Add an explicity user in the configuration file regarding consequences of
enabling overlapping IPs when Quantum is used with nova security groups
and/or metadata.
This patch adds a global configuration option for enabling or disabling
overlapping IPs for subnets in different networks.
If they are disabled, the validation of the CIDR against overlapping
ones should be performed globally and not just among subnets defined for
the current network.
So far unit tests were executed using an in-memory database.
Memory was not being freed thus causing oom frequently due to
the increased number of unit tests.
Since sqlite in memory db do not work very well anyway with nose,
we are moving to file-based databases; slower, but safer.
Also, this patch removes a bunch of unit tests which do not add
anything to code coverage or number or test cases exercised.
the l3 agent checked if the external network bridge exists in its
constructor, raising an uncaught exception if it did not. this does not
make much sense when running the l3-agent as a deamon, especially since
it can be the case that the l3-agent starts before open vswitch.
when running in db-mode, the ovs plugin agent will catch any unexpected
exceptions generated during processing. However, in rpc-mode, this
does not happen, meaning a small error, even a transient one, causes the
agent to exit completely. Thic change adds a try-catch block to the
rcp_loop(), causing the agent to log any unexpected exception, wait for
the polling period, then retry the loop after resetting all state.
Bob Kukura [Thu, 20 Sep 2012 20:03:14 +0000 (16:03 -0400)]
Fix OVS and LB plugins' VLAN allocation table synchronization
In both the openvswitch and linuxbridge plugins, if previous entries
for a physical network have been completely removed from the
network_vlan_ranges configuration variable, allocation table records
for unallocated VLANs on that physical network are now removed from
the DB at startup. The test_ovs_db and test_lb_db unit tests have also
been extended to cover this case. Fixes bug 1052289.
Test assertions that were added to the test_ovs_db unit test in
https://review.openstack.org/#/c/11388 have been added to the
test_lb_db unit test. Fixes bug 1045596.
Python ignores SIGPIPE on startup, because it prefers to check every
write and raise an IOError exception rather than taking the signal. Most
Unix subprocesses don't expect to work this way. This patch (adapted
from Colin Watson's post at http://tinyurl.com/2a7mzh5) sets SIGPIPE
back to the default action for quantum.agent.linux.utils.execute,
quantum.common.utils.execute and quantum-rootwrap created subprocesses.
Checks for the validity of the VLAN ID needed to be performed. In cases where
segmentation ID is not greater than zero, the Nexus sub-plugin does not
need to be invoked for that network.
the l3-agent only pushes down some of the DNAT rules for metadata mapping
if there is a gateway set on a router. However, the nova-api server could
itself be running in the local router namespace (or on the same box as
the quantum-l3-agent in the case were namespaces are disabled. In fact,
with namespaces disabled, this is the likely setup for a simple
environment). Thus, we should simply always push down the metadata nat
rules for a router, router than waiting until a gateway is added.
This patch also refactors the actions taken by the l3-agent when a router
is added or removed into a separate function for improved readability,
as add/removing the nat rules made these code segments even longer.
* eval() was previously used to marshall unchecked strings as
filter parameters for QuantumDbPluginV2.get_ports() via
the --fixed_ips flag.
* This change removes the use of eval and cleans up the filtering
implementation for get_ports().
* The new filtering implementation does not support arbitrary
OR'ing or AND'ing. Instead, multiple values for a given filter
key are logically OR'ed, and filters across keys are AND'ed.
* Example usage - filter for .2 or .3 in the given subnet:
This fixes the exceptions occurring in the virtual switch mode of the
Cisco plugin for create/delete/update network operations. The exceptions
were occurring on account of the recent changes in the OVS module to the
get_vlan and get_vlans methods, which were still being invoked here.
Test configuration has been changed to increase the code coverage to
catch such issues in the future. All changes are limited to the Cisco
plugin and related tests.
Currently, setup.py will not copy l3_agent.ini and rootwrap filters
into directory /etc/quantum. Add copy operation in setup.py for those
config files so that those files will be copied into proper directory.
This commit fixes a bug that quantum agent using a namespace does not
work with NEC plugin. NEC plugin uses an Open vSwitch as an OpenFlow switch,
but an OVS port created by ovs-vsctl add-port becomes down when the port is
moved to some network namespace. Usual OpenFlow controllers respect the
OpenFlow port status. Since DHCP server (dnsmasq) is connected to the down
port, DHCP server disappears from the virtual network.
This behavior can be avoided if we use a similar approach used in
BridgeInterfaceDriver, i.e., we first create a veth pair, add one veth device
to OVS and move the other veth device to a network namespace. To accomplish it
this patch introduces a new interface driver OVSVethInterfaceDriver.
In addition, this patch adds a 'prefix' paramter to unplug(). When deleting
a veth pair, a veth device added to OVS bridge is not removed automatically.
Thus we need a mean to know the veth device name from a device_name to be
removed. It is the reason to add 'prefix' parameter to unplug().
The changeset also removed the namespace garbage collection from the port unplug. This
attempts to delete the namespace. This is problematic as there may be additional attributes
to the namespace that need to be dealt with.
writing to the subnets attribute is not supported, so rather than
making it looks like we accept it but ignoring it, we should explicitly
reject requests to specify it on network create/update.
1. The external interface for the linux bridge will be created at run time.
The configuration parameter external_network_bridge should be set as empty.
That is, "external_network_bridge = ". The link between the network and
the physical interface should be done via the provider network parameters.
2. The plug operation for the linux bridge replaces the interface name
prefix with tap. We need to ensure that the prefix length is 3 characters.
Not all systems that support Open vSwitch support its GRE tunneling
feature that is not in the Linux kernel source tree. Therefore, a new
configuration variable, enable_tunneling, applies to both the server
and agent. Its default value is False, so it must be set to True to
enable tunneling for tenant and/or provider networks. If
enable_tunneling is False, the server will not allow creation of GRE
networks, and the agent will not initialize the tunnel bridge and will
log an error if there is an attempt to provision a GRE network. If it
is True, the agent now logs an error and exits if it fails to
initialize the patch ports used for the tunnel bridge. Fixes bug 1045610.
When there is an attempt to provision a flat or VLAN network and the
agent has no bridge mapping configured for a the specified physical
network, the agent will now log an error rather than crash.
An undefined variable in a logging statement has been corrected.
Logging levels for openvswitch have been checked and updated where
necessary, and logging statements now avoid the % string substitution
syntax. Fixes bug 1045592.
The corresponding devstack update has already been merged.
This patch adds a periodic resync check to the DHCP agent that will
resync state with the Quantum server if any notification or rpc errors
have occurred since the last check.
Allows user to invoke L3-agent in a way that limits the agent to
implementing only routers associated with a particular external network.
Thus, it is possible to have a deployment with multiple external networks,
since you can run one agent per external network.
Also makes l3-agent pay attention to router admin_state_up field.
Code Review / openstack-build / neutron-build.git / log