Miguel Angel Ajo [Thu, 22 Jan 2015 14:17:30 +0000 (14:17 +0000)]
Move process monitor settings to neutron.conf AGENT section
Instead of defining specific settings on each agent configuration
file for later patches in the series, we provide a single
point of configuration in the AGENT section of the neutron.conf
file, which could yet be overriden per agent config file if needed.
Russell Bryant [Wed, 21 Jan 2015 19:44:23 +0000 (14:44 -0500)]
mlnx: untangle SecurityGroupAgentRpcMixin
This patch separates the use of SecurityGroupAgentRpcMixin out to its
own class. This matches most of the rest of the code base. This
separation is needed to be able to eventually move this rpc API into
its own messaging namespace. Now that it's separate, a future change
can pass the new class an instance of SecurityGroupServerRpcApi
instead of assuming that the PluginApi instance includes
SecurityGroupServerRpcApiMixin.
Russell Bryant [Wed, 21 Jan 2015 18:40:18 +0000 (13:40 -0500)]
linuxbridge: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the linuxbridge agent.
This is required to be able to eventually move this API into
a messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as
a mixin.
Russell Bryant [Wed, 21 Jan 2015 19:34:12 +0000 (14:34 -0500)]
linuxbridge: untangle SecurityGroupAgentRpcMixin
This patch separates the use of SecurityGroupAgentRpcMixin out to its
own class. This matches most of the rest of the code base. This
separation is needed to be able to eventually move this rpc API into
its own messaging namespace. Now that it's separate, a future change
can pass the new class an instance of SecurityGroupServerRpcApi
instead of assuming that the LinuxBridgePluginApi includes
SecurityGroupServerRpcApiMixin.
Cedric Brandily [Sat, 10 Jan 2015 14:25:04 +0000 (14:25 +0000)]
Use db constraint to ensure mac address uniqueness
Currently port mac address uniqueness per network is checked before Port
db object create but without locking. It implies 2 port create requests
can allocate the same mac address on a network if each request performs
mac address uniqueness check before the other creates the Port db object.
This change replaces the check by a db unique constraint on Port
(network_id, mac_address).
adolfo duarte [Wed, 3 Dec 2014 05:48:50 +0000 (21:48 -0800)]
Added test_dvr_router_lifecycle to cover dvr
Several additions were necessary to support testing the lifecycle of a
dvr router. Added new function _dvr_router_lifecycle and necessary
supporting functions to avoid impacting any other section of the code
or tests.
Tests Added:
test_dvr_router_lifecycle_without_ha_without_snat_with_fips
test_dvr_router_lifecycle_without_ha_with_snat_with_fips
Carl Baldwin [Fri, 16 Jan 2015 19:39:46 +0000 (19:39 +0000)]
Replace FLOATING_IP_CIDR_SUFFIX constant with utils
FLOATING_IP_CIDR_SUFFIX is a global constant used in manipulating ip
addresses and cidrs as string. This patch replaces that with
well-tested utilities for doing the conversions more safely and
readably.
Russell Bryant [Fri, 16 Jan 2015 15:29:04 +0000 (10:29 -0500)]
tests: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the unit tests.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 15:15:17 +0000 (10:15 -0500)]
ovs: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the ovs plugin.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 15:06:00 +0000 (10:06 -0500)]
oneconvergence: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the oneconvergence
plugin. This is required to be able to eventually move this API into
a messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 14:54:53 +0000 (09:54 -0500)]
ofagent: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the ofagent plugin.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 14:37:52 +0000 (09:37 -0500)]
nec: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the nec plugin.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 14:09:48 +0000 (09:09 -0500)]
hyperv: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the hyperv plugin.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 13:52:40 +0000 (08:52 -0500)]
bigswitch: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the bigswitch plugin.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Tue, 13 Jan 2015 18:06:44 +0000 (13:06 -0500)]
Create SecurityGroupServerRpcApi and add some docs
Create SecurityGroupServerRpcApi, which is intended to replace
SecurityGroupServerRpcApiMixin over time. The new class is the same
code, but used as a standalone class. This is needed to be able to
eventually move this API into a messaging namespace.
In passing, add docstrings that show where to find the corresponding
other side of this interface in the code base.
Improve agent-based flat/vlan ml2 port binding failure logging
Port binding failure is an error and should be reported as such.
Additionally, if a port binding fails on a host due to missing
bridge mappings, it's currently quite a mystery to find out. This
should be logged instead of requiring users to debug code. Not
everyone enjoys debugging Python, as weird as that is!
I refactored out the common code in check_segment_for_agent
in order to make logging more robust for all agent-based mechanism
drivers. The OVS and LB mech drivers already log due to a bridge
mappings mismatch and the other agent based mech drivers
will now log as well.
Assaf Muller [Mon, 19 Jan 2015 18:55:49 +0000 (13:55 -0500)]
SIGHUP keepalived if L3 agent restarts
Currently restarting the L3 agent does not SIGHUP any running
keepalived processes. This is an issue if the L3 agent crashes
and is then restarted by an external tool. In this case, the L3
agent resyncs with the controller but does not SIGHUP keepalived.
Maru Newby [Tue, 20 Jan 2015 02:23:48 +0000 (02:23 +0000)]
Switch to using abc in the retargetable client
abc is preferable to raising NotImplementedError because it will
prevent instantiation of a subclass that doesn't implement the
required methods rather than failing only when a missing method is
called.
Change-Id: I1043eefde675dd3b653d5b508be22cfd52d2fe8f
Implements: bp retargetable-functional-testing
Simplfy register_model_query_hook() and register_dict_extend_funcs().
Move register_dict_extend_funcs() into CommonDbMixin attribute
because the related class attribute, _dict_extend_functions, is
defined in CommonDbMixin. They should be defined in same class.
Ihar Hrachyshka [Sun, 18 Jan 2015 11:59:39 +0000 (12:59 +0100)]
Drop _test_rootwrap_exec test
It's not a unit test and didn't participate in gating. The test would belong to
functional suite, though since it's pretty trivial, and rootwrap is already
tested as part of other functional tests, it's better to drop it then adopt to
new requirements.
Cedric Brandily [Fri, 16 Jan 2015 23:41:16 +0000 (23:41 +0000)]
Fix pylint unbalanced-tuple-unpacking warning
Pylint last version(1.4.1), at least, reports an
unbalanced-tuple-unpacking warning[1] in keepalived[2] module because
self.authentication is defined as an empty tuple in __init__ method and
unpacked in build_config method as if it was a 2-tuple.
self.authentication references an empty tuple (defined in __init__
method) or a 2-tuple (updated in set_authentication method). Such
warning is a false positive because the unpacking is only performed if
self.authentication is not evaluated to false which only appends if
self.authentication is a 2-tuple.
Defining self.authentication as None in __init__ avoids such warning
without disabling unbalanced-tuple-unpacking warning check.
[1]
W:252,12: Possible unbalanced tuple unpacking with sequence defined at
line 153: left side has 2 label(s), right side has 0 value(s)
(unbalanced-tuple-unpacking)
Carl Baldwin [Mon, 22 Dec 2014 21:01:45 +0000 (21:01 +0000)]
Create DvrRouter and HaRouter as a sub-class of Router
This commit creates them as simple sub-classes and instantiates them
when appropriate. It also moves the basic mixin classes from
RouterInfo. Since all of the properties and attributes from these
mixins are only used in the ha or dvr contexts, this is safe. Future
refactoring will further tease things out until they are properly
encapsulated.
They inherit everything else from their base class so that they all
still share the same code. Creating them up front provides a place
for dvr and ha specific logic to land as methods are moved from the L3
agent and mixins to the new router classes. Eventually, all of the
specific logic will be teased in to the specific classes.
Wrap dhcp agent into its own module and break out configurations and
entry point for better seperation. This lead to some test cleanup
that revealed that options were registered unnecessarily.
When/if the dhcp agent goes through a restructuring along the same
lines of the L3 agent's, this would be the step to start from.
Move Monkey patch back to being as early as possible
Commit 6ca8cb84fd8 moved the patching early in the loading process.
After some reshuffling in the agents, this might not be as early
as possible, so move them closer to their main()'s.
In order to run the API job successfully, must be installed and
configured. Today when using devstack-vm-gate.sh this means that
Tempest will run as well, which we do not want. To fix this problem
there are changes needed both in project-config and devstack-gate.
As a stop-gap solution, we bring in the scripts required and run
them directly within the gate hooks that we already have.
Once changes in devstack-gate and project-config will be accepted, this
solution can be dropped.
Eugene Nikanorov [Mon, 17 Nov 2014 07:00:49 +0000 (11:00 +0400)]
Change transaction isolation so retry logic could work properly
Lower isolation level from REPEATABLE READ to READ COMMITTED for
transaction that is used to create a network.
This allows retry logic to see changes done in other connections
while doing the same query.
Perform that only for mysql db backend.
Sylvain Afchain [Fri, 12 Dec 2014 09:52:43 +0000 (09:52 +0000)]
Refactor the _get_external_device_interface_name method
Currently this method does two things. It returns the
external interface name as its name indicates and
creates some interfaces in the case of the dvr mode.
This patch split these two things into two methods and
refactor a bit the code according to this change.
Miguel Lavalle [Thu, 18 Dec 2014 01:21:53 +0000 (19:21 -0600)]
Refactor of floating ip processing in L3 Agent
Breaks down the processing of floating ip processing in 3 methods. A key goal
is to make the handling of ip tables application deferal more logically cohesive
in the process_router method
Brian Haley [Thu, 18 Dec 2014 21:02:10 +0000 (16:02 -0500)]
Don't log a warning if an iptables chain doesn't exist
The iptables_manager remove_chain() function calls LOG.warn()
if asked to remove a chain that it doesn't know about. This
is spamming the neutron-full gate job pretty bad. Change to
LOG.debug() since reverting the change that caused it is
difficult since the FWaaS code has been split-out from the
tree.
Ihar Hrachyshka [Fri, 5 Dec 2014 17:17:15 +0000 (18:17 +0100)]
Migrate to oslo.concurrency
Namespaces are not used anymore, so imports are for oslo_concurrency,
not oslo.concurrency.
lockutils direct call is not supported anymore, so using shipped
lockutils-wrapper instead.
Use ExternalLockFixture to set lock_path for unit testing.
Updated cache and cache/_backends module from oslo-incubator to use
oslo.concurrency and not incubator version of lockutils module.
Dropped lockutils incubator module that is now moved to oslo.concurrency. Not
dropping fixture module that includes lockutils fixture since other fixtures
are still used in the tree.
Kevin Benton [Thu, 15 Jan 2015 07:45:14 +0000 (23:45 -0800)]
Clarify misleading iptables comment
Update the comment for the iptables rule matching the
conntrack INVALID state. The previous entry was misleading
because it sounded like it dropped all new connections.
Code Review / openstack-build / neutron-build.git / log