]> review.fuel-infra Code Review - openstack-build/neutron-build.git/log
openstack-build/neutron-build.git
9 years agoFixed section of the rabbitmq credentials
Thomas Goirand [Thu, 23 Apr 2015 09:10:57 +0000 (11:10 +0200)]
Fixed section of the rabbitmq credentials

9 years agoAdded missing dnsmasq-neutron.conf in /etc/neutron
Thomas Goirand [Thu, 23 Apr 2015 07:25:44 +0000 (09:25 +0200)]
Added missing dnsmasq-neutron.conf in /etc/neutron

9 years agoFixed the fix for service_plugins
Thomas Goirand [Tue, 21 Apr 2015 09:10:53 +0000 (11:10 +0200)]
Fixed the fix for service_plugins

9 years agoFixed service_plugins directive.
Thomas Goirand [Tue, 21 Apr 2015 08:05:40 +0000 (10:05 +0200)]
Fixed service_plugins directive.

9 years agoAdded a debian/neutron-server.service.in
Thomas Goirand [Mon, 20 Apr 2015 21:14:44 +0000 (23:14 +0200)]
Added a debian/neutron-server.service.in

9 years agoDo not build-depends on lbaas
Thomas Goirand [Sun, 19 Apr 2015 21:17:05 +0000 (23:17 +0200)]
Do not build-depends on lbaas

9 years agoFixed (build-)depends versions for Jessie.
Thomas Goirand [Sat, 18 Apr 2015 19:55:42 +0000 (21:55 +0200)]
Fixed (build-)depends versions for Jessie.

9 years agoAdded a neutron-plugin-linuxbridge-agent
Thomas Goirand [Wed, 15 Apr 2015 16:17:58 +0000 (18:17 +0200)]
Added a neutron-plugin-linuxbridge-agent

9 years agoMerge branch 'debian/kilo' of git+ssh://git.debian.org/git/openstack/neutron into...
Thomas Goirand [Wed, 15 Apr 2015 16:17:15 +0000 (18:17 +0200)]
Merge branch 'debian/kilo' of git+ssh://git.debian.org/git/openstack/neutron into debian/kilo

Conflicts:
debian/control

9 years agoUsing the build dir for running tests.
Thomas Goirand [Wed, 15 Apr 2015 16:07:27 +0000 (18:07 +0200)]
Using the build dir for running tests.

9 years agoFixed (build-)depends for this release.
Thomas Goirand [Wed, 15 Apr 2015 14:52:18 +0000 (16:52 +0200)]
Fixed (build-)depends for this release.

9 years agoDelete obsolete patches.
Thomas Goirand [Wed, 15 Apr 2015 14:04:00 +0000 (16:04 +0200)]
Delete obsolete patches.

9 years agoDo not attempt to "fix" alembic migrations.
Thomas Goirand [Wed, 15 Apr 2015 14:02:41 +0000 (16:02 +0200)]
Do not attempt to "fix" alembic migrations.

9 years agoMerge tag '2015.1_rc1' into debian/kilo
Thomas Goirand [Wed, 15 Apr 2015 14:02:15 +0000 (16:02 +0200)]
Merge tag '2015.1_rc1' into debian/kilo

Neutron kilo-rc1 milestone (2015.1.0rc1)

9 years agoNow packaging Kilo rc1.
Thomas Goirand [Wed, 15 Apr 2015 14:02:06 +0000 (16:02 +0200)]
Now packaging Kilo rc1.

9 years agoBreaks and Replaces for the rename of neutron openvswitch and
gustavo panizzo [Fri, 10 Apr 2015 03:10:00 +0000 (11:10 +0800)]
Breaks and Replaces for the rename of neutron openvswitch and
linuxbridge agents.

9 years agorename neutron-plugin-[openvswitch|linuxbridge]-agent to
gustavo panizzo [Fri, 10 Apr 2015 02:28:18 +0000 (10:28 +0800)]
rename neutron-plugin-[openvswitch|linuxbridge]-agent to
neutron-[openvswitch|linuxbridge]-agent

9 years agoRevert "add -plugin- to the names of the lb and ovs agents"
gustavo panizzo [Thu, 9 Apr 2015 11:06:11 +0000 (19:06 +0800)]
Revert "add -plugin- to the names of the lb and ovs agents"

This reverts commit f17e5be3b8243764793bdc27e129c111e655f9f0.

9 years agoadd -plugin- to the names of the lb and ovs agents
gustavo panizzo [Thu, 9 Apr 2015 10:26:35 +0000 (18:26 +0800)]
add -plugin- to the names of the lb and ovs agents

9 years agodocument the changes on init.d scripts for ovs and lb agents
gustavo panizzo [Thu, 9 Apr 2015 09:30:12 +0000 (17:30 +0800)]
document the changes on init.d scripts for ovs and lb agents

9 years agodo not parse neutron.conf to know the core_plugin name in ovs and lb
gustavo panizzo [Wed, 8 Apr 2015 08:44:12 +0000 (16:44 +0800)]
do not parse neutron.conf to know the core_plugin name in ovs and lb
agent.

OVS and LB do not work as core_plugin since Juno, they need ML2 to work.

9 years agoMerge "Add simple ARP spoofing protection"
Jenkins [Thu, 9 Apr 2015 01:21:53 +0000 (01:21 +0000)]
Merge "Add simple ARP spoofing protection"

9 years agoMerge "Add missing config parameters in neutron.conf"
Jenkins [Wed, 8 Apr 2015 22:42:45 +0000 (22:42 +0000)]
Merge "Add missing config parameters in neutron.conf"

9 years agoMerge "Re-use context session in ML2 DB get_port_binding_host"
Jenkins [Wed, 8 Apr 2015 22:40:49 +0000 (22:40 +0000)]
Merge "Re-use context session in ML2 DB get_port_binding_host"

9 years agoMerge "Revert "IPv6 SLAAC subnet create should update ports on net""
Jenkins [Wed, 8 Apr 2015 20:39:59 +0000 (20:39 +0000)]
Merge "Revert "IPv6 SLAAC subnet create should update ports on net""

9 years agoMerge "Moving VLAN Transparency support from core to extension"
Jenkins [Wed, 8 Apr 2015 20:30:01 +0000 (20:30 +0000)]
Merge "Moving VLAN Transparency support from core to extension"

9 years agoRevert "IPv6 SLAAC subnet create should update ports on net"
armando-migliaccio [Wed, 8 Apr 2015 17:57:13 +0000 (10:57 -0700)]
Revert "IPv6 SLAAC subnet create should update ports on net"

This reverts commit 81f4469b620ec221f53d3ffb4d00b90896dc5ce1.

Change-Id: I63a392fccda29ceff3e91c0a4de741d263bd0e8e
Related-bug: #1441382
Related-bug: #1440183

9 years agoAdd missing config parameters in neutron.conf
Edgar Magana [Tue, 7 Apr 2015 05:57:06 +0000 (22:57 -0700)]
Add missing config parameters in neutron.conf

Include all missing configuration parameters already
integrated in Neutron code.

Change-Id: Iefa344a2f9ec2c74f6314e7c783ff3b213d76ea3
Closes-bug: #1438329

9 years agoMerge "Return from check_ports_exist_on_l3agent if no subnet found"
Jenkins [Wed, 8 Apr 2015 16:11:05 +0000 (16:11 +0000)]
Merge "Return from check_ports_exist_on_l3agent if no subnet found"

9 years agoMerge "Add ipset element and hashsize tunables"
Jenkins [Wed, 8 Apr 2015 15:57:10 +0000 (15:57 +0000)]
Merge "Add ipset element and hashsize tunables"

9 years agoMoving VLAN Transparency support from core to extension
Pritesh Kothari [Wed, 25 Mar 2015 18:34:05 +0000 (11:34 -0700)]
Moving VLAN Transparency support from core to extension

* Moving VLAN Transparency support from core to extension
* Remove the older unit tests and add new corresponding ones

DocImpact
Closes-Bug: #1434667

Change-Id: Ic551475ed7b64aad9627a57abb0df41acc19bfc1

9 years agoRe-use context session in ML2 DB get_port_binding_host
Dane LeBlanc [Sat, 4 Apr 2015 22:50:36 +0000 (18:50 -0400)]
Re-use context session in ML2 DB get_port_binding_host

This patch modifies ML2 DB get_port_binding_host method so that it
reuses the existing context session to do the database query
rather than creating a new database session.

Note that there are other methods in ML2 DB that do not re-use
the caller's session (get_port_from_device_mac() and
get_sg_ids_grouped_by_port()). These will be modified using
a separate bug (https://bugs.launchpad.net/neutron/+bug/1441205).
Change-Id: I8aafb0a70f40f9306ccc366e5db6860c92c48cce
Closes-Bug: #1440183

9 years agoMerge "linuxbridge UT: Fix a regression of the recent ip_lib change"
Jenkins [Wed, 8 Apr 2015 15:09:25 +0000 (15:09 +0000)]
Merge "linuxbridge UT: Fix a regression of the recent ip_lib change"

9 years agoMerge "Remove tests from HA routers test framework"
Jenkins [Wed, 8 Apr 2015 05:37:22 +0000 (05:37 +0000)]
Merge "Remove tests from HA routers test framework"

9 years agoMerge "Fix intermittent UT failures in test_utils"
Jenkins [Wed, 8 Apr 2015 04:40:45 +0000 (04:40 +0000)]
Merge "Fix intermittent UT failures in test_utils"

9 years agoFix intermittent UT failures in test_utils
armando-migliaccio [Tue, 7 Apr 2015 22:37:59 +0000 (15:37 -0700)]
Fix intermittent UT failures in test_utils

Change eba4c2941ee introduced these tests. However they are not that useful as they
simply mimick the code, without really ensuring that the behavior is expected, so
they provide negative value ([1]), plus, they fail randomly.

This patch removes them in favor of a more useful functional check.

[1] http://googletesting.blogspot.com/2015/01/testing-on-toilet-change-detector-tests.html

Closes-bug: #1441347

Change-Id: I8a321995295deef7f6d30be303486be491e2771f

9 years agoMerge "Enhance TESTING.rst"
Jenkins [Tue, 7 Apr 2015 22:19:56 +0000 (22:19 +0000)]
Merge "Enhance TESTING.rst"

9 years agoMerge "Remove check for bash usage"
Jenkins [Tue, 7 Apr 2015 21:26:04 +0000 (21:26 +0000)]
Merge "Remove check for bash usage"

9 years agoMerge "Stop using deprecated DEFAULT group for lock_path"
Jenkins [Tue, 7 Apr 2015 18:38:52 +0000 (18:38 +0000)]
Merge "Stop using deprecated DEFAULT group for lock_path"

9 years agoMerge "Fix dynamic arp populate error for dvr routers"
Jenkins [Tue, 7 Apr 2015 18:28:26 +0000 (18:28 +0000)]
Merge "Fix dynamic arp populate error for dvr routers"

9 years agoEnhance TESTING.rst
Maru Newby [Tue, 24 Mar 2015 19:45:46 +0000 (19:45 +0000)]
Enhance TESTING.rst

Add detail about api testing and provide better visual separation
between the different types of testing.

The current testing guidelines are mainly about running tests, and
this change does little to fix that.  The intention is to add detail
about writing tests in subsequent changes.

Change-Id: I39d0439c91e5c6edb1d48d4da310443c99fb6d9e

9 years agoRemove check for bash usage
Maru Newby [Tue, 7 Apr 2015 15:00:25 +0000 (15:00 +0000)]
Remove check for bash usage

Arbitrarily restricting ourselves from using bash because developers on
platforms like netbsd don't want to install bash from ports doesn't
make sense.  Any non-trivial shell script is likely to use features
like arrays or string manipulation that are poorly supported (if at
all) by sh, and the continued bumping of the number of expected bash
scripts is an indication that the check is not serving its purpose
anyway.

Along with removing the check, all shebang references to /bin/bash
have been replaced with /usr/bin/env bash in an attempt to be more
compatible across different hosts.

Change-Id: Ief72dc380cc88af38959c330897e2c127e33c332
Closes-Bug: #1440824

9 years agoReturn from check_ports_exist_on_l3agent if no subnet found
Ed Bak [Mon, 9 Feb 2015 23:13:18 +0000 (23:13 +0000)]
Return from check_ports_exist_on_l3agent if no subnet found

The call to get_subnet_ids_on_router can return an empty list.
If the subnet_ids list is empty, the subsequent call to get
the ports on a subnet returns all ports.  If this occurs
when doing a remove_router_interface, the performance
of a remove_router_interface degrades significantly.  This change
returns immediately from check_ports_exist_on_l3agents if no
subnet is found.  A new unit test has been added to cover
the specific case of returning immediately without calling
get_ports when a remove_router_interface operation is performed.

Change-Id: I247d3bae152ab4f8ab7e00bd24d878eb08dca1ba
Closes-Bug: #1420032
Depends-On: I15bbf16fd4378c6431e9da8942d0968e7a012a91

9 years agoRemove tests from HA routers test framework
Assaf Muller [Tue, 7 Apr 2015 03:56:15 +0000 (23:56 -0400)]
Remove tests from HA routers test framework

The framework class should not contain tests. Running the module
was running an additional 9 tests that should not have been run.

Change-Id: Iabc6367e8bfda18e395d1a19809b07507200003d

9 years agolinuxbridge UT: Fix a regression of the recent ip_lib change
YAMAMOTO Takashi [Wed, 18 Mar 2015 04:27:15 +0000 (13:27 +0900)]
linuxbridge UT: Fix a regression of the recent ip_lib change

A recently merged change, I07d1d297f07857d216649cccf717896574aac301,
changed IPWrapper.get_devices to use /sys instead of executing ip command.
Unfortunately it broke linuxbridge unit tests, which seems to assume that
mocking utils.execute is enough in some places.  This commit fixes the
regression.

Closes-Bug: #1433417
Related-Bug: #1374663
Change-Id: I9570abe703b438a3fc358f747e25d023934d1ffd

9 years agoFix dynamic arp populate error for dvr routers
Swaminathan Vasudevan [Fri, 3 Apr 2015 00:25:39 +0000 (17:25 -0700)]
Fix dynamic arp populate error for dvr routers

Recent refactor to the L3 Agent have introduced
this problem. When we create a VM after we
attach an interface to a router or when we add
an interface with an existing VM to a router, in
both cases the arp entries for the dvr serviced
ports are not getting populated in the Router
Namespace.

Closes-Bug: #1438969

Change-Id: I4a82e2435d176f3d9336d7f0dab9726c063840b9
Co-authored-by: Armando Migliaccio <armamig@gmail.com>
9 years agoReorganize plugin test modules
Maru Newby [Mon, 6 Apr 2015 21:53:39 +0000 (21:53 +0000)]
Reorganize plugin test modules

This change moves plugin test modules to conform to the new rules on
unit test tree structure (see TESTING.rst).

Vendor plugin paths continue to be ignored, and unit test modules that
test features instead of modules are also ignored pending their
removal to the functional test tree.

Change-Id: I482c377ca72ffd58692ad84bd9692356513e4c98
Closes-Bug: #1440834

9 years agoMerge open source plugin test code modules
Maru Newby [Mon, 6 Apr 2015 21:51:23 +0000 (21:51 +0000)]
Merge open source plugin test code modules

The unit test reorg is about moving files around so a test module is
clearly associated with the code module it targets, but the test
modules in this change needed to be manually merged because they both
targeted the same module.

Change-Id: I80f4b97fadd318896e7fa4e7e7e939f924127b2a
Partial-Bug: #1440834

9 years agoReorganize unit test tree
Maru Newby [Sat, 4 Apr 2015 00:22:05 +0000 (00:22 +0000)]
Reorganize unit test tree

This change ensures that the structure of the unit test tree matches
that of the code tree to make it obvious where to find tests for a
given module.  A check is added to the pep8 job to protect against
regressions.

The plugin test paths are relocated to neutron/tests/unit/plugins
but are otherwise ignored for now.

Change-Id: If307593259139171be21a71c58e3a34bf148cc7f
Partial-Bug: #1440834

9 years agoMerge "Fix docstring for l3_dvr_db.dvr_vmarp_table_update"
Jenkins [Mon, 6 Apr 2015 22:33:45 +0000 (22:33 +0000)]
Merge "Fix docstring for l3_dvr_db.dvr_vmarp_table_update"

9 years agoMerge "Allow metadata proxy running with nobody user/group"
Jenkins [Mon, 6 Apr 2015 21:12:33 +0000 (21:12 +0000)]
Merge "Allow metadata proxy running with nobody user/group"

9 years agoAdd ipset element and hashsize tunables
Brian Haley [Fri, 3 Apr 2015 01:11:06 +0000 (21:11 -0400)]
Add ipset element and hashsize tunables

Recently, these messages have been noticed in both tempest
logs, as well as reported by downstream users syslog:

  Set IPv4915d358d-2c5b-43b5-9862 is full, maxelem 65536 reached

So the default of 64K is not sufficient enough.

This change adds two config options to control both the number
of elements as well as the hashsize, since they should be
tuned together for best performance.  Slightly different
formats were required for 'ipset create' and 'ipset restore'.

The default values for these are now set to 131072 (maxelem) and
2048 (hashsize), which is an increase over their typical default values
of 65536/1024 (respectively), in order to fix the errors seen in
the tempest tests.

DocImpact

Change-Id: Ic0b5b38a840e737dc6be938230f4052974c8620f
Closes-bug: #1439817

9 years agoAllow metadata proxy running with nobody user/group
Cedric Brandily [Tue, 17 Mar 2015 15:20:07 +0000 (15:20 +0000)]
Allow metadata proxy running with nobody user/group

Currently metadata proxy cannot run with nobody user/group as metadata
proxy requires to connect to metadata_proxy_socket when queried.

This change allows to run metadata proxy with nobody user/group by
allowing to choose the metadata_proxy_socket mode with the new option
metadata_proxy_socket_mode (4 choices) in order to adapt socket
permissions to metadata proxy user/group.

This change refactors also where options are defined to enable
metadata_proxy_user/group options in the metadata agent.

In practice:
* if metadata_proxy_user is agent effective user or root, then:
  * metadata proxy is allowed to use rootwrap (unsecure)
  * set metadata_proxy_socket_mode = user (0o644)
* else if metadata_proxy_group is agent effective group, then:
  * metadata proxy is not allowed to use rootwrap (secure)
  * set metadata_proxy_socket_mode = group (0o664)
  * set metadata_proxy_log_watch = false
* else:
  * metadata proxy has lowest permissions (securest) but metadata proxy
    socket can be opened by everyone
  * set metadata_proxy_socket_mode = all (0o666)
  * set metadata_proxy_log_watch = false

An alternative is to set metadata_proxy_socket_mode = deduce, in such
case metadata agent uses previous rules to choose the correct mode.

DocImpact
Closes-Bug: #1427228
Change-Id: I235a0cc4f0cbd55ae4ec1570daf2ebbb6a72441d

9 years agoSkip example retargetable functional test
Maru Newby [Mon, 6 Apr 2015 16:28:00 +0000 (16:28 +0000)]
Skip example retargetable functional test

The example retargetable test that previously ran as part of the
functional suite is now skipped due to the fullstack example's db
fixture usage causing the test to fail if it the fullstack example
runs first on the same worker.

Change-Id: I0a34f9ba04c53a4291698be819070c66009c8b4a
Related-Bug: #1440797

9 years agoMerge "Prepare for unit test reorg"
Jenkins [Mon, 6 Apr 2015 13:37:14 +0000 (13:37 +0000)]
Merge "Prepare for unit test reorg"

9 years agoMerge "Store and log correct exception info"
Jenkins [Sun, 5 Apr 2015 05:43:37 +0000 (05:43 +0000)]
Merge "Store and log correct exception info"

9 years agoMerge "Always run dnsmasq as root"
Jenkins [Sun, 5 Apr 2015 05:40:37 +0000 (05:40 +0000)]
Merge "Always run dnsmasq as root"

9 years agoMerge "Move network MTU from core REST API to extension API"
Jenkins [Sat, 4 Apr 2015 20:13:55 +0000 (20:13 +0000)]
Merge "Move network MTU from core REST API to extension API"

9 years agoMerge "Refactoring cleanup for L3 agent callbacks"
Jenkins [Sat, 4 Apr 2015 04:55:20 +0000 (04:55 +0000)]
Merge "Refactoring cleanup for L3 agent callbacks"

9 years agoPrepare for unit test reorg
Maru Newby [Fri, 3 Apr 2015 23:42:31 +0000 (23:42 +0000)]
Prepare for unit test reorg

The unit test reorg is about moving files around so a test module is
clearly associated with the code module it targets, but the test
modules in this change needed to be manually merged because they both
targeted the same module.

test_api_v2 is also updated to use the path of neutron/tests/base.py
as the root of path to test implementations of extensions.

Change-Id: I432b84339e51c26ef0aa26d44e29b5a3311626ad
Implements: bp/reorganize-unit-test-tree

9 years agoMerge "Add API tests for subnet-create with subnetpool"
Jenkins [Fri, 3 Apr 2015 23:34:24 +0000 (23:34 +0000)]
Merge "Add API tests for subnet-create with subnetpool"

9 years agoMerge "Support multiple IPv6 prefixes on internal router ports"
Jenkins [Fri, 3 Apr 2015 21:49:21 +0000 (21:49 +0000)]
Merge "Support multiple IPv6 prefixes on internal router ports"

9 years agoMerge "Make L3 agent honor periodic_interval setting"
Jenkins [Fri, 3 Apr 2015 21:43:51 +0000 (21:43 +0000)]
Merge "Make L3 agent honor periodic_interval setting"

9 years agoRemove orphaned nuage unit test module
Maru Newby [Fri, 3 Apr 2015 17:26:33 +0000 (17:26 +0000)]
Remove orphaned nuage unit test module

Change I6d02df85c7a2c307ad11442d0afdd50c64210af4 implemented the
plugin decomp for nuage but one of the unit tests was missed.

Change-Id: I37e1b3f6645b5f7730218d5ef08ca28f72b91883

9 years agoMerge "IPv6 SLAAC subnet create should update ports on net"
Jenkins [Fri, 3 Apr 2015 16:46:02 +0000 (16:46 +0000)]
Merge "IPv6 SLAAC subnet create should update ports on net"

9 years agoAdd API tests for subnet-create with subnetpool
zengfagao [Thu, 2 Apr 2015 16:44:53 +0000 (09:44 -0700)]
Add API tests for subnet-create with subnetpool

With subnetpool, we can create subnet with subnetpool.
User can specify CIDR or prefixlen for subnet allocation.
If neither is specified, CIDR will be chosen from the
pool using the default-prefixlen of the pool.

Change-Id: I2c4d81496e10826bed83a977ff0398f781d16c33
Partially-Implements: blueprint subnet-allocation

9 years agoRefactoring cleanup for L3 agent callbacks
Paul Michali [Wed, 1 Apr 2015 17:47:43 +0000 (13:47 -0400)]
Refactoring cleanup for L3 agent callbacks

This commit completes the refactoring of the L3 agent callback mechanism.
The goal here is to also use the neutron/callbacks/ mechanism for L3 agent
notifications, instead of have two mechanisms.

[1] modified the L3 agent to send notifiactions for router create, udpate,
and delete events, using the neutron/callbacks/ mechanism.

[2] modified VPN to use this new mechanism, instead of the L3EventObservers
mechanism. Note:

[3] modified FW repo to no longer depended on the L3EventObserver and
related objects (it doesn't currently use the event notifications).

This commit removes the notifications for the L3EventObservers mechanism,
removed the related modules and tests, and adds in tests to verify that the
new notifications are called for the different events.

Once [1] and [2] are upstreamed, this commit can proceed.

Refs:
[1] https://review.openstack.org/#/c/164466/
[2] https://review.openstack.org/#/c/165226/
[3] https://review.openstack.org/#/c/167275/

Change-Id: I7c4b4ea5f9fb19abb812665cdae5fb70c84fe3ec
Depends-On: If5040a827a6903cc7cb5e59cdb7fb95f61b13d47
Closes-Bug: #1433552

9 years agoDo not load the LBaaS plugin by default.
Thomas Goirand [Fri, 3 Apr 2015 14:13:50 +0000 (16:13 +0200)]
Do not load the LBaaS plugin by default.

9 years agoImported Translations from Transifex
OpenStack Proposal Bot [Fri, 3 Apr 2015 06:13:58 +0000 (06:13 +0000)]
Imported Translations from Transifex

For more information about this automatic import see:
https://wiki.openstack.org/wiki/Translations/Infrastructure

Change-Id: I7ce3288f62fdd9ffae81c47f3bc1a359833839e4

9 years agoMerge "Add index for port"
Jenkins [Fri, 3 Apr 2015 03:32:07 +0000 (03:32 +0000)]
Merge "Add index for port"

9 years agoSupport multiple IPv6 prefixes on internal router ports
Andrew Boik [Mon, 23 Mar 2015 15:21:11 +0000 (11:21 -0400)]
Support multiple IPv6 prefixes on internal router ports

(Patch set #3 for the multiple-ipv6-prefixes blueprint)

Provides support for adding multiple IPv6 subnets to an internal router
port. The limitation of one IPv4 subnet per internal router port
remains, though a port may contain one IPv4 subnet with any number of
IPv6 subnets.

This changes the behavior of both the router-interface-add and
router-interface-delete APIs. When router-interface-add is called with
an IPv6 subnet, the subnet will be added to an existing internal port
on the router with the same network ID if the existing port already has
one or more IPv6 subnets. Otherwise, a new port will be created on the
router for that subnet. When calling the router-interface-add with a
port (one that has already been created using the port-create command),
that port will be added to the router if it meets the following
conditions:

        1. The port has no more than one IPv4 subnet.
        2. If the port has any IPv6 subnets, it must not have the same
           network ID as an existing port on the router if the existing
           port has any IPv6 subnets.

If the router-interface-delete command is called with a subnet, that
subnet will be removed from the router port to which it belongs. If the
subnet is the last subnet on a port, the port itself will be deleted
from the router. If the router-interface-delete command is called with
a port, that port will be deleted from the router.

This change also allows the RADVD configuration to support advertising
multiple prefixes on a single router interface.

DocImpact

Change-Id: I7d4e8194815e626f1cfa267f77a3f2475fdfa3d1
Closes-Bug: #1439824
Partially-implements: blueprint multiple-ipv6-prefixes

9 years agoMerge "Fix functional test using local timeout value"
Jenkins [Fri, 3 Apr 2015 03:07:30 +0000 (03:07 +0000)]
Merge "Fix functional test using local timeout value"

9 years agoMerge "Add API tests for Neutron DVR extension"
Jenkins [Fri, 3 Apr 2015 03:07:16 +0000 (03:07 +0000)]
Merge "Add API tests for Neutron DVR extension"

9 years agoFix functional test using local timeout value
Maru Newby [Fri, 3 Apr 2015 01:10:07 +0000 (01:10 +0000)]
Fix functional test using local timeout value

The ovsdb monitor test was using a timeout of 60s for monitor start.
This change sets the timeout to the global timeout value if it is
greater (it's 90s currently).

Closes-bug: #1439914

Change-Id: I95ee3d7dfdb5f010347a9d8db1b2bf610c0289d1

9 years agoAdd index for port
shihanzhang [Tue, 31 Mar 2015 08:14:12 +0000 (16:14 +0800)]
Add index for port

This patch will speed up SELECTs Port with filters by
'network_id + device_owner' and 'network_id + mac_address'.

Closes-bug: #1421089

Change-Id: Ied90b6304df971a6049871f65df3e1aaee624647

9 years agoMerge "Refactoring of L3 agent notifications for router"
Jenkins [Thu, 2 Apr 2015 20:35:46 +0000 (20:35 +0000)]
Merge "Refactoring of L3 agent notifications for router"

9 years agoAlways run dnsmasq as root
Hong Hui Xiao [Thu, 2 Apr 2015 15:24:35 +0000 (08:24 -0700)]
Always run dnsmasq as root

Regarding https://review.openstack.org/#/c/145829/
The old code of DnsMasq will always get root_helper from
neutron.agent.dhcp.agent.
However, new code will only set run_as_root when namespace
is used. That will cause permission error when namespace
is disabled and dnsmasq need to be started.

Change-Id: Ib00d6e54dba44dbbbec158b9e0518e6e42baceec
Closes-Bug: #1428007

9 years agoMerge "Remove auto deletion of routers in unit tests"
Jenkins [Thu, 2 Apr 2015 19:02:46 +0000 (19:02 +0000)]
Merge "Remove auto deletion of routers in unit tests"

9 years agoMerge "No IPv6 SLAAC addrs for create router intf without fixed_ips"
Jenkins [Thu, 2 Apr 2015 17:41:57 +0000 (17:41 +0000)]
Merge "No IPv6 SLAAC addrs for create router intf without fixed_ips"

9 years agoMove network MTU from core REST API to extension API
Tim Swanson [Tue, 31 Mar 2015 16:13:16 +0000 (12:13 -0400)]
Move network MTU from core REST API to extension API

The network MTU was added to the core REST API via
https://review.openstack.org/#/c/154921.  This commit
reverts that change and adds the network MTU to the
extension API.

Change-Id: I7a7d679f471ced3230f230684d5ae9789bcca305
Closes-bug: 1434671

9 years agoRefactoring of L3 agent notifications for router
Paul Michali [Thu, 26 Mar 2015 12:01:58 +0000 (08:01 -0400)]
Refactoring of L3 agent notifications for router

The goal of this refactoring is to reduce duplication by
replacing the L3EventObservers mechanism (a specific
mechanism for L3 agent notifications), with the
CallbacksManager mechanism (a more general mechanism
currently in use), so that there is one method
used.

This is the first part of refactoring the L3 agent so that
it uses the new neutron.callbacks mechanism. To do this,
duplicate calls will be made for notifications related to
the router, only using the new callback mechanism.

This commit does two things. First, it puts in place the
notifiers for the new callback mechanism. Second, it updates
the metatdata proxy agent (which is in the same repo) to
use the new callback mechanism.

Later commits will update other repos from the old to new
callback mechanism, and to then remove the old callback
mechanism, once no longer used.

Change-Id: If134947957fd671aa99a0b2d2b37f7ec65e37766
Partial-Bug: #1433552

9 years agoFix docstring for l3_dvr_db.dvr_vmarp_table_update
Assaf Muller [Thu, 2 Apr 2015 14:59:00 +0000 (10:59 -0400)]
Fix docstring for l3_dvr_db.dvr_vmarp_table_update

Change-Id: I783b0357833cda0e5143581284be720e5d4f3a97

9 years agoMerge "Treat all negative quota values as -1"
Jenkins [Thu, 2 Apr 2015 14:53:26 +0000 (14:53 +0000)]
Merge "Treat all negative quota values as -1"

9 years agoMerge "Move orphaned api test - deux"
Jenkins [Thu, 2 Apr 2015 12:44:32 +0000 (12:44 +0000)]
Merge "Move orphaned api test - deux"

9 years agoTreat all negative quota values as -1
Sudipta Biswas [Thu, 2 Apr 2015 09:36:35 +0000 (15:06 +0530)]
Treat all negative quota values as -1

Currently if the quota_port, quota_network, quota_subnet values
in the neutron.conf are set to a negative value not equal to -1,
neutron reports the values as is to consumers like Nova.
Nova treats -1 as the infinite quota indicator and doesn't expect
neutron to return any other non-negative value.

The fix allows the flexibility of having any negative number for the
quota parameters in the neutron.conf file and allows the nova boot
to succeed subsequently. The fix would report any negative value
as -1 for port, subnet and network.

Change-Id: Ib9a7136b0bfd01bdf04a5d0937854590029b1010
Closes-Bug: 1438738
Co-Authored-By: Salvatore Orlando <salv.orlando@gmail.com>
9 years agoMerge "Allow metadata proxy to log with nobody user/group"
Jenkins [Thu, 2 Apr 2015 11:39:27 +0000 (11:39 +0000)]
Merge "Allow metadata proxy to log with nobody user/group"

9 years agoMerge "Update .coveragerc after the removal of Cisco Nexus monolithic plugin"
Jenkins [Thu, 2 Apr 2015 07:16:58 +0000 (07:16 +0000)]
Merge "Update .coveragerc after the removal of Cisco Nexus monolithic plugin"

9 years agoMove orphaned api test - deux
armando-migliaccio [Thu, 2 Apr 2015 00:52:01 +0000 (17:52 -0700)]
Move orphaned api test - deux

According to changes [1,2], API tests' new home is under neutron/tests/api.
Change 92d2054f8a slipped through the cracks. It seems also that wrong
imports lead to tests silently dropped (i.e. not executed). This patch
rectifies the issue.

 [1] https://review.openstack.org/#/c/169850/
 [2] https://review.openstack.org/#/c/167320/

Change-Id: I64be376d7cff9512bd027720116dc039831e7955

9 years agoMerge "Fix error raising in security groups method"
Jenkins [Thu, 2 Apr 2015 02:24:04 +0000 (02:24 +0000)]
Merge "Fix error raising in security groups method"

9 years agoMerge "Add missing neutron/tests/unit/agent/common/__init__.py"
Jenkins [Thu, 2 Apr 2015 02:23:52 +0000 (02:23 +0000)]
Merge "Add missing neutron/tests/unit/agent/common/__init__.py"

9 years agoIPv6 SLAAC subnet create should update ports on net
Dane LeBlanc [Tue, 3 Mar 2015 03:03:10 +0000 (22:03 -0500)]
IPv6 SLAAC subnet create should update ports on net

If ports are first created on a network, and then an IPv6 SLAAC
or DHCPv6-stateless subnet is created on that network, then the
ports created prior to the subnet create are not getting
automatically updated (associated) with addresses for the
SLAAC/DHCPv6-stateless subnet, as required.

Change-Id: I5901db6655c045c0e78c7cb7fc51ce8c9a9e1933
Closes-Bug: 1427474

9 years agoAdd API tests for Neutron DVR extension
armando-migliaccio [Tue, 24 Mar 2015 18:30:08 +0000 (11:30 -0700)]
Add API tests for Neutron DVR extension

This patch adds a number of positive and negative tests for
the DVR functionality implemented by Neutron.

Generated using:

./tools/copy_api_tests_from_tempest.sh [path to tempest working directory]

Change-Id: Ia300b736250249ba54bd8fefa1307e6898f71652

9 years agoMerge "Define bridge/port fixtures for OVS/LinuxBridge/Veth backends"
Jenkins [Wed, 1 Apr 2015 22:40:23 +0000 (22:40 +0000)]
Merge "Define bridge/port fixtures for OVS/LinuxBridge/Veth backends"

9 years agoMerge "Update core reviewer responsibilities"
Jenkins [Wed, 1 Apr 2015 22:40:08 +0000 (22:40 +0000)]
Merge "Update core reviewer responsibilities"

9 years agoMerge "Add API tests for subnetpool allocation"
Jenkins [Wed, 1 Apr 2015 21:54:16 +0000 (21:54 +0000)]
Merge "Add API tests for subnetpool allocation"

9 years agoMerge "Implement default subnet pool configuration settings"
Jenkins [Wed, 1 Apr 2015 21:54:03 +0000 (21:54 +0000)]
Merge "Implement default subnet pool configuration settings"

9 years agoMerge "Move orphaned api test"
Jenkins [Wed, 1 Apr 2015 21:46:56 +0000 (21:46 +0000)]
Merge "Move orphaned api test"

9 years agoMerge "Fix reference to non-existent setup_dvr_flows_on_integ_tun_br"
Jenkins [Wed, 1 Apr 2015 21:21:48 +0000 (21:21 +0000)]
Merge "Fix reference to non-existent setup_dvr_flows_on_integ_tun_br"

9 years agoAdd missing neutron/tests/unit/agent/common/__init__.py
Cedric Brandily [Wed, 1 Apr 2015 20:43:13 +0000 (22:43 +0200)]
Add missing neutron/tests/unit/agent/common/__init__.py

neutron/tests/unit/agent/common directory defines tests but is not a
valid python2 package: __init___.py is missing.

Change-Id: Ida0055b64c23c4af3f4cdce2a777b19418451f33

9 years agoAllow metadata proxy to log with nobody user/group
Cedric Brandily [Tue, 3 Mar 2015 22:26:52 +0000 (22:26 +0000)]
Allow metadata proxy to log with nobody user/group

Currently metadata proxy cannot run with nobody user/group as
metadata proxy (as other services) uses WatchedFileHandler handler to
log to file which does not support permissions drop (the process must
be able to r/w after permissions drop to "watch" the file).

This change allows to enable/disable log watch in metadata proxies with
the new option metadata_proxy_log_watch. It should be disabled when
metadata_proxy_user/group is not allowed to read/write metadata proxy
log files. Option default value is deduced from metadata_proxy_user:

* True if metadata_proxy_user is agent effective user id/name,
* False otherwise.

When log watch is disabled and logrotate is enabled on metadata proxy
logging files, 'copytruncate' logrotate option must be used otherwise
metadata proxy logs will be lost after the first log rotation.

DocImpact
Change-Id: I40a7bd82a2c60d9198312fdb52e3010c60db3511
Partial-Bug: #1427228