Fix 500 error on invalid security-group-rule creation for NVP
Validate that, when creating rules specifying a protocol different
from TCP, UDP, ICMP and ICMPv6, no port (range) is specified because
NVP does not like it.
The extra validation is specific to the NVP plugin because other
plugins may choose a different failure mode. For example, the ovs
plugin does not complain at all, but it just ignores the port range
if the protocol is not a port-oriented one.
Francois Eleouet [Fri, 16 Aug 2013 11:24:20 +0000 (13:24 +0200)]
Enable SNAT by default in L3 agents
If ext-gw-mode extension isn't supported by plugin, it won't
return enable_snat param in router info. Agent will currently
default to enable_snat = false, which changes from expected
default behaviour prior to ext-gw-mode introduction.
This patch changes L3 agent to enable SNAT by default if plugin
doesn't support ext-gw-mode extension.
Kevin Benton [Tue, 13 Aug 2013 01:11:09 +0000 (18:11 -0700)]
Set BigSwitch plugin to use existing host database model
The BigSwitch plugin had a data model duplicating one
that was recently added into the base portbindings db
file. This patch removes the BigSwitch model and
updates the BigSwitch plugin to reference the plugin-
agnostic model.
Kyle Mestery [Fri, 16 Aug 2013 09:19:25 +0000 (09:19 +0000)]
Fix ML2 VXLAN TypeDriver DB migration
The migration for the ML2 VXLAN TypeDriver was incorrectly setting
primary key attributes on separate lines for 'ip_address' and
'udp_port'. Also, a primary key cannot have autoincrement set, so
add this to 'udp_port' as well.
Unify exception thrown in l3-agent-scheduler fails
Since you can only attach a single l3 agent to a router, when you try
to add another l3 agent to a router that already have one, the l3
agent scheduler raises an exception.
This fix removes the discrimination by id: either it is the same agent
or another one, the router can not be hosted and the same exception is
raised.
Mock os.makdirs to avoid directory creation in unit tests
The directory 'dhcp' under neutron state path should not be
created during unit tests. This patch mocks up calls to
os.makedirs and ensures that methods that rely on it, like
_populate_network_cache, are mocked as well.
Returns 503 if the NVP cluster is in maintenance mode
If the NVP cluster is in 'readonly-mode' during a maintenance
window, some NVP operations may raise a Forbidden error. This
is not currently handled correctly, and Neutron server ends up
returning 500. This patch addresses the problem by ensuring
the right error code is returned.
Carl Baldwin [Tue, 13 Aug 2013 00:11:29 +0000 (00:11 +0000)]
Refactor configuring of floating ips on a router.
This approach to configuring floating ips is stateless and idempotent.
This allows it to handle corner cases, such as reusing a floating ip
address with a different floating ip id in a way that is easier to
understand.
The concept is to wipe the floating ips clean and rebuild them each
time with the following optimizations. To avoid bad performance in
manipulating iptables, it is called in the context of a call to
defer_apply_on. To avoid a disruption in network flow a set
difference is use to determine the set of addresses that no longer
belong on the inteface rather than removing them all blindly.
The call will cause a failure as the router port is already removed
by _nvp_delete_router_port.
This patch also add the support on the fake nvp api client to verify
this kind of condition.
Previously neutron was keeping track of dhcp lease time in order
to ensure it didn't hand out an ip address that was already leased.
This patch removes that logic and instead leverages the dhcp_release
utility. This allows us to reuse ip addresses immediately after a port
is deleted. This patch also bumps the lease time to 24 hours instead
of 2 minutes with reduces the amount of dhcp traffic.
DocImpact
There is a DocImpact for this bug related to the upgrade path. One should
first upgrade their dhcp-agents. Then wait till the dhcp_lease time has
expired. Lastly, update neutron-server in order to avoid the case where
an instance is deleted and the dnsmasq process has not released the lease
and neturon allocates that ip to a new port.
Aaron Rosen [Wed, 7 Aug 2013 18:24:01 +0000 (11:24 -0700)]
Fix some NVP tests do not do cleanup of nvp ports
Some of the NVP test do not execute self.addCleanup(self.fc.reset_all)
from setUp() as NiciraPluginV2TestCase is not the first mixin.
This casuses left over ports to still exist between different testcases.
This patch only fixes this issue for TestNiciraPortsV2 and
NiciraPortSecurityTestCaseas, some of the other tests require the setUp()
for the first mixin to be called for their tests to work.
Note: this is why the tests for the Remove DHCP lease logic are failing.
Ryota MIBU [Mon, 12 Aug 2013 05:10:40 +0000 (14:10 +0900)]
Fix resource status in NEC Plugin
This commit makes sure that the plugin exposes right status in a
response body, and does not overwrite ERROR status until another
operation to the backend has succeeded.
This commit also changes NEC Plguin to use neutron constants instead of
OperationalStatus defined in this plugin.
Code Review / openstack-build / neutron-build.git / log