There is a remote chance that this operation may
be prone to DB integrity errors, in case the binding
is attempted on the same port twice.
Ideally getter methods should not create, but this
is a common Neutron (anti)-pattern that would be
difficult to eradicate (at least in a single patch);
so for now let's make this code more defensive.
Michael Smith [Thu, 31 Jul 2014 06:17:47 +0000 (23:17 -0700)]
centralized router is incorrectly scheduled
When agent_mode=dvr only distributed routers should be
scheduled to that agent. This change fixes this problem
by not allowing centralized routers to be scheduled
to an agent configured with agent_mode=dvr
When a gateway is set to a distributed router,
the router checks for the interfaces associated
with the router and based on the number of
interfaces the router creates "csnat" interface
ports that would be used by the SNAT service in
the Service Node.
When a gateway is cleared, the plugin should
delete the "csnat" interface ports. In the
current code, it is deleting the port and
re-creating the port with a different id.
A check need to be made before it creates a new
port to make sure that the router has a valid
gateway port.
Jakub Libosvar [Tue, 22 Jul 2014 16:50:07 +0000 (18:50 +0200)]
Use storage engine when creating tables in migrations
Although __table_args__ is set correctly in the base model, existing
migration scripts were not generated with the mysql_engine option in
the alembic output, likely due to:
https://bitbucket.org/zzzeek/alembic/issue/110/
This adds the mysql_engine option to each table creation operation.
Jakub Libosvar [Wed, 30 Jul 2014 08:42:14 +0000 (10:42 +0200)]
Use correct section for log message if interface_driver import fails
If import of interface_driver in namespace_driver fails then message for
logger raises exception because of taking interface_driver from haproxy
section while actual interface_driver is in default section.
Assaf Muller [Thu, 22 May 2014 11:38:30 +0000 (14:38 +0300)]
Move ARP responder test to sanity command
Additionally, the patch improves the check itself:
To check if the currently installed OVS supports the ARP responder
feature, we try to add a flow that references an OpenFlow ARP
extension via ofctl. The test may fail due to an (expected)
Runtime error, or due to some other unexpected error.
In such a case the error was previously masked and tossed away.
* Clean up ARP responder unit test
* Extract ARP responder flow actions to be used by the unit
tests, functional test as well as the ARP responder code itself
After this patch, if the sanity check returned False but the
user never ran it or ignored its results, the OVS agent will
output errors to the log every time an ARP entry is (attempted)
to be added or removed from the flow table.
Ann Kamyshnikova [Tue, 29 Jul 2014 12:02:20 +0000 (16:02 +0400)]
Fix wrong order of tables in downgrade
Heal migration fix bug https://bugs.launchpad.net/neutron/+bug/1336177.
Now table ml2_brocadenetworks has foreign key and downgrade
of 492a106273f8_brocade_ml2_mech_dri fails. To fix this change order
of tables in downgrade is needed.
Jakub Libosvar [Tue, 29 Jul 2014 10:18:33 +0000 (12:18 +0200)]
Fix deprecated opt in haproxy driver
If Neutron was updated from Havana, lbaas config file defines user_group
and loadbalancer_state_path in default section but since Icehouse these
settings were moved to haproxy section.
This patch adds DEFAULT group to DeprecatedOpt.
Li Ma [Fri, 21 Feb 2014 08:57:25 +0000 (00:57 -0800)]
Race condition of L3-agent to add/remove routers
This race condition happens when repeatedly calling
l3-agent-router-add and l3-agent-router-remove
by different neutron-servers at the same time.
The primary key constraint is added for the pair of
(router_id and l3_agent_id).
During migration, verification is done if the current
records violate the PK constraint defined in this bug
fix, and sanitize the data before schema modification.
Due to different dialects of database engines, different
sql statements are executed correspondingly to do
the verification.
Make dvr_vmarp_table_update call conditional to dvr extension
Without making this call conditional, every l3plugin that
integrates with the ML2 plugin will need to implement this
method and this must not be necessary.
there is a sysconf entry which controls how deletion of the primary ip
is performed (/proc/sys/net/ipv4/conf/all/promote_secondaries). when set
instead of deleting the secondary addresses, one of them will be
promoted to primary ip.
Without it, when init_l3 called on a port, it may unexpectedly delete
some useful ips.
Kevin Benton [Sat, 19 Jul 2014 07:54:09 +0000 (00:54 -0700)]
Call config_parse in base test setup
Some of the tests (e.g. NeutronDbPluginV2AsMixinTestCase) do not call
config_parse so if the database engine is not already been setup by another
test before the config object is reset on teardown, the database connection
will fail since the database config is then empty.
This patch adds a new setup_config method called during the base test case
setUp method which calls config_parse by default to load the default config.
Tests that couldn't use the default config were then modified to override the
setup_config method.
Some other unit tests were slightly adjusted to pass using the default config.
Make test_l3_agent._prepare_router_data a module function
Remove an unneeded class variable, allowing _prepare_router_data
to be changed to a module level function. This allows the function
to be reused by other tests cases.
Irena Berezovsky [Tue, 22 Jul 2014 15:13:00 +0000 (18:13 +0300)]
Fix ML2 Plugin binding:profile update
The current fix changes the logic for binding:profile
update. The binding:profile should be considered as changed
once it is present in the port attributes and differs from
existing binding:profile. The specified binding:profile with
None value should be treated as request to clear binding:profile.
Clark Boylan [Fri, 25 Jul 2014 20:30:00 +0000 (13:30 -0700)]
Set python hash seed to 0 in tox.ini
New tox (>=1.7.0) sets a random python hash seed by default. This is
generally good for testing because it will help keep projects working
regardless of the hash seed, but neutron unittests don't currently pass
with a random hash seed so set it to the python default seed.
This change will allow us to use new tox again and remove the
restriction on tox<=1.6.1 to run unittests.
Note this change will need to be backported to the stable branches to
keep unittests there working with new tox as well.
Handle bool correctly during _extend_extra_router_dict
Ensure that extension attributes are always used to
override the chosen defaults. This was not working
in the case of default boolean True, as the testing
condition was wrong.
Encapsulate some port properties in the PortContext
Bindings to host or status may need further encapsulation
to avoid exposing mechanism drivers to underlying DB model
details. This was particularly true in the case of the
l2pop mech driver.
As a result, some docstrings were reworded, and the newly
introduced properties used directly in the mech drivers.
Changes to remove the use of mapping tables from Nuage plugin
Nuage plugin maintains a mapping of Openstack and Nuage resources.
With this change Nuage VSD can itself maintain this mapping, so the
plugin doesn't have to store the information in the neutron DB.
This eliminates potential out of sync and upgrade issues.
Avoid RequestURITooLong exception in metadata agent
Length of API port query is proportional to number of networks
and may exceed URI limit. The solution is to query ports by
given ip address only and then filter them by network_id.
Move loadbalancer vip port creation outside of transaction
Currently _create_port_for_vip calls ml2 create_port() method
which includes rpc notification.
That leads to lock wait timeouts in certain cases.
The patch fixes that while making VIP creation process non-atomic.
But that is fine as long until create_vip() returns vip id, it's
not usable from API.
Irena Berezovsky [Wed, 16 Jul 2014 11:33:42 +0000 (14:33 +0300)]
ML2 mechanism driver for SR-IOV capable NIC based switching, Part 2
This set of changes introduces SRIOV NIC Agent to run with
ML2 mechanism driver for SR-IOV capable NIC based switching.
This is the second part of a 2 part commit.
The review is submitted in two parts:
- Part 1
The Mechanism Driver to support port binding for SR-IOV virtual
functions of SRIOV capable switching NICs.
- Part2 (this part)
The SRIOV NIC Based L2 Agent.
Use configurable list of mappings physical_networks to PF
interfaces and configurable list of mappings PF interfaces
to list of excluded VFs to get list of Virtual Functions that agent should manage.
Current implementation supports admin state updates.
Michael Smith [Tue, 22 Jul 2014 23:58:26 +0000 (16:58 -0700)]
Modify L3 Agent for Distributed Routers
This patch is an enhancement to the existing L3 Agent.
This allows the L3 Agent to support distributed routers
by enhancing the router object to function across
multiple nodes.
Utilized two new types of namespaces:
- FIP to handle multiple VM fips and routers per node
- SNAT to handle centralized SNAT per router
Rules and tables are enhanced and added to support routing
across distributed routers without going to a centralized
router.
Finally, a new configuration param 'agent_mode' is introduced
and it controls what the L3 agent can do: the available values
are: 'legacy', 'dvr', 'dvr_snat' (more details inline).
The l3-scheduler uses the newly introduced agent_mode to
determine what L3 agent to select during the scheduling
process.
Shivakumar M [Tue, 22 Jul 2014 13:22:01 +0000 (06:22 -0700)]
Audited attribute for policy update not changing
Updating firewall policy with shared, name or description is not changing the
audited attribute to false. Modified firewall policy update to make audited
to false.
Code Review / openstack-build / neutron-build.git / log