Assaf Muller [Sat, 29 Aug 2015 15:32:19 +0000 (11:32 -0400)]
Add info to debug test_keepalived_respawns gate failure
Current theory is that there's a bug in external_process.active,
it returns True when it shouldn't, then kill -15 on the process
pid fails because the process isn't up. Added ps -p output to
see if the process is up or not.
James Arendt [Fri, 28 Aug 2015 23:33:44 +0000 (16:33 -0700)]
Make Neutron service flavor save service_type
While the service_type exists in the resource attributes and as
a database field for a Flavor, the creation dictionary did not
pass the value so the service_type was not being persisted
in the database nor returned.
Enhanced unit test to show problem. Test fails on old code
to save or return the input service_type.
James Arendt [Wed, 26 Aug 2015 23:53:24 +0000 (16:53 -0700)]
Add tenant_id to flavor service profiles attributes
Neutron v2 base.py auto populates a 'tenant_id' attribute on
calls if the attribute is not passed. This causes a POST
to create a flavor service binding to fail when verifying
attributes with:
Unrecognized attribute(s) 'tenant_id'
Solution is to add tenant_id as expected attribute in the
attribute map as done in other sub resources like QOS.
Catch errors on 'port not found' while deleting subnet
In some circumstances (like the one triggered by the test_dhcp_ipv6 testcase)
calls to deleting a port and calls to deleting subnets can happen in straight
sequence.
If this happens the execution of the operations can interleave leading
to the subnet deletion to fail because the port has already gone. This patch
ensures a missing port is handled correctly.
The method delete_subnet is ginormous and hence impossible to test at a unit
level without proper refactoring. That can happen with a follow-up patch.
salvatore [Fri, 21 Aug 2015 08:44:25 +0000 (10:44 +0200)]
Do not track active reservations
Reservations have a transient nature: a reservation lifespan
typically begins and ends with a single request.
Therefore tracking reserved amounts for each tenant and resource
is not nearly as efficient as tracking resource usage.
Indeed it is fairly easy to verify that the overhead for tracking
reserved amounts is much greater than the one needed for counting
active reservations for each tenant and resource.
This patch removes the logic for tracking reservations, and
replaces it with an explicit count of active reservations.
Please note that this patch does not adjust accordingly the
ResourceUsage DB model. This will be done in a separate patch with
an expand migration; this should avoid most merge conflicts before
the final patch for restoring reservation logic merges.
Henry Gessau [Tue, 1 Sep 2015 21:17:01 +0000 (17:17 -0400)]
Deprecate --service option for neutron-db-manage
Now that https://review.openstack.org/198542 has merged we can
deprecate the --service option. From now on instead of
--service fwaas
we should instead use
--subproject neutron-fwaas
This puts the *aas subprojects on equal footing with the other
projects in the Neutron Stadium for neutron-db-manage.
In the Liberty release the --service option will be marked as
deprecated. It will be removed in Mitaka.
Neil Jerram [Mon, 27 Jul 2015 13:41:29 +0000 (14:41 +0100)]
DHCP agent: allow using gateway IPs instead of uniquely allocated
In each place where the DHCP agent runs, and for each subnet for which
DHCP is handing out IP addresses, the DHCP port needs - at the Linux
level - to have an IP address within that subnet. Generally this
needs to be a unique Neutron-allocated IP address, because the
subnet's underlying L2 domain is bridged across multiple compute hosts
and network nodes, and for HA there may be multiple DHCP agents
running on that same bridged L2 domain.
However, if the DHCP ports - on multiple compute/network nodes but for
the same network - are _not_ bridged to each other, they do not need
each to have a unique IP address. Instead they can all share the same
address from the relevant subnet. This works, without creating any
ambiguity, because those ports are not all present on the same L2
domain, and because no data within the network is ever sent to that
address. (DHCP requests are broadcast, and it is the network's job to
ensure that such a broadcast will reach at least one of the available
DHCP servers. DHCP responses will be sent _from_ the DHCP port
address.)
Specifically, for some networking backends it makes sense to allow all
DHCP ports to use the subnet's gateway IP address, and thereby to
completely avoid any unique IP address allocation.
This change therefore enhances the DHCP agent code to be able to use
gateway IPs as an alternative to uniquely allocated ones, with the
choice between those being made by a new interface driver property,
'use_gateway_ips'. The back-compatible default is to use unique IPs.
An interface driver that wants the DHCP agent to use gateway IPs can
achieve that by overriding as follows:
Pavel Bondar [Fri, 24 Jul 2015 08:50:26 +0000 (11:50 +0300)]
Enable py34 tests for pluggable ipam backend
Enable neutron.tests.unit.db.test_ipam_pluggable_backend.
It was disabled after extending ipam tests to run db_base_plugin tests,
which are not py34 compatible yet.
sridhargaddam [Thu, 27 Aug 2015 09:49:28 +0000 (09:49 +0000)]
Fix import path in neutron-sanity-check for ml2_sriov opts
neutron-sanity-check fails while importing ml2_sriov
configuration. This patch fixes the import path and
also includes a unit test to avoid such issues.
Decentralize the managemement of service providers
After the service split, some of the configuration, parsing and
validation was kept in the neutron core; ultimately this needs to
get closer to the services where it belongs.
This patch starts from ProviderConfiguration and ServiceTypeManager
classes, and aims at removing the hard-coded elements, like the list
of known advanced services, so that in the long run we can make
Neutron easier to plug with external services.
Cedric Brandily [Mon, 31 Aug 2015 14:40:14 +0000 (16:40 +0200)]
Correct neutron-ns-metadata-proxy command when watch_log is False
Neutron[1] uses the option --metadata_proxy_watch_log=false to disable
log watch[2] in neutron-ns-metadata-proxy instances but should use the
option --nometadata_proxy_watch_log. It implies that
neutron-ns-metadata-proxy instances fail to start.
This changes updates neutron[1] to use the correct option.
The change also corrects associated functional tests[2], indeed
metadata_proxy_watch_log option has no effect if a log_file/dir is
defined for the agent running the neutron-ns-metadata-proxy.
[1] neutron.agent.common.config
[2] could be done by setting metadata_proxy_watch_log = false
[3] neutron.tests.functional.agent.test_l3_agent
Dictionaries are unorderable in py3K. This change defines the method
safe_sort_key[1] which could be used a sort function for list of
dictionaries and non-dictionaries.
Kevin Benton [Mon, 31 Aug 2015 02:15:27 +0000 (19:15 -0700)]
Fix usage of netaddr '.broadcast'
netaddr 0.7.16 changed the behavior of IPNetworks with /31 and /32
prefixes to make their 'broadcast' attribute return None. This patch
replaces the use of the attribute with a -1 index lookup to get the
last address instead.
Adelina Tuvenie [Thu, 27 Aug 2015 09:27:28 +0000 (02:27 -0700)]
Fixes wrong neutron Hyper-V Agent name in constants
Change Id03fb147e11541be309c1cd22ce27e70fadc28b5 moved the
AGENT_TYPE_HYPERV constant from common.constants to
plugins.ml2.drivers.hyperv.constants but change the value of the
constant from 'HyperV agent' to 'hyperv'. This patch changes
the name back to 'HyperV agent'
This implementation may expose a vulnerability where a malicious
user can sieze the opportunity of a time window where a port
may land unaddressed on a shared network, thus allowing him/her
to suck up all the tenant traffic he/she wants....oh the shivers.
Assaf Muller [Wed, 26 Aug 2015 14:07:03 +0000 (10:07 -0400)]
Remove ml2 resource extension success logging
This is the cause of a tremendous amount of logs, for no
perceivable gain. A normal dvr run in the gate shows this debug
message around 120K times, which is way too much.
ajmiller [Tue, 25 Aug 2015 04:04:02 +0000 (21:04 -0700)]
Add optional file permission argument to replace_file()
The replace_file() utility function currently sets the mode of all files
it creates to 0o644. This is not appropriate for all files. This patch
adds an optional "file_mode" argument to the function.
Code Review / openstack-build / neutron-build.git / log