Moshe Levi [Sun, 2 Aug 2015 09:58:54 +0000 (12:58 +0300)]
SR-IOV: Update eswitch manager to support rate
This patch update the eswitch manager to support
max rate on VF, moreover it updates the eswitch
manager to be singleton so it can be called from the
SR-IOV qos driver.
Henry Gessau [Wed, 5 Aug 2015 01:29:46 +0000 (21:29 -0400)]
Remove VPN from API tests
Change Idd5524ed0b602408be5a53830981a8ab974b390c removed the
VPN service from devstack installations in the gate, so now we
can no longer test VPN APIs from neutron. The tests will be
added to the vpnaas repo's API test suite.
Moshe Levi [Tue, 28 Jul 2015 12:46:10 +0000 (15:46 +0300)]
Update OVS driver to work with objects
This patch updates the QoS OVS driver to work with policy NeutronObjects
that are passed by the agent extension manager, instead of lists of rule
dicts, as we originally expected. It also adds validation that the
rules that are sent by the neutron-server are actually supported by the
backend.
Finally, port dict was not really enough to determine the name of the
port in ovsdb. 'name' field is not really present in all port dicts, and
does not reflect what is known to ovs anyway. So instead, we should
rely on vif_port object to determine the ovs port name. Since ovs agent
only added the vif_port value to details dict when binding was desired,
I made adding the vif_port object unconditional, and covered that fact
with unit tests.
With this patch in place, I was able to get policy rules applied to a
port in devstack installation. Functional tests will belong to a
follow-up.
Cyril Roelandt [Tue, 4 Aug 2015 12:27:48 +0000 (14:27 +0200)]
Python 3: fix test_ovs_tunnel
In Python 3, this happens:
>>> d = {}
>>> a = d.values()
>>> b = d.values()
>>> a == b
False
And anyway we're not really willing to pass dict_values objects around; we are
expecting lists, just like in Python 2, so let's just do the conversion.
John Schwarz [Mon, 3 Aug 2015 12:49:13 +0000 (15:49 +0300)]
Add API tests for non-accessible policies
Tests which dealt with creating a rule for a policy that the tenant has
no access to, or for a policy which does not even exist, were missing.
This patch adds them.
John Schwarz [Mon, 3 Aug 2015 13:56:27 +0000 (16:56 +0300)]
Gracefully handle fetching nonexistent rule
Currently, if we invoke the API for 'show rule' but the rule does not
exist, an exception is raised from deep within Neutron. This in turns
causes an uncaught exception and the user will see 'ServerFault'. This
patch proposes a fix for this scenario - the case where the rule does
not exist is handled and a NeutronException is caused, causing a proper
'NotFound' error on the client side instead.
John Schwarz [Mon, 27 Jul 2015 09:09:10 +0000 (12:09 +0300)]
Replace to_dict() calls with a function decorator
Up until now, API server functions would need to return simple iterable
objects, such as dicts and lists of dicts. This patch introduces a
decorator which allows such functions to return non-simple objects (as
long as the returned object implements the 'to_dict()' method, or is a
list of such objects) and converts them on its own, simplifying the
user's code and removing code duplication.
Enable set DNS and DHCP log of dnsmasq for dhcp agent
Add a new configuration named 'dnsmasq_base_log_dir'
in dhcp_agent.ini.
This entry should be a path of log file. It should
like this:
dnsmasq_base_log_dir=/tmp
And the DNS and DHCP log will be written into the file
"/tmp/aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa/dhcp_dns_log".
The dir path will be created if the given path doesn't exists.
Move 1c844d1677f7 expand migration to appropriate branch
Commit cb60d0bb4e0cc0cba68f59fdf5f4e89d6ec52950 added an expand
migration. Howewer it indicated a contract migration as its
ancestor (2a16083502f3). As a result the migration was treated
by alembic as a contract one, even if it was defined in the
'expand' directory.
This patch 'rebases' this migration on top of the expand branch
HEAD. This might impact trunk chasers which have already executed
migration 1c844d1677f7 as a part of the contract branch.
Ihar Hrachyshka [Sun, 2 Aug 2015 20:40:40 +0000 (22:40 +0200)]
Cleaned up some TODO comments for feature/qos that do not apply anymore
1. Removed comment to add tests for invalid input for attach/detach
methods for QosPolicy. Those tests are already implemented in the test
class, so the TODO became obsolete.
2. Removed TODO to use a constant for rule 'type' field. There is no
'type' field in rules anymore, so it does not apply any more.
OVSBridge was inheriting db_list from BaseOVS, which was
returning the information of all the ports on the machine,
not only the ones belonging to the bridge.
The OVSNeutronAgent was using that method with the assumption
that ports were filtered by bridge.
To avoid confusion, this patch add a new method to OVSBridge
get_ports_attributes to query the info for all the ports
belonging to the bridge.
db_list is removed from BaseOVS since that method is already
available in ovsdb/api.py
ovs_lib methods that use db_list are refactored accordingly.
Also renamed service_notification_drivers into notification_drivers
since it's clear where it belongs anyway (it's in neutron.conf meaning
it's a server side configuration value).
The only values in qos_rules table are: type, id and qos_policy_id. Both
id fields point to qos_*_rules and qos_policies objects.
Type is redundant since qos_rule and qos_*_rule objects maintain 1-to-1
relationship.
Keeping a separate table just to link qos_*_rule and qos_policy objects
has no meaning. At the same time, it complicates the code for rule
objects significantly.
So instead of copying with all those issues, we just squash the tables
into single one. It allows us to reuse all base methods from
NeutronObject for rules.
LOC stats for the patch clearly shows the point:
65 insertions(+), 267 deletions(-)
And no actual functionality is lost.
While at it, the following changes were applied:
- some base tests are reimplemented to test objects in a more explicit
way;
- fields_no_update class attribute is now actually enforced in base
object class.
John Schwarz [Sun, 26 Jul 2015 13:00:12 +0000 (16:00 +0300)]
Fix accessing shared policies, add assoc tests
This patch is two-fold:
1. Previously, policies that were created using the 'shared=True' flag
were not accessible to other tenants, since the context used to
search the policies was not elevated. This patch elevates the context
prior to retrieving the policy, and if a match was found, makes sure
that the user has permissions to access it (either the policy is
shared or it's from the same tenant id).
2. Tests for both associations and disassociations of policies to both
networks and ports are added in this patch, to make sure coverage is
good and that the problem is fixed.
Sam Betts [Thu, 16 Jul 2015 13:08:59 +0000 (14:08 +0100)]
Fix order of calls in update_port
https://review.openstack.org/#/c/196908 introduced some extra logic to
do with DVR to update_port, however it changed the ordering of some of
the calls, this patch ensures that the calls that need to happen before
precommit happen in the right place.
Kevin Benton [Wed, 29 Jul 2015 23:32:43 +0000 (16:32 -0700)]
Check that VXLAN is not in use in LB VXLAN check
The Linux bridge VXLAN supported check was only checking that the
test interface didn't exist instead of checking that both the interface
and the VXLAN didn't exist. This caused it to fail on startup if
a VXLAN interface existed under a different name using one of the
VXLANs that the agent tried to test support with.
This patch adds a check to ensure that the VXLAN ID isn't in use as well.
Kevin Benton [Tue, 28 Jul 2015 23:15:34 +0000 (16:15 -0700)]
Initialize port_info dict as blank in OVS agent
The first assignment of port_info was from the scan_ports function
which could result in an exception and result in port_info being
unbound for the port stats scan below.
This patch just initializes port_info as an empty dict so the port
stats will always have an input.
Cedric Brandily [Thu, 28 May 2015 16:35:17 +0000 (18:35 +0200)]
Ensure non-overlapping cidrs in subnetpools with galera
This change enables galera support in _lock_subnetpool[1]. It uses an
update to disallow 2 transactions performing concurrent subnet
allocation in the same subnetpool to succeed: the 2 transactions will
conflict because they update the same row so the db (including Galera
multi-writer cluster) will discard the last transaction and
Controller.create[2] will catch and retry the "discarded" allocation.
This change adds the "hash" attribute in "subnetpools" table to enable
previous update.
John Kasperski [Thu, 30 Jul 2015 04:52:01 +0000 (23:52 -0500)]
Prevent update alloc pool over existing gateway ip
The gateway IP for a subnet is not allowed to be listed in the
allocation pool for that subnet. This restriction is checked and
enforced at subnet-create time.
During subnet-update, it is only partially checked. An
exception is returned if the update request tries to place the gateway
IP in an existing allocation pool OR if both gateway and allocation
pool are being changed and the gateway is located in the new pool.
If only the allocation pool is being updated, no check is made to
verify that the new allocation pool does not contain the existing
gateway IP.
Code Review / openstack-build / neutron-build.git / log