Kevin Benton [Wed, 2 Dec 2015 23:35:00 +0000 (15:35 -0800)]
Make port binding message on dead agents clear
The previous message was misleading because it made it
sound like port binding was being attempted even though
the agent is dead. However, the actual logic is that
binding will be completely skipped if the agent is dead.
This patch updates the message to make that clear and also
provides the port ID as part of the warning so operators
without debugging enabled can see which ports failed.
Doug Wiegley [Wed, 25 Nov 2015 23:46:19 +0000 (15:46 -0800)]
Move i18n to _i18n, as per oslo_i18n guidelines
- This does NOT break other projects that rely on neutron.i18n,
as this change includes a debtcollector shim to maintain those
older entry points, until they can migrate.
- Also updates _i18n.py to the latest pattern defined by oslo_i18n
- Guidance and template are from the reference:
http://docs.openstack.org/developer/oslo.i18n/usage.html
Oleg Bondarev [Wed, 25 Nov 2015 12:14:18 +0000 (15:14 +0300)]
DVR:don't reschedule the l3 agent running on compute node
For a DVR router, when it updates router gateway_ip, it should not
reschedule the l3 agents running on compute nodes whose mode is dvr,
it just need to reschedule the l3 agents running on network nodes
whose mode is dvr_snat.
l3_db: it updates port attribute without L2 plugin
L3_NAT_dbonly_mixin._add_interface_by_port update Port.owner
db entry directly without notifying l2 plugin.
Thus L2 plugin/ML2 mechanism driver will be confused when
interface is attached to router by port because port owner is different.
Use L2 plugin update_port method to update port:owner.
Change check_ports_exist_on_l3agent to pass the subnet_ids
The get_subnet_ids_on_router is called for every
available l3agent in check_ports_exist_on_l3agent.
This introduces un-necessary call to the same
function multiple times which is expensive since it
calls get_ports internally.
In large scale the time taken to schedule a VM
on a given N-Node increases.
By passing the subnet_ids to check_ports_exist_on_l3agent
we would be only calling once get_subnet_ids_on_router in
the get_l3_agent_candidates.
This patch addresses the above problem by calling
get_subnet_ids_on_router just once.
neutron should rely on nova doing the job instead of trying to 'fix' it.
'Fixing' it introduces race conditions between lb agent and nova VIF
driver. Particularly, lb agent can scan for new tap devices in the
middle of nova plumbing qbr-tap setup, and attempt to do it on its own.
So if agent is more lucky to plug the tap device into the bridge, nova
may fail to do the same, getting the following error:
libvirtError: Unable to add bridge brqxxx-xx port tapxxx-xx: Device or
resource busy
This also requires a change in how the port admin_state_up is implemented
by setting the tap device's link state instead of moving it in or out
of the bridge.
Co-Authored-By: Sean M. Collins <sean@coreitpro.com> Co-Authored-By: Darragh O'Reilly <darragh.oreilly@hp.com> Co-Authored-By: Andreas Scheuring <andreas.scheuring@de.ibm.com>
Change-Id: I02971103407b4ec11a65218e9ef7e2708915d938
Closes-Bug: #1312016
Gary Kotton [Mon, 9 Nov 2015 08:38:54 +0000 (00:38 -0800)]
Remove transparent VLAN support from base plugin
The transparent VLAN is an extension. This code was bundled part
of the base plugin.
Commit 809e434d2da99cb3e1a778be9838b1175e785e76 has a todo to remove
the code from the base plugin.
Victor Stinner [Fri, 27 Nov 2015 15:20:28 +0000 (16:20 +0100)]
Support Unicode request_id on Python 3
The oslo.context change If48ee7f4d1c113f1f26b3b1698c6b055807b950f will change
request_id type on Python 3 from bytes to str. This change prepares Neutron for
this change.
Cedric Brandily [Thu, 26 Nov 2015 15:21:30 +0000 (15:21 +0000)]
Correct unwatch_log to support python <= 2.7.5
Currently unwatch_log[1] uses WatchedFileHandler.delay attribute to
build a FileHandler instance from a WatchedFileHandler instance but
this attribute doesn't exist before 2.7.6.
This change removes WatchedFileHandler.delay usage and uses default
FileHandler delay (it also ensures we open immediately the log file).
Akihiro Motoki [Tue, 24 Nov 2015 03:15:05 +0000 (12:15 +0900)]
Update toctree of neutron document
* Display more contents in the top page.
It is useful to access various things from the top page.
The contents after this change looks reasonable.
* Remove "Indices and tables" section in policies and stadium index.
They are unnecessary.
Kevin Benton [Wed, 25 Nov 2015 23:42:46 +0000 (15:42 -0800)]
Don't drop ARP table jump during OVS rewiring
The previous OVS ARP spoofing code was dropping the rule to jump to
the ARP protection table each time it was called. This call was
unnecessary since the majority of port updates are not turning
off port security.
This patch adjusts the logic to only drop the jump rule if port-sec
is disabled or if it is a network port. The existing functional tests
ensure that connectivity works as expected.
Currently when the last HA router of a tenant is deleted the HA network
belonging to this tenant is not removed. While running tempest aganist an
OpenStack setup where tenant VLANs (with small VLAN range) is used we hit
the limits are tempest tests start to fail as we cannot create new networks.
This patch addresses this issue by deleting the HA network when the last HA
router is deleted for the tenant.
Milestone assignment is another mumbo jumbo effort in open source.
Artificially setting milestones implies that someone can reliably
predict the future when no-one is really in full control.
For this reason let's make clear that we optmistically target the
current milestone for work that is supposed to start asap, and
complete sooner rather than later. Rolling over until the work is
complete is the natural course of action.
Dashboards [1] then capture the entire workload (BP and RFE) for
the entire release cycle, and that's helpful to provide to overall
view.
sridhargaddam [Mon, 19 Oct 2015 05:32:16 +0000 (05:32 +0000)]
Support for IPv6 RDNSS Option in Router Advts
RFC6106 standardizes IPv6 Router Advertisements to support
Recursive DNS server information. RDNSS info allows an IPv6
host to configure the DNS information via RA messages without
needing DHCPv6 for the DNS configuration.
This patch configures RADVD daemon to include RDNSS entries in
the Router Advertisements when the IPv6 subnet has dns_nameservers.
Ihar Hrachyshka [Tue, 24 Nov 2015 14:13:00 +0000 (15:13 +0100)]
tox: pass TEMPEST_CONFIG_DIR envvar into api target environment
Currently, API job skips all tests because TEMPEST_CONFIG_DIR is not set
properly. The environment variable was hardcoded to
/opt/stack/tempest/etc before, and since that's the location for tempest
configuration files that was used in gate, it worked fine there.
But after we were forced to remove the hardcoded value from the file due
to regression in tox 2.2.0+ (If3742b6eabe295a5aaeb4901c55909a70c451698),
it was neither hardcoded, nor passed from the external gate environment.
Note that since tox 2.0.0, the tool does not pass all envvars into tox
targets, but require explicit specification of the list of variables
that should be allowed into the target environment, using passenv
directive.
So that's what the patch does: it allows TEMPEST_CONFIG_DIR to get into
api tox target, which should be enough to make the API job avoid
skipping all tests.
Users are still required to set TEMPEST_CONFIG_DIR variable locally if
they want to execute the suite locally.
Hong Hui Xiao [Tue, 24 Nov 2015 14:01:48 +0000 (09:01 -0500)]
Wait for the watch process in test case
Because the _watch_process and the failing_process are asynchronous,
there might be a chance that failing_process exit and _watch_process
is not executed.
If the _watch_process is blocked, the method that will be asserted
will not be called. This will fail the UT, but it is intermittent.
Kevin Benton [Fri, 20 Nov 2015 05:16:42 +0000 (21:16 -0800)]
Add UnionModel support to filter query generator
The _apply_filters_to_query method did not handle UnionModels
so objects leveraging it (i.e. RBAC policies) did not have
queries applied to them.
This patch corrects it by iterating through the component models
of the UnionModel and applying the filters to each component model.
It also adds an API test on RBAC that exercises the filtering.
Ryan Moats [Mon, 2 Nov 2015 19:30:26 +0000 (13:30 -0600)]
Optimize router delete execution
Optimize the execution of router delete in the L3 agent
by not performing operations in the router namespace that
will be removed as the last step of the workflow.
Comparing the slopes of the least squares fit of delete
execution time shows that this optimization decreases that
slope by over half.
Change-Id: Ic425ab1f8c3afe882c9deaa72a814ac0d2053f3b Signed-off-by: Ryan Moats <rmoats@us.ibm.com>
Closes-Bug: 1512450
Cedric Brandily [Sun, 22 Nov 2015 22:22:58 +0000 (23:22 +0100)]
Deprecate l3-agent router_id option
L3-agent router_id option has been defined in order to associate a
l3-agent to a specific router when use_namespaces=False. The option
use_namespaces has been removed in Mitaka, so router_id option is no
longer needed and can be deprecated in order to prepare its removal in N
cycle.
Kevin Benton [Wed, 2 Sep 2015 23:37:17 +0000 (16:37 -0700)]
Make Neutron resources reference standard attr table
This adds a new 'standardattributes' table and adds a foreign-key
references from ports, subnets, networks, subnetpools, routers,
securitygroups, and floatingips to this table.
This will make it easy to add new things to the schema like
timestamp fields or anything else that applies to multiple types
of Neutron resources. The new fields would just be added to the
'neutronresources' table instead of being duplicated across each
resource's table. Or, if the the relationship is 1-to-many (e.g. tags),
the new association table would be related to the 'standardattribute'
table.