Sam Hague [Fri, 2 May 2014 18:08:09 +0000 (14:08 -0400)]
Allow vlan type usage for OpenDaylight ml2
The initial OpenDaylight integration with Openstack did not support
vlan isolation so it was not included as a valid type. This change
adds the vlan type as allowed.
Also modified tests to include vlan as supported in the
check_segment().
DocImpact:
Use of VLANs with ML2 and the OpenDaylight mechanism driver
requires OpenDaylight Helium or newer to be installed.
Roman Podoliaka [Wed, 16 Apr 2014 10:59:33 +0000 (13:59 +0300)]
Fix issubclass() hook behavior in PluginInterface
Currently, PluginInterface provides an issubclass() hook that returns
True for issubclass(A, B) call, if all abstract methods of B (stored
in B.__abstractmethods__) can be found in the A.__mro__ tuple of
classes. But there is an edge case, when B doesn't have any abstract
methods, which leads to issubclass(A, B) call returning True even if
A and B are not related all.
E.g. issubclass(NeutronPluginPLUMgridV2, NsxPlugin) returns True,
while these two are different core plugins. And it gets even more
trickier when superclasses are involved: e.g. SecurityGroupDbMixin is
a superclass of NsxPlugin, so depending on the fact whether the
python module with NsxPlugin class is imported or not,
issubclass(NeutronPluginPLUMgridV2, SecurityGroupDbMixin) will return
either False or True accordingly.
The OVS lib deferred apply methods use a dict to save flows to add,
modify or delete when deffered apply is switched off.
If another thread adds, modifies or deletes flows on that dict during
another process called deffered_apply_off, its flows could be ignored.
This fix stash reference flows list and point the flows list to a new
cleared flows list. Then, it applies flows from the stashed flows list.
Maru Newby [Fri, 9 May 2014 22:24:45 +0000 (22:24 +0000)]
Make plugin deallocation check optional
The fix for memory leakage in the related bug added a check for plugin
deallocation that performed a call to gc.collect() after every test.
This had the side-effect of increasing test execution time by ~50%, so
this patch makes the check optional via an environment variable
(OS_CHECK_PLUGIN_DEALLOCATION).
It may make sense to create a periodic job that runs with the check
enabled, but otherwise the check can be used by developers for
debugging purposes.
Maru Newby [Wed, 7 May 2014 22:41:40 +0000 (22:41 +0000)]
Ensure core plugin deallocation after every test
The unit tests were previously consuming an excessive amount of memory
(4GB+) due to plugin instances persisting in memory. Deallocation was
not possible where a combination of circular references and mocking
was involved. This patch ensures that only NeutronManager holds a
plugin reference and that all other references are instances of
weakref.proxy. Residual memory footprint for tox executed on a
12-core machine has been reduced to ~1.3GB. Plugin deallocation is
validated at the end of each test to prevent regressions.
This change also includes fixes to unit tests that depended on plugin
instances persisting across tests.
Kevin Benton [Thu, 8 May 2014 23:33:06 +0000 (16:33 -0700)]
Big Switch: Check source_address attribute exists
Check that the source_address attribute exists on
HTTPSConnection objects before referencing it since
it's not present on python 2.6 deployments. If it
does not exist, create a socket connection without
specifying the source.
ML2 VxlanTypeDriver: Synchronize of VxlanAllocation table
At neutron startup VxlanTypeDriver syncs tunnel range from conf
to DB. In case multiple servers deployment restarting several
servers at the same time could lead to DB exceptions being thrown.
Need to synchronize between neutron servers by locking VxlanAllocation
table.
NSX: ensure that no LSN is created on external networks
Logical Service Nodes (LSN) are those that provide dhcp
and metadata services to networks when the NSX plugin is
used without the openstack dhcp and metadata proxy
agents. External networks do not work with Neutron's
dhcp and metadata services, therefore there is no need
to provision a LSN in this case.
In case IpSecPolicy or IKEPolicy is updated while VPN connection that uses it
is already established, IPsecPolicyInUse or IKEPolicuInUse is raised.
Need to clarify their messages to emphasize that policies can't be updated
because they are used by established connection.
Another patch (commit-id: df96a03e6c74f1fceb4525900bca885307907b79) to
fix the same issue with less intrusive consequences was already merged
into master. There's still benefit to have debug logs if this does not
make gate jobs fail, so revert to previous setting value.
Ihar Hrachyshka [Tue, 6 May 2014 13:52:35 +0000 (15:52 +0200)]
Disable debug messages when running unit tests
Some runs started to fail due to large sub_unit.log files. We should
reduce their size. The easy way to achieve this is to disable INFO
messages that are filling our logs.
The policy engine is currently being called for every attribute
of every resource to be returned by a list response. This is
harming the API performance; moreover such a high number of checks
is also unnecessary.
This patch therefore slightly changes the API logic so that list
response first determine the list of attributes which should be
returned querying the policy engine and then use this list for
all resource items to be returned.
To this aim a few methods in base.py needed to be refactored.
This patch also removes the routine check_if_exists from policy.py
and the related PolicyNotFound exception.
Finally, this patch also removes unnecessary admin_or_owner rules
when applied to attributes. This kind of rule indeed has no effect
anyway because of Neutron's ownership checks. The rules were removed
because this change won't allow anymore for having attribute-level
policies whose evaluation result depends on the resource value.
Jakub Libosvar [Tue, 6 May 2014 08:56:31 +0000 (10:56 +0200)]
Fix importing module in test_netscaler_driver
During H302 was introduced new bug importing package instead of module.
This patch is reverting back change on this file from
https://review.openstack.org/#/c/89628/5
Attila Fazekas [Sun, 4 May 2014 17:54:37 +0000 (19:54 +0200)]
L3 RPC loop could delete a router on concurrent update
routers_updated does not acquire any lock just updates
a set for future rpc loop processing.
The self.updated_routers can be changed by concurrent update
notification. If this change happens at the time around the
self.plugin_rpc.get_routers call, the additional routers
- by mistake - is considered as admin_state_up=false routers, which
are safe to delete.
Creating a local copy of the updated_routers and preserve
the fresh updated_routers entries for the next _rpc_loop
operations.
Jakub Libosvar [Fri, 18 Apr 2014 13:32:40 +0000 (15:32 +0200)]
Fix H302 violations
H302 violation is reported by flake8 when importing separated objects from
modules instead of importing the whole module.
e.g. from package.module import function
function()
is changed to
from package import module
module.function()
Jakub Libosvar [Fri, 18 Apr 2014 13:29:49 +0000 (15:29 +0200)]
Fix H302 violations in plugins package
H302 violation is reported by flake8 when importing separated objects from
modules instead of importing the whole module.
e.g. from package.module import function
function()
is changed to
from package import module
module.function()
Jakub Libosvar [Fri, 18 Apr 2014 13:30:32 +0000 (15:30 +0200)]
Fix H302 violations in unit tests
H302 violation is reported by flake8 when importing separated objects from
modules instead of importing the whole module.
e.g. from package.module import function
function()
is changed to
from package import module
module.function()
LipingMao [Mon, 31 Mar 2014 05:49:18 +0000 (05:49 +0000)]
lbaas on a network without gateway
Not only check the gateway_ip in subnet, but also
check the host_routes. If there is a default route in host_routes
then the next hop of the default route is also a gateway_ip.
In the check for all security groups on port belong to tenant,
add a filter to get security groups for the tenant which are in
common with the security groups of the port.
Abhishek Raut [Fri, 2 May 2014 01:16:33 +0000 (18:16 -0700)]
Fix network profile subtype validation in N1kv plugin
Network profile of type Trunk expects a subtype field for
creation. If a subtype is missing in the request body, plugin
should raise an exception. This patch fixes the validation logic
to detect missing subtype field.
Itsuro Oda [Mon, 21 Apr 2014 06:02:52 +0000 (15:02 +0900)]
Performance improvement of router routes operations
This patch fixes inefficiency of updating extra routes.
* remove the code repeated by every routes in validation check.
* remove searching a record to delete per record.
Note: Unit tests are covered by existing ones. So no unit test added.
Edgar Magana [Thu, 1 May 2014 20:25:45 +0000 (13:25 -0700)]
Add support to dynamically upload drivers in PLUMgrid plugin
PLUMgrid plugin will be able to dynamycally upload any of its available drivers.
It will simplify any CI testing by changing the configuration file for the plugin
instead of changing the code directly.
Kevin Benton [Thu, 1 May 2014 01:58:05 +0000 (18:58 -0700)]
Reference new get_engine() method from wsgi.py
wsgi.py referenced get_engine in neutron.openstack.common.db.sqlalchemy.session.
This method was removed from that file in commit 53609f29f3c8fcadc545afb891189253c07b33c3
change-id I0e1d86878d3eb924b01e04dced0f90b4e57757d8. This patch references the
replacement method added to neutron.db.api.
Henry Gessau [Mon, 28 Apr 2014 17:41:18 +0000 (13:41 -0400)]
Allow test_l3_agent unit test to run individually
When the test_l3_agent.TestL3AgentEventHandler test case is run
after test discovery it passes because discovery imports files
that registers all the config options. For the test case to run
individually we need to explicitly register the config options
used in the test.
Isaku Yamahata [Wed, 26 Feb 2014 02:36:56 +0000 (11:36 +0900)]
tests/unit: refactor reading neutron.conf.test
neutron.conf.test includes rpc_backend whose value is stashed.
Thus it is required to reset when tearing down, otherwise the stale status
will be used by succeeding tests causing random error.
This patch refactors reading neutron.conf.test and resets the status of
rpc_backend properly.
Joe Gordon [Tue, 29 Apr 2014 22:22:20 +0000 (15:22 -0700)]
Don't print duplicate messages on SystemExit
Don't log the error using LOG.error or LOG.exception and then
passing the same string to SystemExit since this will result in the
error being logged twice. Instead log the error and raise SystemExit(1).
Paul Michali [Fri, 4 Apr 2014 19:14:36 +0000 (19:14 +0000)]
Cisco VPN device driver - support IPSec connection updates
Provides support for IPSec connection updates and state changes. To do
this, the configuration of the connection is maintained, when the
connection is created. This is checked against the current settings, at
sync time, to determine whether a configuration change (as opposed to a
state change) has occurred.
If there is a change to the configuration detected, then the simple
approach is taken of deleting and then re-creating the connection, with
the new settings.
In addition, if the admin state of the connection changes, the tunnel
will be taken admin down/up, as needed. Admin down will occur if the
IPSec connection or the associated VPN service is set to admin down.
Admin up will occur, if both the IPSec connection and the VPN service
are in admin up state.
Added REST client method to allow changing the IPSec connection tunnel
to admin up/down (effectively doing a no-shut/shut on the tunnel I/F),
based on the above mentioned state.
Modified UTs for the support of IPSec connection update requests (used to
throw an "unsupported" exception), and to check that the configuration
and state changing are processed correctly.
Updated so that tunnel_ip is set in device driver, rather than hard
coding, and then overriding in REST client. Since device driver has the
same info, this will fit into future plans to obtain the info from
router, vs reading an .ini file. Revised UTs as well.
Code Review / openstack-build / neutron-build.git / log