Cedric Brandily [Tue, 26 May 2015 13:14:11 +0000 (13:14 +0000)]
Force order of dhcp.needs_resync_reasons dictionary elements
This fixes the test_periodoc_resync_helper unit test that breaks with
a randomized PYTHONHASHSEED (see the bug report).
The test assumed that the dhcp.needs_resync_reasons dictionary from
neutron.agent.dhcp.agent had elements in a particular order. Found with
PYTHONHASHSEED=2.
The fix refactors the test case to force a sorted dhcp.needs_resync_reasons
dictionary.
Note: There are several other unrelated unit tests that also break with
a randomized PYTHONHASHSEED, but they are not addressed here. They will
be addressed in separate patches.
Carl Baldwin [Mon, 11 May 2015 18:58:34 +0000 (12:58 -0600)]
Make it clear the rfe tag is lower-case
This tripped me up, I tried adding RFE to my bug and was denied.
It seems the tag was added with lower-case letters. This is fine with
me as it is consistent with most, if not all, other tags in the
project. If it stays lower-case, we should at least make the quoted
tag in the policy document lower-case.
blueprint ipv6-router (ChangeID:Iaefa95f788053ded9fc9c7ff6845c3030c6fd6df),
supports an IPv6 Router where the router gateway port has no subnet.
The BP implements the following. If an external network (without any subnet)
is attached to the Neutron router, it reads the ipv6_gateway config parameter
(LLA of upstream router) from l3_agent.ini file and adds a default route that
points to this LLA. If the ipv6_gateway config value is not configured, it
would configure the gateway interface to accept router advts from upstream
router to build the default route.
For an HA router, we would have to configure keepalived to perform this
operation. This patch extends the functionality to an HA router.
Kevin Benton [Sun, 3 May 2015 06:10:52 +0000 (23:10 -0700)]
Check for missing network in _bind_devices
_bind_devices was making the assumption that the ports it
was operating had local VLAN map entries for their network.
This wasn't the case when a network was deleted right before
_bind_ports was called because the VLAN was reclaimed.
This patch just checks to see if the the network ID has an entry
in the map. If not, it skips the port. The port will be handled
on the next scan_ports iteration when the agent will discover that
the port is no longer defined on the plugin and it will be placed
in the DEAD vlan.
Metadata support for NSXv distributed routers is provided via DHCP Edge
appliances. In order to avoid conflicts between distributed routers and
DHCP Edges which map different networks with same CIDRs, we create a 1:1
mapping between an distributed router and a DHCP Edge.
This patch contains the data model for the above, while the implementation
is in vmware-nsx repository.
Cedric Brandily [Thu, 23 Oct 2014 15:49:46 +0000 (17:49 +0200)]
Allow to define enable_snat default value
Currently neutron resets enable_snat attribute to True when enable_snat
is not provided in router external_gateway_info. But in some deployments
(private/enterprise clouds) such behavior is not the expected default
one as snat/nat/floating-ips is not used (at least by default).
This change defines the option enable_snat_by_default which allows
deployers to set enable_snat default value when neutron resets it. The
option default value is True for backward compatibility.
Kyle Mestery [Wed, 6 May 2015 14:50:57 +0000 (14:50 +0000)]
Update the specs process for Liberty
This adds explicit wording around the fact we will not use a deadline
for specs submission during Liberty. It also adds wording around the
new requirement for a less heavy-weight template to be filled in
when submitting a spec.
Matthew Thode [Wed, 6 May 2015 19:39:20 +0000 (14:39 -0500)]
changes log level to debug for help calls
Calling help typically causes the program being called to exit non-zero.
This causes the command to be logged as an error even though it should not be.
By setting 'log_fail_as_error=False' we log to debug. This helps clean
up logs.
ankitagrawal [Wed, 25 Mar 2015 12:40:45 +0000 (05:40 -0700)]
Remove use of contextlib.nested
Removed use of contextlib.nested call from codebase, as it has been
deprecated since Python 2.7.
There are also known issues with contextlib.nested that were addressed
by the native support for multiple "with" variables. For instance, if
the first object is created but the second one throws an exception,
the first object's __exit__ is never called. For more information see
https://docs.python.org/2/library/contextlib.html#contextlib.nested
contextlib.nested is also not compatible with Python 3.
This is the first patch in a series for removing use of
contextlib.nested.
Added hacking check to catch if any new instances are added to
the codebase.
Line continuation markers (e.g. '\') had to be used or syntax
errors were thrown. While using parentheses is the preferred way
for multiple line statements, but in case of long with statements
backslashes are acceptable.
yangxurong [Tue, 26 Aug 2014 07:15:40 +0000 (15:15 +0800)]
Use iptables zone to separate different ip_conntrack
ip_conntrack causes security group rule failures when packets share
the same 5-tuple. Use iptables zone option to separate different
conntrack zone. Currently this patch only works for OVS agent.
Paul Michali [Tue, 21 Apr 2015 20:12:38 +0000 (16:12 -0400)]
Enhance configure_for_func_testing.sh for *aaS use
Modify the script so that it can be used by the *aaS functional tests.
This is done by allowing callers, namely other *aaS repos, to override
information, like the project name and virtual environment used (for
example, VPNaaS has two functional jobs with different virtual env).
OVS-agent: Ignore IPv6 addresses for ARP spoofing prevention
The flow rules to match on ARP headers for spoofing prevention
fail to install when an IPv6 address is used. These should be
skipped since the ARP spoofing prevention doesn't apply to IPv6.
Co-authored-by: Kevin Benton <blak111@gmail.com>
Closes-Bug: #1449363
Change-Id: I4bb3135e62378c5c96d1ac0b646336ac9a637bde
Finally let L3 and DHCP agents cleanup namespaces by default
There has been a problem with iproute package that resulted in errors
when deleting the namespaces, so deleting was turned off by default.
According to tests with iproute version 3.12.0 there is no such issue
so the option could be safely turned on by default.
With this change is the is_admin parameter is set to True when
creating a context, the is_advsvc property is set to True as well,
without executing a pointless check with policy engine.
Jakub Libosvar [Wed, 29 Apr 2015 10:04:03 +0000 (12:04 +0200)]
Don't use iterator in search for tunnel type
Changing dictionary size while using iterator causes RuntimeError. This
can happen in local vlan mapping under certain program flows. This patch
changes iteritems() to values() that returns list and thus preventing
from failure if local vlan mapping changes during creating tunnels.
Remove is_active property from SimpleInterfaceMonitor
is_active property from SimpleInterfaceMonitor shadows
the method is_active inherited from AsyncProcess.
The property checks that ovsdb monitor is running and
that it received some data. When ovsdb monitor starts
it always receives data, since it processes the interfaces
present on the machine, so the flag data_received will
always be set to true right after SimpleInterfaceMonitor
starts. Considering that, is_active can be removed and
the method is_active inherited from AsyncProcess can be
used instead.
Sam Betts [Wed, 29 Apr 2015 15:15:35 +0000 (16:15 +0100)]
Ensure mocks for lla allocator _write in test_agent
The test test_create_dvr_fip_interfaces_for_restart_l3agent_case was
causing a file fip-linklocal-networks to be created when the tests are
run, this patch ensures that the correct part of the LinkLocalAllocator
is patched to prevent this in the test case.
Code Review / openstack-build / neutron-build.git / log