shihanzhang [Tue, 26 May 2015 08:42:44 +0000 (16:42 +0800)]
Update ipset members when corresponding sg member is empty
if a security group has a rule with 'remote-group-id', the ports
in this security group should update its relevant ipset member
when the remote-group members is empty.
Send 'security_groups_member_updated' when port changes
With ml2 plugin, when a port's IP or security group changes, it
should send 'security_groups_member_updated' message to other l2
agents which have same security group with this changed port.
Assaf Muller [Sat, 6 Jun 2015 22:41:39 +0000 (18:41 -0400)]
Remove full stack log noise
"neutron-server isn't up yet" logs are useless because if
you time out when waiting for the server to start that information
will be in the trace. When you don't time out, the log is just spam.
Same reasoning for the "There are %d agents running!" log.
Also made the agents_count parameter mandatory for the
wait_until_env_is_up method because having a default of 0, or any
other default makes no sense. There's no reason to ever call that
method without specifying the agents_count. This method used
to be used with agents_count == 0 by the server to make sure
its up (And responding to REST calls), but the Neutron server
fixture now uses server_is_live method (Which calls list_networks)
instead.
Stephen Ma [Thu, 4 Jun 2015 20:09:23 +0000 (20:09 +0000)]
L3 agent should do report state before full sync at start
Sometimes the AgentNotFoundByTypeHost exception is reported during
L3-agent startup. The exception is generated when the first
get_routers RPC call is made. When the neutron server gets this
RPC call, it might not have handled the report state RPC call yet.
So the L3-agent hasn't been registered in the API server.
The result is a RPC Error exception. By the time the next
get_routers RPC call is made, the report state RPC call has already
been done and agent registered.
This patch modifies the L3 agent startup behavior to have the report
state done before the agent do the sync routers RPC call.
Cedric Brandily [Wed, 6 May 2015 20:40:39 +0000 (22:40 +0200)]
Clean only floating-ip related connection states
Currently init_l3 deletes connection states related to ALL ips deleted
in init_l3 but it's required only when floating-ips are deleted[1].
This change deletes only connection states related to floating-ips
deleted in init_l3 ... it avoids to delete connection states in dhcp
agents and on router internal ports!
[1] look at change Ia9bd7ae243a0859dcb97e2fa939f7d16f9c2456c
Carl Baldwin [Thu, 4 Jun 2015 22:25:44 +0000 (22:25 +0000)]
Refactor awkward logic in setup_dhcp_port
I noticed this logic as I was reviewing another patch set [1]. I
didn't like removing subnet ids from dhcp_enabled_subnet_ids and I
wasn't too keen on the ips_need_removal semantics that were kind of
forced by the existing structure of the code. I hope you find this
alternative much clearer. I like straight-forward code with less
indentation that doesn't use awkward booleans like ips_needs_removal.
Pavel Bondar [Fri, 5 Jun 2015 11:01:10 +0000 (14:01 +0300)]
Decompose db_base_plugin_v2.py part 2
This patch contains method moving with minor modifications like updating
class names. IPAM specific methods were moved into ipam_backend_mixin and
ipam_non_pluggable_backend.
ipam_backend_mixin - contains code common for both backends (pluggable and
non-pluggable).
ipam_non_pluggable_backend - contains code specific for non-pluggable
IPAM implementation.
Elena Ezhova [Thu, 4 Jun 2015 14:00:13 +0000 (17:00 +0300)]
Start linuxbridge neutron agent using a launcher
This change ports linuxbridge neutron agent on common/service code
that will allow to handle termination signals (SIGHUP, SIGTERM, SIGINT).
Note that this patch allows changing only logging options.
All other config options are not handled explicitly and changing
them using SIGHUP can lead to unpredictable circumstances.
So, until changing other options is handled it is highly recommended
to use SIGHUP for changing ONLY logging options.
Elena Ezhova [Mon, 1 Jun 2015 11:55:13 +0000 (14:55 +0300)]
Handle SIGHUP in ovs neutron agent
This change allows ovs neutron agent not to die on receiving SIGHUP
and reload its logging options.
Note that this patch allows changing only logging options.
All other config options are not handled explicitly and changing
them using SIGHUP can lead to unpredictable circumstances.
So, until changing other options is handled it is highly recommended
to use SIGHUP for changing ONLY logging options.
Jakub Libosvar [Wed, 27 May 2015 13:50:22 +0000 (13:50 +0000)]
Run RootHelperProcess always as root
The purpose of RootHelperProcess is to spawn processes running with root
id. Instantiating RootHelperProcess as non-root doesn't make sense. This
also implies NetcatTester always spawns 'netcat' process as root. The
reason why parameter existed here was due to refactor from passing
root_helper all over the place.
Test create port with specific value of port_security_enabled
Test create secure port with security_group attached
Test update port with port_security_enabled True\False
and with or without security groups
Test deleting port with port_security_enabled
Angus Lees [Thu, 4 Jun 2015 02:55:02 +0000 (12:55 +1000)]
pylint: enable `duplicate-key` check
This check attempts to detect dictionary literals with duplicate keys.
The rest of the Neutron tree has already had the few instances of this
cleaned[1] or moved into external vendor repos. Enabling the pylint
check will stop future occurrences.
[1] I29cd2b843a7905986de13a1ecfba0cb5797ccaf8
(Original patch I1aa221d2019853f905f2b8421dd45b0a3102baf0 by zhiyuan_cai)
Carl Baldwin [Wed, 3 Jun 2015 16:56:23 +0000 (16:56 +0000)]
Enhance utils.ensure_dir to be resilient to concurrent workers
In rare cases, concurrent workers may attempt to ensure a directory
exists. One may successfully create the directory while the other
gets an oserror that it already exists. This patch detects the
problem and returns successfully in both cases.
Carl Baldwin [Wed, 27 May 2015 20:12:27 +0000 (20:12 +0000)]
Use a single method to remove an address with its conntrack state
I just noticed a pattern and I thought I'd throw this up for
discussion. It has occurred to me that this addition sort of breaks
the ip_lib paradigm of wrapping ip commands without any additional
useful abstraction. Any better ideas?
Pavel Bondar [Wed, 3 Jun 2015 11:22:29 +0000 (14:22 +0300)]
Decompose db_base_plugin_v2.py
Moved private getters and simple helpers into db_base_plugin_common.
This change is part of bigger refactoring for supporting Pluggable IPAM.
Main purpose is to make getters accessible by IPAM code.
Russell Bryant [Tue, 2 Jun 2015 19:20:44 +0000 (15:20 -0400)]
Add sub-project lieutenants
A recent patch added the concept of Lieutenants for Neutron. This
same concept makes a lot of sense for identifying clear points of
contact for the various sub-projects under the Neutron tent. This
patch adds a table of the projects currently approved as part of
Neutron in the governance repo. I also made a guess on who the
lieutenant would be based on reviews in stackalytics (except for ones
that weren't in stackalytics).
Change-Id: Ibce5d6ba5e19dec59a10c88749557509136c4e41 Signed-off-by: Russell Bryant <rbryant@redhat.com>
Aman Kumar [Wed, 3 Jun 2015 06:49:40 +0000 (23:49 -0700)]
Make MockFixedIntervalLoopingCall class as a helper class
MockFixedIntervalLoopingCall class is used in both the classes
TestOvsNeutronAgent and TestOvsDvrNeutronAgent.
This patch removes the MockFixedIntervalLoopingCall from both the
places and make it as a helper class in test_ovs_neutron_agent.py.
So that it will be used everywhere in test_ovs_neutron_agent.py.
Kevin Benton [Wed, 3 Jun 2015 05:52:51 +0000 (05:52 +0000)]
Revert "Add VIF_DELETED notification event to Nova"
We need to wait until the nova support is added in
I998b6bb80cc0a81d665b61b8c4a424d7219c666f. Otherwise
this generates a ton of error messages in the nova api
log as well as on the neutron side.
Oleg Bondarev [Wed, 6 May 2015 09:50:11 +0000 (12:50 +0300)]
Wrap ML2 delete_port with db retry decorator
ML2 delete_port operation currently involves locking ports
and bindings tables which may lead to DBDeadlock errors in certain
cases when several ports are deleted concurrently.
That may happen due to specifics of Galera working in active-active
mode: it may throw deadlock errors when it fails to validate
a change with other members of the cluster.
The fix adds retries to delete port operation to overcome such
deadlocks
Eugene Nikanorov [Tue, 26 May 2015 16:17:20 +0000 (20:17 +0400)]
Catch broad exception in methods used in FixedIntervalLoopingCall
Unlike other places where it might make sense to catch specific
exceptions, methods that are used to check L3 and DHCP agents
liveness via FixedIntervalLoopingCall should never allow exceptions
to leak to calling method and interrupt the loop.
Further improvement of FixedIntervalLoopingCall might be needed,
but for the sake of easy backporting it makes sense to fix the issue
in neutron before pushing refactoring to 3rd-party library.
Assaf Muller [Tue, 2 Jun 2015 16:21:11 +0000 (12:21 -0400)]
Add devref that explains fullstack testing and its direction
The goal of this doc is to communicate what are full stack tests,
how they benefit you and when would you write such a test.
Additionally I'd like to communicate the way forward, and gather
feedback about any areas in the code that can benefit from full
stack tests, and any additional thoughts!
Assaf Muller [Mon, 1 Jun 2015 21:05:56 +0000 (17:05 -0400)]
Remove get_dhcp_port RPC method
This method was last used in Icehouse. I think we can safely
remove all of its code and tests. Icehouse to Liberty rolling
upgrades are in no way expected to work so I just bumped
the RPC version and removed all traces of the code.
Cedric Brandily [Sat, 30 May 2015 18:41:29 +0000 (20:41 +0200)]
Refactor type_tunnel/gre/vxlan to reduce duplicate code
gre and vxlan type drivers have similar implementations for multiple
methods:
* get_endpoint_by_host
* get_endpoint_by_ip
* delete_endpoint
* get_endpoints
* add_endpoint
This change abstracts these methods and moves the abstractions to the
new class EndpointTunnelTypeDriver.
Gal Sagie [Tue, 2 Jun 2015 05:49:10 +0000 (08:49 +0300)]
Update rootwrap.conf to add /usr/local/bin
When working with OVN i found on Fedora 21 that
my ovs-vsctl is installed in /usr/local/bin, since this wasnt in
rootwrap DHCP didnt work properly.
This change adds it to rootwrap
Windows VMs try to resolve metadata ip 169.254.169.254 as
local address by default, which results in very slow access
to metadata url during boot.
Injecting direct route to metadata ip through a subnet's default
gateway helps Windows to avoid wasting time on mac resolution.
So this patch injects host route for metadata ip for networks plugged
into a router.
Code Review / openstack-build / neutron-build.git / log