This patch replacest the nvp_controller_connection configuration option
with a set of options more intutitive to user which also avoid
repetitions in ini files.
In order to simplify the configuration of the plugin, this patch also
removes named clusters. As the plugin supports a single cluster at
the moment, this can be simply specified in the [DEFAULT] configuration
section.
Also, this patch restrucures nvp_cluster.NvpCluster so that per-cluster
configuration options are not store anymore multiple times.
* Update veth pair creation to set the namespace of the peer
device on creation rather than subsequently adding it to the
namespace.
* This change supports kernels with limited namespace support
(e.g. RHEL 6.5) so long as ovs_use_veth is set to True.
* Addresses bug 1171727
This patch simply enhances the validator for the 'devices' attribute
by verifying each element in the device list does not contain
unexpected attributes.
This patch adds a new policy named 'context_is_admin' which defines
an admin user as a collection of roles or else. The quantum context
has been updated to check for this policy when setting the is_admin
flag.
This patch also adds a method for gathering 'admin' roles from policy
rules as current logic requires the context to be always populate with
the correct roles for admin rules, even when the context is implicitly
generated with get_admin_context or context.elevated.
Backward compatibility is ensuring by preserving the old behavior if
the 'context_is_admin' policy is not found in policy.json
Aaron Rosen [Thu, 21 Feb 2013 23:31:31 +0000 (15:31 -0800)]
Add string 'quantum'/ version to scope/tag in NVP
This patch adds scope='quantum', tag=QUANTUM_VERSION to each element
created in NVP via quantum. This patch also removes the function
set_tenant_id_tag() as it was only used in one place and wasn't very useful.
Enable automatic validation of many HACKING rules.
* Add hacking to the tox build - a set of flake8 plugins that
perform automatic validation of many HACKING.rst rules.
* This patch configures hacking in the tox build and performs
the mechanical cleanup required to allow the checks to pass.
* See https://pypi.python.org/pypi/hacking
* s+[/.]nicira_nvp_plugin++
* Backwards compatibility is maintained by importing the
nicira package as nicira_nvp_plugin in the plugins package.
* It may be necessary to remove stale .pyc/.pyo files under the
nicira path after applying this patch.
* DocImpact
* Addresses bug 1166307
Make "shared" filter more compatible with diff DBs
For the type BOOLEAN, in sqlalchemy,
it's mapped to BOOLEAN type if the backend database supports it,
otherwise, it's mapped to one of the Integer types, like SMALLINT,
and restrict the values to 1(True) and 0(False).
query_filter = (... | model.shared))
The above filter will generate a SQL where clause like:
where ... OR xxx.shared
This is not supported in databases which don't support BOOLEAN type.
Change it as below to make it more compatible:
query_filter = (... | model.shared == True))
It will generate a SQL where clause as below:
where ... OR xxx.shared = ?
In Python, True == 1, so this change is compatible
with both databases supporting BOOLEAN and those not supporting it.
* The old behavior required setting environment variables to
disable capture of stdout and stderr to allow debugging via pdb.
The new behavior requires enabling capture of stdout/stderr
instead. This is already the case in nova.
* testr behavior is unmodified.
* Tip 'o the hat to Robert Collins (lifeless)
The router.interface.{create|delete} notifications are intended to be
consumed by ceilometer, but did not include the router or tenant IDs
in the RPC message payload. Ceilometer requires both these data for
metering purposes.
The missing UUIDs are now provided in the notifications.
* flake8 supports more checks than pep8 (e.g. detection of
unused imports and variables), and has an extension mechanism.
A plugin to support automatic HACKING validation is planned.
* See: http://flake8.readthedocs.org/
Roman Podolyaka [Wed, 20 Mar 2013 16:50:50 +0000 (18:50 +0200)]
Use wrappers instead of direct calls to ip route.
- extract the logic of ip route wrapper into a separate
class to drop dependency on a specific network device
- add route wrapper to IPWrapper class
- use IPWrapper instead of direct calls to ip route in l3 agent
- update tests
EmilienM [Tue, 26 Mar 2013 13:43:12 +0000 (14:43 +0100)]
Add RabbitMQ and QPID HA support flags to quantum.conf
Since Quantum supports HA queues with RabbitMQ (https://review.openstack.org/#/c/13760/),
quantum.conf should provide new flags for explain how to configure multiple RabbitMQ servers and enable HA.
New flags :
rabbit_hosts=$rabbit_host:$rabbit_port
rabbit_ha_queues=false
qpid_hosts = localhost:5672
Rich Curran [Tue, 5 Feb 2013 20:55:28 +0000 (15:55 -0500)]
blueprint cisco-single-config
Scope: Unification of all the various plugin files for the Cisco plugin into a single file.
Use Cases: Quantum with the Cisco plugin.
Implementation Overview: All the config values contained in the various files in
etc/quantum/plugins/cisco will be unified into a single file
etc/quantum/plugins/cisco/cisco_plugin.ini. The plugins needs to be modified to
read from a single file instead of multiple.
Added quantum.openstack.common.cfg support.
Previously when creating a lb-vip it would be created without
a default gw. This patch fixes that and adds unit tests to check
that route add is called if the subnet has a gateway_ip.
When try to serialize an exception object as json, it failed
with 'ValueError: Circular reference detected' that is same error
as bug 119790. So this patch fixes bug 119790 too.
This implements work item #1 of the blueprint.
This patch enables authZ checks for 'member actions' in the base
controller and removes explicit checks from l3_db.
This patch also addresses a small glitch in the policy engine which
was assuming the request always had a body.
Davanum Srinivas [Fri, 22 Mar 2013 14:31:35 +0000 (10:31 -0400)]
Support for SSL in wsgi.Server
SSL are entirely optional. Support for SSL as well using code from glance. We
have some new options for configuring the SSL support. There are tests for
accessing a sample app w/o ipv6 or ssl, one with just ssl and one with
ipv6 and ssl
Code Review / openstack-build / neutron-build.git / log