Thomas Goirand [Wed, 27 Nov 2013 13:53:57 +0000 (21:53 +0800)]
Now sets the OVSHybridIptablesFirewallDriver as default firewall driver.
Adds creating of /var/lib/neutron/dhcp as nobody:neutron if running on Ubuntu.
When recycling an IP, allocation pools are loaded with an inner
join with ip avaiblity ranges. However, if the pool is exhausted,
there will be no availability ranges and the query will return
no results because of the inner join. It will therefore be
impossible to reuse IP addresses once the pool has been exhausted.
This patch tries to reload allocation pools without joining on
IP avaiability ranges if the first query did not return any result.
Replacing an inner join with an outer join will not be possible
as postgresql backend does not support 'SELECT ... FOR UPDATE' with
outer joins (for more info see bug 1215350).
The patch also contains unit tests for verifying IP are recycled
correctly even when the pool is exhausted.
mathieu-rohon [Wed, 9 Oct 2013 09:13:04 +0000 (11:13 +0200)]
use proxy mode on vxlan interface only when l2-population is activated
the proxy mode was set by default on every vxlan interfaces
which leads to inaccessibility between VM that are not hosted
on the same host in a vxlan network
Nachi Ueno [Fri, 11 Oct 2013 18:46:32 +0000 (11:46 -0700)]
Use L3 api from vpn ipsec driver via service plugin
VPNaaS and ML2 plugin won't work, because ML2 plugin
supports service version of L3.
In this commit, we modify ipsec driver to use L3 plugin.
This is also backward compatible change, because if L2 plugin
supports L3 get_service_plugin API returns L2 plugin.
Change-Id: I36e541bb2e3e1df2e01f73a74f3e9005af6c38b7
Note: Exsiting unit test covers this change
(cherry picked from commit 8eb573528551d4a74c146c9d171505f7d472bb6a)
Akihiro MOTOKI [Wed, 9 Oct 2013 10:50:35 +0000 (19:50 +0900)]
Fallback to Quota Conf Driver if Quotas table is not defined
commit de15e0b9c5 enabled Quota DB driver default considering
production environments, but it breaks plugins without per-tenant
quota extension. In these plugin quotas tables is not loaded.
This commit fallbacks to ConfDriver if Quota model is not loaded by
checking neutron.db.quota_db which defines Quota model is imported.
Bob Kukura [Thu, 3 Oct 2013 16:25:24 +0000 (12:25 -0400)]
Fix auto-deletion of ports when deleting subnets in ML2
When a subnet is deleted, certain ports referencing it are
auto-deleted. The implementation of NeutronDBPluginV2.delete_subnet()
does this at the DB level, so ML2's mechanism drivers were not being
called.
Ml2Plugin.delete_subnet() is changed to not use the base class's
method, and to auto-delete ports by calling its own delete_port()
method outside of the transaction. A loop avoids race conditions with
ports being asynchronously added to the subnet.
The logic in Ml2Plugin.delete_network() is also fixed to properly
handle auto-deleting ports and subnets, and debug logging is added to
the various delete methods.
ML2 plugin changes the port status to "build" when get_device_details
is called. For this reason, the port status must be updated once the
port details are processed.
Aaron Rosen [Tue, 8 Oct 2013 19:24:21 +0000 (12:24 -0700)]
Fix dhcp_release lease race condition
There is a possible race condition when delete or updating fixed_ips
on ports where an instance could renew its ip address again after
dhcp_release has already been executed. To fix this, the order of
reload_allocation and release_lease need to be switched. This way an
instance will not be able to renew it's ip address after it is
removed from the host file.
Bob Kukura [Fri, 4 Oct 2013 20:17:37 +0000 (16:17 -0400)]
Change rpc_support_old_agents default to False
Changes the rpc_support_old_agents config variable default value to
False, so that the vlan_id field (redundant with the segmentation_id
field) is no longer included in RPC messages from the linuxbridge and
mlnx plugins to their corresponding L2 agents. This can be set to True
if needed to support L2 agents older than midway through the havana
cycle.
Kevin Benton [Wed, 9 Oct 2013 06:02:20 +0000 (23:02 -0700)]
BigSwitch: correct net to backend on floating IP disassociation
The corrects the network that is updated on the backendw when a
floating IP is disassociated. It was incorrectly sending the
tenant's network when the update is to the external network the
floating address belongs to.
Dave Cahill [Fri, 27 Sep 2013 10:44:00 +0000 (10:44 +0000)]
Disassociate floating IPs from port on terminate
Bugfix - floating IPs were left associated after VM
was terminated. Now call disassociate_floatingips
within delete_port as in other networking plugins.
Add L3NatDBIntTestCase suite to cover the
floating IP disassociation case, and fix all failing
tests from that suite.
Add a route to reach the MD server when a subnet is created
When the first subnet is created, the dhcp port is created and
midonet plugin correctly adds the static route to reach the MD
server in create_port. When a second or following subnets are
created, a new ip is added to the dhcp port. This patch takes
care of adding the static route to correcly reach the MD server
in update_port. This fixes the problem of VMs not being able to
reach the MD if assigned to the second subnet
This patch adopts several measures to prevent _sync_routers_task
and _rpc_loop from hanging because of subprocess.Popen.communicate
not returning.
1) Perform a sleep everytime a command is completed, similarly to
what is done in openstack.common.processutils.execute
2) Disable by default GARP, as kernel crashes caused by arping
have been observed
3) Prevent a non-critical keyerror in _router_removed from triggering
again a full sync, which might put the system under significant load.
This patch also adds debug log statements aimed at improving the
ability of debugging similar failures.
Ralf Haferkamp [Thu, 29 Aug 2013 18:50:55 +0000 (20:50 +0200)]
Avoid race with udev during ovs agent startup
After taking down the veth link between the physical bridge and the integration
bridge call udevadm settle to wait for any udev events to be completely
processed by the operating system before recreating the veth pair.
Some distributions (e.g. openSUSE) have udev rules installed by default that
call e.g. ifdown <interface> during the remove event. If that is processed
after the ovs agent already brought up the veth pair again the veth pair's
link will be down after the agent completed startup and networking will be
broken for all VM instances.
Quota driver is now loaded in lazy mode, i.e. the driver is loaded
the first time the driver is accessed. This is to make unit tests
work. Some unit tests like extension test cases need to use Config
Quota driver (previous default) but QuotaEngine is initialized
when quota.py is imported. Thus the unit tests had no chance to
specify quota_driver.
Ben Nemec [Tue, 1 Oct 2013 23:15:23 +0000 (23:15 +0000)]
Disable lazy translation
Late in the Havana cycle bug 1225099 was found in the lazy
translation code, and to be safe it was decided to disable lazy
translation for Havana. This change does that.
Cisco plugin should check for switch - vlan bindings
This commit fixes the issue where the Cisco plugin tries to create a
vlan twice on a switch if the first create is not bound to a port.
Also fixes an issue where the plugin tried to untrunk vlans from
a port for SVI interfaces.