Aaron Rosen [Wed, 9 Jan 2013 06:53:02 +0000 (22:53 -0800)]
Adds port security api extension and base class
Implements blueprint port-security-api-base-class
This patch also updates the _create_network/port in the unit tests
so that it does not remove false values from arg_list.
Fixes bug 1097527
Aaron Rosen [Wed, 23 Jan 2013 03:24:25 +0000 (19:24 -0800)]
get_security_group() now returns rules
get_security_group() previously only returned a security_group's id,
name, tenant_id, and description. This patch changes get_security_group()
to also return the security_group_rules associated with the security group.
Fixed bug 1103278
SQL Primary Keys cannot be null, so this patch fixes an
inconsistency between the models and SQL. The databases were
correcting this automatically, so a migration is not required.
The link local unit test was failing because it depended on eth0 to
exists. This mocks getaddrinfo() to ensure a consistent return value
across testing environments.
Akihiro MOTOKI [Wed, 16 Jan 2013 02:59:02 +0000 (11:59 +0900)]
Support Port Binding Extension in NEC plugin
Fixes bug 1099894
nova/network/quantumv2/api fill the bridge name according to
binding:vif_type attribute passed from Quantum. Otherwise the bridge
is set to None and launching an instance will fail.
blueprint vif-plugging-improvements
Note that binding:capabilities is under discussion and it may be
changed in the future. This commit just adds NEC plugin support
same as OVS and Linux bridge plugin.
Davanum Srinivas [Thu, 10 Jan 2013 16:26:25 +0000 (11:26 -0500)]
Enhance wsgi to listen on ipv6 address
Check if the hostname is ipv6 and set the family appropriately.
Picked up the code snippet from glance to determine the address_family
per markmclain's comment
Picked up some code from nova as well to get the test case running
properly
Maru Newby [Thu, 17 Jan 2013 18:42:37 +0000 (18:42 +0000)]
Config lockutils to use a temp path for tests.
* Tests for iptables_manager were leaving lockfiles in the source
tree due to the default lock path being in the openstack common
tree. This patch sets the lock_path option to an empty string
for unit tests to ensure that a temporary location is used
instead.
Aaron Rosen [Thu, 10 Jan 2013 21:36:35 +0000 (13:36 -0800)]
Provide atomic database access nvp plugin
* This patch ensures that if multiple queries are done against the
database they are atomic.
* Removes outdated doc string comments.
* Changes update_network so that it doesn't update the network name in nvp
since the name is retreved from the database.
* Fixes get_network to return the correct status from nvp. Previously,
it was always returning ACTIVE.
Fixes bug 1097990
Aaron Rosen [Wed, 9 Jan 2013 23:08:02 +0000 (15:08 -0800)]
_validate_security_groups_on_port was not validating external_ids
The function _validate_security_groups_on_port was not validating a ports
security group id if the id was an external id. The unit tests now use
set_override() rather than setting cfg values directly. Lastly, quantum.conf
now has the proxy_mode option exposed.
Fixes bug 1095864
Akihiro MOTOKI [Wed, 16 Jan 2013 02:13:15 +0000 (11:13 +0900)]
Add a common test case for Port Binding Extension
This commit merges the test cases for Port Binding Extension in
Linux Bridge plugin and Open vSwitch plugin into a common one.
It makes it easier for each plugin to support the port binding extension.
This commit also adds binding:capabilities attribute to OVS plugin.
Note that binding:capabilities is under discussion and it may be changed
in the future. This change is done just to make OVS plugin support
same as Linux Bridge plugin and pass the common unit test for the extension.
Replaced equality operators used with ATTR_NOT_SPECIFIED to 'is' or 'is not'.
Used is_attr_set() where comparsion is done to None and ATTR_NOT_SPECIFIED.
Gary Kotton [Tue, 15 Jan 2013 13:00:03 +0000 (13:00 +0000)]
Update latest OSLO.
Changes include:
1. Removing the 'extras' in the pip-requires
2. Fixes for fake implementations for RPC calls
3. Version updates due to common version update
Arvind Somya [Mon, 7 Jan 2013 23:40:59 +0000 (18:40 -0500)]
Adding multi switch support to the Cisco Nexus plugin
This commit adds intelligent multiple nexus physical switch support for the Cisco plugin.
The plugin also has been modified to scan for the host when an instance is created and
selectively trunk VLAN's for the port for that host only. It also deletes VLANs from nexus
switches when no longer required.
Dan Prince [Mon, 14 Jan 2013 17:26:36 +0000 (12:26 -0500)]
Name the securitygrouprules.direction enum.
Updates to the SecurityGroupRule model and migration so that we
explicitly name the securitygrouprules.direction enum. This fixes
'Postgresql ENUM type requires a name.' errors.
Initial Hyper-V Quantum plugin including VLAN support.
Support for NVGRE networking will be added in a subsequent patch.
The plugin architecture relies heavily on the OVS plugin, with some
design differences to handle different network types via polymorphism.
The plugin contains two main components:
The plugin itself, to be executed on Linux or Windows
The L2 agent, to be executed on each Hyper-V node
L3 networking is currently handled on Linux with the existing agents.
A Nova Quantum Vif plugin is included in the Nova project.
Akihiro MOTOKI [Sat, 12 Jan 2013 12:42:32 +0000 (21:42 +0900)]
Inform a client if Quantum provides port filtering feature
Part of blueprint vif-plugging-improvements
Quantum and Nova have duplicated functionality of packet filtering
such as security groups and anti spoofing filters.
By passing information whether Quantum supports the port filtering feature,
Nova VIF driver can skip its own packet filtering setup.
It is based on Daniel's advise in https://review.openstack.org/#/c/19436/
Code Review / openstack-build / neutron-build.git / log