Kevin Benton [Fri, 26 Jun 2015 01:29:37 +0000 (18:29 -0700)]
Remove double mock of dhcp agent periodic check
The test case for the periodic check was patching a target
that the core plugin fixture already patched out. This removes
that and exposes the mock from the fixture so the test case
can reference it.
Kevin Benton [Fri, 26 Jun 2015 00:55:16 +0000 (17:55 -0700)]
Remove double callback manager mocks
setup_test_registry_instance() in the base test case class gives
each test its own registry by mocking out the get_callback_manager.
The L3 agent test cases were duplicating this.
Kevin Benton [Thu, 25 Jun 2015 23:57:30 +0000 (16:57 -0700)]
Remove ensure_dirs double-patch
test_spawn_radvd called mock.patch on ensure_dirs after the
setup method already patched it out. This causes issues when
mock.patch.stopall() is called because the mocks are stored
as a set and are unwound in a non-deterministic fashion.[1]
So some of the time they will be undone correctly, but others
will leave a monkey-patched in mock, causing the ensure_dir
test to fail.
Sukhdev Kapur [Thu, 25 Jun 2015 22:11:28 +0000 (15:11 -0700)]
Fix tenant-id in Arista ML2 driver to support HA router
When HA router is created, the framework creates a network and does
not specify the tenant-id. This casuse Arista ML2 driver to fail.
This patch sets the tenant-id when it is not passed explicitly by
by the network_create() call from the HA router framework.
Even though original issue was discovered for network_create()
it turns out the same issue applies for port_create() as well
so all the methods are fixed in this patch
Cedric Brandily [Wed, 24 Jun 2015 19:31:33 +0000 (21:31 +0200)]
Avoid env variable duplication in tox.ini
Some environment variables are defined multiple times in tox.ini. This
change defines "fake" tox jobs and refactors existing jobs to reduce
duplicated environment variables.
Kevin Benton [Wed, 3 Jun 2015 22:20:27 +0000 (15:20 -0700)]
Skip ARP protection if 0.0.0.0/0 in addr pairs
Don't setup ARP protection on ports with allowed address pairs
that allow them to use any IP address. This is necessary because
OVS doesn't support the /0 prefix in rules that match on ARP headers.
Russell Bryant [Wed, 24 Jun 2015 18:59:26 +0000 (14:59 -0400)]
Updated from global requirements
This patch takes the latest global requirements update from change
Ibcb49412a012f79be2f7fd697349ddbf43bd7b9b except takes out the update
to setup.py which reverts the windows specific requirements. We are
still working on getting the custom changes out of setup.py in change
I3c07c279d33f6aed46c3a97dd9ba81251e51429a.
Ihar Hrachyshka [Tue, 23 Jun 2015 15:33:38 +0000 (17:33 +0200)]
ovsdb: attempt to enable connection_uri for native impl on startup
The port is in most cases disabled, so to use it, we should first enable
it, and it means that we should still rely on ovs-vsctl for that initial
call.
Aaron Rosen [Wed, 3 Jun 2015 23:19:39 +0000 (16:19 -0700)]
Provide work around for 0.0.0.0/0 ::/0 for ipset
Previously, the ipset_manager would pass in 0.0.0.0/0 or ::/0 if
these addresses were inputted as allowed address pairs. This causes
ipset to raise an error as it does not work with zero prefix sizes.
To solve this problem we use two ipset rules to represent this:
Ipv4: 0.0.0.0/1 and 128.0.0.1/1
IPv6: ::/1' and '8000::/1
All of this logic is handled via _sanitize_addresses() in the ipset_manager
which is called to convert the input.
Kevin Benton [Wed, 24 Jun 2015 10:27:16 +0000 (03:27 -0700)]
Make DHCPv6 out of bounds API test deterministic
The test_dhcp_stateful_fixedips_outrange API test was randomly
picking an IP from last + 1 up to last + 10 in the allocation
range. This made it fail randomly when there was an issue related
to the subnet allocation having an off-by-one issue.
This adjusts the test to just always test last +1 and +2.
Kevin Benton [Wed, 24 Jun 2015 09:15:29 +0000 (02:15 -0700)]
Don't process network_delete events on OVS agent
There is no reason to reclaim the local VLAN on a network_delete
event since it will be reclaimed when the last port is deleted anyway.
This method was racey with recent port creation events and lead to
occasional traces when it would yank the local VLAN out from underneath
an ongoing port wiring process.
Cedric Brandily [Tue, 23 Jun 2015 22:08:22 +0000 (00:08 +0200)]
Support oslo_db 1.12
oslo_db 1.12[1] decorates oslo_context.context.RequestContext with
session management[2][3] and add a read-only attribute 'session'. Such
feature breaks Brocade plugin and its unittests because they define
on RequestContext the 'session' attribute which now is a read-only
property. This change uses neutron.context instead of
oslo_context.context in order to delegate session management to the
neutron.context and remove read-only attribute set.
A follow-up change will refactor neutron.context in order to use oslo_db
1.12 session management instead of homemade one.
Jeremy Stanley [Thu, 18 Jun 2015 19:09:05 +0000 (19:09 +0000)]
Override opportunistic database tests to PyMySQL
Set the OS_TEST_DBAPI_ADMIN_CONNECTION override variable so that
oslo.db opportunistic detection will know to use PyMySQL until
I12b32dc097a121bd43991bc38dd4d289b65e86c1 makes it the default
behavior.
This change removes previous code[1] enabling PyMySQL use.
[1] Ic5c1d12ab75443e1cc290a7447eeb4b452b4a9dd
Change-Id: Ic39feee0248f2ffabdba26f3779ab40a8f3838e6 Co-Authored-By: Victor Sergeyev <vsergeyev@mirantis.com> Co-Authored-By: Cedric Brandily <zzelle@gmail.com>
Cedric Brandily [Tue, 23 Jun 2015 18:00:30 +0000 (20:00 +0200)]
Extend default setenv instead of replacing it in tox.ini
Some tox jobs[1] define their own setenv without extending/referencing
default setenv, it disallows to define environment variables shared by
all jobs. This change updates previous jobs[1] in order to extend
instead of replacing default setenv and enable global environement
variables (used in daughter change).
One remark, this change sets VIRTUAL_ENV environment variable in updated
jobs[1] but it has no effect on them.
[1] (dsvm-)functional, (dsvm-)fullstack and api jobs
Pavel Bondar [Tue, 23 Jun 2015 09:07:43 +0000 (12:07 +0300)]
Bulk move methods to ipam_backend_mixin.py
ipam_backend_mixin contains methods common for both backends:
pluggable and non-pluggable, so moving methods to make them accessible
by backends.
Next methods were moved from db_base_plugin_v2.py to
ipam_backend_mixin.py:
- _validate_subnet_cidr
- _validate_network_subnetpools
- _allocate_pools_for_subnet
- _save_subnet
This commit moves methods without any internal changes.
All future changes and decomposition of these methods will be handled in
next commits.
Rawlin Peters [Thu, 18 Jun 2015 17:22:13 +0000 (11:22 -0600)]
Optimize ipset usage in IptablesFirewallDriver
Currently, IptablesFirewallDriver._update_ipset_members() iterates
through a list of security group IDs and makes a call to
IpsetManager.set_members() for each security group ID in the list. The
problem is that set_members() is repeatedly called with the same
arguments over and over again because the list of security group IDs
contains duplicates. These duplicated calls are unnecessary because they
are idempotent.
For instance, with a security group of 50 rules created in this manner:
neutron security-group-rule-create $SECGRP --remote_group_id $SECGRP
--protocol tcp --port_range_min $i --port_range_max $i
Adding a server to that security group will cause 50 calls to
IpsetManager.set_members() because the list of security group IDs is 50 of
the same ID. Only one call to IpsetManager.set_members() is necessary
per security group ID.
This patch converts that list of security group IDs into a set, which
eliminates the duplicate idempotent calls to
IpsetManager.set_members() with the same arguments. This will affect
performance by reducing the amount of file locking around ipset when
adding servers to security groups.
Oleg Bondarev [Tue, 2 Jun 2015 13:14:40 +0000 (16:14 +0300)]
Fix callback registry notification for security group rule
Some housekeeping was done in
- SecurityGroupDbMixin:
- create_rule_bulk() calls to create_rule();
- registry notification is in create_rule();
- separate validation for a single rule and for a group of rules
- SecurityGroupServerRpcMixin:
- overriden methods call to corresponding super class methods;
David Edery [Sun, 21 Jun 2015 12:59:49 +0000 (15:59 +0300)]
Fix subnet creation failure on IPv6 valid gateway
Currently a valid IPv6 address gateway of the "*::ffff:ffff:ffff:ffff"
pattern is failing due to netaddr.broadcast returning value for both IPv6
and IPv4 addresses. IPv6 has no broadcast address so the fix checks if
the gateway is the subnet broadcast address only in the case of IPv4
subnet
Pavel Bondar [Fri, 19 Jun 2015 14:58:57 +0000 (17:58 +0300)]
Decompose _create_subnet_from_pool
Moved validations into separate methods:
- _validate_pools_with_subnetpool
Verifies that allocation pools are set only for specific subnet request.
For any subnet request allocation pools can not be set manually
- _validate_ip_version_with_subnetpool
Verifies that subnet has the same ip version as subnet pool
Pavel Bondar [Thu, 18 Jun 2015 12:24:44 +0000 (15:24 +0300)]
Move _delete_port
Pluggable ipam implementation will do additional actions on port
deletion (deallocate ip using ipam driver).
Existing _delete_port code will be resused.
Moving _delete_port to ipam_backend_mixin to make this code
accessible and extendable by both backends (pluggable and non
pluggable).
This commit is a preparation step before pluggable ipam implementation
can be used.
Pavel Bondar [Thu, 18 Jun 2015 11:52:24 +0000 (14:52 +0300)]
Decompose create_port and save_subnet
This commit is a preparation step for enabling pluggable ipam.
Some actions in create_port and save_subnet are specific for
non pluggable ipam implementation.
- create_port
Moved allocation ips for port and storing results into separate method
_allocate_ips_for_port_and_store.
Moved to ipam_non_pluggable_backend, since pluggable implementation will
be different due to rollback on failure logic included.
- save_subnet
Moved saving allocation pools into new method _save_allocation_pools.
Moved to ipam_non_pluggable_backend, since pluggable ipam implementation
does not need to save IPAvailabilityRange (availability ranges are
maintained by ipam driver for pluggable case)
Henry Gessau [Sun, 21 Jun 2015 05:30:05 +0000 (01:30 -0400)]
Allow setting Agents description to None
Fix the validator for the 'description' attribute of Agents, allowing
it to be set to None.
Fix an API test that had two problems:
1. It was not restoring the description to the agent it had updated
2. It was retoring the description to '' instead of None.
Code Review / openstack-build / neutron-build.git / log