Abhishek Raut [Tue, 20 Aug 2013 04:20:11 +0000 (21:20 -0700)]
Add sub-type field to VXLAN network profiles for Cisco N1KV plugin
Rename VXLAN type of network profiles to Overlay network profiles.
Add a new sub type column to Overlay network profiles. Support
enhanced VXLAN and native VXLAN as Overlay sub types. Allow plugin to
be flexible to support newer sub types.
Aaron Rosen [Fri, 16 Aug 2013 17:56:21 +0000 (10:56 -0700)]
Implement Allowed Address Pairs
The following patch adds the concept of allowed address pairs.
This allows one to add additional ip/mac address pairs on a port to
allow traffic that matches those specified values. This is useful in order
to leverage dataplane failover mechanisms like vrrp. This patch adds support
for the NVP plugin, the OVS plugin, and Ml2.
This patch does minimal changes in neutron.plugins.nicira.common.sync
providing unit tests with a reference to the looping call object, so
that they can control its lifecycle.
Also, it perform a bit of refactoring in test_l3_agent.py in the way
mocks are created and started.
Kaiwei Fan [Tue, 20 Aug 2013 21:28:58 +0000 (14:28 -0700)]
VCNS driver implementation
Implement API/driver interface for configuring vShield Edge Appliance.
Currently implemented functions:
- Deploy an Edge
- Destroy an Edge
- Configuring interfaces
- Configuring SNAT/DNAT rules
- Configuring default gateway and static routes
- Query Edge status
- Task-based asynchronous model
- Allow old routes/nat config to be skipped if new updates are coming
Mark McClain [Wed, 4 Sep 2013 18:36:11 +0000 (14:36 -0400)]
ensure that Arista test destroys the database
Out of order test execution has revealed that the database was not
properly cleaned up after each test run. This patch adds a call to
clear the database after each test.
Rich Curran [Wed, 21 Aug 2013 21:43:12 +0000 (17:43 -0400)]
ML2 Mechanism Driver for Cisco Nexus
Port of the quantum/plugin/cisco/nexus plugin to run under the Modular
Layer 2 (ML2) infrastructure as defined in
https://blueprints.launchpad.net/quantum/+spec/ml2-mechanism-drivers
Adds dedicated unit tests to the plugins which uses binding:profile
attribute (Mellanox and NEC plugins at now).
This commit also adds common unit tests for binding:profile to
the common PortBindingTestCase class.
- create_port with binding:profile whose value is None or {}
- update_port with binding:profile whose value is None or {}
- Reject binding:profile from non-admin user
Note that _make_port() in BigSwitch plugin test is updated
to allow passing arg_list() from the base test class.
Fix a bug in NEC plugin that 500 is returned when putting
binding:profile None to a port whose binding:profile is
already None (Closes-Bug: #1220720)
Akihiro MOTOKI [Fri, 23 Aug 2013 06:22:04 +0000 (15:22 +0900)]
OpenFlow distributed router support in NEC plugin
Implements blueprint nec-distribute-router
Two types of neutron router will be supported: l3-agent and distributed.
A type can be specified through "provider" attribute of a router.
The naming of the attribute "provider" is intentional since I plan to
support the service provider framework for router in the future and
would like to make it easy to migrate.
distributed router in NEC OpenFLow controller now does not support NAT,
so l3-agent and distributed router coexists. To achieve it, l3-agent
scheudler logic is modified in NEC plugin to exclude distributed routers
from candidates of floating IP hosting routers.
To support the above feature, the following related changes are done:
- Adds a new driver to PFC driver which supports OpenFlow based router
support in NEC OpenFlow products in PFlow v5.
- Update ofc_client to extract detail error message
from OpenFlow controller
This commit also changes the following outside of NEC plugin:
- Makes L3 agent notifiers configurable.
l3-agent router and OpenFlow distributed router can coexist.
Notication to l3-agent should be done only when routers are
hosted by l3-agent, so we need custom L3 agent notifiers
to filter non l3-agent routers.
- Split test_agent_scheduler base class (in OVS plugin) into
the base setup and testcases. By doing so we can implement
custom testcases related to agent scheduler.
Introduce periodic state synchronization with backend
Blueprint nicira-plugin-get-improvements
With this patch GET operations on the Nicira plugin will not
be forwarded anymore to the NVP backend.
Resource operational status will be periodically retrieved from
the NVP backend using a DynamicLoopingCall.
The process has been designed with the aim of avoiding:
1) frequent queries to NVP for retrieving resource status
2) execution of large queries to NVP for retrieving the status
of a consistent number of resources.
The process can be tuned using a set of configuration variables.
GET operations will now return a status which might differ
from the actual status of the resource. For retrieving status
in a punctual way, the field 'status' should be explicitly
specified in the GET request (only 'show' support has been
implemented in this patch)
This patchs also makes some changes to the fake nvp api client in
order to ensure each instance has a private set of dictionaries for
fake nvp entities.
Paul Michali [Mon, 2 Sep 2013 11:02:12 +0000 (07:02 -0400)]
Verify MTU is valid for ipsec_site_connection
Since the check relies on the vpnservice subnet to determine whether
this is IPv4 ro IPv6, we must check in the plugin. Test is done at
create/update time and ensures that the MTU is equal to or greater
than the minimum allowed values, which are set to 68 for IPv4
minimum and 1280 for IPv6, respectively.
Refactored code to allow reuse of create and update test functions,
by allowing tests to override some settings, and to provide a dict
of changed items (for update).
Bob Kukura [Tue, 13 Aug 2013 01:58:36 +0000 (21:58 -0400)]
Implement ML2 port binding
The ml2 plugin uses mechanism drivers to determine which network
segment and what VIF driver to use for a port. Mechanism drivers
supporting the openvswitch, linuxbridge, and hyperv agents are
added. The binding:host attribute is set on ports belonging to the
dhcp and l3 agents so that they can be bound.
To use with devstack until it is updated, set
"Q_ML2_PLUGIN_MECHANISM_DRIVERS=openvswitch,linuxbridge" in localrc.
The hyperv L2 agent does not currently implement the agents_db RPC,
and will therefore not work with its ml2 mechanism driver. This issue
will be tracked as a bug to be fixed in a separate merge.
Refactoring for nicira plugin to support NVP DHCP/Metadata services
This initial patch is aimed at decoupling core plugin services from
DHCP and metadata services. The abstraction being introduced is
needed so that the code can support both models where dhcp and
metadata services are provided by external RPC agents or solely by
the server-side plugin.
This patch implements Arista's modular L2 mechanism driver to
automate the management of virtual networks along with physical networks
using Arista hardware devices (Spine and Leaf switches)
This driver uses ML2 Mechanism Driver-API to interface with Neutron ML2 Plugin.
The ML2 plugin's type and mechanism managers currently maintain
dictionaries/lists of type drivers, mechanism drivers, and ordered mechanism
drivers in (static) class variables. Once a type/mechanism/ordered-mechanism
driver of any given type is added to this list, then no new drivers of that
type are allowed to be registered, and therefore no new configuration for
that driver type is accepted.
This static nature of the driver dictionaries/lists is causing ML2 mechanism
driver unit test cases to fail. For example, if a non-vendor-specific ML2
plugin test case configures a VLAN type driver with no VLAN range, and then
a vendor specific test case attempts to configure a VLAN type driver with
some test VLAN range, then the new VLAN configuration is ignored because of
the previously (staticly) registered VLAN driver.
The proposed fix is to convert these driver dictionaries/lists to instance
variables, and clear them upon each instantiation of an ML2 type manager
or ML2 mechanism manager.
* adds new attribute of the pool: provider, which is provider name
as it is written in configuration
* adds support for multiple plugin drivers for loadbalancer
* cleans up healthmonitor-related plugin driver API
Drivers should work with healthmonitor associations only
* adds ability to update provider attribute for the pool used
to reassociate pools with new providers in case their providers
were removed from configuration
Viewing log output while tests are still running can be useful for
debugging, but log output was previously always captured. This
change ensures that log capture is off by default, but can still
be enabled by setting OS_LOG_CAPTURE=1 in the shell environment.
testr invocation is unchanged and will continue to capture logs by
default.
Oleg Bondarev [Wed, 14 Aug 2013 12:11:24 +0000 (16:11 +0400)]
LBaaS: update status of members according to health statistics
Added members health stats reporting to the haproxy driver.
During pool stats update db plugin checks for members stats
and updates members statuses if any
This change modifies the hook processing for dict_extend routines
to call the method on the instance if a hook is registered as a string.
Otherwise, the callable hook is directly invoked as an unbound method.
This patch fixes hook registration for all extensions except port_binding.
This is because some plugins are currently working around this limitation
by invoking both the global hook and another dict_extend function,
which might either be registered as another hook, or invoked explicitly
before returning the response.
Fixing this would go beyong the scope of this patch.
Akihiro MOTOKI [Wed, 21 Aug 2013 06:43:19 +0000 (15:43 +0900)]
Export portinfo thru portbinding ext in NEC plugin
blueprint nec-port-binding
* Add host-id support in port-binding extension.
* Expose portinfo thourgh binding:profile attr in a port.
portinfo is a mapping between neutron port id and OpenFlow switch
physical information (datapath_id and port_no)
It changes the following in portinfo db model
* Add cascade on delete to delete an associated portinfo
when deleting the port.
* Use joined query for portinfo model to retrieve an associated
portinfo when querying a port.
Fix DHCP agent to work without extra_dhcp_opt extension
With the introduction of extra_dhcp_opt extension, DHCP agent
stopped serving mac adresses when used in conjunction with a
plugin that doesn't support this extension. This fixes the agent
by not assuming that port dict contains extra_dhcp_opt key.
This patch enables the plugin to deal correctly with
newer versions of the NVP platform; this is done by
allowing the plugin to fall back to the closest known
version of the NVP platform. This is acceptable behavior
as L2/L3 operations implemented by the platform are most
certainly backward compatible.
This patch also improves test coverage for this part of the
code, which is critical to the correct behavior of the plugin.
Rudrajit Tapadar [Sat, 10 Aug 2013 06:42:45 +0000 (23:42 -0700)]
Multi-segment and trunk support for the Cisco N1Kv Plugin
This patch adds vlan and vxlan trunk support in the
Cisco N1Kv plugin. It also adds support for multi-segment
networks for bridging vlan networks with vxlan networks.
Kevin Benton [Fri, 23 Aug 2013 03:17:00 +0000 (20:17 -0700)]
Refactor BigSwitch error handling to use db rollbacks
This patch adjusts most of the logic handling the
calls to the controller in the BigSwitch/floodlight
plugin to make use of the db rollbacks from
sqlalchemy for free on exceptions. This eliminates
several complex try-except blocks and makes
maintaining db<->controller consistency easier.
Francois Eleouet [Fri, 30 Aug 2013 20:30:04 +0000 (22:30 +0200)]
Add missing match in OVS agent tunnel mac leaning
Learned flows introduced in commit a369f9e39691c01a4e4f7f8668cb37fc17ba03b3
to learn remote mac addresses on tunnels currently only match local VLAN,
but not destination mac address, as a consequence, connectivity may be
erratic as soon as more than two agents are used
Stephen Gran [Thu, 29 Aug 2013 06:11:44 +0000 (07:11 +0100)]
Create RPC connection before modifying OVS bridges
On startup, the agent removes and readds flows to the OVS bridges. If
an RPC setup error exits the process prematurely, this can leave the
bridges in an unsafe state. It is better to set the RPC communication
up before making changes to the host system.
Closes-Bug: 1217980
Change-Id: Ib9bbb864b9129bb7b1376a150a37a0c07908d74b Signed-off-by: Stephen Gran <stephen.gran@guardian.co.uk>