Aaron Rosen [Wed, 6 Mar 2013 01:48:35 +0000 (17:48 -0800)]
Fix syntax error in credential.py and missing __init__.py
This patch fixes a syntax error in credential.py and resolves
the following import error:
In [1]: from quantum.plugins.cisco.extensions import _credential_view as a
---------------------------------------------------------------------------
ImportError Traceback (most recent call last)
/opt/stack/quantum/<ipython-input-1-ef3f11a361d0> in <module>()
----> 1 from quantum.plugins.cisco.extensions import _credential_view as a
return of call to os.path.abspath('../../..') depends on the setup of
nose working directory. Change to return the directory where
test_config.py resides
Davanum Srinivas [Tue, 26 Feb 2013 20:43:50 +0000 (15:43 -0500)]
Prevent DoS through XML entity expansion
Add a ProtectedXMLParser that overrides the
doctype declaration handler. The handler simply
throws an exception and prevents any further
parsing of the incoming xml.
Jason Zhang [Thu, 6 Dec 2012 19:39:34 +0000 (11:39 -0800)]
Setup device alias by device flavor information.
The router interface cannot be deleted since the MetaPlugin
cannot get the flavor information from the port which has
been deleted.
The solution is setting up the alias for each device based
on the flavor information, so the MetaPlugin still can get
the flavor information from the device itself even the
port has been deleted.
Also the router interface cannot be deleted since the
l3_port_check flag is not passed by MetaPlugin.
This patch alters the prevent_l3_port_deletion logic.
PortInUse is raised only if the port has a device owner in
(router_interface, router_gateway, floatingip) and an IP
address.
If no IP address is found on the port the port itself can
be considered stale and therefore deleted as any association
with l3 entities would be void.
The combination of the plugin without agent extension support
and L3NATAgentWithStateReport results in an error:
"AttributeError: No such RPC function 'report_state'".
This patch changes l3_agent_manager to be L3NATAgent instead of
L3NATAgentWithStateReport since all plugins do not support
L3NATAgentWithStateReport and having this as the default breaks
all current deployments that upgrade source without changing
their config files.
gongysh [Fri, 1 Mar 2013 08:23:32 +0000 (16:23 +0800)]
Move network schedule to first port creation.
blueprint quantum-scheduler
we remove scheduling network
to dhcp agent when creating network so that we can give admin
the chance to allocate the given network to a given dhcp agent after
network creation.
Sumit Naiksatam [Fri, 1 Mar 2013 06:00:32 +0000 (22:00 -0800)]
Host route to metadata server with Bigswitch/Floodlight Plugin
Host route to metadata server was not getting propagated
to VM when using the Big Switch/Floodlight plugin. The
reason being the update to the subnet (with the host
route information) was not being picked up by the dhcp
agent. This is being fixed here by sending a notification
to the dhcp agent when the host route is added to the subnet.
Akihiro MOTOKI [Thu, 28 Feb 2013 22:19:20 +0000 (07:19 +0900)]
Ensure max length of iptables chain name w/o prefix is up to 11 chars.
The maximum length of Linux iptables chain name must be less than or
equal to 28 characters. In iptables_manager binary_name up to 16 chars
is used as a prefix and a '-' follows it, so a chain name passed to
iptables_manager must be less than 12 character long. Accordingky
MAX_CHAIN_LEN should be changed from 28 to 12. Also this commit
introduces a method to get a chain name with valid length.
Since iptables_firewall module constructs a rule by directly using
a chain name, iptable_firewall also must take care of the length.
Mark McClain [Sun, 24 Feb 2013 12:55:06 +0000 (07:55 -0500)]
LBaaS Agent Reference Implementation
implements blueprint lbaas-namespace-agent
This a reference implemention of the Quantum load balancing service
using HAProxy. The implemention is designed for vendors, developers,
and deployers to become familiar with the API and service workflow.
This change also adds some constraint checks for data integrity.
The API previously allowed a VIP to be created without verifying that
the tenant had access to the subnet and that the address was valid and
available. This change modifies VIP creation behavior to create a
Quantum port with the requested address. If an address is not provided, an
address is allocated using the normal allocation process for the subnet.
This change also renames the port attribute to protocol_port to remove the
ambiguity about which type of port it represents.
Additional tests were added to validate the change in behavior.
gongysh [Fri, 22 Feb 2013 15:34:57 +0000 (23:34 +0800)]
Add scheduling feature basing on agent management extension
3rd part of blueprint quantum-scheduler
1. Allow networks to be hosted by certain dhcp agents.
Network to dhcp agent is a
many to many relationship. Provide a simple
scheduler to schedule a network randomly
to an active dhcp agent when a network or port is created.
2. Allow admin user to (de)schedule network to a
certain dhcp agent manually.
3. Allow routers to be hosted by a certain l3 agent.
Router to l3 agent is a many to one relationship.
Provide a simple scheduler to
schedule a router to l3 agent if the router is not
scheduled when the router is updated.
4. Auto schedule networks and routers to agents when agents
start.
5. Only support ovs plugin at this point
Code Review / openstack-build / neutron-build.git / log