Aaron Rosen [Wed, 12 Feb 2014 22:25:31 +0000 (14:25 -0800)]
NSX: Fix newly created port's status should be DOWN
Previously when creating a port in neutron using the nsx plugin
the port status returned would be ACTIVE even if this was not the
case. Now, DOWN is returned which will be updated by the backend
when the port goes ACTIVE.
Akihiro Motoki [Wed, 19 Feb 2014 19:21:55 +0000 (04:21 +0900)]
Lower log level of errors due to user requests to INFO
Errors due to bad client requests (e.g., NotFound, BadRequest)
are logged as exception/trace level and it is annoying
from the point of operators' view.
This commit changes the log level for errors due to
user requests (HTTP 4xx errors) to INFO.
The code that syncs router status to the neutron_db was using the nsx
router id instead of the neutron router id thus synchronize_router
would never update the database.
Also, the switch synchronization routine was not fetching the
appropriate neutron id tag thus causing switch synchronization to
be skipped.
This patch also fixes the error in the unit tests which allowed for
the bug to be introduced.
Bob Kukura [Thu, 13 Feb 2014 17:35:25 +0000 (12:35 -0500)]
ML2 binding:profile port attribute
The ML2 plugin stores the binding:profile port attribute, defined as a
dictionary, in its ml2_port_bindings DB table. Since the plugin can
support a variety of MechanismDrivers with different needs for
binding:profile attribute content, the plugin will accept, store, and
return arbitrary key/value pairs within the attribute. As with the
binding:host_id attribute, updates to binding:profile trigger
rebinding.
Rename/remove Nicira NVP references from VMware NSX unit tests
This patch sweeps for Nicira and NVP references and replace
them with VMware and NSX where possible. Some clean-up is
done along the way to improve the organization of the
unit tests module.
Isaku Yamahata [Thu, 13 Feb 2014 11:19:25 +0000 (20:19 +0900)]
options: consolidate options definitions
Some config options(interface_driver, use_namespaces) are defined
multiple times in ad-hoc way. It causes DuplicateOptError exception
when using those module at the same time. Right now the exception is
avoided in ad-hoc way by each executable. Those duplicated
definitions should be consolidated and treated in uniformed way.
This is the blocker for blueprint: l3-agent-consolidation
neutron.services.loadbalancer.drivers.haproxy.agent periodic_interval
conflicts with neutron.service one. Since there is no way to fix it
without changing existing behavior/default value, it is untouched for now.
Bob Kukura [Tue, 4 Feb 2014 04:18:44 +0000 (23:18 -0500)]
Replace binding:capabilities with binding:vif_details
In addition to binding:vif_type, the neutron core plugin needs to
supply various information to nova's VIF driver, such as VIF security
details and PCI details when SR-IOV is being used. This information is
read-only, requires admin privileges, and is not intended for normal
users. Rather than add separate mechanisms throughout the stack for
each such requirement, the binding:capabilities port attibute, which
is a dictionary and is not currently not used by nova, is renamed to
binding:vif_details to serve as a general-purpose mechanism for
supplying binding-specific details to the VIF driver.
This patch does not remove or replace the CAP_PORT_FILTER boolean
previously used in binding:capabilities. A separate patch should
implement the specific key/value pairs carried by binding:vif_details
to implement VIF security. Another patch will implement the key/value
pairs needed for SR-IOV.
The ML2 plugin now allows the bound mechanism driver to supply the
binding:vif_details dictionary content, instead of just the
CAP_PORT_FILTER boolean previously carried by the binding:capabilities
attribute.
DocImpact: Need to update portbinding extension API, but no impact on
user or administrator documentation.
Itsuro Oda [Mon, 6 Jan 2014 06:03:14 +0000 (15:03 +0900)]
Make metaplugin be used with a router service plugin
"l3_plugin_list" configuration parameter of the metaplugin is permitted
blank now.
If "l3_plugin_list" is blank, router extension and extensions which extend
the router extension don't be included in "supported-extension-aliases" of
the metaplugin.
This makes the metaplugin be able to be used with a router service plugin.
Note that if "l3_plugin_list" is not blank, a router service plugin must
not be specified, otherwise the error of the bug report still occurs.
This patch removes some router extension related meaningless codes also.
(e.g. external-net extension belongs to L2 functionality and be handled
by core plugins properly.)
zhhuabj [Fri, 17 Jan 2014 10:21:01 +0000 (18:21 +0800)]
Raise max header size to accommodate large tokens
The max header is exceeded in the following scenario
- Auth tokens built with a keystone v3 API catalog
- A catalog with approximately 8 or more endpoints defined
Aaron Rosen [Tue, 18 Feb 2014 21:15:02 +0000 (13:15 -0800)]
NSX: get_port_status passed wrong id for network
The call to get_port_status in update_port was passing in the neutron
network_id instead of the nsx_network_id. These used to be the same
but now are different. This patch updates the code so that it now
passes in the correct uuid.
Aaron Rosen [Wed, 19 Feb 2014 23:08:54 +0000 (15:08 -0800)]
Plugins should call __init__ of db_base_plugin for db.configure
Currently each plugin calls db.configure() within the plugin's __init__
class or defines an initialize() method that's sole job is to call this
method. Instead we should just call the super method of a plugin so that
db.configure() is called for us out of the db_base_plugin class.
Note: the only reason why I'm making this change is that I want to add
something to the __init__() class of the db_base_plugin that's needed for
the nova-event-callback blueprint and adding it in the base class of init
looks to be the best place.
This patch is follow up of change set of 4808f91eb2c245344517fc89c37c6c4c88e9051b bug/1260262 review/61694.
The change set adds unnecessary self.addCleanup(cfg.CONF.reset) to
VxlanTypeMultiRangeTest as pointed out. This patch Remove the line.
Xiaolin Zhang [Thu, 16 Jan 2014 14:28:28 +0000 (22:28 +0800)]
Adds https support for metadata agent
Adds two configure options to support https client for metadata proxy
* auth_insecure: turn off verification of the certificate for ssl, or
* auth_ca_cert: CA cert to check against with for ssl.
Aaron Rosen [Wed, 8 Jan 2014 21:10:54 +0000 (13:10 -0800)]
Don't require passing in port_security=False if security_groups present
If creating a port on a network that is marked as port_security_enabled=False
and one passes in a security_group in the port_create request previously an
error was raised saying they needed to also pass in
port_security_enabled=False. This patch removes that requirement and instead
sets port_security_enabled=True internally if a port has an ip_address and a
security_group is passed in. This is more convient and does not break
backwards compatibility.
Use different context for each API request in unit tests
test_router_add_interface_subnet_with_port_from_other_tenant in
neutron.tests.unit.test_l3_plugin.L3NatTestCaseBase was mocking
neutron.context.Context thus performing multiple API requests
with the same context instance. As a context instance also has
a DB session attribute, this might cause unexpected side effects,
especially for plugins which process request asynchronously.
The plugin neutron.plugins.nicira.NeutronServicePlugin was being
affected.
This patch ensures each request has a different context object
without changing the unit test semantics.
It also refactors slightly test_edge_router.py in the nicira
unit test package to avoid executing twice the same unit tests.
Code Review / openstack-build / neutron-build.git / log