Aaron Rosen [Fri, 25 Jan 2013 19:30:18 +0000 (11:30 -0800)]
Make get_security_groups() return security group rules
In nova, get_security_groups() returns the security groups and their
security group rules. In order to implement the security group proxy
it needs to return this data to nova. This can be done using multiple
requests from nova-api to quantum i.e: get_security_groups(), then
get_security_group() for each group to obtain the rules. If one has a lot
of security groups this will generate a lot of requests. Adding this change
allows all the security groups and their rules to be returned in one shot.
OVSInterfaceDriver plug() creates a veth pair and add it to an OVS
bridge when ovs_use_veth=True. It is useful that OVS cleanup utility
removes such veth paris in addition to removing OVS ports.
Veth pairs to be removed are veth devices corresponding to ports
removed when all_ovs_port==False. Veth pairs created to connect
the integration bridge and physical bridges are not removed.
Paul Michali [Thu, 24 Jan 2013 13:13:18 +0000 (08:13 -0500)]
Reqd. core_plugin for plugin agents & show cfg opts loaded.
For the linuxbridge, openvswitch, nec, and ryu plugin agents,
require the core_plugin configuration option, and throw an
exception, if not present. Note: cannot make this a required
option for all agents, as there are agent that include the
core config options, but do not require core_plugin.
In addition, log (as debug) the configuration options that
have been loaded at start-up for these four agents. This will
help with diagnosing start-up issues related to the
configuraiton settings (or lack of).
Tested that exception thrown, when missing core_plugin
value in config file(s) included, for these four agents.
Fix InvalidContentType can't be raised because of error in constructor
InvalidContentType exception class is defined two times:
in quantum.openstack.common.exception and quantum.common.exceptions
with two different signatures.
A lot of code like wsgi.Serializer.serialize() imports one of them but
attempts to use it with the signature of another one, which ends with
TypeError exception.
This change fixes the bug by removing the second definition of
InvalidContentType class and leaving only one which works correctly
with all code. Also adds unit tests for exceptions to prevent this and similar bugs.
In addition to this the code does the following:
1. validates if the port exists on the OVS when a port update event takes
place
2. when a port is created the initial state is set as 'DOWN'. this is
later updated by the agent when it is detected as up
Aaron Rosen [Wed, 9 Jan 2013 06:53:02 +0000 (22:53 -0800)]
Adds port security api extension and base class
Implements blueprint port-security-api-base-class
This patch also updates the _create_network/port in the unit tests
so that it does not remove false values from arg_list.
Fixes bug 1097527
Following http://wiki.openstack.org/Translations to integrate transifex
translation into quantum
We added the empty file quantum/locale/quantum.pot to avoid the
failure of the Jenkin's translation-jobs because git doesn't allow empty
directory to be added into the repository.
After this patch accepted, we need to do as below:
1. Make the transifex quantum project
(https://www.transifex.com/projects/p/quantum/) as part of the
openstack transifex project hub and give access to the transifex
openstack Jenkins account.
2. Add the translation-jobs into openstack/openstack-ci-puppet for
ceilometer.
Aaron Rosen [Wed, 23 Jan 2013 03:24:25 +0000 (19:24 -0800)]
get_security_group() now returns rules
get_security_group() previously only returned a security_group's id,
name, tenant_id, and description. This patch changes get_security_group()
to also return the security_group_rules associated with the security group.
Fixed bug 1103278
SQL Primary Keys cannot be null, so this patch fixes an
inconsistency between the models and SQL. The databases were
correcting this automatically, so a migration is not required.
The link local unit test was failing because it depended on eth0 to
exists. This mocks getaddrinfo() to ensure a consistent return value
across testing environments.
Akihiro MOTOKI [Wed, 16 Jan 2013 02:59:02 +0000 (11:59 +0900)]
Support Port Binding Extension in NEC plugin
Fixes bug 1099894
nova/network/quantumv2/api fill the bridge name according to
binding:vif_type attribute passed from Quantum. Otherwise the bridge
is set to None and launching an instance will fail.
blueprint vif-plugging-improvements
Note that binding:capabilities is under discussion and it may be
changed in the future. This commit just adds NEC plugin support
same as OVS and Linux bridge plugin.
Davanum Srinivas [Thu, 10 Jan 2013 16:26:25 +0000 (11:26 -0500)]
Enhance wsgi to listen on ipv6 address
Check if the hostname is ipv6 and set the family appropriately.
Picked up the code snippet from glance to determine the address_family
per markmclain's comment
Picked up some code from nova as well to get the test case running
properly
Maru Newby [Thu, 17 Jan 2013 18:42:37 +0000 (18:42 +0000)]
Config lockutils to use a temp path for tests.
* Tests for iptables_manager were leaving lockfiles in the source
tree due to the default lock path being in the openstack common
tree. This patch sets the lock_path option to an empty string
for unit tests to ensure that a temporary location is used
instead.
Aaron Rosen [Thu, 10 Jan 2013 21:36:35 +0000 (13:36 -0800)]
Provide atomic database access nvp plugin
* This patch ensures that if multiple queries are done against the
database they are atomic.
* Removes outdated doc string comments.
* Changes update_network so that it doesn't update the network name in nvp
since the name is retreved from the database.
* Fixes get_network to return the correct status from nvp. Previously,
it was always returning ACTIVE.
Fixes bug 1097990
Aaron Rosen [Wed, 9 Jan 2013 23:08:02 +0000 (15:08 -0800)]
_validate_security_groups_on_port was not validating external_ids
The function _validate_security_groups_on_port was not validating a ports
security group id if the id was an external id. The unit tests now use
set_override() rather than setting cfg values directly. Lastly, quantum.conf
now has the proxy_mode option exposed.
Fixes bug 1095864
Akihiro MOTOKI [Wed, 16 Jan 2013 02:13:15 +0000 (11:13 +0900)]
Add a common test case for Port Binding Extension
This commit merges the test cases for Port Binding Extension in
Linux Bridge plugin and Open vSwitch plugin into a common one.
It makes it easier for each plugin to support the port binding extension.
This commit also adds binding:capabilities attribute to OVS plugin.
Note that binding:capabilities is under discussion and it may be changed
in the future. This change is done just to make OVS plugin support
same as Linux Bridge plugin and pass the common unit test for the extension.
Code Review / openstack-build / neutron-build.git / log