Benedikt Trefzer [Mon, 26 May 2014 20:45:25 +0000 (22:45 +0200)]
fix openvswitch requirement check
With VXLAN enabled on openvswitch, neutron checks
module version of the openvswitch kernel module.
If the pattern to extract the version matches twice
(eg. for path and version) the agent dies.
This patch ensures, that only the version is checked
against the pattern.
ronak [Thu, 15 May 2014 14:38:43 +0000 (07:38 -0700)]
Extraroute extension support for nuage plugin
Nuage's VSP supports adding static-route to L3 Domain
which fits nicely with extraroute extension supported
by openstack's neutron. This set of change enables that.
Arvind Somya [Thu, 13 Feb 2014 17:57:50 +0000 (09:57 -0800)]
Cisco APIC ML2 mechanism driver, part 2
This set of changes introduces a mechanism driver for the
Cisco APIC. This is the second and final part of a 2 part commit.
Please see the blueprint for more information.
The review is submitted in two parts:
- Part 1 (Posted earlier, required for Part 2)
o APIC REST Client
o APIC data model and migration script
o APIC configurations
- Part 2 (this commit)
o APIC mechanism driver
o APIC manager
Andreas Jaeger [Thu, 22 May 2014 16:48:04 +0000 (18:48 +0200)]
Remove all mostly untranslated PO files
We now only import PO files that are at least 75 % translated,
so we can delete now all other PO files. The patch only
removes the mostly untranslated files. Once a file becomes mostly
translated, the bot will import it again.
Jakub Libosvar [Thu, 30 Jan 2014 14:27:02 +0000 (15:27 +0100)]
Metadata agent caches networks for routers
During cloud-init there are several calls that asks neutron API for the
same data which will not be most likely changed. Specifically router's
networks are cached.
Jakub Libosvar [Tue, 11 Feb 2014 14:59:06 +0000 (15:59 +0100)]
Common decorator for caching methods
Decorator caches methods' results, the key is composed from function
name and its parameters. Implementation of cache itself should be in
object implementing decorated method. Cache backend should be taken
from oslo-incubator.
Ryan Moe [Fri, 2 May 2014 20:08:45 +0000 (13:08 -0700)]
Make pid file locking non-blocking
fcntl.flock will block indefinitely if another process holds an exclusive
lock. A non-blocking flock operation will raise an error when a lock already
exists so we can fail immediately.
Allowed Addresspairs: Removing check for overlap with fixed ips
Current code does not allow assigning a fixed ip to a port when that ip
overlaps with one of the addresses in the allowed-addresspairs list.
This is an unnecessary check as the overlap does not have any negative
effect. Further, such a check actually makes it hard to use this
API. For example, if a fixed IP 10.10.1.1 exists on a port and we
want to allow addresses in 10.10.1.0/24 cidr on that port, then one
has to configure a list of 8 cidrs ([10.10.1.0/32, 10.10.1.2/31,
10.10.1.4/30, ..., 10.10.1.128/25]) on the allowed-addresspairs.
In addition to the above reasons, the current code also does not
check for the overlaps in all cases.
Rajesh Mohan [Wed, 21 May 2014 02:41:26 +0000 (19:41 -0700)]
Do not defer IPTables apply in firewall path
By default, iptables apply is deferred in L3 agent. For
external gateways, iptables is applied immediately (to
enable NAT for floating IP). Similarly, when firewall
is created/updated/deleted, iptable rules are applies
immediately.
Steven Gonzales [Mon, 12 May 2014 14:51:13 +0000 (07:51 -0700)]
Metaclass Python 3.x Compatibility
According to the OpenStack style guide
(http://docs.openstack.org/developer/hacking/),
for Python 3.x compatibility use "six.add_metaclass"
instead of " __metaclass__."
Terry Wilson [Tue, 20 May 2014 15:58:32 +0000 (10:58 -0500)]
Remove hard dependency on novaclient
The nova notification patch introduces a hard dependency on
novaclient when it is a runtime-configurable dependency. The
import from novaclient should be conditional on the
appropriate nova notification options being enabled in the
config.
Ed Bak [Fri, 7 Mar 2014 17:16:15 +0000 (17:16 +0000)]
Provide way to reserve dhcp port during failovers
This change provides a way to save the dhcp port when failing
over a network from one dhcp agent to another. When a
dhcp-agent-network-remove is issued, the dhcp port device_id is
marked as reserved which causes it to not be deleted. When a
subsequent dhcp-agent-network-add is issued, the reserved port
is used and the device_id is corrected. This is desirable
in order to maintain the dhcp port ip address so that dns doesn't
get impacted. Unit test added.
Édouard Thuleau [Mon, 6 Jan 2014 12:58:39 +0000 (13:58 +0100)]
Implement local ARP responder onto OVS agent
With ML2 plugin and l2-pop mechanism driver, it's possible to locally
answer to the ARP request of the VM and avoid ARP broadcasting emulation
on overlay which is costly.
When this functionality is enabled, the OVS flows logic evolves to [1].
This functionality was introduce in 2.1 OVS branch [2].
A README is added to describe l2-pop mechanism driver and the agents
particularities.
Sam Hague [Fri, 2 May 2014 18:08:09 +0000 (14:08 -0400)]
Allow vlan type usage for OpenDaylight ml2
The initial OpenDaylight integration with Openstack did not support
vlan isolation so it was not included as a valid type. This change
adds the vlan type as allowed.
Also modified tests to include vlan as supported in the
check_segment().
DocImpact:
Use of VLANs with ML2 and the OpenDaylight mechanism driver
requires OpenDaylight Helium or newer to be installed.
NSX: fix error when creating VM ports on subnets without dhcp
The error was caused by a missing LSN port (which is created when
the subnet is setup with dhcp enabled). Therefore, check the port
is in place before proceeding with the setup.
To allow migration of networks from the agent based model
to the agentless one, both modes need to be available; prior
to this change the extension was available in 'agentless' mode
too; this may lead to leftovers during the migration step.
This patch makes the extension available in 'combined' mode
only, which was the intended behavior.
Gary Kotton [Thu, 1 May 2014 13:10:57 +0000 (06:10 -0700)]
Add missing translation support
Update a number of files to add missing translation support.
The patch adds a new hacking check - N320. This ensures that
all log messages, except debug ones, have translations.
A '# noqa' indicates that the validation will not be done on
the specific log message. This should be used in cases where
the translations do not need to be done, for example, the log
message is logging raw data.
wangbo [Mon, 12 May 2014 07:18:03 +0000 (15:18 +0800)]
Reorg table ml2_port_bindings when db migration
For DB2, there are restrictions on table access
after ALTER TABLE statements containing
REORG-recommended operations.
Table will be placed in "reorg pending" state
after some continuous alter table operations.
Need run reorg table to make the table available.
More info refer to:
http://publib.boulder.ibm.com/infocenter/db2luw/v9/index.jsp
?topic=%2Fcom.ibm.db2.udb.admin.doc%2Fdoc%2Fc0023297.htm
NSX: Do not extend fault map for network gateway ext
Most of the exceptions defined for this extension already extend
an exception-mapped class. This patch ensures this is true for
every exception and then removes the fault map extension code.
Roman Podoliaka [Wed, 16 Apr 2014 10:59:33 +0000 (13:59 +0300)]
Fix issubclass() hook behavior in PluginInterface
Currently, PluginInterface provides an issubclass() hook that returns
True for issubclass(A, B) call, if all abstract methods of B (stored
in B.__abstractmethods__) can be found in the A.__mro__ tuple of
classes. But there is an edge case, when B doesn't have any abstract
methods, which leads to issubclass(A, B) call returning True even if
A and B are not related all.
E.g. issubclass(NeutronPluginPLUMgridV2, NsxPlugin) returns True,
while these two are different core plugins. And it gets even more
trickier when superclasses are involved: e.g. SecurityGroupDbMixin is
a superclass of NsxPlugin, so depending on the fact whether the
python module with NsxPlugin class is imported or not,
issubclass(NeutronPluginPLUMgridV2, SecurityGroupDbMixin) will return
either False or True accordingly.
Édouard Thuleau [Mon, 3 Mar 2014 17:08:33 +0000 (18:08 +0100)]
OVS lib defer apply doesn't handle concurrency
The OVS lib deferred apply methods use a dict to save flows to add,
modify or delete when deffered apply is switched off.
If another thread adds, modifies or deletes flows on that dict during
another process called deffered_apply_off, its flows could be ignored.
This fix stash reference flows list and point the flows list to a new
cleared flows list. Then, it applies flows from the stashed flows list.
Maru Newby [Fri, 9 May 2014 22:24:45 +0000 (22:24 +0000)]
Make plugin deallocation check optional
The fix for memory leakage in the related bug added a check for plugin
deallocation that performed a call to gc.collect() after every test.
This had the side-effect of increasing test execution time by ~50%, so
this patch makes the check optional via an environment variable
(OS_CHECK_PLUGIN_DEALLOCATION).
It may make sense to create a periodic job that runs with the check
enabled, but otherwise the check can be used by developers for
debugging purposes.
Restore the default value of the send_arp_for_ha configuration
parameter to 3. This parameter was set to 0 by default to
prevent kernel crashes due to bug 1273386.
Maru Newby [Wed, 7 May 2014 22:41:40 +0000 (22:41 +0000)]
Ensure core plugin deallocation after every test
The unit tests were previously consuming an excessive amount of memory
(4GB+) due to plugin instances persisting in memory. Deallocation was
not possible where a combination of circular references and mocking
was involved. This patch ensures that only NeutronManager holds a
plugin reference and that all other references are instances of
weakref.proxy. Residual memory footprint for tox executed on a
12-core machine has been reduced to ~1.3GB. Plugin deallocation is
validated at the end of each test to prevent regressions.
This change also includes fixes to unit tests that depended on plugin
instances persisting across tests.
Kevin Benton [Thu, 8 May 2014 23:33:06 +0000 (16:33 -0700)]
Big Switch: Check source_address attribute exists
Check that the source_address attribute exists on
HTTPSConnection objects before referencing it since
it's not present on python 2.6 deployments. If it
does not exist, create a socket connection without
specifying the source.
ML2 VxlanTypeDriver: Synchronize of VxlanAllocation table
At neutron startup VxlanTypeDriver syncs tunnel range from conf
to DB. In case multiple servers deployment restarting several
servers at the same time could lead to DB exceptions being thrown.
Need to synchronize between neutron servers by locking VxlanAllocation
table.
NSX: ensure that no LSN is created on external networks
Logical Service Nodes (LSN) are those that provide dhcp
and metadata services to networks when the NSX plugin is
used without the openstack dhcp and metadata proxy
agents. External networks do not work with Neutron's
dhcp and metadata services, therefore there is no need
to provision a LSN in this case.
Code Review / openstack-build / neutron-build.git / log