]> review.fuel-infra Code Review - openstack-build/neutron-build.git/log
openstack-build/neutron-build.git
10 years agoCisco: Fix test cases which make incorrect create requests
Abhishek Raut [Mon, 14 Jul 2014 11:17:14 +0000 (04:17 -0700)]
Cisco: Fix test cases which make incorrect create requests

Some test cases in the test_n1kv_plugin module are sending more than
one dictionary while creating the network profile resources. This
patch corrects these erroneous test cases while preserving the test
cases intended behavior.

Change-Id: I99de0b708218cf5217ecf47c74a30f75d0733e25
Closes-bug: #1347963

10 years agoMerge "NSX: remove unnecessary checks on network delete"
Jenkins [Tue, 22 Jul 2014 23:09:54 +0000 (23:09 +0000)]
Merge "NSX: remove unnecessary checks on network delete"

10 years agoMerge "This patch changes the name of directory from mech_arista to arista"
Jenkins [Tue, 22 Jul 2014 21:13:52 +0000 (21:13 +0000)]
Merge "This patch changes the name of directory from mech_arista to arista"

10 years agoMerge "Bump min required version for dnsmasq to 2.63"
Jenkins [Tue, 22 Jul 2014 20:38:31 +0000 (20:38 +0000)]
Merge "Bump min required version for dnsmasq to 2.63"

10 years agoMerge "ML2 mechanism driver for SR-IOV capable NIC based switching, Part 1"
Jenkins [Tue, 22 Jul 2014 19:28:20 +0000 (19:28 +0000)]
Merge "ML2 mechanism driver for SR-IOV capable NIC based switching, Part 1"

10 years agoMerge "Imported Translations from Transifex"
Jenkins [Tue, 22 Jul 2014 17:53:49 +0000 (17:53 +0000)]
Merge "Imported Translations from Transifex"

10 years agoThis patch changes the name of directory from mech_arista to arista
Sukhdev [Tue, 22 Jul 2014 02:28:17 +0000 (19:28 -0700)]
This patch changes the name of directory from mech_arista to arista

This name change of directroy is needed so that additional drivers
can be moved into this directory and share the code among drivers.

In order to accomodate this name change, setup.cfg is modified to
point to the Arista ML2 driver at the new location. Additionally,
a similar new directroy is created for test files as well.

Change-Id: I614ccf8b6d152aa99e20ef1ea762c26115ab9373
closes-bug: 1346712

10 years agoML2 mechanism driver for SR-IOV capable NIC based switching, Part 1
Irena Berezovsky [Tue, 18 Feb 2014 13:13:58 +0000 (15:13 +0200)]
ML2 mechanism driver for SR-IOV capable NIC based switching, Part 1

This set of changes introduces the ML2 mechanism driver for SR-IOV capable NIC based switching.
Please see the blueprint for more information.
The review is submitted in two parts:
- Part 1 (this part)
    The Mechanism Driver to support port binding for SR-IOV virtual functions of
    SRIOV capable switching NICs, such as Mellanox ConnectX Family.

    Use configurable list of supported NIC vendor and product PCI ids to filter
    devices to bind the SR-IOV port.
    Use configurable agent_required option to require SRIOV L2 Agent
    for bort binding.

- Part2
    The SRIOV NIC Based L2 Agent.

Partially implements: blueprint ml2-sriov-nic-switch

Change-Id: If3d28df2a8ffe72ae512ddae076f42fca936cff7

10 years agoMerge "Add partial specs support in ML2 for multiprovider extension"
Jenkins [Tue, 22 Jul 2014 10:19:54 +0000 (10:19 +0000)]
Merge "Add partial specs support in ML2 for multiprovider extension"

10 years agoL2 Agent-side additions to support DVR
Vivekanandan Narasimhan [Mon, 14 Apr 2014 21:55:25 +0000 (14:55 -0700)]
L2 Agent-side additions to support DVR

This patch introduces changes to the L2 agent, whereby the L2 agent
relies on a DVR component that takes care of the port wiring and the
management of tunnels in face of topology changes due to the life
cycles or VM's as well as the life cycles of distributed virtual
routers.

Support for DVR needs to be explicitly enabled. Default behavior
remains unchanged.

Partially-implements: blueprint neutron-ovs-dvr

Change-Id: If75225898a6f0aeea8b0300b711ca7e01f6b4f9a

10 years agoImported Translations from Transifex
OpenStack Proposal Bot [Tue, 22 Jul 2014 06:07:08 +0000 (06:07 +0000)]
Imported Translations from Transifex

Change-Id: I6ebbb2da3747bbaf13b04eb30447a5e387f4e76b

10 years agoMerge "Split up metering test case into plugin + test case"
Jenkins [Tue, 22 Jul 2014 03:15:04 +0000 (03:15 +0000)]
Merge "Split up metering test case into plugin + test case"

10 years agoMerge "Make readme reference git.openstack.org not github"
Jenkins [Tue, 22 Jul 2014 03:14:42 +0000 (03:14 +0000)]
Merge "Make readme reference git.openstack.org not github"

10 years agoMerge "The default value of quota_firewall_rule should not be -1"
Jenkins [Tue, 22 Jul 2014 02:25:36 +0000 (02:25 +0000)]
Merge "The default value of quota_firewall_rule should not be -1"

10 years agoMerge "NSX: fix router ports port_security_enabled=False"
Jenkins [Tue, 22 Jul 2014 02:25:26 +0000 (02:25 +0000)]
Merge "NSX: fix router ports port_security_enabled=False"

10 years agoMerge "NSX: fix validation logic on network gateway connect"
Jenkins [Tue, 22 Jul 2014 02:25:14 +0000 (02:25 +0000)]
Merge "NSX: fix validation logic on network gateway connect"

10 years agoMerge "Add partial specs support in ML2 for gre/vxlan provider networks"
Jenkins [Tue, 22 Jul 2014 01:08:55 +0000 (01:08 +0000)]
Merge "Add partial specs support in ML2 for gre/vxlan provider networks"

10 years agoMerge "NSX: Optionally not enforce nat rule match length check"
Jenkins [Tue, 22 Jul 2014 00:36:09 +0000 (00:36 +0000)]
Merge "NSX: Optionally not enforce nat rule match length check"

10 years agoMerge "Move _convert_to_nsx_transport_zones into nsx_utils"
Jenkins [Mon, 21 Jul 2014 23:51:25 +0000 (23:51 +0000)]
Merge "Move _convert_to_nsx_transport_zones into nsx_utils"

10 years agoNSX: fix router ports port_security_enabled=False
Aaron Rosen [Fri, 18 Jul 2014 19:09:12 +0000 (12:09 -0700)]
NSX: fix router ports port_security_enabled=False

Previously there was a bug that resulted in a security group being
added to router ports which was not supported in NSX. Removing the
security group didn't actually completely solve the problem as we
never cleared the allowed_address_pairs on the router port. This
patch fixes this issue by disabling port_security_enabled on the
router port.

Change-Id: Ib61756e3bd5866318cbc3bb9856344571399d656
Closes-bug: 1344266
Related-bug: 1329043

10 years agoAdd partial specs support in ML2 for multiprovider extension
Cedric Brandily [Fri, 20 Jun 2014 09:31:01 +0000 (11:31 +0200)]
Add partial specs support in ML2 for multiprovider extension

ML2 provider network partial specs let admins choose some
multiprovider network attributes and let neutron choose remaining
attributes. This change provides the implementation for
multiprovider networks.

In practice, for VLAN/GRE/VXLAN segments provider:segmentation_id
choice can be delegated to neutron, in such case neutron try to find
a segment in tenant network pools which respects provided segment
attributes. For VLAN segments provider:physical_network choice can
also be delegated.

DocImpact

Implements blueprint provider-network-partial-specs

Change-Id: I1cf1441a179ec527674276b71e9924841f8570b6

10 years agoAdd partial specs support in ML2 for gre/vxlan provider networks
Cedric Brandily [Mon, 16 Jun 2014 20:03:14 +0000 (22:03 +0200)]
Add partial specs support in ML2 for gre/vxlan provider networks

ML2 provider networks partial specs let admins choose some provider
network attributes and let neutron choose remaining attributes. This
change provides the implementation for GRE/VXLAN provider networks.

In practice, for GRE/VXLAN provider networks provider:segmentation_id
choice can be delegated to neutron, in such case neutron will try to
find a network in tenant network pools which respects provided
provider attributes.

DocImpact

Related to blueprint provider-network-partial-specs
Partial-Bug: #1330562

Change-Id: I720d7d04f6e3453145e888d9e4d9b5e381d0f7d4

10 years agoMerge "NSX: Remove unneed call to _ensure_default_security_group"
Jenkins [Mon, 21 Jul 2014 19:51:23 +0000 (19:51 +0000)]
Merge "NSX: Remove unneed call to _ensure_default_security_group"

10 years agoMerge "Fix incorrect downgrade"
Jenkins [Mon, 21 Jul 2014 19:49:23 +0000 (19:49 +0000)]
Merge "Fix incorrect downgrade"

10 years agoMerge "Initialize RpcProxy objects correctly"
Jenkins [Mon, 21 Jul 2014 19:44:26 +0000 (19:44 +0000)]
Merge "Initialize RpcProxy objects correctly"

10 years agoMerge "Correct LOG.debug use"
Jenkins [Mon, 21 Jul 2014 18:34:57 +0000 (18:34 +0000)]
Merge "Correct LOG.debug use"

10 years agoMerge "Support Router Advertisement Daemon (radvd) for IPv6"
Jenkins [Mon, 21 Jul 2014 17:52:41 +0000 (17:52 +0000)]
Merge "Support Router Advertisement Daemon (radvd) for IPv6"

10 years agoMerge "Fix spelling mistake in the log message"
Jenkins [Mon, 21 Jul 2014 17:01:41 +0000 (17:01 +0000)]
Merge "Fix spelling mistake in the log message"

10 years agoThe default value of quota_firewall_rule should not be -1
Liping Mao [Mon, 21 Jul 2014 15:41:54 +0000 (23:41 +0800)]
The default value of quota_firewall_rule should not be -1

A bad tenant User can create unlimited firewall rules to
"attack" the network node, so I modify the default value to 100.

Change-Id: I485c24cb1a7ed77dee81356fe6d95276808a47d4
Closes-Bug: #1346372

10 years agoCorrect LOG.debug use
Cedric Brandily [Mon, 21 Jul 2014 14:45:38 +0000 (16:45 +0200)]
Correct LOG.debug use

The commit b3202c3283597de031572e0ede082237487d8110 used:

  LOG.debug("...%(key1)s...", key1=value1)

which  is not supported, this change ues instead:

  LOG.debug("...%(key1)s...", {"key1": value1})

Change-Id: I9bd63c27ca8acf89284399fda8cd74c82906113b

10 years agoFix incorrect downgrade
Ann Kamyshnikova [Mon, 21 Jul 2014 12:13:14 +0000 (16:13 +0400)]
Fix incorrect downgrade

In downgrade of migration b7a8863760e_rm_cisco_vlan_bindin is used
Integer type with parameter display_width. Integer should be used
without any parameters.

Closes-bug: #1346245

Change-Id: Ic444af81ed3ec25116d2171ab465ce473cba8113

10 years agoFix spelling mistake in the log message
Livnat Peer [Wed, 16 Jul 2014 10:57:03 +0000 (13:57 +0300)]
Fix spelling mistake in the log message

Change-Id: I749308b94055eaca0503053daa87f4e89c873c56

10 years agoImported Translations from Transifex
OpenStack Proposal Bot [Mon, 21 Jul 2014 06:06:35 +0000 (06:06 +0000)]
Imported Translations from Transifex

Change-Id: I7e52fc97c41e35b294e464f75351dbc18f5123af

10 years agoMerge "Add partial specs support in ML2 for vlan provider networks"
Jenkins [Mon, 21 Jul 2014 04:51:53 +0000 (04:51 +0000)]
Merge "Add partial specs support in ML2 for vlan provider networks"

10 years agoMerge "Support Quota extension in MidoNet plugin"
Jenkins [Mon, 21 Jul 2014 04:51:44 +0000 (04:51 +0000)]
Merge "Support Quota extension in MidoNet plugin"

10 years agoSupport Router Advertisement Daemon (radvd) for IPv6
Robert Li [Fri, 11 Jul 2014 15:02:19 +0000 (11:02 -0400)]
Support Router Advertisement Daemon (radvd) for IPv6

Launch radvd from inside l3 agent when any router port has an IPv6 address. If
slaac is used for IPv6 addresses, advertise the prefix associated with the port;
otherwise, advertise default route only.

Change-Id: Ib8b0b3e71f7af9afa769c41357c66f88f4326807
Implements: blueprint neutron-ipv6-radvd-ra
Co-Authored-By: Henry Gessau <gessau@cisco.com>
10 years agoMove plugin.delete_port call out of transaction
Eugene Nikanorov [Sat, 19 Jul 2014 13:08:53 +0000 (17:08 +0400)]
Move plugin.delete_port call out of transaction

This might fix a few cases of lock wait timeouts.

Change-Id: Iaa656a8582b2ff3ec55709bbe47b1ac9f5fc2a99
Closes-Bug: #1342166

10 years agoAdd partial specs support in ML2 for vlan provider networks
Cedric Brandily [Mon, 16 Jun 2014 20:43:13 +0000 (22:43 +0200)]
Add partial specs support in ML2 for vlan provider networks

ML2 provider networks partial specs let admins choose some provider
network attributes and let neutron choose remaining attributes. This
change provides the implementation for VLAN provider networks.

In practice, for VLAN provider networks provider:physical_network
and provider:segmentation_id choices can be delegated to neutron,
in such case neutron will try to find a network in tenant network
pools which respects provided provider attributes.

DocImpact

Related to blueprint provider-network-partial-specs
Partial-Bug: #1330562

Change-Id: I2c52c71167edaa153b2e04681273e2f1be8d03aa

10 years agoMerge "Mock out tunnel_sync in test to avoid sleeping"
Jenkins [Sat, 19 Jul 2014 07:21:12 +0000 (07:21 +0000)]
Merge "Mock out tunnel_sync in test to avoid sleeping"

10 years agoMerge "Validate expected parameters in add/remove router interfaces"
Jenkins [Sat, 19 Jul 2014 06:39:56 +0000 (06:39 +0000)]
Merge "Validate expected parameters in add/remove router interfaces"

10 years agoMerge "Add a gate-specific tox env for functional tests"
Jenkins [Sat, 19 Jul 2014 02:48:16 +0000 (02:48 +0000)]
Merge "Add a gate-specific tox env for functional tests"

10 years agoMerge "Dnsmasq config files syntax issue when dhcp_domain is empty"
Jenkins [Sat, 19 Jul 2014 00:23:15 +0000 (00:23 +0000)]
Merge "Dnsmasq config files syntax issue when dhcp_domain is empty"

10 years agoMerge "Fix incorrect default paramater in migration"
Jenkins [Fri, 18 Jul 2014 22:27:31 +0000 (22:27 +0000)]
Merge "Fix incorrect default paramater in migration"

10 years agoMerge "Fix DVR regression for ofagent"
Jenkins [Fri, 18 Jul 2014 22:09:00 +0000 (22:09 +0000)]
Merge "Fix DVR regression for ofagent"

10 years agoMerge "Allow to import _LC, _LE, _LI and _LW functions directly"
Jenkins [Fri, 18 Jul 2014 20:47:37 +0000 (20:47 +0000)]
Merge "Allow to import _LC, _LE, _LI and _LW functions directly"

10 years agoNSX: fix validation logic on network gateway connect
Salvatore Orlando [Thu, 10 Jul 2014 21:55:04 +0000 (14:55 -0700)]
NSX: fix validation logic on network gateway connect

This patch adds validation for the segmentation ID when the
network type for the gateway connection is vlan.
This will avoid requests with invalid vlan IDs are sent to
the backend resulting in 500 error responses being
returned to API users.

To this aim this patch slightly alters the current validation
logic due to the fact that some checks are unnecessary since
the same routine sets default values which avoid the
conditions being checked.

Change-Id: If0e71f6fdf27a49f0eda727e21405cffbc260a7a
Closes-Bug: #1340431

10 years agoInitialize RpcProxy objects correctly
Ilya Shakhat [Fri, 18 Jul 2014 10:09:18 +0000 (14:09 +0400)]
Initialize RpcProxy objects correctly

RpcProxy class is used as base in classes with multiple inheritance
(ex. MeteringAgent). To initialize objects of such classes correctly
every constructor should call its base constructor via super().__init__()

Closes bug 1332788

Change-Id: I00ef804b6ee6c73dec3e177202bb85311e3e2b10

10 years agoFix DVR regression for ofagent
YAMAMOTO Takashi [Fri, 11 Jul 2014 00:15:58 +0000 (09:15 +0900)]
Fix DVR regression for ofagent

Background:
    ML2 plugin sometimes uses truncated port uuids.
    For example, in the case of ofagent and linuxbridge,
    if port id is 804ceaa1-0e3e-11e4-b537-08606e7f74e7,
    an agent would send "tap804ceaa1-0e" to the plugin.
    ML2 plugin's _device_to_port_id() would restore it to
    "804ceaa1-0e".  While it's still truncated, ML2 plugin's
    get_port() handles that by using "startswith".

The recently merged DVR change (https://review.openstack.org/#/c/102332/)
assumes that port_id is always a complete uuid (it's the case
for openvswitch) and fails to handle the above mentioned case.
This commit fixes the regression.

Change-Id: I9c0845be606969068ab5d13c0165e76760378500
Closes-Bug: #1343750

10 years agoMerge "RPC additions to support DVR"
Jenkins [Thu, 17 Jul 2014 21:05:53 +0000 (21:05 +0000)]
Merge "RPC additions to support DVR"

10 years agoMerge "no quota for allowed address pair"
Jenkins [Thu, 17 Jul 2014 20:54:48 +0000 (20:54 +0000)]
Merge "no quota for allowed address pair"

10 years agoRPC additions to support DVR
Vivekanandan Narasimhan [Tue, 24 Jun 2014 14:22:38 +0000 (07:22 -0700)]
RPC additions to support DVR

This patch introduces the RPC contract changes
required for both the server (plugin) and agent
to propagate and retrieve additional information
about Distributed Routers, like MAC addresses
and Port Bindings.

Partially-implements: blueprint neutron-ovs-dvr

Change-Id: I04a2ee5fceea79d2786c799178f8dd1675925a39
Authored-by: Vivekanandan Narasimhan <vivekanandan.narasimhan@hp.com>
Co-Authored-By: Armando Migliaccio <armamig@gmail.com>
10 years agono quota for allowed address pair
Liping Mao [Tue, 15 Jul 2014 06:22:46 +0000 (14:22 +0800)]
no quota for allowed address pair

There is no quota for allowed address pair. User can create unlimited
allowed address pairs. I add quota for allowed address pairs.

Change-Id: I2efb0c0f527f1fb22c4d4b07f6d280863f565648
Closes-Bug: #1336207

10 years agoAllow to import _LC, _LE, _LI and _LW functions directly
Cedric Brandily [Tue, 15 Jul 2014 18:05:55 +0000 (20:05 +0200)]
Allow to import _LC, _LE, _LI and _LW functions directly

_LC, _LE, _LI, _LW are translation helper functions. This change updates
hacking rules to allow importing them directly:

    from neutron.openstack.common.gettextutils import _LC
    from neutron.openstack.common.gettextutils import _LE
    from neutron.openstack.common.gettextutils import _LI
    from neutron.openstack.common.gettextutils import _LW

neutron.policy module has been updated as an example of _LE, _LI and
_LW uses.

Change-Id: I11cba6bca48a179945385fce69e6f642270f5563

10 years agoL2 Model additions to support DVR
Vivekanandan Narasimhan [Tue, 24 Jun 2014 01:53:32 +0000 (18:53 -0700)]
L2 Model additions to support DVR

This patch introduces the models, the DB migrations
and the config options required by the L2 layer to
support DVR east/west traffic.

These changes will be used by the control-plane made
of ML2, L2pop and L2 agent.

Two new configuration options have been introduced:
'dvr_base_mac' is used to set DVR MAC addresses apart
from tenant ones (every distributed router will have
ports being created on compute hosts) and
'enable_distributed_routing' is used to enable dvr
support in the L2 agent. This gives the capability of
rolling out the dvr functionality in stages.

Partially-implements: blueprint neutron-ovs-dvr

DocImpact

Change-Id: Iab6505f239d2c4c9bcbf4e32a292d7b4b5320c8e
Authored-by: Vivekanandan Narasimhan <vivekanandan.narasimhan@hp.com>
Co-Authored-By: Armando Migliaccio <armamig@gmail.com>
10 years agoMerge "Fix a log typo in ML2 manager.bind_port()"
Jenkins [Thu, 17 Jul 2014 10:41:14 +0000 (10:41 +0000)]
Merge "Fix a log typo in ML2 manager.bind_port()"

10 years agoMake readme reference git.openstack.org not github
Joe Gordon [Thu, 17 Jul 2014 08:57:12 +0000 (10:57 +0200)]
Make readme reference git.openstack.org not github

Point to our offical mirror instead of github.

Change-Id: I43c3d5ce4f92f35ed4fe5bddce5a5d19016ab988

10 years agoMerge "VPNaaS: separate out validation logic for ref impl"
Jenkins [Thu, 17 Jul 2014 03:11:48 +0000 (03:11 +0000)]
Merge "VPNaaS: separate out validation logic for ref impl"

10 years agoFix a log typo in ML2 manager.bind_port()
Li Ma [Sun, 13 Jul 2014 08:51:38 +0000 (01:51 -0700)]
Fix a log typo in ML2 manager.bind_port()

Change-Id: I43134ef4a9e01aac1967fb7b69ad36f96cde04c0

10 years agoMerge "Shamelessly removing commented print line"
Jenkins [Thu, 17 Jul 2014 00:39:17 +0000 (00:39 +0000)]
Merge "Shamelessly removing commented print line"

10 years agoMerge "ofagent: Handle device name prefixes other than "tap""
Jenkins [Wed, 16 Jul 2014 22:05:00 +0000 (22:05 +0000)]
Merge "ofagent: Handle device name prefixes other than "tap""

10 years agoMerge "Big Switch: Remove consistency hash on full sync"
Jenkins [Wed, 16 Jul 2014 21:59:40 +0000 (21:59 +0000)]
Merge "Big Switch: Remove consistency hash on full sync"

10 years agoMerge "Added support for NOS version 4.1.0, 5.0.0 and greater"
Jenkins [Wed, 16 Jul 2014 21:44:55 +0000 (21:44 +0000)]
Merge "Added support for NOS version 4.1.0, 5.0.0 and greater"

10 years agoMerge "Fixes port update failure when device ID is not updated"
Jenkins [Wed, 16 Jul 2014 21:42:30 +0000 (21:42 +0000)]
Merge "Fixes port update failure when device ID is not updated"

10 years agoMerge "Add L3 Extension for Distributed Routers"
Jenkins [Wed, 16 Jul 2014 21:08:58 +0000 (21:08 +0000)]
Merge "Add L3 Extension for Distributed Routers"

10 years agoBig Switch: Remove consistency hash on full sync
Kevin Benton [Mon, 9 Jun 2014 19:20:18 +0000 (12:20 -0700)]
Big Switch: Remove consistency hash on full sync

Clears the consistency hash before performing a full
backend synchronization. Since all of the data is being
replaced, there is no reason to include this and it
currently requires special-casing to handle.

Closes-Bug: #1328233
Change-Id: Iace766d869dc78b041d3a5464e728b872c8347c2

10 years agoVPNaaS: separate out validation logic for ref impl
Paul Michali [Mon, 23 Jun 2014 20:42:41 +0000 (16:42 -0400)]
VPNaaS: separate out validation logic for ref impl

Modify the persistence logic for VPNaaS to separate out the
validation for the reference implmentation. This allows
providers to override/extend the validation, as needed.
Additional commits will address the separation for other
providers and for other L3 services.

In addition, the logic that sets default values for optional
attributes is also moved into separate methods to allow
providers to override the defaults used.

Only attributes that have multiple validations are considered
at this time, but this can be extended, as needed.

Currently, one UT fails due to an oslo.messaging bug that
has been fixed, but not yet released for Neutron use.
As a workaround, the affected test case has been commented
out. This test verifies that the right (only, in this case)
device driver is used for validation. Once the issue with
releasing oslo.messaging 1.4.0.0a2 or newer is resolved,
this can be uncommented.

In the future, TaskFlow may be used for the L3 services workflow,
and these changes will provide validation modularization for that
effort.

Change-Id: Id420983ccbceece5f4a00546941618318b9562c7
Partially-implements: blueprint l3-svcs-vendor-validation

10 years agoAdd L3 Extension for Distributed Routers
Swaminathan Vasudevan [Mon, 31 Mar 2014 19:19:03 +0000 (12:19 -0700)]
Add L3 Extension for Distributed Routers

This patch introduces the model and extension
framework for implementing distributed virtual
routing on top of Open vSwitch.

A new admin-only 'distributed' (as opposed to a
'centralized' or legacy-mode) attribute is added
to the API router resource. It is possible to convert
an existing (centralized) router to a distributed
one; the opposite conversion, even though allowed by
the API, may not be honored by the underlying
plugin implementation and an appropriate error will
be reported.

When creating a router (regardless of the user role),
Neutron will rely on a system wide configuration, whose
default currently allows to create 'centralized' routers.

Tests are added for basic unit coverage; when the first
building blocks for neutron-testing-refactor
are complete, functional testing will be added.
This is because we should be moving away from how
extension tests have been done up until now.

Partially-implements: blueprint neutron-ovs-dvr

DocImpact

Change-Id: I7227fbe2718eba6665a5afb5dcaaaa77b341091f
Authored-by: Swaminathan Vasudevan <swaminathan.vasudevan@hp.com>
Co-Authored-By: Armando Migliaccio <armamig@gmail.com>
10 years agoVPNaaS Cisco REST client enhance CSR create
Paul Michali [Mon, 7 Jul 2014 22:57:43 +0000 (18:57 -0400)]
VPNaaS Cisco REST client enhance CSR create

For the create of the REST client object that represents a Cisco CSR,
all of the info needed were passed in as separate parameters. This
change just uses a dict instead, so that additional parameters can
be added w/o changing the API.

Updated the currently unused UT module, just so that it can be used
locally and stays up-to-date until it can be converted to use the
new requests-mock package.

Change-Id: I5d4f439cc7ffe125cea9ed3407b70645587a739a
Closes-Bug: 1336478

10 years agoFixes port update failure when device ID is not updated
Mithil Arun [Tue, 8 Jul 2014 13:08:04 +0000 (18:38 +0530)]
Fixes port update failure when device ID is not updated

The updation was failing because the changed_device_id variable
was undeclared.This fix declares the variable with a default value
at the beginning of the method.

Change-Id: I06dfea1170a6b2a649f4e1efe4bf70b7cee0eacb
Closes-Bug: 1337787

10 years agoMerge "Add BSN plugin to agent migration script"
Jenkins [Wed, 16 Jul 2014 08:08:10 +0000 (08:08 +0000)]
Merge "Add BSN plugin to agent migration script"

10 years agoMerge "Add CONTRIBUTING.rst"
Jenkins [Wed, 16 Jul 2014 07:35:15 +0000 (07:35 +0000)]
Merge "Add CONTRIBUTING.rst"

10 years agoMerge "Send network name and uuid to subnet create"
Jenkins [Wed, 16 Jul 2014 07:35:06 +0000 (07:35 +0000)]
Merge "Send network name and uuid to subnet create"

10 years agoMerge "l2-pop : removing a TODO for the delete port use case"
Jenkins [Wed, 16 Jul 2014 07:04:31 +0000 (07:04 +0000)]
Merge "l2-pop : removing a TODO for the delete port use case"

10 years agoSupport Quota extension in MidoNet plugin
Tomoe Sugihara [Fri, 4 Jul 2014 09:06:57 +0000 (09:06 +0000)]
Support Quota extension in MidoNet plugin

Implements: blueprint midonet-support-quotas-ext

Change-Id: I848e36273b655355e5a833c48d7be417df95c7f4

10 years agoMerge "Change all occurences of no_delete to do_delete"
Jenkins [Wed, 16 Jul 2014 03:44:11 +0000 (03:44 +0000)]
Merge "Change all occurences of no_delete to do_delete"

10 years agoMerge "Fixed audit notifications for l3-agent-router ops"
Jenkins [Wed, 16 Jul 2014 02:45:35 +0000 (02:45 +0000)]
Merge "Fixed audit notifications for l3-agent-router ops"

10 years agoMerge "Use auth_token from keystonemiddleware"
Jenkins [Tue, 15 Jul 2014 22:11:03 +0000 (22:11 +0000)]
Merge "Use auth_token from keystonemiddleware"

10 years agoMerge "Security groups extension for PLUMgrid plugin"
Jenkins [Tue, 15 Jul 2014 21:36:46 +0000 (21:36 +0000)]
Merge "Security groups extension for PLUMgrid plugin"

10 years agoMerge "Database healing migration"
Jenkins [Tue, 15 Jul 2014 21:35:48 +0000 (21:35 +0000)]
Merge "Database healing migration"

10 years agoMerge "ofagent: Fix an argument mismatch bug in commit 9d13ea88"
Jenkins [Tue, 15 Jul 2014 21:31:45 +0000 (21:31 +0000)]
Merge "ofagent: Fix an argument mismatch bug in commit 9d13ea88"

10 years agoNSX: Remove unneed call to _ensure_default_security_group
Aaron Rosen [Fri, 11 Jul 2014 06:17:23 +0000 (23:17 -0700)]
NSX: Remove unneed call to _ensure_default_security_group

This patch removes an unneeded call to _ensure_default_security_group
which does not need to be called in create_security_group_rule_bulk()
as one would need to call get_security_groups() to look up the uuid
of the default security group which be would created it for us, BOOM!

Change-Id: I628a94c7ea9553dcefa68fa956f25244f0abbb18
Closes-bug: 1340536

10 years agoMerge "L3 agent prefers RPC messages over full sync"
Jenkins [Tue, 15 Jul 2014 21:03:20 +0000 (21:03 +0000)]
Merge "L3 agent prefers RPC messages over full sync"

10 years agoUse auth_token from keystonemiddleware
Brant Knudson [Tue, 24 Jun 2014 21:52:51 +0000 (16:52 -0500)]
Use auth_token from keystonemiddleware

auth_token middleware in python-keystoneclient is deprecated and has
been moved to the keystonemiddleware repo.

Closes-Bug: #1342274

Change-Id: I1aadbe24db63eb2507b088cd53886d7f2e192cab

10 years agoMerge "Freeze models for healing migration"
Jenkins [Tue, 15 Jul 2014 16:55:56 +0000 (16:55 +0000)]
Merge "Freeze models for healing migration"

10 years agoMerge "ML2: Bind ports outside transactions"
Jenkins [Tue, 15 Jul 2014 16:54:38 +0000 (16:54 +0000)]
Merge "ML2: Bind ports outside transactions"

10 years agoShamelessly removing commented print line
armando-migliaccio [Tue, 15 Jul 2014 16:38:25 +0000 (09:38 -0700)]
Shamelessly removing commented print line

This is not supposed to be there.

Change-Id: I52c17ea8e6ecb0beb2511e03ffbd8c36dd7c1d66

10 years agoL3 agent prefers RPC messages over full sync
Carl Baldwin [Thu, 6 Mar 2014 23:57:11 +0000 (23:57 +0000)]
L3 agent prefers RPC messages over full sync

When the L3 agent starts up and runs the sync task it doesn't process
any incoming RPC events until the sync task is complete.

This change combines the work from _rpc_loop and _sync_routers_task in
to a single loop called _process_routers_loop.  This loop spawns
threads that pull from a priority queue.  The queue ensures that RPC
messages are handled before _process_routers_loop.  The latter is
generally maintenance tasks triggered by the agent rather than user
triggered tasks.

Synchronization between RPC and sync routers loops is no longer
necessary since they both feed in to a single queue.  There were
places where it was necessary to reorder some things to allow for the
lack of synchronization.  For example, it is necessary to list
namespaces before fetching the full list of routers to ensure that it
doesn't delete a new namespace that gets created after listing
namespaces.  The lack of the need for synchronization between loops is
probably the main strength of this patch.

With multiple worker threads, need to handle the case where an RPC
message came in while a thread was working on a router.  Another
thread should not handle the same router that is already in progress.
Adds a mechanism to signal to the working thread that an update came
in for the router it is working on.  The original thread will repeat
processing the router when it is finished to get the update.
Multiple rapid updates to the same router will be consolidated.
Essentially, there is still synchronization of work for a given router
but not between routers.  Much better than before.

blueprint l3-agent-responsiveness
Closes-Bug: #1289066
Change-Id: I39afe86c66f864d71adf865d7bd1c9db35511505

10 years agoDnsmasq config files syntax issue when dhcp_domain is empty
Bertrand Lallau [Wed, 11 Jun 2014 13:46:58 +0000 (15:46 +0200)]
Dnsmasq config files syntax issue when dhcp_domain is empty

When using dhcp-agent with the following property dhcp_domain=""
addn_hosts and host files genererated for Dnsmasq have wrong syntax
concerning hostname parameter (dot char at the end).

As described in RFC-952 the hostname grammar is as follows:
<hname> ::= <name>*["."<name>]
<name>  ::= <let>[*[<let-or-digit-or-hyphen>]<let-or-digit>]
Hence it can't be conclude with a dot char.

Dnsmasq process is waiting for a hostname (2nd parameter) in the
following files:
"addn_hosts" file contains:
   20.0.0.3 host-20-0-0-3. host-20-0-0-3
"host" file contains:
   fa:16:3e:bf:e1:e4,host-20-0-0-3.,20.0.0.3

With the patch you will get:
"addn_hosts":
   20.0.0.3 host-20-0-0-3 host-20-0-0-3
"host":
   fa:16:3e:bf:e1:e4,host-20-0-0-3,20.0.0.3

Change-Id: I4c10169019becaed6b2968b74f03ef356244a057
Closes-Bug: #1326256

10 years agoDatabase healing migration
Ann Kamyshnikova [Wed, 28 May 2014 08:38:35 +0000 (12:38 +0400)]
Database healing migration

Add script that will add all tables for all plugins and make db schema
unconditional.

partially implement bp: db-migration-refactor

Closes-bug: #1277379
Closes-bug: #1304741
Closes-bug: #1298456
Closes-bug: #1298461
Closes-bug: #1239974
Closes-bug: #1336177
Closes-bug: #1337185

Change-Id: Ie49088a74bc5a87466f46989ce14d935e27567d1

10 years agoFix incorrect default paramater in migration
Ann Kamyshnikova [Mon, 14 Jul 2014 10:18:34 +0000 (14:18 +0400)]
Fix incorrect default paramater in migration

Migration 5446f2a45467_set_server_default try to set incorrect default
boolean value on Integer column cisco_network_profiles.

Closes-bug: #1341518

Change-Id: I594a6811af23fced7105252f47d72232bf37184c

10 years agoFixed audit notifications for l3-agent-router ops
Maruti [Sat, 7 Jun 2014 12:42:45 +0000 (05:42 -0700)]
Fixed audit notifications for l3-agent-router ops

l3-agent-router-add and l3-agent-router-remove do not
generate audit notifications which are used for security
compliance.
CRUD operations of core network resources are
handled by neutron/api/v2/base.py. In base.py, each of
create(), update(), delete() methods makes calls to
oslo.messaging.Notifier.info() to generate these notifications.
In the proposed fix, it is fixed in a similar fashion in
extensions/l3agentscheduler.py inside create() and delete()
methods by introducing info() method calls inside them.

Change-Id: I1354e51e4af24eda128c042926765683018b320b
Closes-Bug: 1317000

10 years agoSend network name and uuid to subnet create
Steven Hillman [Tue, 8 Jul 2014 22:35:10 +0000 (15:35 -0700)]
Send network name and uuid to subnet create

Added the network segment name and uuid parameters to the infomation sent to
Cisco N1kV during subnet creation to allow for proper association of the
subnet and network segment.

Change-Id: I375d49ec43f79360189ecf5de0583873b8039db9
Closes-Bug: 1332713

10 years agoMerge "Add -s option for neutron metering rules"
Jenkins [Mon, 14 Jul 2014 21:25:23 +0000 (21:25 +0000)]
Merge "Add -s option for neutron metering rules"

10 years agoMerge "Refactor 'if false do nothing' logic in l3 scheduler db"
Jenkins [Mon, 14 Jul 2014 19:15:25 +0000 (19:15 +0000)]
Merge "Refactor 'if false do nothing' logic in l3 scheduler db"

10 years agoML2: Bind ports outside transactions
Robert Kukura [Wed, 12 Mar 2014 01:54:35 +0000 (21:54 -0400)]
ML2: Bind ports outside transactions

The ML2 plugin now calls the bind_port() operation on the registered
mechanism drivers outside of any enclosing DB transaction. Ports are
created or updated in one transaction, then a binding is established
if possible, and finally a second transaction commits the binding
result.

With [re]binding moved outside the DB transaction that triggered it,
it is now possible that multiple threads or processes will
concurrently try to bind the same port, or that the port will be
updated between transactions. Concurrent attempts to bind the same
port are allowed to proceed, which results are used is resolved in the
second transaction, and binding is retried if necessary.

Improvements to the Cisco Nexus driver and unit tests from Rich Curran
needed due to the binding changes are also included.

Closes-Bug: 1276391
Closes-Bug: 1335226
Change-Id: I65dafc330d6e812dad0667d2383858504d0ba299

10 years agoFreeze models for healing migration
Jakub Libosvar [Thu, 26 Jun 2014 14:56:32 +0000 (16:56 +0200)]
Freeze models for healing migration

Take a snapshot of all models from the code base at the time when the
healing migration merges. The healing migration needs this frozen view
of the models to be available (even as the models change in the future)
to compare with the current DB schema. The healing migration will use
this comparison to heal the schema.

partially implement bp: db-migration-refactor

Change-Id: I438147c7961b1ecad47f6146cc7fc9396aee7bc5

10 years agoNSX: Optionally not enforce nat rule match length check
Salvatore Orlando [Mon, 9 Jun 2014 16:53:47 +0000 (09:53 -0700)]
NSX: Optionally not enforce nat rule match length check

This patch adds the 'raise_on_len_mismatch' parameter to the
'delete_nat_rules_by_match' function. The plugin then leverages
this parameter for ensuring NAT rules deletion operations
are completed successfully even when duplicate rules are found
or no corresponding rules are found at all.

With this change, the 'remove_router_interface' operation will
correctly complete even in cases when NAT rules in Neutron and
the NSX backend are out of sync.

This patch also changes a check in delete_nat_rules_by_match in
order to make it less expensive.

Closes-Bug: 1328181

Change-Id: I856d67ef5ff6264374cb8f2569668da4c205ad9f

10 years agoofagent: Handle device name prefixes other than "tap"
YAMAMOTO Takashi [Thu, 10 Jul 2014 08:36:43 +0000 (17:36 +0900)]
ofagent: Handle device name prefixes other than "tap"

This fixes regressions in commit 9d13ea884bff749b3975acb5eb5630e5aca4a665.

Handle device name prefixes other than "tap".
For example, nova hybrid interface driver uses "qvo" prefix.

Also, ignore non neutron ports correctly.  For example, veth pairs
used to connect physical bridges.

Closes-Bug: #1341465
Change-Id: I1d71c8a2cf8c2f71f0dbcfb54c9b347e24c03562

10 years agoAdd -s option for neutron metering rules
Koteswara Rao Kelam [Mon, 26 May 2014 13:44:33 +0000 (06:44 -0700)]
Add -s option for neutron metering rules

While adding iptables rule, cidr is added as destination for both ingress
and egress directions. Modified code to add -s for egress and -d for ingress.

Closes-bug: 1310589

Change-Id: Id9ca10855e6527d4bec689f8f9bcd6f681221954

10 years agoSecurity groups extension for PLUMgrid plugin
Fawad Khaliq [Tue, 8 Jul 2014 18:10:12 +0000 (11:10 -0700)]
Security groups extension for PLUMgrid plugin

This patch includes immplementation of security groups
extension in PLUMgrid plugin.

APIs include CRUD operations for security groups
and security group rules.

Added unit tests.

Implements: blueprint plumgrid-plugin-security-groups
Change-Id: I23fea3fe6c3abbe310e883e00706b93863db3bfb