense in this situation so the agent
sends the appropriate msg back to the plugin so it can delete it.
Joe Mills [Tue, 24 Sep 2013 10:42:08 +0000 (10:42 +0000)]
Add host routes and dns nameservers to Midonet DHCP
In the Midonet plugin, the host routes and dns nameserver information
was not being passed down to the midonet client API. This fix addresses
this by passing down the correct information.
Kaiwei Fan [Fri, 27 Sep 2013 06:49:15 +0000 (23:49 -0700)]
Reverse the order of interface update and DNAT rule config
Configure DNAT rule first before adding floating ip address to interface
so advanced service router will not receive packets by accident before
DNAT rule configured.
Verified that traffic goes to the VM the created floating ip associated
with right after config.
IF both service neutron-l3-agent and neutron-server are up,
but no router id configured in /etc/neutron/l3_agent.ini, an
exception will be raised on DB as "DBError: IntegrityError",
because the variable router_ids has a default '' value that
doesn't match the DB grammar.
* Check router id is specified in _init_() of l3 when
not using namespace.
* Move part of checking config params actions to new function
_check_config_params()
* Add corresponding unit tests.
Redefine behavior for NvpAdvancedPlugin during network creation
When using the NvpAdvancedPlugin, *all* logical switches should
be created through VCNS. VCNS will then proxy the requests to
NVP. This patch implements such a behavior. This is achieved by
replacing the use of nvplib.create_lswitch with the one of the
vcns driver, as the remaining logic can be left as it is.
ZhiQiang Fan [Thu, 26 Sep 2013 16:10:50 +0000 (00:10 +0800)]
Pythonic method names for l3_agent unit tests
When review https://review.openstack.org/#/c/46863/, i find there
are some unconsistent method names in test_l3_agent.py, this patch
fixes this code style problem.
This patch adds an option for always synchronizing operational status
on a show operation; regardless of the synchronization thread, when
this option is enabled, the resource status is always fetched from
the backend.
The patch also fixes an issue observed when running test_nvp_sync
alone.
ZhiQiang Fan [Wed, 18 Sep 2013 17:53:44 +0000 (01:53 +0800)]
Ensure router exists when auto_schedule_routers
Currently, the auto_schedule_routers() accepts parameter router_ids,
which may contain invalid router ids, since we've already filtered
them via plugin.get_routers(), we can directly use that safe object.
Properly synchronize status for ports deleted from backend
Ensure that the status for a port is properly synchronized even
when the port itself does not exist anymore in the backend, avoiding
raising exceptions due to missing results in the NVP query.
This patch also adjusts a comment and improves exception handling
in _nvp_get_port_id
Ensure nullable=False for netid in packetfilters table
From the initial commit of NEC plugin, network_id of packetfilters
table is nullable=False, but in folsom_initial db migration script
nullable is set to True. This commit ensure nullable=False for
network_id in packetfilters table in any migration revision.
Cascade on delete from ports.id to packetfitlers.in_port is added
to ensure packet filter entries associated with a port.
Also joined query of packetfilter with port query is added
to avoid additional packetfilter query by port_id.
This fix ports the Cisco Nexus sub-plugin unit tests
(neutron/tests/unit/cisco/test_nexus_plugin.py) to the Cisco ML2 mechanism
driver. The new test script will be
neutron/tests/unit/ml2/drivers/test_cisco_nexus.py.
Test cases which will be excluded from this port:
- Test cases involving provider networks.
- Test cases involving add/remove router networks
since these features are not currently supported in the Cisco ML2
mechanism driver.
The reference implementation of the FWaaS iptables
agent/driver supports only one firewall per tenant
in Havana release. However, the FWaaS plugin will
let you create more than one firewall. This is
being fixed in this patch to not allow creating
the second firewall if a firewall already exists
for the tenant.
Code Review / openstack-build / neutron-build.git / log