This is a feature patch (2 of 3) that adds support for
Metadata services provided by the NSX (aka NVP) platform.
It also implements the handling of port events so that
dhcp and metadata configuration in NSX/NVP is updated
if port attributes such as fixed_ips and device_id are
updated.
Aaron Rosen [Fri, 13 Dec 2013 01:02:06 +0000 (17:02 -0800)]
Nicira: Fix core_plugin path and update default values in README
The following patch fixes the core_plugin path in the README file
which broke during the rename of quantum to neutron here ee3fe4e8.
This patch also updates a few of the default values and removes
the promise of adding support for multiple control clusters.
This patch adds the logical switch identifier in the model class
for describing mappings between neutron and nsx switch ports.
This will allow for a better handling of the chained logical switch
use case.
This patch also moves the routines for retrieving nsx identifiers
in a separate module in preparation for the introduction of async
operations and renames relevant model classes, attributes, and
functions from 'nvp' to 'nsx'.
Related to blueprint nvp-async-backend-communication
Related to blueprint nicira-plugin-renaming
NVP plugin: Do backend router delete out from db transaction
Performing the NVP API operation from within a DB transaction
increases the risk of a deadlock between sqlalchemy and eventlet.
With this patch, the operation is moved outside of the db transaction
and appropriate mechanism are put in place for:
i) ensuring neutron db consistency in case of NVP failures
ii) avoiding deleting from backend if neutron logic does not allow it
This patch also synchronizes the routine for removing a router
gateway port from NVP.
NVP plugin: Avoid timeouts if creating routers in parallel
There is a well-known issue of eventlet causing deadlocks with
mysql transactions; such condition might occur when
creating NVP routers in parallel.
To avoid this, this patch moves the long-running method
_update_router_gw_info outside of the mysql transaction, adding
the appropriate failure management code, and adds a lock to the
method _nvp_create_ext_gw_port, to ensure serial access to it.
Unit tests for verifying correct behaviour in case of failures
are added as well.
Sushil Kumar [Mon, 9 Dec 2013 14:02:49 +0000 (14:02 +0000)]
Updates tox.ini to use new features
tox 1.6 allows us to skip the sdist step, which is slow. This does that.
It also allows us to override the install line. In this case, it's
important as it allows us to stop getting pre-release software we
weren't asking for.
Original patch by Monty Taylor, talked about here:
http://lists.openstack.org/pipermail/openstack-dev/2013-September/015495.html
Aaron Rosen [Mon, 7 Oct 2013 22:34:38 +0000 (15:34 -0700)]
Add X-Tenant-ID to metadata request
Previously, one could update a port's device_id to be that of
another tenant's instance_id and then be able to retrieve that
instance's metadata. In order to prevent this X-Tenant-ID is now
passed in the metadata request to nova and nova then checks that
X-Tenant-ID also matches the tenant_id for the instance against it's
database to ensure it's not being spoofed.
DocImpact - When upgrading OpenStack nova and neturon, neutron
should be updated first (and neutron-metadata-agent
restarted before nova is upgraded) in order to minimize
downtime. This is because there is also a patch to nova
which has checks X-Tenant-ID against it's database
therefore neutron-metadata-agent needs to pass that
before nova is upgraded for metadata to work.
Yong Sheng Gong [Mon, 9 Dec 2013 13:01:17 +0000 (21:01 +0800)]
move rpc_setup to the last step of __init__
rpc setup should be the last stuff in agent initialization
so that the rcp message handler(the agent instance itself)
can have a fully initialized agent instance.
Morgan Fainberg [Tue, 10 Dec 2013 22:03:12 +0000 (14:03 -0800)]
Sync global requirements to pin sphinx to sphinx>=1.1.2,<1.2
Sync the global requirements to pin sphinx. This addresses an issue
where Sphinx 1.2 is not building documents correctly and causing
check/gate to fail.
This patch removes new definitions of common network type constants (TYPE_FLAT,
TYPE_LOCAL, etc.) and modifies uses of aforementioned constants to a common
place where constants are defined (neutron.plugins.common.constants). This
patch does not change values that are equal in value but different in name:
NETWORK_TYPE_FLAT vs TYPE_FLAT. A second changeset will be made to handle that
case.
Unit tests were modified as well when they referred to the constant.
Finally, the ovs agent code refers to the OVS plugin constants directly and
these had to be changed as well. A TODO flag was put in that file due to use
of another plugin specific constant.
Network types that were only defined in a single plugin, such as mellanox's
infiniband (IB) network type was not carried over to the common constants file.
Oleg Bondarev [Tue, 6 Aug 2013 08:52:34 +0000 (12:52 +0400)]
LBaaS: unify haproxy-on-host plugin driver and agent
Unifies haproxy reference implementation to make common agent based plugin driver
which is suitable for all vendors who wants to use async mechanism.
- Agent API as well as device driver API changed to handle
loadbalancer objects individually;
- Agent loads device drivers according to config;
- LogicalDeviceCache class was removed from agent as it was used only
as a list - to put and remove entries ant check whether entry is in or not.
It was replaced with instance_mapping dict in agent to store known instances and
corresponding device_drivers;
- Agent reports which device drivers are supported (needs for scheduling on plugin side);
- Agent-to-plugin API was extended to provide an ability for agent to update
statuses of pools/vips/members/health_monitors;
- Vendor should only implement device driver; plugin driver just needs
to inherit AgentBasedPluginDriver and override device_driver member;
- This patch doesn't move files to make review easier;
all rename/replace will be done in a subsequent patch;
DocImpact
NOTE: Since the change in the agent RPC API is backward-incompatible
(major RPC version change), LBaaS server-agent communications will be
completely broken until both sides are upgraded so users will be unable to
create new or update existing HAProxy loadbalancer instances during upgrade
Akihiro Motoki [Mon, 9 Dec 2013 17:07:54 +0000 (02:07 +0900)]
Remove root_helper config from plugin ini
As root_helper is defined in neutron.conf, root_helper in plugin ini
is unnecessary and brings confusion when configuring the parameter.
This patch updates plugin ini of NEC plugin and Brocade plugin.
Roman Podoliaka [Wed, 27 Nov 2013 16:57:56 +0000 (18:57 +0200)]
Fix a race condition in agents status update code
Code handling agents status updates coming via RPC checks,
if a corresponding entry for the given (agent_type, host)
pair already exists in DB and updates it. And if it doesn't
exist, a new entry is created.
Without a unique constraint this can cause a race condition
resulting in adding of two agent entries having the same value
of (agent_type, host) pair.
Note, that it's already not allowed to have multiple agents of
the same type having the same host value, but currently it's
enforced only at code level, not at DB schema level, which
effectively makes race conditions possible.
Sylvain Afchain [Tue, 26 Nov 2013 21:24:33 +0000 (22:24 +0100)]
Add LeastRouters Scheduler to Neutron L3 Agent
Allow scheduling of a virtual router on an L3 Agent node with the least
number of routers currently scheduled. This scheduler can be used
instead of the default random scheduler.
Also refactor the l3_agent_scheduler to allow for adding new schedulers.
Aaron Rosen [Fri, 6 Dec 2013 19:12:33 +0000 (11:12 -0800)]
Remove dead code _arp_spoofing_rule()
This code should have been removed when the allowed_address_pair
extension was added here (0efce6195fa7be80e110bd841dc9b3537a94c376).
The arp spoofing rules are handled in the method _setup_spoof_filter_chain().
Reported by: Amir Sadoughi that this was crud I left behind :)
Switch to using spawn to properly treat errors during sync_state
Changes f1b9ac5a and 9f6ff7e3 were aimed at improving the robustness
of the sync_state method. However both missed switching from spawn_n
to spawn to properly deal with raised exceptions.
John Dewey [Fri, 6 Dec 2013 03:35:37 +0000 (19:35 -0800)]
Removed erronus config file comment
The comment stating 'DHCP agents needs it.' with regards to the
rpc_notifier notification_driver is incorrect. Looking through
the code, I see no place this is true. I believe it to be an
error.
This fix improves the unit test coverage for the Cisco Nexus plugin
common modules (directory neutron/plugins/cisco/common) from:
--- cisco_credentials_v2.py 82%
--- cisco_faults.py 0%
--- config.py 84%
To:
--- cisco_credentials_v2.py 100%
--- cisco_faults.py 76%
--- config.py 100%
Ed Bak [Tue, 3 Dec 2013 23:00:23 +0000 (23:00 +0000)]
Change to improve dhcp-agent sync_state
Added a pool.waitall to dhcp-agent sync_state
to ensure that the last pool of threads are complete
before another sync_state begins. Added another
log message to aid in debugging. Also added the
test_sync_state_waitall unit test.
If a network/subnet is deleted while creating the dhcp
port, the agent will detect a conflict on state of the
network and deal with it accordingly.
A concurrent delete may manifest itself via a number
of exceptions, IPAddressGenerationFailure amongst others,
hence the refactoring of the error handling logic into its
own utility method.
Code Review / openstack-build / neutron-build.git / log