Assaf Muller [Mon, 16 Mar 2015 19:43:24 +0000 (15:43 -0400)]
Don't delete HA router primary VIP on agent restarts
An HA router's primary VIP was being deleted from the router
namespace when the L3 agent is restarted. Make sure that
doesn't happen and change the functional test to make sure
the bug stays squashed.
Carl Baldwin [Thu, 13 Nov 2014 19:27:27 +0000 (12:27 -0700)]
Introduce External IPAM Interface
This introduces an interface for an external IPAM driver. Neutron needs to be
modified to make calls using it for its IPAM needs. Additionally, the default
IPAM interface must be written to implement this interface.
Pradeep Kilambi [Tue, 10 Feb 2015 22:42:20 +0000 (14:42 -0800)]
Expose Rest Api access to mtu attributes
Exposing Read only access to mtu attributes via the network
api calls so GET operations can be performed. Tied in the
mtu attribute with create network call and use the config
default. Also included unit tests to cover default and
override config case for segment_mtu attribute.
mamtap [Wed, 11 Mar 2015 12:43:44 +0000 (05:43 -0700)]
IBM SDN-VE Plugin decomposition
This addresses the changes in ml2 mech-driver
and l3 service plugin to comply with the
core-vendor-decomposition spec
The monolithic sdnve plugin will not be removed with this change
as it is still being used. Once the ml2 plugin is merged and the
older plugin becomes obsolete, it will be removed from the
neutron tree.
Eugene Nikanorov [Sat, 14 Mar 2015 20:35:08 +0000 (23:35 +0300)]
Handle DBDuplicateError exception properly when creating default sg
Previously, an exception was not caught in one of invocations
(create_network) of _ensure_default_security_group.
Move exception handling inside that method so it never fails
with such exception.
Kevin Benton [Thu, 12 Mar 2015 01:32:52 +0000 (18:32 -0700)]
Schedule net to a DHCP agt on subnet create
Change the DHCP notifier behavior to schedule a network
to a DHCP agent when a subnet is created rather than
waiting for the first port to be created.
This will reduce the possibility to get a VM port created
and have it send a DHCP request before the DHCP agent is
ready. Before, the network would be scheduled to an agent
as a result of the API call to create the VM port, so the
DHCP port wouldn't be created until after the VM port.
After this patch, the network will have been scheduled to
a DHCP agent before the first VM port is created.
There is still a possibility that the DHCP agent could be
responding so slowly that it doesn't create its port and
activate the dnsmasq instance before the VM sends traffic.
A proper fix will ensure that the dnsmasq instance is
truly ready to serve requests for a new port will require
significantly more code for barriers (either on the subnet
creation, port creation, or the nova boot process) are too
complex to add this late in the cycle.
This patch also eliminates the logic in the n1kv plugin that
was already doing the same thing.
This patch introduces an issue with the Tempest test. Already there was a similar patch that broke the tempest test for DVR.
This patch consistently failed to pass test_add_list_remove_router_on_l3_agent.
I would recommend to revert this patch until the tempest test is fixed.
Assaf Muller [Thu, 12 Mar 2015 23:50:24 +0000 (19:50 -0400)]
Move Unix domain socket helpers to a common place
As part of the all consuming report-ha-router-master, a new
per router neutron-keepalived-state-change daemon will alert
the L3 agent on every keepalived state change. Since it will
use the Unix domain socket helpers, and they're currently
located in metadata related places, this patch moves them
to a common location.
Also, the UnixDomainHTTPConnection connection string
may now be overridden.
Matthew Thode [Mon, 9 Feb 2015 17:02:58 +0000 (11:02 -0600)]
replaces enumeration method used to get a list of interfaces
ip_lib was parsing tunnel links incorrectly. We can create interface
names with any character the filesystem supports (not '..', '/', ':').
Given this we do not know what to delimit on so parsing iproute2 output
is probably not a good idea.
I asked the iproute2 devs what the proper way we should get interface
names is and was told NOT to parse iproute2 output but to use something
like sysfs instead. http://www.spinics.net/lists/netdev/msg316577.html
This patch pulls interfaces from sysfs (/sys/class/net) and verifies them
via checking if they are links (bonding creates files for instance and
needs to be skipped).
Currently it is not possible without jumping through a ton of hoops to
access a network namespace without iproute2 or cython, so we use ip to
run find to find the correct sysfs directory. We also only call out to
iproute2 _ONLY_ if needed.
ChuckC [Mon, 9 Mar 2015 00:51:09 +0000 (17:51 -0700)]
Prevent updating mac address of bound port
Currently, a port's mac address can be updated even if it is bound.
This fixes the _check_mac_update_allowed() call to pass just port update
attributes rather than the entire payload and fills in missing testing.
Maru Newby [Fri, 13 Mar 2015 18:17:29 +0000 (18:17 +0000)]
Set TEMPEST_CONFIG_DIR in the api tox env
TEMPEST_CONFIG_DIR needs to be set for the api job to execute
successfully. Previously this was being set by the gate but local
execution required manually setting the variable.
Sergey Belous [Mon, 9 Feb 2015 16:38:05 +0000 (19:38 +0300)]
Reduce db calls count in get_devices_details_list
Each Neutron agent will impose db calls to Neutron Server
to query devices, port and networks.
Network caching is added to reduce the number
of db calls on get_devices_details_list.
Added unit tests for the check caching.
Shiv Haris [Tue, 3 Feb 2015 01:58:53 +0000 (17:58 -0800)]
Brocade vendor code decomposition from neutron repo.
Brocade code decomposition of VDX mechanism driver,
includes moving out the driver and unit tests. Left
behind are the DB model for migration and config
Tim Swanson [Fri, 6 Feb 2015 23:49:49 +0000 (18:49 -0500)]
Add MTU selection & advertisement settings to Neutron config
neutron.conf parameter additions in support of MTU selection
and advertisement. Also, under ML2 group, add an additional
configuration params to optionally set the path and segment
MTU values as well as optionally map physnets to MTU values.
lzklibj [Thu, 26 Feb 2015 05:19:07 +0000 (21:19 -0800)]
fix check_ports_exist_on_l3agent in no subnet case
If no subnets attached to the given router, this check
should return False.
Currently, if no subnets attached to given router, the
following process in this method will fetch all ports
to continue its checking, consider those ports are not
related to the given router, the following checking
should be invalid.
To issue #1378066, after running "router-gateway-clear",
_schedule_router will be triggered, and the invalid
checking will make processing in get_candidates believe
that all l3-agents are valid to schedule this router,
and finally, invalid records are inserted into table
RouterL3AgentBindings.
Miguel Angel Ajo [Wed, 11 Mar 2015 12:23:20 +0000 (12:23 +0000)]
Fix netns-cleanup broken by ProcessMonitor refactor
Change I0da6071037f9728cc20403324e36c32116bcf00d broke the
netns-cleanup script. As the process_monitor parameter
is now mandatory for the dhcp driver.
Russell Bryant [Tue, 9 Dec 2014 21:59:20 +0000 (14:59 -0700)]
Set default of api_workers to number of CPUs
The current default for api_workers is 0. This patch changes it to
use the number of CPUs available, which is the default that will
provide best performance. This is consistent with some other
OpenStack service (Nova and Swift, at least, perhaps others).
Note that devstack is updated in another patch to ensure multiple API
workers is being tested for Neutron the same way it's tested for
several other services:
Eugene Nikanorov [Thu, 22 Jan 2015 12:54:29 +0000 (15:54 +0300)]
Refactor retry mechanism used in some DB operations
Use oslo_db helper that will allow to restart the whole
transaction in case it needs a certain operation to be repeated.
This is a workaround for the REPEATABLE READ problem where
retrying logic will not work because queries inside a transation
will not see updates made by other transactions.
So, run every attempt in a separate transaction.
Terry Wilson [Mon, 23 Feb 2015 20:56:44 +0000 (14:56 -0600)]
Add rootwrap daemon mode support
This patch introduces support for rootwrap daemon mode. It adds
a new config option, AGENT.root_helper_daemon with no default. To
enable, set to something like:
The patch currently assumes that the root_helper_daemon value, and specifically
the rootwrap config, will not change once calls to execute() happen. While it
would not be hard to generate a rootwrap daemon client for each new config, I
couldn't think of a legitimate reason to support it and left it out as YAGNI.
This patch does change the behavior of the addl_env argument to create_process
and execute. Previously, an environment dict would be passed to Popen. If
a root helper was used, this environemnt would actually be passed to 'sudo'
which would filter it before passing it to the underlying command. In the case
of daemon mode, this would cause a problem as the enviornment is filtered by
sudo only once, at daemon startup. Any environment variables added at execute
time would then just be passed directly to the underyling command unfiltered.
oslo.rootwrap 1.6.0 fixes this issue by denying the passing of environment
variables to the daemon altogether. Instead, anything using rootwrap and needing
to pass additional environment variables should define an EnvFilter and run the
command with env var=val cmd. utils.execute/create_process have been modified to
run code in this way (which netns.execute already did).
No code in neutron currently uses both run_as_root=True and addl_env, so this
change does not require any change in code or filters.
Break coupling between ML2 and L3 during create/update operations
This is an initial patch in a series that, by using an event framework,
cleans up the relationship between ML2 and L3, so that they are no longer
tightly coupled. A follow-up will take address the coupling during the
port delete operation.
The newly introduced notification hooks not only benefit the L3 service
plugin, but any other plugin that has an interest in knowing about port
events.
Long term, the notification bits can move in a more 'common' place so that
other plugins can take advantage of them, but as mentioned in a parent patch,
the perestroika is not quite there yet.
lzklibj [Wed, 11 Mar 2015 13:59:43 +0000 (06:59 -0700)]
Remove router binding with router-interface-delete
When "neutron router-interface-delete ROUTER subnet"
command is executed to delete a router interface, it
should check for dvr ports changing on nodes which
have their l3-agent binded to the router. And if there
is any node has no port related to the router, the
binding to the L3-agent should be removed from the
"RouterL3AgentBindings" table.
Ihar Hrachyshka [Thu, 26 Feb 2015 22:26:41 +0000 (23:26 +0100)]
Migrate to oslo.log
It's mostly a matter of changing imports to a new location.
Non-obvious changes needed:
* pass overwrite= argument to oslo_context since oslo.log reads context
from its thread local store and not local.store from incubator
* don't store context at local.store now that there is no code that
would consume it
* LOG.deprecated() -> versionutils.report_deprecated_feature()
* dropped LOG.audit check from hacking rule since now the method does
not exist
* WritableLogger is now located in oslo_log.loggers
Dropped log module from the tree. Also dropped local module that is now
of no use (and obsolete, as per oslo team).
Added versionutils back to openstack-common.conf since now we use the
module directly from neutron code and not just as a dependency of some
other oslo-incubator module.
Note: tempest tests are expected to be broken now, so instead of fixing
all the oslo.log related issues for the subtree in this patch, I only
added TODOs with directions for later fix.
Assaf Muller [Thu, 12 Mar 2015 02:11:33 +0000 (22:11 -0400)]
Stop using RPC namespace to unbreak rolling upgrades
This is a temporary patch until we get an Oslo messaging
release that supports Targets with multiple namespaces:
https://review.openstack.org/#/c/163673/
Code Review / openstack-build / neutron-build.git / log