zhhuabj [Fri, 17 Jan 2014 10:21:01 +0000 (18:21 +0800)]
Raise max header size to accommodate large tokens
The max header is exceeded in the following scenario
- Auth tokens built with a keystone v3 API catalog
- A catalog with approximately 8 or more endpoints defined
Aaron Rosen [Tue, 18 Feb 2014 21:15:02 +0000 (13:15 -0800)]
NSX: get_port_status passed wrong id for network
The call to get_port_status in update_port was passing in the neutron
network_id instead of the nsx_network_id. These used to be the same
but now are different. This patch updates the code so that it now
passes in the correct uuid.
Aaron Rosen [Wed, 19 Feb 2014 23:08:54 +0000 (15:08 -0800)]
Plugins should call __init__ of db_base_plugin for db.configure
Currently each plugin calls db.configure() within the plugin's __init__
class or defines an initialize() method that's sole job is to call this
method. Instead we should just call the super method of a plugin so that
db.configure() is called for us out of the db_base_plugin class.
Note: the only reason why I'm making this change is that I want to add
something to the __init__() class of the db_base_plugin that's needed for
the nova-event-callback blueprint and adding it in the base class of init
looks to be the best place.
This patch is follow up of change set of 4808f91eb2c245344517fc89c37c6c4c88e9051b bug/1260262 review/61694.
The change set adds unnecessary self.addCleanup(cfg.CONF.reset) to
VxlanTypeMultiRangeTest as pointed out. This patch Remove the line.
Xiaolin Zhang [Thu, 16 Jan 2014 14:28:28 +0000 (22:28 +0800)]
Adds https support for metadata agent
Adds two configure options to support https client for metadata proxy
* auth_insecure: turn off verification of the certificate for ssl, or
* auth_ca_cert: CA cert to check against with for ssl.
Aaron Rosen [Wed, 8 Jan 2014 21:10:54 +0000 (13:10 -0800)]
Don't require passing in port_security=False if security_groups present
If creating a port on a network that is marked as port_security_enabled=False
and one passes in a security_group in the port_create request previously an
error was raised saying they needed to also pass in
port_security_enabled=False. This patch removes that requirement and instead
sets port_security_enabled=True internally if a port has an ip_address and a
security_group is passed in. This is more convient and does not break
backwards compatibility.
Use different context for each API request in unit tests
test_router_add_interface_subnet_with_port_from_other_tenant in
neutron.tests.unit.test_l3_plugin.L3NatTestCaseBase was mocking
neutron.context.Context thus performing multiple API requests
with the same context instance. As a context instance also has
a DB session attribute, this might cause unexpected side effects,
especially for plugins which process request asynchronously.
The plugin neutron.plugins.nicira.NeutronServicePlugin was being
affected.
This patch ensures each request has a different context object
without changing the unit test semantics.
It also refactors slightly test_edge_router.py in the nicira
unit test package to avoid executing twice the same unit tests.
Youcef Laribi [Wed, 20 Nov 2013 20:29:01 +0000 (12:29 -0800)]
Implements an LBaaS driver for NetScaler devices
This driver for the Neutron LBaaS plugin allows for
using the Citrix NetScaler loadbalancing devices
to provide Neutron LBaaS functionality in OpenStack.
vshield task manager: abort tasks in stop() on termination
This patch kills the manager thread, and aborts active tasks
rather than sending an exception to the manager thread and
have it do the abort on termination.
Unit tests involving vshield task manager might take longer
as a side effect of this patch.
Kevin Benton [Fri, 14 Feb 2014 06:52:36 +0000 (06:52 +0000)]
BigSwitch: Move config and REST to diff modules
No functionality change. Separates the config,
rest call, and backend server management from
the main plugin.py file. Necessary to make
downstream patches more managable and easier
to review.
Irena Berezovsky [Mon, 10 Feb 2014 12:55:49 +0000 (14:55 +0200)]
Add support to request vnic type on port
This patch adds support for requested vnic_type to be plugged to neutron port to ML2 plugin.
This patch contains:
1. New attribute 'binding:vnic_type' added to port binding extension.
Possible values are 'direct', 'macvtap' and 'normal'.
'binding:vnic_type' is allowed to be defined on port creation or changed
on port update by admin or tenant user.
'binding:vnic_type' can be also skipped in port defintion
2. Management of vnic_type by ML2 plugin, assuming default
vnic_type=normal
3. Add 'vnic_type' to ml2_port_bindings DB table
4. Add supported vnic_types for MechanismDrivers that are capable to bind
port.
5. Add DB migration script for ml2_vnic_type.
DocImpact: Need to update portbindings API docs and include in SR-IOV user docs
Isaku Yamahata [Tue, 18 Feb 2014 02:02:56 +0000 (11:02 +0900)]
tests/unit: Initialize core plugin in TestL3GwModeMixin
TestL3GwModeMixin can fail randomly because it doesn't initialize
core_plugin and can be run random core plugin depending on execution
order of tests. It also fails with core plugin uninitialized when it
is run without other tests.
This patch refactors the setup code of core plugin and apply it to the
related tests.
This patch reveled the same bug of test_metaplugin.py which is also
fixed by this patch.
This fix improves unit test coverage for:
quantum/plugins/cisco/models/virt_phy_sw_v2.py
Test coverage is improved from about 78% to 99%.
One change included in this fix is removal of some code in
the _invoke_plugin() method in virt_phy_sw_v2.py which looks
like it's attempting to handle the case where the number of
arguments being passed to _invoke_plugin() exceeds the number
of arguments expected for the target plugin method. This
section of code does not get executed for any existing
calls to _invoke_plugin(), and it doesn't appear that
this logic would work (except when the target plugin method
includes a **kwargs expansion).
Édouard Thuleau [Thu, 16 Jan 2014 09:15:07 +0000 (10:15 +0100)]
Update help message of flag 'enable_isolated_metadata'
Thanks to the commit c73b54e50b62c489f04432bdbc5bee678b18226e,
the way of DHCP agent determines how a subnet is isolated evolves.
But the flag help message wasn't updtated accordingly to this evolution.
shihanzhang [Tue, 18 Feb 2014 01:50:57 +0000 (09:50 +0800)]
Fix invalid facilities documented in rootwrap.conf
The values user0 and user1 do not map to valid facility values.
local1, etc. Using user0 results in a pri value that does not map
back to a facility of the same name in syslog.
RFC5424 suggest values values of local0 through local7. Setting
syslog_log_facility to one of those values results in a message with a
priority that can be mapped back to the original string value.
This fix adjusts the comment in rootwrap.conf to suggest the local
prefix instead of the user prefix.
This patch replaces regex matching of text output with parsing
of JSON output in ovs_lib.get_vif_port_by_id.
This makes the code more reliable as subtle, possibly even
cosmetic, changes in ovs-vsctl output format could cause the
regular expression match to fail.
Also, this makes the code consistent with ovs_lib.get_vif_port_set
which already uses JSON output.
Finally this patch slightly changes the behaviour of
ovs_lib.get_vif_port_by_id returning None if elements such as
mac address or ofport were not available.
test_router_add_interface_subnet_with_port_from_other_tenant
is causing intermittent failures in unit tests because of
issues related with sql session autoflush.
This patch skips this test, since it is already covered
by another test case in the same module. This should prevent
job failures while the relevant bug is addressed.
Fix request timeout errors during calls to NSX controller
Sometimes two correlated exception traces are observed in
the server log for the Neutron Server backed by NSX:
RequestTimeout (The nsx request has timed out) and
OperationalError (Lock wait timeout exceeded). This is
generally described by Guru Salvatore Orlando as the,
and I quote, the "infamous eventlet-mysql deadlock".
This patch tries to address the issue by adding a
cooperative yield in the nsx client code (it’s a good idea
to call sleep(0) occasionally in any case) and also by
avoiding the unnecessary spawning of another Greenthread
within a call that is already executed in Greenthred
itself.
This patch changes get_vif_port_set in order to not return
OVS ports for which the ofport is not yet assigned, thus avoiding
a regex match failure in get_vif_port_by_id.
Because of this failure, treat_vif_port is unable to wire
the port.
As get_vif_port_by_id is also used elsewhere in the agent, it has
been enhanced in order to tolerate situations in which ofport might
have not yet been assigned.
The ofport field is added to the list of those monitored by the
SimpleInterfaceMonitor. This will guarantee an event is generated
when the ofport is assigned to a port. Otherwise there is a risk
a port would be never processed if it was not yet ready the first
time is was detected. This change won't trigger any extra processing
on the agent side.
Finally, this patch avoids fetching device details from the plugin
for ports which have disappeared from the OVS bridge. This is a
little optimization which might be beneficial for short lived ports.
Code Review / openstack-build / neutron-build.git / log