Refactoring for nicira plugin to support NVP DHCP/Metadata services
This initial patch is aimed at decoupling core plugin services from
DHCP and metadata services. The abstraction being introduced is
needed so that the code can support both models where dhcp and
metadata services are provided by external RPC agents or solely by
the server-side plugin.
This patch implements Arista's modular L2 mechanism driver to
automate the management of virtual networks along with physical networks
using Arista hardware devices (Spine and Leaf switches)
This driver uses ML2 Mechanism Driver-API to interface with Neutron ML2 Plugin.
The ML2 plugin's type and mechanism managers currently maintain
dictionaries/lists of type drivers, mechanism drivers, and ordered mechanism
drivers in (static) class variables. Once a type/mechanism/ordered-mechanism
driver of any given type is added to this list, then no new drivers of that
type are allowed to be registered, and therefore no new configuration for
that driver type is accepted.
This static nature of the driver dictionaries/lists is causing ML2 mechanism
driver unit test cases to fail. For example, if a non-vendor-specific ML2
plugin test case configures a VLAN type driver with no VLAN range, and then
a vendor specific test case attempts to configure a VLAN type driver with
some test VLAN range, then the new VLAN configuration is ignored because of
the previously (staticly) registered VLAN driver.
The proposed fix is to convert these driver dictionaries/lists to instance
variables, and clear them upon each instantiation of an ML2 type manager
or ML2 mechanism manager.
* adds new attribute of the pool: provider, which is provider name
as it is written in configuration
* adds support for multiple plugin drivers for loadbalancer
* cleans up healthmonitor-related plugin driver API
Drivers should work with healthmonitor associations only
* adds ability to update provider attribute for the pool used
to reassociate pools with new providers in case their providers
were removed from configuration
Viewing log output while tests are still running can be useful for
debugging, but log output was previously always captured. This
change ensures that log capture is off by default, but can still
be enabled by setting OS_LOG_CAPTURE=1 in the shell environment.
testr invocation is unchanged and will continue to capture logs by
default.
Oleg Bondarev [Wed, 14 Aug 2013 12:11:24 +0000 (16:11 +0400)]
LBaaS: update status of members according to health statistics
Added members health stats reporting to the haproxy driver.
During pool stats update db plugin checks for members stats
and updates members statuses if any
This change modifies the hook processing for dict_extend routines
to call the method on the instance if a hook is registered as a string.
Otherwise, the callable hook is directly invoked as an unbound method.
This patch fixes hook registration for all extensions except port_binding.
This is because some plugins are currently working around this limitation
by invoking both the global hook and another dict_extend function,
which might either be registered as another hook, or invoked explicitly
before returning the response.
Fixing this would go beyong the scope of this patch.
Akihiro MOTOKI [Wed, 21 Aug 2013 06:43:19 +0000 (15:43 +0900)]
Export portinfo thru portbinding ext in NEC plugin
blueprint nec-port-binding
* Add host-id support in port-binding extension.
* Expose portinfo thourgh binding:profile attr in a port.
portinfo is a mapping between neutron port id and OpenFlow switch
physical information (datapath_id and port_no)
It changes the following in portinfo db model
* Add cascade on delete to delete an associated portinfo
when deleting the port.
* Use joined query for portinfo model to retrieve an associated
portinfo when querying a port.
Fix DHCP agent to work without extra_dhcp_opt extension
With the introduction of extra_dhcp_opt extension, DHCP agent
stopped serving mac adresses when used in conjunction with a
plugin that doesn't support this extension. This fixes the agent
by not assuming that port dict contains extra_dhcp_opt key.
This patch enables the plugin to deal correctly with
newer versions of the NVP platform; this is done by
allowing the plugin to fall back to the closest known
version of the NVP platform. This is acceptable behavior
as L2/L3 operations implemented by the platform are most
certainly backward compatible.
This patch also improves test coverage for this part of the
code, which is critical to the correct behavior of the plugin.
Rudrajit Tapadar [Sat, 10 Aug 2013 06:42:45 +0000 (23:42 -0700)]
Multi-segment and trunk support for the Cisco N1Kv Plugin
This patch adds vlan and vxlan trunk support in the
Cisco N1Kv plugin. It also adds support for multi-segment
networks for bridging vlan networks with vxlan networks.
Kevin Benton [Fri, 23 Aug 2013 03:17:00 +0000 (20:17 -0700)]
Refactor BigSwitch error handling to use db rollbacks
This patch adjusts most of the logic handling the
calls to the controller in the BigSwitch/floodlight
plugin to make use of the db rollbacks from
sqlalchemy for free on exceptions. This eliminates
several complex try-except blocks and makes
maintaining db<->controller consistency easier.
Francois Eleouet [Fri, 30 Aug 2013 20:30:04 +0000 (22:30 +0200)]
Add missing match in OVS agent tunnel mac leaning
Learned flows introduced in commit a369f9e39691c01a4e4f7f8668cb37fc17ba03b3
to learn remote mac addresses on tunnels currently only match local VLAN,
but not destination mac address, as a consequence, connectivity may be
erratic as soon as more than two agents are used
Stephen Gran [Thu, 29 Aug 2013 06:11:44 +0000 (07:11 +0100)]
Create RPC connection before modifying OVS bridges
On startup, the agent removes and readds flows to the OVS bridges. If
an RPC setup error exits the process prematurely, this can leave the
bridges in an unsafe state. It is better to set the RPC communication
up before making changes to the host system.
Closes-Bug: 1217980
Change-Id: Ib9bbb864b9129bb7b1376a150a37a0c07908d74b Signed-off-by: Stephen Gran <stephen.gran@guardian.co.uk>
Return 400 if creating a distributed router on old NVP platforms
Without checking for the right NVP support, creating a distributed
router will silently fail, i.e. ithe 'distributed' attribute will
be ignored and a centralized router will be created instead.
Currently, the units for keepalive can only be seconds. If this
changes in the future (e.g. to allow kilobytes units), then the
test for the value will need to be changed.
To correctly test the MTU limits for an IPSec connection, the
protocol must be taken into consideration, which is defined by
the vpnservice object. Because of this dependency, we cannot
validate this in the extension, and will instead, just make
sure the value is positive.
Likewise, the attribute validators cannot ensure that the
DPD timeout is greater than the interval (again, because the
validators can only check the individual attributes one at
a time).
The range validator was modified to allow single ended ranges
for some of these attributes. The range also ensures the value
is an integer.
Companion changes are being made in the CLI code for these limit
changes.
This patch adds support for NVP distributed logical routers
adding a simple attribute extension.
The default router type can be controlled used the default_router_type
option in the nvp section of neutron configuration.
In order to ensure backward compatibility, pre-existing routers
will be treated as centralized routers.
Akihiro MOTOKI [Thu, 29 Aug 2013 12:08:06 +0000 (21:08 +0900)]
Load tables of service plugins when migration auto generation
When we run "neutron-db-manage revision --autogenerate", it detects
table deletion of service plugins even when they are configured.
We need to load tables of service plugins to teach alembic such
tables exist.
Roman Podolyaka [Tue, 30 Apr 2013 12:12:15 +0000 (15:12 +0300)]
Fix a race condition in add_tunnel_endpoint()
If there are multiple OVS agents concurrently executing
'tunnel_sync' RPC call a race condition can occur
leading to insertion of two different TunnelEndpoint
entries having the same 'id' value.
Unfortunately, we can not rely on:
- @lockutils.synchronized(), because a Neutron installation can use
more than one API node
- with_lockmode('update'), because it works differently in PostgreSQL
comparing to MySQL and doesn't guarantee that no new rows have been
added to the table since the select query was issued. Please take a
look at http://www.postgresql.org/files/developer/concurrency.pdf for
more details.
The proposed fix:
- ensures there is a unique constraint set for 'id' column
- wraps creation of a new TunnelEndpoint entry into a
repeatedly executed transactional block (so even if a concurrent
DB transaction has been flushed or commited earlier than this one
we can handle an integrity error and try again, in spite of the
specified transactions isolation level value)
If a port is currently using the subnet's gateway IP, which usually
happens for router interfaces, do not allow updates to the gateway IP.
This patch adds an extra query on the IPAllocation model, which
returns at most a single record, and is executed in _validate_subnet
only when the subnet is updated.
There are cases in which an admin context is created only to grab a db
session and ensure no tenant filters are applied in _model_query. In
these cases evaluating the policy engine for grabbing admin roles is not
necessary, and can cause unexpected and serious issues if the context is
grabbed before all the extensions are loaded.
There are trailing commas in default value of some options, uncomment
them will cause CRITICAL error for neutron-server. These sample config
may mislead operators, so this patch fix them to the correct format.
Claudiu Belu [Wed, 7 Aug 2013 14:15:09 +0000 (07:15 -0700)]
Adds support for the Hyper-V WMI V2 namespace
Blueprint: hyper-v-wmi-v2
The Hyper-V APIs are mainly based on WMI. The original 2008 Hyper-V
release introduced the "root\virtualization" namespace which got
superseded in Hyper-V Server / Windows Server 2012 by the
"root\virtualization\v2" namespace (referred as V2 in the sources).
The original namespace has been dropped in the upcoming Hyper-V 2012
R2 (currently available in preview), which means that the Grizzly code
will not be compatible with it as is.
The Hyper-V driver is structured with a clear decoupling between OS
interaction classes (so called *utils modules and classes) and the
agent's logic.
This allows us to provide an implementation of the V2 API without
impacting the rest of the agent's code, based on a factory module
added to instantiate the proper version of the *utils classes: the
original "V1" ones for versions of the OS predating 2012 and the
newer "V2" ones starting from Hyper-V 2012 (Windows kernel version
6.2).
Paul Michali [Fri, 23 Aug 2013 15:47:24 +0000 (11:47 -0400)]
Analyze re-raised exceptions in Cisco Plugin
Checked all cases of re-raised exceptions. In several cases, the exception
was redundant (re-raising the same exception), so the try block and
exception handling was removed.
In one case, exceptions raised from two sources were re-raised with a
a different exception. Instead of doing this, the original exceptions
were changed and the try block and re-raised exception were removed.
In cases where there were database exceptions that were re-raised as
Neutron exceptions, the traceback was left as-is, since it was more
informative to know the higher level source of the issue.
The same was true for the exception mentioned in the bug, where the
original failure was in the ncclient library parsing the configuration
and it would be more descriptive to know that there was a connection
failure or a config failure, that to know the library method.
Kevin Benton [Fri, 23 Aug 2013 12:51:54 +0000 (05:51 -0700)]
BigSwitch plugin - add portbinding info in requests to controller
Include portbinding info in requests to controller so it receives
information about the compute node like the VIF type and the host
ID. Also includes better debug output on back-end failures.
Maru Newby [Thu, 22 Aug 2013 07:57:00 +0000 (07:57 +0000)]
Minimize ovs l2 agent calls to get_vif_port_set()
The ovs l2 agent was previously calling get_vif_port_set() on the
integration bridge once per rpc_loop() iteration and then again in
the periodic _report_state() call that returns the current device
count to the neutron service. Since get_vif_port_set() is an
expensive call (relying on shell commands) and since there
is minimal risk associated with reporting stats that are a few
seconds old, this patch caches the device count for reuse by
_report_state().
Improve dhcp agent structure to support multiple dhcp models
This patch introduces some minor refactoring of the dhcp
code so that it is easy to support both an in-node/same
process dhcp provisioning model (e.g. with dnsmasq) and
proxy model, where DHCP is provided by an external node.
Higher separation of concerns is also achieved by doing
better data encapsulation.
Add a relationship performing eager load in the Port model, thus preventing
the 'extend' function from performing an extra query.
This patch also replaces assertTrue with assertEqual in unit tests as it
needs to evaluate whether the value of the mac_learning_enabled attribute
is equal to the boolean literal True, whereas assertTrue verifies that the
expression passed to it evaluates to True. This means that any value but
False will be enough for the test to pass, which is not correct.
This patch does a simple refactoring of test_l3_plugin, pushing out tests
aimed at validating the interactions of the l3 agent with the server.
These tests explicitly use TestL3NatPlugin, whereas all the
other tests use a configurable plugin, which might be specificed by a child
class. This might lead to confusion and possibly errors in unit tests for
child classes, especially those not using the l3 agent - for which running
these test is also superfluous.
Code Review / openstack-build / neutron-build.git / log