Akihiro Motoki [Fri, 21 Mar 2014 19:17:14 +0000 (04:17 +0900)]
NEC plugin: Remove a colon from binding:profile key due to XML problem
In XML specification, if a tag name contains a colon, a part before
a colon is interpreted as namespace. If key names in binding:profile
dict contains a colon, Neutron XML serializer sends them as-is.
A colon in key names should be used only if XML namespace are used.
NEC plugin uses a colon in key names and it leads to failures to XML
deserialization. To avoid this problem, this commit removes a colon
and prefix n key names in port binding:profile so that client XML
deserializer decodes XML response successfully.
Kyle Mestery [Fri, 21 Mar 2014 09:41:31 +0000 (09:41 +0000)]
Don't set priority when calling mod_flow
This commit [1] changed the behavior of modifying flows to not allow priority
to be set on flow modification. The agent code which was calling mod_flow was
not updated to respect this behavior. The unit tests were also not updated in
this regard. I've corrected this behavior now, and added a negative UT case to
catch this in the future.
Kevin Benton [Thu, 20 Mar 2014 07:24:50 +0000 (00:24 -0700)]
Get rid of additional db contention on fetching VIP
This fix gets rid of fetching related record from ports table
that could potentially be blocked by concurrent operation
This is to prevent it from updating the
vip table while a port SQL lock is in place, which
vip entries have a reference to.
Robert Kukura [Mon, 10 Mar 2014 19:06:09 +0000 (15:06 -0400)]
ML2: Remove validate_port_binding() and unbind_port()
The API implemented by ML2 mechanism drivers included three methods
related to port binding that were called within DB transactions, but
that could potentially involve communication with controllers or
devices that should not be done within transactions. A subsequent
patch will move the calls to bind_port() outside of tranactions. This
patch eliminates the other two methods from the MechanismDriver API.
The validate_port_binding() method was previously called on the bound
mechanism driver to check whether an existing binding was still valid,
so that the port could be rebound if something changed. But since nova
has no way to handle changes to binding:vif_type or
binding:vif_details after a port is initially plugged, this turned out
not to be useful, so the method has been removed from the
MechanismDriver API. Now, once a port is successfully bound, the
binding remains until the port is deleted or any of it's
binding:host_id, binding:vnic_type, or binding:profile attribute
values are changed.
The unbind_port() method was previously called on the bound mechanism
driver as an existing binding was removed. This method was not used by
any existing mechanism drivers, and was redundant with the
update_port_precommit() and update_port_postcommit() methods that are
called on all mechanism drivers when an existing binding is removed,
so this method has also been removed from the driver API.
Eliminating the unbind_port() call allows the binding details to be
made available via the PortContext in delete_port_postcommit() calls,
completing the resolution of bug 1276395.
berlin [Mon, 17 Feb 2014 03:04:08 +0000 (11:04 +0800)]
Fix duplicate name of NVP LBaaS objs not allowed on vShield Edge
Duplicate name of LBaaS objs such as pool/vip/app_profile is not
allowed on vShield Edge, so here a name convention is needed to ensure
name uniqueness on the edge side.
Closes-Bug: #1257225
This patch adds a semaphore for serializing the delete port API
calls and update_port_status calls to avoid simultaneous
attempts to acquire SQL update locks on the port table from
the same thread pool.
This semaphore has been introduced to avoid undesired eventlet
yields which trigger 'lock wait timeout' errors in the DB backend;
it should have a negligible impact on the overall performance.
Mark McClain [Fri, 7 Mar 2014 20:07:43 +0000 (15:07 -0500)]
add HEAD sentinel file that contains migration revision
This change wraps the command to generate a migration with code to
update a file called HEAD. The HEAD file will contain the revision ID
of the head of the migraton timeline. Additionally, check migrations has
been altered to verify the contents of this file against the timeline
head.
This file helps the OpenStack gate detect potential migration branches
without running alembic via git merge conflicts.
Paul Michali [Wed, 12 Mar 2014 14:04:30 +0000 (14:04 +0000)]
Cisco VPN device driver post-merge cleanup
During review for I-3 there were some minor comments regarding log
level on message and asserts for mock calls.
In addition, some debug logging enhancements were made between the
service and device driver to better indicate the source of the
shared "vpnservice_updated" RPC.
Lastly, unit tests were updated, based on a newer Cisco CSR image,
which had REST API fixes and behavior changes.
Akihiro Motoki [Wed, 19 Mar 2014 08:08:37 +0000 (17:08 +0900)]
NEC plugin: Honor Retry-After response from OFC
A backend OpenFlow controller nec plugin talks to can return
503 response with retry-after header when it is busy.
It is better to honor retry-after header to avoid unnecessary
user-visible errors due to temporary busy condition.
Irena Berezovsky [Tue, 18 Mar 2014 14:35:35 +0000 (16:35 +0200)]
Add update binding:profile with physical_network
Add temporary solution in order to support multiple physical networks
by mlnx ML2 MechanismDriver.
Due to non merged patches in nova that should support propagating
physical_network retrieved from port binding:profile attribute
to VIF/Network object.
The code will be removed once relevant nova patches are merged.
The code is disabled by default and should be enabled via
ml2_conf_mlnx.ini config file.
Itsuro Oda [Tue, 17 Dec 2013 01:16:51 +0000 (10:16 +0900)]
Enable to select an RPC handling plugin under Metaplugin
Multiple plugins under metaplugin become 'q-plugin' topic
consumers and a request from an agent is handled by one of
them randomly. Fortunatly most of RPC callbacks are common
for plugins but a problem occurs if an RPC is not supported
by the received plugin.
This is one of risks when using metaplugin. Fundamental fix
of this problem (such as RPC delegation handling of metaplugin)
is difficult since each plugin needs to modify.
But when only one plugin has plugin specific RPCs and other
RPCs are independet of plugins, if the plugin can be selected
for RPC handling, the problem does not happen. Typical use
case of metaplugin such as combination of an agent-based
plugin and a controller-based plugin often applies to this
condition.
This patch adds 'rpc_flavor' configuration parameter to
select an RPC handling plugin. If 'rpc_flavor' is specified,
only the specified plugin becomes 'q-plugin' topic consumer.
If 'rpc_flavor' is not specified, the behavior is same as
previous one.
Kevin Benton [Tue, 4 Mar 2014 11:27:11 +0000 (03:27 -0800)]
Mock agent RPC for FWaaS tests to delete DB objs
This changes the firewall service unit tests to
mock the RPC calls from the firewall service to
the agent. This allows the tests to fake the
agent response RPC that removes the firewall
from the DB so the all of the other objects that
the firewall depends on can be deleted.
Kevin Benton [Tue, 18 Mar 2014 00:06:46 +0000 (17:06 -0700)]
Allow CIDRs with non-zero masked portions
Allow users to specify CIDRs with bits other
than zeros in the masked portion of the subnet.
e.g. 192.168.1.5/24 is accepted and converted
to 192.168.1.0/24.
Dane LeBlanc [Tue, 18 Mar 2014 16:37:33 +0000 (12:37 -0400)]
Cisco plugin fails with ParseError no elem found
When the Cisco nexus plugin is configured on DevStack, the tempest
Neutron API test test_port_list_filter_by_router_id fails with the
following error:
ParseError: no element found: line 1, column 0
The root cause is that the Cisco Nexus plugin model layer
is encapsulating each dictionary response from the OVS subplugin
into a list, whereas the WSGI layer is expecting a dictionary
response. The fix is not to encapsulate these responses into a list.
Dane LeBlanc [Sat, 15 Mar 2014 00:32:10 +0000 (20:32 -0400)]
Cisco Nexus: maximum recursion error in ConnectionContext.__del__
If DevStack is configured for the Cisco Nexus plugin, the following
error is observed:
Exception RuntimeError: 'maximum recursion depth exceeded' in <bound
method ConnectionContext.__del__ of
<neutron.openstack.common.rpc.amqp.ConnectionContext object at
0x403a3d0>> ignored
The root cause of the problem is that the Cisco Nexus plugin's
PluginV2.__gettattr__ method, a model object is being passed
as a value for a unicode %s format mod. Because the neutron server
has "lazy gettext" (deferred interpretation of unicode objects) enabled,
this causes many layers of recursive calls to deepcopy.
The fix is to pass a string object for the unicode %s mod field.
Claudiu Belu [Mon, 17 Mar 2014 20:53:55 +0000 (13:53 -0700)]
Fixes Hyper-V agent security groups enable issue
Fixes the weight of the applied allow rules by ignoring
the weight of the reject rules.
Fixes the override allow rules issue by fixing the
ACL filtering condition.
Kevin Benton [Tue, 18 Mar 2014 19:11:53 +0000 (12:11 -0700)]
ML2 BigSwitch: Don't modify parent context
Makes a copy of the port context before changing
it in preparation for the backend controller so
other drivers are not affected. Also removes a
UT that was exercising direct modification of VIF
details in the port context, which is not allowed
by the ML2 plugin.
Assaf Muller [Sun, 16 Mar 2014 11:01:18 +0000 (13:01 +0200)]
Change report_interval from 4 to 30, agent_down_time from 9 to 75
report_interval is how often an agent sends out a heartbeat to the
service. The Neutron service responds to these 'report_state' RPC
messages by updating the agent's heartbeat DB record.
The last heartbeat is then compared to the configured
agent_down_time to determine if the agent is up or down.
The agent's status is used when scheduling networks on DHCP
and L3 agents.
In the spirit of sane defaults suited for production, these values
should be bumped to reduce the load on the Neutron service
dramatically, freeing up CPU time to perform intensive operations.
Code Review / openstack-build / neutron-build.git / log