Once gateway is set, external_gateway_added() was getting called every time
a router update was received. The check for change in external
gateway compared previously cached copy of gateway port (ri.ex_gw_port) with
the one passed in through update router (ri.router['gw_port']).
The cached copy was already being modified by code so the two values would
always appear to be different.
Making the change to compare correctly and remove actions not required
for gateway update.
Carl Baldwin [Mon, 4 Aug 2014 19:29:33 +0000 (19:29 +0000)]
Simple refactor to stop passing around an unused parameter
There is no functional change in this patch. However, this refactor
allows another patch [1] to make a simpler change to the code base.
This patch includes localizing the initialization of "internal_cidrs"
to a later spot in the "process_router" method. This has the
advantage that it will be initialized under the same condition that it
will be used.
cedric.brandily [Fri, 16 May 2014 20:18:45 +0000 (16:18 -0400)]
OVS flows apply concurrently using a deferred OVSBridge
This change is an improvement of the commit 501213686886baccd3280e10b8856a25d3517519 and provides a cleaner
implementation. Previously flows were applied on
OVSBridge.defer_apply_off which could be called by an other
greenthread: it was impossible to ensure that all flows are applied
in a unique OVSBridge.defer_apply_off call. This change ensures that
all flows defined using a DeferredOVSBridge are applied on
DeferredOVSBridge.apply_flows or DeferredOVSBridge.__exit__ if not
exception is raised.
Pritesh Kothari [Mon, 4 Aug 2014 20:37:56 +0000 (13:37 -0700)]
Do not assume order of network_uuid's
This fixes the neutron.tests.unit.test_linux_dhcp.TestDnsmasq
.test_existing_dhcp_networks unit test that breaks with a
randomized PYTHONHASHSEED (see the bug report).
The test assumed that the network_uuid's list was sorted, so sort
the result before comparing.
Note: There are several other unrelated unit tests that also break with a
randomized PYTHONHASHSEED, but they are not addressed here. They will be
addressed in separate patches.
Kevin Benton [Fri, 25 Jul 2014 19:25:39 +0000 (12:25 -0700)]
Big Switch: Only update hash header on success
This patch moves the hash update call into the success block
of the server manager so the database isn't updated with
a hash header from an error response. Additionally, it prevents
the hash from being updated to an empty value if the hash header
is not present in the response.
Perform dumb polling instead.
Now ofagent port monitoring is mostly ovsdb-free.
(except _find_lost_vlan_port stuff, which is planned to be retired
by blueprint ofagent-merge-bridges)
Remove code to report port status for ancillary bridges because
it relies on ovsdb. While we could adapt the code to use OFP in
a similar way we did for the integration bridge, it doesn't worth
the effort because the almost same functionality can be achieved
using provider network. Update README to suggest the use of
provider network.
Henry Gessau [Mon, 4 Aug 2014 12:47:08 +0000 (08:47 -0400)]
Add a tox test environment for random hashseed testing
The newer versions of tox by default enable a random PYTHONHASHSEED. However,
this breaks many Neutron unit tests, so PYTHONHASHSEED=0 is currently hard-
coded for Neutron's unit test environments.
We want to clean up the unit test cases that break with a random hashseed
(there are many). To be able to find the broken tests and then verify them,
we need to have an easy way of enabling random hashseed testing.
This is step 2 implementation of OFAgent l2-population.
This handles an arp packet responding locally to an arp request in such a way
that sends an arp request as a packet-in message to controller and
builds and sends an arp reply packet.
Currently this only supports tunnel.
Henry Gessau [Sun, 3 Aug 2014 17:40:01 +0000 (13:40 -0400)]
Do not assume order of quotas dictionary elements
This fixes the quotas db unit test that breaks with a randomized PYTHONHASHSEED
(see the bug report).
The test assumed that the quotas dictionary from plugin.get_all_quotas() had
elements in a particular order. Found with PYTHONHASHSEED=1235130571.
The fix refactors the test case to handle an unsorted quotas dictionary. Also
choose some different quota limits to make it clearer what is being verified.
Note: There are several other unrelated unit tests that also break with a
randomized PYTHONHASHSEED, but they are not addressed here. They will be
addressed in separate patches.
Cisco VPN RESTapi URI strings are currently spread out
throughout the cisco vpn device driver code. This create
challenge towards consistently using REST resource identifiers
as this code gets enhanced in the future. This change moves
those URIs as string contents towards the top of the device
driver file.
This addresses the review comment received during the
cisco-vpnaas BP implementation.
Akash Gangil [Sat, 2 Aug 2014 09:53:14 +0000 (02:53 -0700)]
Move from Python logging to Openstack logging
Replacing usage of python standard logging module
with Openstack common logging module. Apart from
the said replacements, this patch also removes
basicConfig() setup from a couple of modules since
its not needed. Also removes unused LOG & imports.
Previously, req_timeout and http_timeout were set to the same value
which is not correct. req_timeout is the total time limit for a cluster
request and http_timeout is the time allowed before aborting a request on
an unresponsive controller. Since the default configuration allows 2
retries req_timeout should be double that of http_timeout because of this
this patch goes ahead and removes req_timeout as this should just be
http_timeout * retries.
Because prevouly req_timeout and http_timeout were the same this exposed
a corner case that when the nsx controller returned a 307 we would issue
the request against the redirected controller but in the case where the
session cookie had expire when the request was issued we would get a 401
response back and never retry the request. Now that the default values are
corrected this issue should no longer occur as the next time time we issue
the request we'll fetch a new auth cookie for the redirected controller.
This patch also bumps the timeout values to be higher. We've seen
more and more timeouts occur in our CI system largely because our
cloud is overloaded so increasing the default timeouts will *hopefully*
help reduce test failures.
When fwaas config file is not provided to the agent,
but the service is enabled in neutron.conf file the
agent should exit with an error message and should
not proceed further. This patch adds the necessary fix.
There is a remote chance that this operation may
be prone to DB integrity errors, in case the binding
is attempted on the same port twice.
Ideally getter methods should not create, but this
is a common Neutron (anti)-pattern that would be
difficult to eradicate (at least in a single patch);
so for now let's make this code more defensive.
Michael Smith [Thu, 31 Jul 2014 06:17:47 +0000 (23:17 -0700)]
centralized router is incorrectly scheduled
When agent_mode=dvr only distributed routers should be
scheduled to that agent. This change fixes this problem
by not allowing centralized routers to be scheduled
to an agent configured with agent_mode=dvr
When a gateway is set to a distributed router,
the router checks for the interfaces associated
with the router and based on the number of
interfaces the router creates "csnat" interface
ports that would be used by the SNAT service in
the Service Node.
When a gateway is cleared, the plugin should
delete the "csnat" interface ports. In the
current code, it is deleting the port and
re-creating the port with a different id.
A check need to be made before it creates a new
port to make sure that the router has a valid
gateway port.
Jakub Libosvar [Tue, 22 Jul 2014 16:50:07 +0000 (18:50 +0200)]
Use storage engine when creating tables in migrations
Although __table_args__ is set correctly in the base model, existing
migration scripts were not generated with the mysql_engine option in
the alembic output, likely due to:
https://bitbucket.org/zzzeek/alembic/issue/110/
This adds the mysql_engine option to each table creation operation.
Jakub Libosvar [Wed, 30 Jul 2014 08:42:14 +0000 (10:42 +0200)]
Use correct section for log message if interface_driver import fails
If import of interface_driver in namespace_driver fails then message for
logger raises exception because of taking interface_driver from haproxy
section while actual interface_driver is in default section.
Assaf Muller [Wed, 7 May 2014 15:05:42 +0000 (18:05 +0300)]
Make sure that gateway is in CIDR range by default
Git commit c3706fa2 introduced the force_gateway_on_subnet
option that verified that the defined gateway is in the CIDR
range of a newly created or updated subnet. However, the default
value was False for backwards compatability reasons. The default
will change to True and the option will be marked as deprecated.
For IPv6, the gateway must be in the CIDR only if the gateway
is not a link local address.
Assaf Muller [Thu, 22 May 2014 11:38:30 +0000 (14:38 +0300)]
Move ARP responder test to sanity command
Additionally, the patch improves the check itself:
To check if the currently installed OVS supports the ARP responder
feature, we try to add a flow that references an OpenFlow ARP
extension via ofctl. The test may fail due to an (expected)
Runtime error, or due to some other unexpected error.
In such a case the error was previously masked and tossed away.
* Clean up ARP responder unit test
* Extract ARP responder flow actions to be used by the unit
tests, functional test as well as the ARP responder code itself
After this patch, if the sanity check returned False but the
user never ran it or ignored its results, the OVS agent will
output errors to the log every time an ARP entry is (attempted)
to be added or removed from the flow table.
Ann Kamyshnikova [Tue, 29 Jul 2014 12:02:20 +0000 (16:02 +0400)]
Fix wrong order of tables in downgrade
Heal migration fix bug https://bugs.launchpad.net/neutron/+bug/1336177.
Now table ml2_brocadenetworks has foreign key and downgrade
of 492a106273f8_brocade_ml2_mech_dri fails. To fix this change order
of tables in downgrade is needed.
Jakub Libosvar [Tue, 29 Jul 2014 10:18:33 +0000 (12:18 +0200)]
Fix deprecated opt in haproxy driver
If Neutron was updated from Havana, lbaas config file defines user_group
and loadbalancer_state_path in default section but since Icehouse these
settings were moved to haproxy section.
This patch adds DEFAULT group to DeprecatedOpt.
Li Ma [Fri, 21 Feb 2014 08:57:25 +0000 (00:57 -0800)]
Race condition of L3-agent to add/remove routers
This race condition happens when repeatedly calling
l3-agent-router-add and l3-agent-router-remove
by different neutron-servers at the same time.
The primary key constraint is added for the pair of
(router_id and l3_agent_id).
During migration, verification is done if the current
records violate the PK constraint defined in this bug
fix, and sanitize the data before schema modification.
Due to different dialects of database engines, different
sql statements are executed correspondingly to do
the verification.
Make dvr_vmarp_table_update call conditional to dvr extension
Without making this call conditional, every l3plugin that
integrates with the ML2 plugin will need to implement this
method and this must not be necessary.