]> review.fuel-infra Code Review - openstack-build/neutron-build.git/log
openstack-build/neutron-build.git
9 years agoMerge "linuxbridge-agent: make vxlan unicast check more efficent" into stable/juno
Jenkins [Wed, 26 Nov 2014 12:44:40 +0000 (12:44 +0000)]
Merge "linuxbridge-agent: make vxlan unicast check more efficent" into stable/juno

9 years agoConvert all incoming protocol numbers to string
Ann Kamyshnikova [Mon, 10 Nov 2014 14:05:54 +0000 (17:05 +0300)]
Convert all incoming protocol numbers to string

PostgreSQL is more sensitive for types than MySQL when it selects
something from columns in database. So it fails when it tries to
select from string field comparing with integer value.

Added unit test to verify conversion of protocol numbers to
strings.

Closes-bug:#1381379

(cherry picked from commit bc34f26302faea116be7e61051c32f8787530836)

Conflicts:
neutron/tests/unit/test_extension_security_group.py

Change-Id: I0a29595403a07c66888871088d5549705a097f68

9 years agolinuxbridge-agent: make vxlan unicast check more efficent
Darragh O'Reilly [Mon, 17 Nov 2014 10:20:58 +0000 (10:20 +0000)]
linuxbridge-agent: make vxlan unicast check more efficent

A list with the full range of vxlan VNIs (1 to 2**24) was using
over 300MB of memory. This patch uses xrange instead of range.

Closes-Bug: #1393362
Change-Id: I21ccab758e7911712690fd5e732f64361e809264
(cherry picked from commit 0bf69ad80fb77773e767e116357cf6e1666b3f5d)

9 years agoMerge "Cisco N1kv: Fix update network profile for add tenants" into stable/juno
Jenkins [Tue, 25 Nov 2014 12:53:00 +0000 (12:53 +0000)]
Merge "Cisco N1kv: Fix update network profile for add tenants" into stable/juno

9 years agoMerge "BSN: include missing data in floating IP call" into stable/juno
Jenkins [Tue, 25 Nov 2014 02:58:49 +0000 (02:58 +0000)]
Merge "BSN: include missing data in floating IP call" into stable/juno

9 years agoMerge "BSN: Set inconsistency record on delete failure" into stable/juno
Jenkins [Sun, 23 Nov 2014 03:00:19 +0000 (03:00 +0000)]
Merge "BSN: Set inconsistency record on delete failure" into stable/juno

9 years agoBSN: include missing data in floating IP call
Kevin Benton [Tue, 18 Nov 2014 09:42:34 +0000 (01:42 -0800)]
BSN: include missing data in floating IP call

Includes some missing floating IP data in an optimized
floating IP API that was previously unused.

Closes-Bug: #1394030
Change-Id: Icba2f837dbc3838f86d125d261b5e2325000c618
(cherry picked from commit 55a031e624f347d346d1909afec75482950d123c)

9 years agoMerge "Fix hostname regex pattern" into stable/juno
Jenkins [Thu, 20 Nov 2014 08:22:14 +0000 (08:22 +0000)]
Merge "Fix hostname regex pattern" into stable/juno

9 years agoMerge "Stop ignoring 400 errors returned by ODL" into stable/juno
Jenkins [Wed, 19 Nov 2014 18:45:24 +0000 (18:45 +0000)]
Merge "Stop ignoring 400 errors returned by ODL" into stable/juno

9 years agoFix hostname regex pattern
John Perkins [Mon, 6 Oct 2014 21:24:57 +0000 (16:24 -0500)]
Fix hostname regex pattern

Current hostname_pattern regex complexity grows exponentially
when given a string of just digits, which can be exploited to
cause neutron-server to freeze.

Change-Id: I886c6d883a9cb0acd9908495eec50bf0411d8ba8
Closes-bug: #1378450

9 years agoBSN: Set inconsistency record on delete failure
Kevin Benton [Thu, 2 Oct 2014 18:26:50 +0000 (11:26 -0700)]
BSN: Set inconsistency record on delete failure

Set a bad value in the consistency DB on a delete
failure so a sync is triggered the next time the backend
servers become available.

This fixes the issue where the backend servers are unavailable
when an object is deleted from ML2 but not deleted from the
backend.

Conflicts:
neutron/tests/unit/bigswitch/test_servermanager.py

Closes-Bug: #1377350
Change-Id: I24713a03af4d3499645241f900de1f572689c235
(cherry picked from commit e9f001a63a555f067c4567a88613d14853442524)

9 years agoMerge "Only fetch port_id from SG binding table" into stable/juno
Jenkins [Fri, 14 Nov 2014 11:28:19 +0000 (11:28 +0000)]
Merge "Only fetch port_id from SG binding table" into stable/juno

9 years agoMerge "Optimize query in _select_dhcp_ips_for_network_ids" into stable/juno
Jenkins [Fri, 14 Nov 2014 08:36:15 +0000 (08:36 +0000)]
Merge "Optimize query in _select_dhcp_ips_for_network_ids" into stable/juno

9 years agoMerge "Batch ports from security groups RPC handler" into stable/juno
Jenkins [Fri, 14 Nov 2014 01:08:42 +0000 (01:08 +0000)]
Merge "Batch ports from security groups RPC handler" into stable/juno

9 years agoMerge "Reduce security group db calls to neutron server" into stable/juno
Jenkins [Fri, 14 Nov 2014 00:16:22 +0000 (00:16 +0000)]
Merge "Reduce security group db calls to neutron server" into stable/juno

9 years agoMerge "Improve performance of security group DB query" into stable/juno
Jenkins [Thu, 13 Nov 2014 23:58:17 +0000 (23:58 +0000)]
Merge "Improve performance of security group DB query" into stable/juno

9 years agoMerge "_update_router_db: don't hold open transactions" into stable/juno
Jenkins [Thu, 13 Nov 2014 22:22:30 +0000 (22:22 +0000)]
Merge "_update_router_db: don't hold open transactions" into stable/juno

9 years agoMerge "fix event_send for re-assign floating ip" into stable/juno
Jenkins [Thu, 13 Nov 2014 22:20:16 +0000 (22:20 +0000)]
Merge "fix event_send for re-assign floating ip" into stable/juno

9 years agoMerge "Fix KeyError in dhcp_rpc when plugin.port_update raise exception" into stable...
Jenkins [Thu, 13 Nov 2014 21:12:21 +0000 (21:12 +0000)]
Merge "Fix KeyError in dhcp_rpc when plugin.port_update raise exception" into stable/juno

9 years agoMerge "rootwrap config files reference deleted quantum binaries" into stable/juno
Jenkins [Thu, 13 Nov 2014 21:10:43 +0000 (21:10 +0000)]
Merge "rootwrap config files reference deleted quantum binaries" into stable/juno

9 years agoMerge "Fix L3 HA network creation to allow user to create router" into stable/juno
Jenkins [Thu, 13 Nov 2014 21:10:27 +0000 (21:10 +0000)]
Merge "Fix L3 HA network creation to allow user to create router" into stable/juno

9 years agofix event_send for re-assign floating ip
lzklibj [Tue, 21 Oct 2014 06:55:53 +0000 (23:55 -0700)]
fix event_send for re-assign floating ip

Neutron can associate a floating ip to a new port
without disassociate from original instance port.
This situation will send network changed event only
for new instance port, and that event object contains
the new instance's id.

In this case nova will update new instance's info
but not original one's in nova's database table
instance_info_caches. For nova can get new instance's
id from the above event. So in table instance_info_caches,
both original instance and new instance will have the
same floating ip in their records. And this make it
possible that, in most situation, after your re-assign
floating ip, run "nova list" will return incorrect info,
multiple instances have a same floating ip, and this may
confuse users.

Nova will sync data in table instance_info_caches, but it
may take dozens of seconds.
The new added code will send network changed event for the
original instance, and this will make nova update instance_
_info_caches table in a few seconds.

Change-Id: If3ee11535f649fc51bf1a52806008c1c5c0e73b6
Closes-Bug: 1381886
(cherry picked from commit add8944d4dba2a69e8f7da47f120d5dc63952f77)

9 years agoFix KeyError in dhcp_rpc when plugin.port_update raise exception
Numan Siddique [Sat, 11 Oct 2014 12:08:05 +0000 (17:38 +0530)]
Fix KeyError in dhcp_rpc when plugin.port_update raise exception

KeyError exception is seen because of following reasons

* DhcpRpcCallback._port_action() is called by two functions
   -  DhcpRpcCallback.create_dchp_port()
   -  DhcpRpcCallback.update_dhcp_port()

* When create_dhcp_port() function calls _port_action(), the
  function argument 'port' will have the body as
  {'port': {'network_id': foo_network_id, 'fixed_ips': [..] ...}

* When update_dhcp_port() function calls _port_action(), the
  function argument 'port' will have the body as
  {'id': port_id, 'port': {{'port': {'network_id': foo_network_id,
            'fixed_ips': [..] ...}}

* If an exception occurs when _port_action() calls plugin.create_port(),
  network id is accessed as
  net_id = port['port']['network_id']

* If an exception occurs when _port_action() calls plugin.update_port(),
  network id is accessed as
  net_id = port['port']['network_id']
  which is causing the KeyError. network_id should have been accessed as
  net_id = port['port']['port']['network_id']

This patch fixes the issue by making the _port_action() take the
same port body. update_dhcp_port() insteading of passing the port_id
and port information in a single argument, it now adds port_id
in the port body itself.

Change-Id: I70b92fa20b421b05ca2053a9a57f62db726f7625
Closes-bug: #1378508
(cherry picked from commit 7ea605df3ac71dc568194bcd5eaf1c115008e1ee)

9 years agorootwrap config files reference deleted quantum binaries
Cedric Brandily [Mon, 10 Nov 2014 17:50:38 +0000 (18:50 +0100)]
rootwrap config files reference deleted quantum binaries

dhcp and l3 rootwrap filter files contain reference to the deleted
binary quantum-ns-metadata-proxy. This change removes these obsolete
filters.

Change-Id: Iad4772752d74a1c0535144b5faf9a1f8ae89f6a3
Closes-Bug: #1391256
(cherry picked from commit 226c4f6d809de3d6ed622a1f90b06e34506696d6)

9 years agoRemove openvswitch core plugin entry point
Cedric Brandily [Mon, 10 Nov 2014 10:43:09 +0000 (11:43 +0100)]
Remove openvswitch core plugin entry point

The openvswitch core plugin has been removed but not its associated
"neutron.core_plugins" entry point. This change removes it from
setup.cfg.

Change-Id: I79f7c334cdeb0f4d0d68743734f69c0ec8523467
Related-Bug: #1323729
Closes-Bug: #1391326
(cherry picked from commit f36c29903afb713670f9e7c3f9530e117dfc6bcb)

9 years agoFix L3 HA network creation to allow user to create router
Sachi King [Sun, 2 Nov 2014 13:35:51 +0000 (00:35 +1100)]
Fix L3 HA network creation to allow user to create router

Update HA Network creation to use an admin context to allow Neutron
to create the tenant-less network required for the HA router when
it does not yet exist and is being created by a non-admin user.

Neutron creates these resources without a tenant so users cannot see
or modify the HA network, ports, etc.  Port creation and association
already use elivated admin contexts to allow their function when
an user attempts to create a HA L3 router.

Conflicts:
        neutron/tests/unit/db/test_l3_ha_db.py

Change-Id: I36166158a0970b8d08d6702054b11a43fb684281
Closes-Bug: #1388716
(cherry picked from commit cc9bc24229f1d79dc99303db1affc03c030c011e)

9 years agoStop ignoring 400 errors returned by ODL
Cédric Ollivier [Sun, 14 Sep 2014 11:04:21 +0000 (13:04 +0200)]
Stop ignoring 400 errors returned by ODL

This commit stops ignoring 400 (Bad Request) HTTP codes returned by ODL
in create and update operations. It also modifies sendjson() because it
doesn't ignore any HTTP error code now.

Change-Id: Id0db2c0c1d8fddfbd16b3ce9476a2358e2ef1e49
Closes-Bug: #1369239
(cherry picked from commit f1507d080d9840e4cb6c1d5cfe5a4b6c1443bd8f)

9 years agoMerge "Set vif_details to reflect enable_security_group" into stable/juno
Jenkins [Tue, 11 Nov 2014 03:31:35 +0000 (03:31 +0000)]
Merge "Set vif_details to reflect enable_security_group" into stable/juno

9 years agoAllow to add router interface to IPv6 SLAAC network
sridhargaddam [Tue, 21 Oct 2014 10:08:10 +0000 (10:08 +0000)]
Allow to add router interface to IPv6 SLAAC network

This patch will allow an IPv6 subnet configured with SLAAC
(or dhcpv6-stateless) to be attached to a router interface.

Closes-Bug: #1382076
Change-Id: If0c48a7287a828eef4a0f0b0859d4f898d2937bd
(cherry picked from commit 95accb535017f1384b38b12eb78f0e58287d8e08)

9 years agoMerge "Big Switch: Fix SSL version on get_server_cert" into stable/juno
Jenkins [Wed, 5 Nov 2014 20:50:27 +0000 (20:50 +0000)]
Merge "Big Switch: Fix SSL version on get_server_cert" into stable/juno

9 years agoMerge "Create DHCP port for IPv6 subnet" into stable/juno
Jenkins [Wed, 5 Nov 2014 20:49:30 +0000 (20:49 +0000)]
Merge "Create DHCP port for IPv6 subnet" into stable/juno

9 years agoSet vif_details to reflect enable_security_group
Ryota MIBU [Wed, 2 Jul 2014 15:10:32 +0000 (00:10 +0900)]
Set vif_details to reflect enable_security_group

While plugging vif, VIFDriver in Nova follows "ovs_hybrid_plug" and
"port_filter" in "binding:vif_detail" which is passed from Neutron, but
those are always true.  This patch make ML2 OVS mech driver set those
param depends on enable_security_group flag.  It enables users to avoid
ovs_hybrid plugging.

This patch also fixes the same issue in the following plugins/drivers:
  * NEC Plugin
  * BigSwitch Plugin
  * Ryu Plugin
  * ML2 Plugin - OFAgent Mech Driver

Closes-Bug: #1336624
Change-Id: I2b7fb526a6f1b730ad65289307b24fd28b996e1b
(cherry picked from commit e73f8da072cb41559ecee7f29f864a10db475444)

9 years agoFix sleep function call
Samer Deeb [Wed, 1 Oct 2014 06:55:21 +0000 (09:55 +0300)]
Fix sleep function call

Remove time.sleep method reference in class and use time.sleep directly.

Change-Id: Ib4c02061b29c0d584d603746a78ab50922f781c3
Closes-Bug: 1375698
(cherry picked from commit 8e36ba8d24c198cb5e6c0e4ddc29a08904e3e10c)

10 years agoBatch ports from security groups RPC handler
Kevin Benton [Fri, 26 Sep 2014 16:40:44 +0000 (09:40 -0700)]
Batch ports from security groups RPC handler

The security groups RPC handler calls get_port_from_device
individually for each device in a list it receives. Each
one of these results in a separate SQL query for the security
groups and port details. This becomes very inefficient as the
number of devices on a single node increases.

This patch adds logic to the RPC handler to see if the core
plugin has a method to lookup all of the device IDs at once.
If so, it uses that method, otherwise it continues as normal.

The ML2 plugin is modified to include the batch function, which
uses one SQL query regardless of the number of devices.

Closes-Bug: #1374556
Change-Id: I15d19c22e8c44577db190309b6636a3251a9c66a
(cherry picked from commit abc16ebfcf8fd1fbdb4ef68590140d4d355b0a7c)

10 years agoBig Switch: Fix SSL version on get_server_cert
Kevin Benton [Wed, 29 Oct 2014 04:39:04 +0000 (21:39 -0700)]
Big Switch: Fix SSL version on get_server_cert

The ssl.get_server_certificate method uses SSLv3 by default.
Support for SSLv3 was dropped on the backend controller in
response to the POODLE vulnerability. This patch fixes it
to use TLSv1 like the wrap_socket method.

Closes-Bug: #1384487
Change-Id: I9cb5f219d327d62168bef2d7dbee22534b2e454e
(cherry picked from commit 77e283c94f51e21dcf126a316098c54a7cdfca0f)

10 years agoMerge "Cisco N1kv: Remove vmnetwork delete REST call on last port delete" into stable...
Jenkins [Thu, 30 Oct 2014 00:08:52 +0000 (00:08 +0000)]
Merge "Cisco N1kv: Remove vmnetwork delete REST call on last port delete" into stable/juno

10 years agoMerge "Race for l2pop when ports go up/down on same host" into stable/juno
Jenkins [Wed, 29 Oct 2014 15:50:42 +0000 (15:50 +0000)]
Merge "Race for l2pop when ports go up/down on same host" into stable/juno

10 years agoCreate DHCP port for IPv6 subnet
Xu Han Peng [Wed, 24 Sep 2014 09:37:23 +0000 (17:37 +0800)]
Create DHCP port for IPv6 subnet

There is a bug in dhcp agent code that when first port is created
in an IPv6 subnet, DHCP port is not automatically created.

This fix resolves this problem by removing the IP version check
in configure_dhcp_for_network method.

Change-Id: If3f405d367a7099d9f33d72d11ffcb7a393abe23
Closes-Bug: #1367500
(cherry picked from commit 1b66e11b5d8c0b3de0610ca02c3e10b6f64ae375)

10 years agoMerge "NSX: allow multiple networks with same vlan on different phy_net" into stable...
Jenkins [Wed, 29 Oct 2014 12:21:21 +0000 (12:21 +0000)]
Merge "NSX: allow multiple networks with same vlan on different phy_net" into stable/juno

10 years agoNSX: allow multiple networks with same vlan on different phy_net
Aaron Rosen [Mon, 8 Sep 2014 23:07:15 +0000 (16:07 -0700)]
NSX: allow multiple networks with same vlan on different phy_net

Previously, the NSX plugin prevented one from creating multiple networks on
the same vlan even if they were being created on different physical_networks.
This patch corrects this issue and allows this to now occur.

Closes-bug: 1367034

Change-Id: I343449648304328dffdd5ba070491e05686ee22d
(cherry picked from commit 6d1f864531d169a54bc239561840176012629316)

10 years ago_update_router_db: don't hold open transactions
Kevin Benton [Thu, 16 Oct 2014 08:49:19 +0000 (01:49 -0700)]
_update_router_db: don't hold open transactions

This patch prevents the L3 _update_router_db method from
starting a transaction before calling the gateway interface
removal functions. With these port changes now occuring
outside of the L3 DB transaction, a failure to update the
router DB information will not rollback the port deletion
operation.

The 'VPN in use' check had to be moved inside of the DB deletion
transaction now that there isn't an enclosing transaction to undo
the delete when an 'in use' error is raised.

===Details===

The router update db method starts a transaction and calls
the gateway update method with the transaction held open.
This becomes a problem when the update results in an
interface removal which uses a port table lock.

Because the delete_port caller is still holding open a
transaction, other sessions are blocked from getting an
SQL lock on the same tables when delete_port starts
performing RPC notifications, external controller calls,
etc. During those external calls, eventlet will
yield and another thread may try to get a lock on the
port table, causing the infamous mysql/eventlet deadlock.

This separation of L2/L3 transactions is similiar to change
I3ae7bb269df9b9dcef94f48f13f1bde1e4106a80 in nature. Even
though there is a loss in the atomic behavior of the interface
removal operation, it was arguably incorrect to begin with.
The restoration of port DB records during a rollback after some
other failure doesn't undo the backend operations (e.g. REST calls)
that happened during the original deletion. So, having a delete
rollback without corresponding 'create_port' calls to the backend
causes a loss in consistency.

Conflicts:

neutron/db/l3_db.py

Closes-Bug: #1377241
Change-Id: I5fdb6b24bf2fb80ac5e36a742aa7056db72c8c7d
(cherry picked from commit f23f2ecee68ba4abd12139bbb91b77ba9410f581)

10 years agoBig Switch: Switch to TLSv1 in server manager
Kevin Benton [Wed, 22 Oct 2014 20:04:03 +0000 (13:04 -0700)]
Big Switch: Switch to TLSv1 in server manager

Switch to TLSv1 for the connections to the backend
controllers. The default SSLv3 is no longer considered
secure.

TLSv1 was chosen over .1 or .2 because the .1 and .2 weren't
added until python 2.7.9 so TLSv1 is the only compatible option
for py26.

Closes-Bug: #1384487
Change-Id: I68bd72fc4d90a102003d9ce48c47a4a6a3dd6e03
(cherry picked from commit 62588957fbeccfb4f80eaa72bef2b86b6f08dcf8)

10 years agoCisco N1kv: Fix update network profile for add tenants
Abhishek Raut [Wed, 8 Oct 2014 00:06:10 +0000 (17:06 -0700)]
Cisco N1kv: Fix update network profile for add tenants

This patch makes sure that while updating network profile to add new
tenants, it does not delete the older profile bindings and maintains
them, while adds only the new tenant ids to the bindings.

Change-Id: I862eb1c400e022334a2f6a4078425448bb144843
Closes-bug: #1379609
(cherry picked from commit c97069dc9a73344ebdc7b686133269850a81b3b2)

10 years agoOnly fetch port_id from SG binding table
Kevin Benton [Fri, 17 Oct 2014 04:21:15 +0000 (21:21 -0700)]
Only fetch port_id from SG binding table

Change a query to only retrieve the port_id instead of
every column from the row of security group binding info.

Partial-Bug: #1373851
Change-Id: I0fba9c9623898ee52590207ebbb728503bb59a5b
(cherry picked from commit 6acadab5eb8b7b627e097a638d8486bef59a7f30)

10 years agoOptimize query in _select_dhcp_ips_for_network_ids
Kevin Benton [Fri, 17 Oct 2014 04:27:47 +0000 (21:27 -0700)]
Optimize query in _select_dhcp_ips_for_network_ids

Only query the DB for relevant columns instead of
all of the port columns.

Partial-Bug: #1373851
Change-Id: I32cd4a0bc6799ce77cea13188676308e3e641d19
(cherry picked from commit 8d430a7f2e903dda06d8d75d6abcd63423c4c0a1)

10 years agoImprove performance of security group DB query
Kevin Benton [Wed, 24 Sep 2014 12:23:32 +0000 (05:23 -0700)]
Improve performance of security group DB query

The _select_ips_for_remote_group method was joining the
IP allocation, port, allowed address pair, and security group tables
together in a single query. Additionally, it was loading all of
the port columns and using none of them. This resulted in a
very expensive query with no benefit.

This patch eliminates the unnecessary use of the port table by joining
the IP allocation table directly to the security groups and allowed
address pairs tables. In local testing of the method, this sped it up
by an order of magnitude.

Closes-Bug: #1373851
Change-Id: I12899413004838d2d22b691f1e2f3b18f7ec2c27
(cherry picked from commit 04df85b6e5a098f8f55bb82f04d9769763beb487)

10 years agoReduce security group db calls to neutron server
ZHU ZHU [Fri, 5 Sep 2014 08:01:07 +0000 (03:01 -0500)]
Reduce security group db calls to neutron server

Within ovs agent daemon loop, prepare_devices_filter will impose heavy workloads
to neutron server in order to retrieve the security groups message to apply
firewall rules. If agent is configured to use Noopfirewall driver or security
groups are disabled, there is no need for loading the rules from server and
refreshing the firewalls. This will reduce the number of db calls and improve
performance for neutron server in this case.

Change-Id: Id244aab3cac37fc6ed3dc05cbee91cdf9e34d9cc
Closes-Bug: #1365806
(cherry picked from commit 524981cce05a9b365036c0a1e9810036936d3d5b)

10 years agoMerge "Big Switch: Don't clear hash before sync" into stable/juno
Jenkins [Wed, 22 Oct 2014 01:49:44 +0000 (01:49 +0000)]
Merge "Big Switch: Don't clear hash before sync" into stable/juno

10 years agoMerge "Use EUI64 for IPv6 SLAAC when subnet is specified" into stable/juno
Jenkins [Mon, 20 Oct 2014 15:53:40 +0000 (15:53 +0000)]
Merge "Use EUI64 for IPv6 SLAAC when subnet is specified" into stable/juno

10 years agoCisco N1kv: Remove vmnetwork delete REST call on last port delete
Abhishek Raut [Sat, 13 Sep 2014 02:56:40 +0000 (19:56 -0700)]
Cisco N1kv: Remove vmnetwork delete REST call on last port delete

Remove the vm network delete call to the VSM on final port call and
ensure that vm network is deleted from the database when the port count
becomes 0.

Change-Id: I6c08a099adfce2fdba8eefec6aadeb68a780ac37
Closes-Bug: 1373547
(cherry picked from commit 4e1c4cbcd71833095534bea9ff7617c582c300d2)

10 years agoBig Switch: Don't clear hash before sync
Kevin Benton [Tue, 7 Oct 2014 11:34:41 +0000 (04:34 -0700)]
Big Switch: Don't clear hash before sync

This patch removes the step of clearing the consistency
hash from the DB before a topology sync. This will ensure
that inconsistency will be detected if the topology sync
fails.

This logic was originally there to make sure the hash header
was not present on the topology sync call to the backend.
However, the hash header is ignored by the backend in a sync
call so it wasn't necessary.

Closes-Bug: #1379510
Change-Id: I2d58fa2aea3b692834d64192d06ace727c7df8a0
(cherry picked from commit 24e4110eb284078775496501ff81630eb1619c11)

10 years agoRace for l2pop when ports go up/down on same host
Vivekanandan Narasimhan [Tue, 23 Sep 2014 09:25:16 +0000 (02:25 -0700)]
Race for l2pop when ports go up/down on same host

With l2pop enabled, race exists in delete_port_postcommit
when both create/update_port and delete_port deal with
different ports on the same host, where such ports are
either the first (or) last on same network for that host.
This race happens outside the DB locking zones in
the respective methods of ML2 plugin.

To fix this, we have moved determination of
fdb_entries back to delete_port_postcommit and removed
delete_port_precommit altogether from l2pop mechanism
driver.  In order to accomodate dvr interfaces, we
are storing and re-using the mechanism-driver context
which hold dvr-port-binding information while
invoking delete_port_postcommit.  We loop through
dvr interface bindings invoking delete_port_postcommit
similar to delete_port_precommit.

Closes-Bug: #1372438
Change-Id: If0502f57382441fdb4510c81a89794f57a38e696
(cherry picked from commit 3cd2163d5105faad389bee5175ef446f0bb90289)

10 years agoUse EUI64 for IPv6 SLAAC when subnet is specified
Xu Han Peng [Fri, 20 Jun 2014 06:59:53 +0000 (14:59 +0800)]
Use EUI64 for IPv6 SLAAC when subnet is specified

This commit uses EUI64 for SLAAC and stateless IPv6 address
when subnet id in fixed_ip is specified.

After this patch, all the ports created on a subnet which has
ipv6_address_mod=slaac or ipv6_address_mod=dhcpv6-stateless
will use EUI64 as the address.
This patch also checks if fixed IP address is specified
for a IPv6 subnet with address mode slaac or dhcpv6-stateless
during creating or updating a port. If yes, raise InvalidInput
error to stop the port creation or update.

Remove unit test test_generated_duplicate_ip_ipv6 because
fixed_ip should not be specified for a slaac subnet.

Change-Id: Ie481cfb2f4313baf44bf1a838ebda374a5c74c6a
Closes-Bug: 1330826
(cherry picked from commit 3ba06618f79fed899188aac87a8694b3344ee995)

10 years agoOpening stable/juno
Thierry Carrez [Thu, 16 Oct 2014 14:57:56 +0000 (16:57 +0200)]
Opening stable/juno

Bump version to next stable release on juno branch, and set
defaultbranch in .gitreview for convenience.

Change-Id: Ib6bd6b400ae15d5ae1bcb99b11221d58b9acae70

10 years agoMerge "Remove two sets that are not referenced" into proposed/juno
Jenkins [Tue, 14 Oct 2014 20:14:37 +0000 (20:14 +0000)]
Merge "Remove two sets that are not referenced" into proposed/juno

10 years agoMerge "Forbid update of HA property of routers" into proposed/juno
Jenkins [Tue, 14 Oct 2014 17:04:45 +0000 (17:04 +0000)]
Merge "Forbid update of HA property of routers" into proposed/juno

10 years agoRemove two sets that are not referenced
Carl Baldwin [Wed, 8 Oct 2014 03:22:49 +0000 (03:22 +0000)]
Remove two sets that are not referenced

The code no longer references the updated_routers and removed_routers
sets.  This should have been cleaned up before but was missed.

Closes-bug: #1232525

Change-Id: I0396e13d2f7c3789928e0c6a4c0a071b02d5ff17
(cherry picked from commit edb26bfcddf9d9a0e95955a6590d11fa7245ea2b)

10 years agoAdd Juno release milestone
Mark McClain [Thu, 9 Oct 2014 13:29:48 +0000 (13:29 +0000)]
Add Juno release milestone

Change-Id: Iea584b00329d9474c14847db958f8743d4058525
Closes-Bug: #1378855
(cherry picked from commit 4e8a5b7de71ba6f8c050c424613c025310498940)

10 years agoAdd database relationship between router and ports
Mark McClain [Wed, 8 Oct 2014 18:49:20 +0000 (18:49 +0000)]
Add database relationship between router and ports

Add an explicit schema relationship between a router and its ports. This
change ensures referential integrity among the entities and prevents orphaned
ports.

Change-Id: I09e8a694cdff7f64a642a39b45cbd12422132806
Closes-Bug: #1378866
(cherry picked from commit 93012915a3445a8ac8a0b30b702df30febbbb728)

10 years agoDisable PUT for IPv6 subnet attributes
Henry Gessau [Wed, 8 Oct 2014 00:38:38 +0000 (20:38 -0400)]
Disable PUT for IPv6 subnet attributes

In Juno we are not ready for allowing the IPv6 attributes on a subnet
to be updated after the subnet is created, because:
- The implementation for supporting updates is incomplete.
- Perceived lack of usefulness, no good use cases known yet.
- Allowing updates causes more complexity in the code.
- Have not tested that radvd, dhcp, etc. behave OK after update.

Therefore, for now, we set 'allow_put' to False for the two IPv6
attributes, ipv6_ra_mode and ipv6_address_mode. This prevents the
modes from being updated via the PUT:subnets API.

Closes-bug: #1378952

Change-Id: Id6ce894d223c91421b62f82d266cfc15fa63ed0e
(cherry picked from commit 8a08a3cb47d0dd69d4aa2e8fa661d04054fe95ae)

10 years agoSkip IPv6 Tests in the OpenContrail plugin
Sean M. Collins [Mon, 6 Oct 2014 19:47:24 +0000 (15:47 -0400)]
Skip IPv6 Tests in the OpenContrail plugin

Similar to the way we are skipping tests in the OneConvergence plugin,
introduced by Kevin Benton in 9294de441e684a81f6e802ba0564083f1ad319d6.

Partial-Bug: #1378952

Change-Id: I1650b0708af73ce63e92c55bc842607bb69efe60
(cherry picked from commit 67962943969bc737a3f680a0defc2fc9df03c429)

10 years agoMerge "Removed kombu from requirements" into proposed/juno
Jenkins [Thu, 9 Oct 2014 09:14:45 +0000 (09:14 +0000)]
Merge "Removed kombu from requirements" into proposed/juno

10 years agoMerge "Updated from global requirements" into proposed/juno
Jenkins [Thu, 9 Oct 2014 09:06:37 +0000 (09:06 +0000)]
Merge "Updated from global requirements" into proposed/juno

10 years agoRemoved kombu from requirements
Ihar Hrachyshka [Thu, 7 Aug 2014 20:27:23 +0000 (22:27 +0200)]
Removed kombu from requirements

Since we've replaced oslo-incubator RPC layer with oslo.messaging, we
don't ship any code that uses kombu.

Change-Id: Ia8a74f1326ecd98c47cbe447f04d475bf61e19d3
(cherry picked from commit 424c7faa75d96950d80f49f20f5414d1a297af72)

10 years agoUpdated from global requirements
Ihar Hrachyshka [Mon, 6 Oct 2014 16:10:36 +0000 (16:10 +0000)]
Updated from global requirements

Change-Id: Ifb5cac5b1529fef7862f5a63a0d1592f5bcc01d0

10 years agoImported Translations from Transifex
Kyle Mestery [Wed, 8 Oct 2014 03:39:47 +0000 (03:39 +0000)]
Imported Translations from Transifex

Change-Id: I67a0eec64c0e0513df3f3e9f1f3489086f6316f9

10 years agoMerge "Retry getting the list of service plugins" into proposed/juno
Jenkins [Thu, 9 Oct 2014 00:17:40 +0000 (00:17 +0000)]
Merge "Retry getting the list of service plugins" into proposed/juno

10 years agoMerge "Allow reading a tenant router's external IP" into proposed/juno
Jenkins [Wed, 8 Oct 2014 17:04:47 +0000 (17:04 +0000)]
Merge "Allow reading a tenant router's external IP" into proposed/juno

10 years agoMerge "Raise exception if ipv6 prefix is inappropriate for address mode" into propose...
Jenkins [Wed, 8 Oct 2014 16:56:49 +0000 (16:56 +0000)]
Merge "Raise exception if ipv6 prefix is inappropriate for address mode" into proposed/juno

10 years agoMerge "Add missing methods to NoopFirewallDriver" into proposed/juno
Jenkins [Wed, 8 Oct 2014 16:56:34 +0000 (16:56 +0000)]
Merge "Add missing methods to NoopFirewallDriver" into proposed/juno

10 years agoForbid update of HA property of routers
Assaf Muller [Tue, 7 Oct 2014 19:45:41 +0000 (22:45 +0300)]
Forbid update of HA property of routers

While the HA property is update-able, and resulting router-get
invocations suggest that the router is HA, the migration
itself fails on the agent. This is deceiving and confusing
and should be blocked until the migration itself is fixed
in a future patch.

Change-Id: I4171ab481e3943e0110bd9a300d965bbebe44871
Related-Bug: #1365426
Closes-Bug: #1378525
(cherry picked from commit 1fd7dd99ca7e5e9736200360aa354cada7fb43ff)

10 years agoAllow reading a tenant router's external IP
Kevin Benton [Wed, 18 Jun 2014 19:03:01 +0000 (12:03 -0700)]
Allow reading a tenant router's external IP

Adds an external IPs field to the external gateway information
for a router so the external IP address of the router can be
read by the tenant.

DocImpact

Closes-Bug: #1255142
Change-Id: If4e77c445e9b855ff77deea6c8df4a0b3cf249d4
(cherry picked from commit c7baaa068ed1d3c8b02717232edef60ba1b655f6)

10 years agoRaise exception if ipv6 prefix is inappropriate for address mode
Eugene Nikanorov [Sun, 24 Aug 2014 20:59:02 +0000 (00:59 +0400)]
Raise exception if ipv6 prefix is inappropriate for address mode

Address prefix to use with slaac and stateless ipv6 address modes
should be equal to 64 in order to work properly.
The patch adds corresponding validation and fixes unit tests
accordingly.

Change-Id: I6c344b21a69f85f2885a72377171f70309b26775
Closes-Bug: #1357084
(cherry picked from commit 0d8911115e1b722da2f1e92f444e53b22223ee32)

10 years agoRetry getting the list of service plugins
Derek Higgins [Fri, 12 Sep 2014 15:31:44 +0000 (16:31 +0100)]
Retry getting the list of service plugins

On systems that start both neutron-server and neutron-l3-agent together,
there is a chance that the first call to neutron will timeout. Retry upto
4 more times to avoid the l3 agent exiting on startup.

This should make the l3 agent a little more robust on startup but still
not ideal, ideally it wouldn't exit and retry periodically.

Change-Id: I2171a164f3f77bccd89895d73c1c8d67f7190488
Closes-Bug: #1353953
Closes-Bug: #1368152
Closes-Bug: #1368795
(cherry picked from commit e7f0b56d74fbfbb08a3b7a0d2da4cefb6fe2aa67)

10 years agoAdd missing methods to NoopFirewallDriver
Eugene Nikanorov [Mon, 15 Sep 2014 18:10:45 +0000 (22:10 +0400)]
Add missing methods to NoopFirewallDriver

The fix adds missing methods into generic Firewall class
and in NoopFirewall driver class.

Change-Id: I6402448075ed414434dc007f5c403fc85b6b1456
Closes-Bug: #1369685
Related-Bug: #1365806
(cherry picked from commit 9a6c073656a7e0b1a26b2bca0ba381489d04e322)

10 years agoDon't fail when trying to unbind a router
Ed Bak [Mon, 29 Sep 2014 20:15:52 +0000 (14:15 -0600)]
Don't fail when trying to unbind a router

If a router is already unbound from an l3 agent, don't fail.  Log
the condition and go on.  This is harmless since it can happen
due to a delete race condition between multiple neutron-server
processes.  One delete request can determine that it needs to
unbind the router.  A second process may also determine that it
needs to unbind the router.  The exception thrown will result
in a port delete failure and cause nova to mark a deleted instance
as ERROR.

Change-Id: Ia667ea77a0a483deff8acfdcf90ca84cd3adf44f
Closes-Bug: 1367892

10 years agoremove openvswitch plugin
Mark McClain [Wed, 24 Sep 2014 04:00:54 +0000 (04:00 +0000)]
remove openvswitch plugin

This changeset removes the openvswitch plugin, but retains the agent for ML2
The database models were not removed since operators will need to migrate the
data.

Change-Id: I8b519cb2bbebcbec2c78bb0ec9325716970736cf
Closes-Bug: 1323729

10 years agoMerge "Fix pid file location to avoid I->J changes that break metadata"
Jenkins [Thu, 2 Oct 2014 03:26:58 +0000 (03:26 +0000)]
Merge "Fix pid file location to avoid I->J changes that break metadata"

10 years agoMerge "Update migration scripts to support DB2"
Jenkins [Thu, 2 Oct 2014 03:26:38 +0000 (03:26 +0000)]
Merge "Update migration scripts to support DB2"

10 years agoMerge "remove linuxbridge plugin"
Jenkins [Thu, 2 Oct 2014 03:26:22 +0000 (03:26 +0000)]
Merge "remove linuxbridge plugin"

10 years agoMerge "fix dvr snat bindings for external-gw-clear"
Jenkins [Wed, 1 Oct 2014 23:41:47 +0000 (23:41 +0000)]
Merge "fix dvr snat bindings for external-gw-clear"

10 years agoFix pid file location to avoid I->J changes that break metadata
Miguel Angel Ajo [Wed, 1 Oct 2014 13:16:19 +0000 (15:16 +0200)]
Fix pid file location to avoid I->J changes that break metadata

Changes in commit 7f8ae630b87392193974dd9cb198c1165cdec93b moved
pid files handled by agent/linux/external_process.py from
$state_path/external/<uuid>.pid  to $state_path/external/<uuid>/pid
that breaks the neutron-ns-metadata-proxy respawn after upgrades
becase the l3 or dhcp agent can't find the old pid file so
they try to start a new neutron-ns-metadata-proxy which won't
succeed, because the old one is holding the port already.

Closes-Bug: #1376128
Change-Id: Id166ec8e508aaab8eea35d89d010a5a0b7fdba1f

10 years agoremove linuxbridge plugin
Mark McClain [Wed, 24 Sep 2014 01:50:06 +0000 (01:50 +0000)]
remove linuxbridge plugin

This changeset removes the linuxbridge plugin, but retains the agent for ML2.
The database models were not removed since operators will need to migrate the
data.

Additionally, the ml2 migration script was altered to support Juno.  For
testing, a user must either run the migration against the icehouse
scheme or run the update, manually change alembic_version to juno and
then run the migration script.  Once the juno migration is added, this
manually step will not be required.

Change-Id: I70689b4247947e6dc08e80fd9b31da9dc691d259
Partial-Bug: 1323729

10 years agoMerge "ML2: move L3 cleanup out of network transaction"
Jenkins [Wed, 1 Oct 2014 09:08:12 +0000 (09:08 +0000)]
Merge "ML2: move L3 cleanup out of network transaction"

10 years agoML2: move L3 cleanup out of network transaction
Kevin Benton [Tue, 30 Sep 2014 03:21:23 +0000 (20:21 -0700)]
ML2: move L3 cleanup out of network transaction

Move _process_l3_delete out of the delete_network
transaction to eliminate the semaphore deadlock that
occurs when it tries to delete the ports associated
with existing floating IPs.

It makes more sense to live outside of the transaction
anyway because the operations it performs cannot be
rolled back only in the database if the L3 plugin makes
external calls for floating IP creation/deletion.
e.g. if delete_floatingip is successful, it may have
deleted external resources and restoring the DB records
would make things inconsistent.

If a failure to delete the network does occur, any cleanup
done by _process_l3_delete will not be reversed.

Closes-Bug: #1374573
Change-Id: I3ae7bb269df9b9dcef94f48f13f1bde1e4106a80

10 years agoImported Translations from Transifex
OpenStack Proposal Bot [Tue, 30 Sep 2014 06:49:06 +0000 (06:49 +0000)]
Imported Translations from Transifex

Change-Id: Ie7ba4679ca128ff636b6bd841072dfd4b7e4236f

10 years agoMerge "Rename workers to api_workers and simplify code"
Jenkins [Mon, 29 Sep 2014 16:58:40 +0000 (16:58 +0000)]
Merge "Rename workers to api_workers and simplify code"

10 years agoMerge "Do not assume order of report list elements"
Jenkins [Mon, 29 Sep 2014 16:58:13 +0000 (16:58 +0000)]
Merge "Do not assume order of report list elements"

10 years agoUpdate migration scripts to support DB2
John Kasperski [Thu, 25 Sep 2014 15:38:45 +0000 (10:38 -0500)]
Update migration scripts to support DB2

Three of the migration scripts are causing failures with DB2.

- DB2 doesn't support nullable column in primary key

- Hard coded SQL statements which use False/True as Boolean arguments
  are not compatible with DB2. In DB2, Boolean columns are created as
  small integer with a constraint to allow only 0 & 1.

- Hardcoded update rows from other table sql is not compatible with DB2

- Foreign key constraints require additional handling

Co-authored-by: Rahul Priyadarshi <rahul.priyadarshi@in.ibm.com>
Change-Id: I82e2d1c522b81fed90a1e5cc6f2321f80797cf7b
Closes-Bug: #1328019

10 years agoDo not assume order of report list elements
johndavidge [Fri, 8 Aug 2014 11:48:59 +0000 (04:48 -0700)]
Do not assume order of report list elements

This fixes the test_report_multiple_services unit test that breaks with a
randomized PYTHONHASHSEED (see the bug report).

The test assumed that the report list from self.driver.report_status() had
elements in a particular order. Found with PYTHONHASHSEED=2455351445.

The fix refactors the test case to handle an unsorted report list by
sorting it before checking equality.

Partial-bug: #1348818

Note: There are several other unrelated unit tests that also break with a
randomized PYTHONHASHSEED, but they are not addressed here. They will be
addressed in separate patches.

Change-Id: I542c3818821fa2f6e460fd254a3842530ecea8d9

10 years agoImported Translations from Transifex
OpenStack Proposal Bot [Mon, 29 Sep 2014 06:04:31 +0000 (06:04 +0000)]
Imported Translations from Transifex

Change-Id: I585e3df5504fcc071811e0ec9f925bc493584b2f

10 years agoMerge "Fix broken port query in Extraroute test case"
Jenkins [Mon, 29 Sep 2014 03:56:34 +0000 (03:56 +0000)]
Merge "Fix broken port query in Extraroute test case"

10 years agoMerge "Do not assume order of body and tags elements"
Jenkins [Sat, 27 Sep 2014 22:42:56 +0000 (22:42 +0000)]
Merge "Do not assume order of body and tags elements"

10 years agoMerge "Revert "Cleanup floatingips also on router delete""
Jenkins [Sat, 27 Sep 2014 17:54:59 +0000 (17:54 +0000)]
Merge "Revert "Cleanup floatingips also on router delete""

10 years agoMerge "Add unit tests covering single operations to ODL"
Jenkins [Sat, 27 Sep 2014 15:20:17 +0000 (15:20 +0000)]
Merge "Add unit tests covering single operations to ODL"

10 years agoMerge "Eliminate OrderedDict from test_api_v2.py"
Jenkins [Sat, 27 Sep 2014 15:04:49 +0000 (15:04 +0000)]
Merge "Eliminate OrderedDict from test_api_v2.py"

10 years agoFix broken port query in Extraroute test case
Kevin Benton [Sat, 20 Sep 2014 07:17:58 +0000 (00:17 -0700)]
Fix broken port query in Extraroute test case

One of the queries in an extra route test case tries
to filter based on the port owner, but the _list_ports
method it calls doesn't take a device_owner parameter.
This can cause failures if a DHCP port is created on
the same subnet.

Change-Id: I0e62027ae4d98944ef91a5d457d43d4224441b2f

10 years agoMerge "Stop admin using other tenants unshared rules"
Jenkins [Fri, 26 Sep 2014 23:02:22 +0000 (23:02 +0000)]
Merge "Stop admin using other tenants unshared rules"

10 years agoMerge "Fix to delete user and group association in Nuage Plugin"
Jenkins [Fri, 26 Sep 2014 17:25:33 +0000 (17:25 +0000)]
Merge "Fix to delete user and group association in Nuage Plugin"

10 years agoMerge "Fix entrypoint of OneConvergencePlugin plugin"
Jenkins [Thu, 25 Sep 2014 20:04:10 +0000 (20:04 +0000)]
Merge "Fix entrypoint of OneConvergencePlugin plugin"