Hong Hui Xiao [Wed, 4 Nov 2015 06:44:43 +0000 (01:44 -0500)]
Kill the vrrp orphan process when (re)spawn keepalived
When keepalived crashed unexpectedly, the vrrp process that
it associates with will be orphan process. This will make
the VIP unable to migrate to the router in the same host.
Also, neutron code is not able to respawn the keepalived
process, because keepalived thinks itself is still running,
according to [1-3]. As a result, neutron will report respawning
keepalived all the time. Restart l3-agent will not help.
This patch will check and delete the orphan vrrp process
if there is any, in the processmonitor of l3 agent.
More details can be found in the bug description and comments.
AKamyshnikova [Wed, 16 Dec 2015 12:32:45 +0000 (15:32 +0300)]
Fix comparison of Variant and other type in test_model_sync
Tests TestModelsMigrations failed on comparation Variant type and
BigInteger after alembic 0.8.4 release.
Current change corrected compare_type for such case.
Right now we have seen some performance issues when
dvr routers are scheduled on multiple compute nodes
with thousands of VMs on the routed subnets.
The _get_candidates call get_l3_agent_candidates with
a complete list of agents irrespective of the routers
already hosted on the agents or not.
So this fix will reduce the amount of iterations that
get_l3_agent_candidates need to process for all the
agents and would increase the control plane performance.
Kevin Benton [Fri, 11 Dec 2015 17:56:01 +0000 (09:56 -0800)]
Separate rbac calculation from _make_network_dict
When a subnet dict was being created, it was calling
_make_network_dict to get the 'shared' flag for the
subnet. The issue with this is that the _make_network_dict
function would iterate over the subnets on the passed in
network object, which would trigger a database lookup
of all of the subnets.
This patch just separates the 'shared' flag calculation out
into a separate function that both calls can leverage.
Ryan Tidwell [Sat, 10 Oct 2015 00:07:51 +0000 (17:07 -0700)]
Add explicit address family to AddressScope
Adds an ip_version field for enforcing an address family on
an AddressScope. All SubnetPools in an AddressScope must be
from the same address family. A SubnetPool cannot be created
in an AddressScope with a different address family.
Oleg Bondarev [Thu, 22 Oct 2015 10:23:21 +0000 (13:23 +0300)]
DVR: handle dvr serviceable port's host change
When a VM port's host is changed we need to check if a router
should be unscheduled from old host and send corresponding
notifications.
commit d5a8074ec3c67ed68e64a96827da990f1c34e10f added such
a check when port is unbound. This patch adds similar check
in case of host change (instance live migration)
Paul Michali [Mon, 7 Dec 2015 20:05:35 +0000 (15:05 -0500)]
Removing adv svcs dependencies on neutron
After upstreaming Idcfeee6ddc2982fff49f44064c918bfd4627be12 and
I62bfd6b34c381427425ca2a656e5782087de3a3b, we can remove items
from Neutron.
Specifically, LOADBALANCER_PLUGIN and LOADBALANCER_AGENT are not
used now. FIREWALL_PLUGIN is used in one module, so moved there.
The LOADBALANCER constant is only used in test files, but it is
used in multiple files, so leaving it. LOADBALANCERV2 is only used
in the header it is defined, so leaving it as well.
In the FW and LB repos, there are no longer dependency on these literals.
fumihiko kakuma [Wed, 9 Dec 2015 04:00:39 +0000 (13:00 +0900)]
Decompose OFAgent mechanism driver from neutron tree completely
All 3rd-party code is required to be removed from the neutron tree.
This change removes definition for ofagent mechanism driver from
neutron repository.
When the neutron notification to nova was updated to use novaclient the
nova_url parameter was disabled. This prevents administrators from
using anything but the publicURL as the proper endpoint to notify nova.
This patch adds an option to pass on to novaclient for the
endpoint_type so that the administrator can set the notification url to
public, internal or admin.
Change-Id: I405f761944449cab6b8c8895f98419f79cd74cad
Closes-Bug: #1478471
DocImpact: Need to add a new option to the neutron configuration
reference.
Brandon Logan [Wed, 9 Dec 2015 00:24:28 +0000 (18:24 -0600)]
Force service provider relationships to load
A race condition was exposed in the LBaaS V2 db layer that was caused by a
hack to get around this issue. The real issue is that since the
ProviderResourceAssociation is inserted independently, any models that were
created before this insert will not have their relationship with the
ProviderResourceAssocation loaded. Using the session.expire_all method will
force the session to retrieve all new data and load this relationship for any
resource that uses this relationship.
Ensure that event handlers are invoked upon completion of
ML2 operations which add or remove tracked resources.
Also validate that the event handlers are called for the
appropriate resources and that quota usage's dirty bit
is set and unset as expected.
These are not unit tests, but added in the unit test tree
as they leverage code both from the DB unit test and the ML2
unit test framework. This module has indeed been added to
the 'exclusion list' in check_unit_test_structure.sh, and
should be moved to the functional test tree together with
the other modules.
Assaf Muller [Thu, 12 Mar 2015 02:52:49 +0000 (22:52 -0400)]
Add explanations and examples to TESTING.rst
* Added motivation paragraph
* Added definitions and an explanation about the scope of the
test vs. the test infrastructure it uses
* Added content and examples to unit & functional tests sections
This adds the CORS support middleware to Neutron, allowing a deployer
to optionally configure rules under which a javascript client may
break the single-origin policy and access the API directly.
For neutron, both the paste.ini and the direct-wrap method of
deploying the middleware were chosen, since neutron is in a state of
migration to pecan. Note that if someone deploys pecan-neutron behind
other middleware, any responses provided by that middleware will not
be CORS-enabled, as these responses would be returned before the
headers could be annotated. This results in a response not readable
by the user agent.
OpenStack CrossProject Spec:
http://specs.openstack.org/openstack/openstack-specs/specs/cors-support.html
Oslo_Middleware Docs:
http://docs.openstack.org/developer/oslo.middleware/cors.html
OpenStack Cloud Admin Guide:
http://docs.openstack.org/admin-guide-cloud/cross_project_cors.html
DocImpact: Add link to CORS configuration in admin cloud guide.
Assaf Muller [Tue, 8 Dec 2015 22:44:07 +0000 (17:44 -0500)]
Make keepalived add_vip idempotent
L3 agent operations are designed to be idempotent to be resiliant
in the face of missed notifications, out of order notifications
processing and agent restarts. One exception is keepalived's
add_vip that was made to explicitly barf when the agent tries
to add a vip that was already inserted to keepalive'd internal
cache. This was done in patch 142630 by my request to root
out bugs. Well, we found such a bug and in retrospect may not
have been the smartest idea.
lb: Correct String formatting to get rid of logged ValueError
The following error is caused by a missing String formatting in the
linuxbridge agent:
"ValueError: unsupported format character 'a' (0x61) at index 90
Logged from file linuxbridge_neutron_agent.py, line 447"
In addition a duplicated word in the log text has been fixed.
Arie Bregman [Tue, 1 Dec 2015 07:47:55 +0000 (09:47 +0200)]
Skip keepalived_respawns test
keepalived fails to respawn after crash for > 1.2.11 version.
When keepalived starts, it spawns vrrp thread to monitor vrrp forked
process. It also creates a vrrp pid file. When the process is killed, and
it's restarted, the the new keepalived process runs with -P, so
when we validate whether we are already running, we check vrrp pid file.
Since we never clean up the file before starting the process, and the process
dies without a chance to clean up the file as part of its signal
handler, respawn never works.
keepalived_respawns test should be skipped until bug is resolved.
See also: https://bugzilla.redhat.com/show_bug.cgi?id=1286729
Monty Taylor [Sun, 6 Dec 2015 22:48:35 +0000 (17:48 -0500)]
Add release note covering keystoneauth and v3
The previous two patches added the keystoneauth library and support for
interacting with the rest of the cloud using keystone v3. We should tell
someone about that in our release notes.
Assaf Muller [Mon, 7 Dec 2015 22:36:06 +0000 (17:36 -0500)]
Don't emit confusing error in netns-cleanup
If we're trying to delete a dhcp/qrouter device with use_veth
= False (Which is the default for some time), we'll first
try to 'ip link del %s', which will fail and emit a confusing
error, then try 'ovs-vsctl del-port'. There's no need to
log an error in such a case.
The patch attempts to future proof by setting the
set_log_fail_as_error(False) to be as tight as possible, so we
do log errors in case the device is somehow used in the future.
Monty Taylor [Sat, 5 Dec 2015 05:14:52 +0000 (00:14 -0500)]
Use keystoneauth instead of keystoneclient
keystoneauth was split out last cycle as a library specifically to deal
with doing auth functions so that people who do not need to do keystone
CRUD operations can just consume only the auth session parts. As part
of modernizing keystone interactions, use keystoneauth instead of
keystoneclient.
Assaf Muller [Sat, 5 Dec 2015 22:17:13 +0000 (17:17 -0500)]
Tox: Remove fullstack env, keep only dsvm-fullstack
In the functional tests we have 'functional' and 'dsvm-functional'
venvs. The difference is that dsvm-functional requires can run
rootwrap commands on the machine. In the fullstack context,
not running rootwrap commands doesn't make sense, as fullstack
tests are explicitly and solely integration tests.
Matt Riedemann [Fri, 20 Nov 2015 02:43:07 +0000 (18:43 -0800)]
Set timetable for removal of oslo.messaging.notify.drivers
Icehouse is dead and gone, at least upstream. These special driver
registrations are not tested in the gate-tempest-dsvm-neutron-full job
which means they are also not tested in requirements constraints jobs.
oslo.messaging 2.6.0 broke these already by removing the internal modules,
which was fixed in o.m 3.0.0 with (deprecated) alias modules.
The minimum required version of o.m in mitaka is currently greater than
2.6.1, so we're OK to remove these once stable/mitaka is our oldest
supported branch. So add a TODO to remove these once liberty-eol happens.
Proper configuration for notification drivers happens through the
config file using the oslo_messaging options:
The configuration options come from oslo and the server
executable is usually wrapped in a service script, supplied
by packagers and/or deployment tools. Any extra documentation
available in tree is of relative value, and the fact that
this file has been virtually ignored ever since it was
added is a testament of that.
Let's stop its agony and wish it to rest in peace.
Code Review / openstack-build / neutron-build.git / log