Carl Baldwin [Tue, 12 Nov 2013 19:31:45 +0000 (19:31 +0000)]
Optionally delete namespaces when they are no longer needed
Adds a configuration option to tell the network agents to delete
namespaces when they are no longer in use. The option defaults to
False so that the agent will not attempt to delete namespaces in
environments where this is not safe.
This has been working well in deployments where iproute2 has been
patched with commit 58a3e8270fe72f8ed92687d3a3132c2a708582dd or it is
new enough to include it without being patched.
Misconfiguration of the policy.json file may
cause policy check failures. It's kind to the
developer to log the underlying exception
so that he/she can have more information as to
how to address the problem.
This fix addresses improper behavior with the Cisco Nexus plugin's
selection of Nexus switch on which to place a Switch Virtual Interface
(SVI) when round-robin switch placement is enabled.
The expected behavior when round-robin SVI switch selection is configured
via the cisco_plugins.ini file, i.e.:
[cisco]
nexus_l3_enable = True
svi_round_robin = True
is that when a virtual router interface is created, the Nexus plugin should
select the Nexus switch with the least number of SVI interfaces configured
for creating the new SVI. The current selection is based on the first
entry in a dictionary, and is therefore indeterminate.
Similarly, this fix also addresses incorrect behavior when round-robin
selection is disabled. In this case, the desired behavior is that
the plugin should select the first switch which appears in the Nexus
switch configuration. Instead, the current selection is also based on the
first entry in a dictionary, and is likewise indeterminate.
Tune up report and downtime intervals for l2 agent
If the neutron server erroneously thinks than the l2 agent is down
it will fail to bind a port, which can lead to VM's spawn errors.
However, the issue is only transient because the agent effectively
is only 'late' in reporting back.
Best solution would be an alpha-count algorithm (so that we can detect
persistent failures more reliably), but for now let's be more tolerant
assuming that the agent is down by waiting at least twice the report
interval plus a tiny teeny bit.
The IntegrityError faced on network deletion that
spooks Tempest tests is most likely caused by the
fact that the ml2 plugin does a dirty read. By
adding a 'select for update' we should be able to
address the issue once and for all.
Also, there's a chance that the dhcp port gets
reallocated while we are deleting the network. To
this aim, catch the integrity error and attempt
to recover from it.
This patch also removes the handling of errors
on concurrent reads that can no longer occur when
deleting the network.
This patch addresses minor cleanups which are the diff between the
original version of the patch which was merged into havana master
branch and the patch that is submitted for merge into stable/havana.
The original patch that was merged into havana master branch is at:
https://review.openstack.org/#/c/49086/
The new patch which has been submitted as havana-backport-potential is:
https://review.openstack.org/#/c/54447/
This whole excercise came into play because the original patch was not
picked up in havana-rc2 because of missing tag in the bug. Therefore, the
need to submit new patch against stable/havana.
When the new patch was submitted for havana-backport-potential, few very
minor previously commented cleanups were incorporated as well. This
patch brings these minor cleanups into master branch as well. Therefore,
merge of these two patches will bring both master branch and
stable/havana at parity.
chen-li [Tue, 12 Nov 2013 01:17:17 +0000 (09:17 +0800)]
Remove the warning for Scheduling Network
when a new port is created, the schedule_network in agentschedulers_db is called.
Since this network may already be hosted, it will directly return None in dhcp_agent_scheduler,
which cause the agentschedulers_db.schedule_network log a warning message.
This is really annoying and making users confused.
And, real warnings are already addressed in the real scheduler function.
which is neutron.scheduler.dhcp_agent_scheduler.ChanceScheduler.schedule by default.
Joe Gordon [Mon, 11 Nov 2013 18:32:34 +0000 (10:32 -0800)]
Cleanup HACKING.rst
* Point to new location for hacking doc
(http://docs.openstack.org/developer/hacking/)
* Remove openstack-common section because already in main hacking doc
Arata Notsu [Mon, 11 Nov 2013 11:33:43 +0000 (20:33 +0900)]
Remove confusing comment and code for LBaaS
The comment "the driver is optional" is inconsistent with what actually
done. And "vif_driver = None" after raising an exception makes no sense.
So this patch removes these lines.
Carl Baldwin [Fri, 27 Sep 2013 04:04:31 +0000 (04:04 +0000)]
Refactor configuring of floating ips on a router
This approach to configuring floating ips is stateless and idempotent.
This allows it to handle corner cases, such as reusing a floating ip
address with a different floating ip id in a way that is easier to
understand.
The concept is to wipe the floating ips clean and rebuild them each
time with the following optimizations. To avoid bad performance in
manipulating iptables, it is called in the context of a call to
defer_apply_on. To avoid a disruption in network flow a set
difference is use to determine the set of addresses that no longer
belong on the inteface rather than removing them all blindly.
Andreas Jaeger [Sun, 3 Nov 2013 16:31:29 +0000 (17:31 +0100)]
Remove database section from plugin.ini
Change https://review.openstack.org/#/c/34515 moved the database
config items to neutron.conf but left some commented out
[database] items. Remove them as well.
Chang Bo Guo [Thu, 31 Oct 2013 05:10:34 +0000 (22:10 -0700)]
sync log from oslo
5fef5a8105 allow keeping of existing loggers with fileConfig fb8075a19d Add amqp=WARN,qpid=WARN to default_log_levels 4654a5d247 Don't override default value for eventlet.wsgi.server logging 41ddd7a975 _get_log_file_path explictly return, when logfile/logdire unset e12e6b45f8 Make openstack.common.log Python 3 compatible 572cfecb4d Make Messages unicode before hitting logging 3243cdfbe9 python3: handle module moves in log
Sridhar S [Wed, 23 Oct 2013 10:33:40 +0000 (16:03 +0530)]
Modified configuration group name to lowercase
Most of the OpenStack project makes use of lower case for
configuration group names. But, 'neutron' was having group
names in either cases. Bug states it is fine to have group
name in upper case for [DEFAULT] but needs to be changed
for others. It was noted that [PLUMgridDirector] was having
characters.
Avoid dhcp agent race condition on subnet and network delete
This patch ensures that, when the dhcp agent queries the server
to retrieve and delete its DHCP port, it does so by selecting
for update. This has been done by introducing a new method
that combines the get and delete in one shot.
Akihiro MOTOKI [Fri, 18 Oct 2013 06:09:29 +0000 (15:09 +0900)]
Ensure OVS plugin is loaded in OVS plugin test
In TestOpenvswitchSGServerRpcCallBack and NetworkBindingsTest
in OVS plugin tests, OVS plugin was not loaded properly.
* For NetworkBindingsTest, it can be fixed by changing setUp()
to take 'plugin' arguments in the base test classes
SecurityGroupDBTestCase and SGServerRpcCallBackMixinTestCase.
This fixes bug 1242510 in ML2 unit tests.
* For NetworkBindingsTest, it can be fixed by passing the plugin
class to super.setUp(). The test itself needs to be updated
because network binding is added when a network is created.
* NetworkBindingsTest in Linux Bridge plugin has the same issue,
so it is also fixed in this patch.
Akihiro MOTOKI [Sat, 26 Oct 2013 06:22:45 +0000 (15:22 +0900)]
Remove deprecated fields in keystone auth middleware
This commit makes the following changes:
Use X_PROJECT_ID instead of X_TENANT_ID:
In the latest keystone auth_token middleware it is recommended to
use X_PROJECT_ID instead of X_TENANT_ID. X_PROJECT_ID is supported
in auth_token middleware for both keystone v2 and v3 API.
The corresponding change was done in keystoneclient before Grizzly
release, so we don't need to take care of X_TENANT_ID now.
USE X_ROLES instead of X_ROLE:
X_ROLES is now recommended.
X_ROLE exists just for diablo backward compatibility.
Remove X_TENANT and X_USER:
X_TENANT and X_USER are for diablo backward compatibility.
We no longer need take care of them in Icehouse Neutron.
Eugene Nikanorov [Tue, 22 Oct 2013 13:49:00 +0000 (17:49 +0400)]
LBaaS: Fix incorrect pool status change
Avoid incorrect status change when deleting the pool.
We can check for the conditions prior putting the pool
to PENDING_DELETE state, in case delete conditions are met
it is safe to change the state to PENDING_DELETE.
Also, change create_vip and update_vip operations to respect
PENDING_DELETE and avoid race conditions.
Aaron Rosen [Fri, 25 Oct 2013 00:22:56 +0000 (17:22 -0700)]
NVP: Correct NVP router port mac to match neutron
Previously when router ports were created the mac_address from neutron
was not passed to nvp so nvp generated it's own mac_address for the port.
This patch fixes this by passing the mac_address on the port to nvp.
Zhongyue Luo [Wed, 9 Oct 2013 01:44:01 +0000 (09:44 +0800)]
Utilizes assertIsNone and assertIsNotNone
Using assertEqual/assertNotEqual to test if an element
is or is not None is too python2.4.
Our unit testing framework supports assertIsNone and assertIsNotNone
which were created for these types of tests.
zhhuabj [Thu, 17 Oct 2013 14:58:48 +0000 (22:58 +0800)]
Support uncompressed ipv6 address and abbreviated ipv4 address
Now neutron supports zero-compressed ipv6 address like
'2001:db8::10:10:10:0/120' and unabbreviated ipv4 address
like '10.0.0.0/24'.
This path will make neutron also support uncompressed ipv6
address and abbreviated ipv4 address. for example:
1, uncompressed ipv6 address like 'fe80:0:0:0:0:0:0:0/128'
2, ipv6 address with multiple consecutive zero like
'2001:0db8:0:0:1::1/128' or '2001::0:1:0:0:1100/120'
3, abbreviated ipv4 address like '10/24'