Indicate the begin and end of the sync process to EOS
Send a trigger to EOS when a sync operation is initiated, and,
another trigger when the sync operation is complete.
Additionally, sync_interval value (from ml2_conf_arista.ini)
is passed down to EOS. This is used by EOS to timeout the
transaction.
The functional job was breaking due to the interaction between
devstack installing neutron system-wide in editable mode (pip install
-e) and tox packaging in the same path. Installing in editable
mode meant that neutron.egg-info/PKG_INFO could be updated (in this
case by tox) to change the installed version of the neutron package
without updating scripts that depended on the installed version
(e.g. rootwrap). This fix is to set the dsvm-functional env to
use system packages and avoid having tox update PKG_INFO.
A recent change has made this attribute required for nova
integration.
This patch adds this attribute to responses generated by the NSX
plugin, and also ensures relevant unit tests are executed for the
vmware NSX plugin.
Paul Michali [Fri, 12 Sep 2014 18:16:35 +0000 (14:16 -0400)]
Access correct key for template name
When an exception occurs while loading the config agent driver, the
handler tries to log a message, but accesses the wrong key to get the
template name. This causes another exception, which masks the original
exception.
This change accesses the correct key and performs logging inside a
with block to (defensively) preserve the exception context.
This fix ensures that DHCP Ports that are
available on DVR routed subnets, are serviced
by DVR neutron infrastructure.
Here servicing by DVR means, creation of
DVR namespaces on such nodes holding DHCP
Ports and also applying DVR specific OVS
Rules to the br-int and br-tun bridges on
such nodes, to enable traffic to be routed
via DVR to such DHCP Ports.
Currently, there is no check which validates the values of
tunnel range for VXLAN/GRE networks. The VXLAN VNI is 24 bit
which have range between 1 to 2^24 - 1. Similarly, GRE key field
is 32 bit which have range between 1 to 2^32 - 1.
Kevin Benton [Tue, 2 Sep 2014 18:27:51 +0000 (11:27 -0700)]
BSN: Add context to backend request for debugging
Include the request context with calls to the backend
Big Switch controllers to assist with event correlation
and debugging object provenance. The auth token is
stripped since this information is sensitive and
these requests will appear in debug logs.
This also removes mutable objects from default arguments
in some of the server manager function definitions that
were interferring with the new use of the headers dict.
Sylvain Afchain [Wed, 6 Aug 2014 12:32:51 +0000 (15:32 +0300)]
Add HA support to the l3 agent
* Add HA mixins used by RouterInfo and LNAT3Agent
* For HA routers: Internal, external and floating IP addresses are no
longer configured by the agent. Instead the interfaces and addresses
are passed to a keepalived configuration, which configures the
addresses when the router transitions to the master state.
* Only the master instance of the router opens the metadata proxy.
This happens due to keepalived notification scripts that are
called upon state transitions.
* Extra routes are handled via keepalived virtual routes and are
no longer configured by the agent.
* HA routers create a 'HA device' on a VRRP-traffic only HA-network.
* Functional testing: Add two new tests to the L3 agent:
1) Translation of a router configuration to a keepalived
configuration.
2) HA specific events when creating a HA router - Assert that
keepalived is up, etc.
Kevin Benton [Sun, 14 Sep 2014 09:22:57 +0000 (02:22 -0700)]
Fix a test_db_plugin unit test side_effect usage
One of the unit tests didn't correctly use the side_effect
parameter for a mock to return different responses to multiple
calls, which resulted in an extra try-except block and an inline
note. This commit fixes the side_effect and removes the extra
catching code.
Fix KeyError on missing gw_port_host for L3 agent in DVR mode
The order of Mixin imports broke the MRO, which caused some methods
in the L3 hierarchy to be ignored. In particular, _build_routers_list
for DVR was no longer called, which led to the stacktrace observed on
the L3 agent side.
Andreas Jaeger [Sat, 13 Sep 2014 07:29:37 +0000 (09:29 +0200)]
Stop using intersphinx
Remove intersphinx from the docs build as it triggers network calls that
occasionally fail, and we don't really use intersphinx (links other
sphinx documents out on the internet)
This also removes the requirement for internet access during docs build.
This can cause docs jobs to fail if the project errors out on
warnings.
Pritesh Kothari [Thu, 21 Aug 2014 06:51:16 +0000 (23:51 -0700)]
Remove the Cisco Nexus monolithic plugin
The Cisco Nexus monolithic plugin does not work without the Open
vSwitch plugin. The Open vSwitch plugin is scheduled to be removed
as per #1323729. This patch removes the Nexus Hardware switch
related plugin code. The N1KV virtual switch related code will
still remain in the tree as it doesn't depend on Open vSwitch
plugin.
ronak [Fri, 8 Aug 2014 19:13:16 +0000 (12:13 -0700)]
Check for ports in subnet before deleting it from Nuage VSD
There could exist a port in subnet in neutron in which case subnet delete
is not allowed. In the nuage's plugin code, this validation needs to
be handle prior to sending delete subnet request to backend.
Sylvain Afchain [Mon, 20 Jan 2014 22:38:29 +0000 (23:38 +0100)]
Add a new scheduler for the l3 HA
This patch updates all schedulers in order to support the
scheduling of HA routers. It also refactors and adds tests for
the auto scheduling part.
The schedulers aren't expected to work when creating a router
that's both distributed and highly available. Specific issues
will be reported as bugs and fixed in a future patch.
This patch amends migrations added after the icehouse release
and before the healing migration.
Migrations are changed in a way that they are not anymore
dependent on configuration parameters but are anyway aware of
the fact that the database has not yet been healed.
To this aim, amended migrations now will need to inspect the
current schema and cannot be anymore be used in offline mode;
this is consistent with the behaviour of the healing migration.
This patch does not remove the logic for generating and
managing configuration-dependent migrations. For this reason
upgrade and downgrade routines still accept the active_plugins
parameter, which will not be used.
This patch replaces folsom initial state and all migrations
from folsom to havana, with a new, configuration independent
initial db state, corresponding to the havana release.
In order to avoid large modules, "init ops" modules have been
created for all plugins, service plugins, and extensions.
Some migrations after the havana release were amended or
removed to reflect the new initial state being introduced.
shihanzhang [Mon, 4 Aug 2014 09:31:01 +0000 (17:31 +0800)]
Adds ipset support for Security Groups
Iptables chain is linear storage and filtering, when iptables rules are
large, the load of l2 agent is heavy, this patch introduces ipset to
security group for improving the security group performance.
In router remove path process_router(), processing of floating ips
is getting skipped. This change adds processing of floating ips
if the external gateway for the router was previously set. Since
DVR uses FIP namespaces and agent gateway ports, this change ensures
such ports and namespaces are removed.
The "allocated" variable was defined to be a boolean type
and in postgresql this type is enforced,
while in mysql this just maps to tinyint and accepts both numbers and bools
Jacek Swiderski [Thu, 11 Sep 2014 13:32:18 +0000 (15:32 +0200)]
Remove faulty .assert_has_calls([])
Some UT use <mock>.assert_has_calls([]) as a way to check if mock
wasn't called - this doesn't work because assert_has_calls only checks
if passed calls are present in mock_calls and hence it is always true
regardless of whether mock was called or not. This can lead to falsely
passed tests.
Kevin Benton [Wed, 10 Sep 2014 09:15:02 +0000 (02:15 -0700)]
Fail on None before iteration attempt
Check for a 'None' value before trying to iterate over it
in the bulk code. Also eliminates an unneccessary anonymous
recursive function in the same bulk handling code.
ofagent has code for agent-on-DomU support inherited from OVS agent.
However, it's incomplete and broken. Because ofagent uses a direct
OpenFlow channel instead of ovs-ofctl command to program a switch,
the method to use the special rootwrap can not work.
The Arista ML2 plugin was not passing the admin tenant name to EOS without which
it is not possible to authenticate with keystone using just the admin name
and password. This patch passes the admin tenant name along with the admin
credentials.
Added code to associate fip to a vm in VSD, if
the fip was already associated with the vm port
in Neutron. Also added code in fip deletion,
to get the correct router id based on the check
if the fip is associated to a Neutron port or
not.
Closes-Bug: #1350469
Change-Id: I1aa24f420f656043086a4f501b15722216b843e9
Cedric Brandily [Wed, 27 Aug 2014 09:35:41 +0000 (11:35 +0200)]
Remove useless check in _rpc_update_firewall
Firewall_db_mixin.update_firewall returns an updated firewall or raises
an error (if the firewall is not found), that's why checking if its
result is evaluated to False is not required
Henry Gessau [Wed, 10 Sep 2014 03:50:09 +0000 (23:50 -0400)]
Use renamed _fail_second_call() in cisco nexus tests
In commit 5e4b0c6fc6670ea036d801ce53444272bc311929 NeutronDbPluginV2TestCase
_do_side_effect() was renamed to _fail_second_call(), but the nexus test cases
were not updated. The tests still worked because they check for
HTTPInternalServerError which is the end result of the server encountering
"AttributeError: object has no attribute '_do_side_effect'". So the fault
injection still worked, but not in the way intended.
Note: the monolithic nexus plugin is not updated here since it is being
removed from the tree.
Sylvain Afchain [Mon, 26 May 2014 12:28:06 +0000 (14:28 +0200)]
Add L3 VRRP HA base classes
Add L3 HA base classes on the plugin side. A new admin-only ha
attribute is added to the API router resource. Conversion from
or to HA router is possible. Each tenant gets a single network
used for HA traffic. The tenant_id for that network is set to
'' so that it isn't visible via the CLI or GUI. A new table
is added to map a tenant to its HA network. Specific HA
attributes are added to the extra router attributes table.
Finally, each HA router gets a port on the HA network, per
l3 agent it is scheduled on. A new table is added to track
these bindings. A new table is added in order to track
VRID allocations.
DVR integration is not expected to work. Any issues will
be reported as bugs and handled after the feature merges.
Migrating a router to HA or from HA works server side
but is not expected to work (Yet) agent side. This will be
dealt with as a bug in the future.
Code Review / openstack-build / neutron-build.git / log