Pavel Bondar [Thu, 25 Jun 2015 13:52:08 +0000 (16:52 +0300)]
Extend SubnetRequestFactory to access subnet dict
SubnetRequestFactory incorporates logic for preparing arguments and
building right request.
Subnet dict, context and subnetpool are used to make decision on
what kind of reqest should be created.
SubnetRequestFactory can be overriden on ipam driver level,
it allows to easily extend existent Request model.
Ihar Hrachyshka [Tue, 23 Jun 2015 15:33:38 +0000 (17:33 +0200)]
ovsdb: attempt to enable connection_uri for native impl on startup
The port is in most cases disabled, so to use it, we should first enable
it, and it means that we should still rely on ovs-vsctl for that initial
call.
Aaron Rosen [Wed, 3 Jun 2015 23:19:39 +0000 (16:19 -0700)]
Provide work around for 0.0.0.0/0 ::/0 for ipset
Previously, the ipset_manager would pass in 0.0.0.0/0 or ::/0 if
these addresses were inputted as allowed address pairs. This causes
ipset to raise an error as it does not work with zero prefix sizes.
To solve this problem we use two ipset rules to represent this:
Ipv4: 0.0.0.0/1 and 128.0.0.1/1
IPv6: ::/1' and '8000::/1
All of this logic is handled via _sanitize_addresses() in the ipset_manager
which is called to convert the input.
Kevin Benton [Wed, 24 Jun 2015 10:27:16 +0000 (03:27 -0700)]
Make DHCPv6 out of bounds API test deterministic
The test_dhcp_stateful_fixedips_outrange API test was randomly
picking an IP from last + 1 up to last + 10 in the allocation
range. This made it fail randomly when there was an issue related
to the subnet allocation having an off-by-one issue.
This adjusts the test to just always test last +1 and +2.
Cedric Brandily [Tue, 23 Jun 2015 22:08:22 +0000 (00:08 +0200)]
Support oslo_db 1.12
oslo_db 1.12[1] decorates oslo_context.context.RequestContext with
session management[2][3] and add a read-only attribute 'session'. Such
feature breaks Brocade plugin and its unittests because they define
on RequestContext the 'session' attribute which now is a read-only
property. This change uses neutron.context instead of
oslo_context.context in order to delegate session management to the
neutron.context and remove read-only attribute set.
A follow-up change will refactor neutron.context in order to use oslo_db
1.12 session management instead of homemade one.
Jeremy Stanley [Thu, 18 Jun 2015 19:09:05 +0000 (19:09 +0000)]
Override opportunistic database tests to PyMySQL
Set the OS_TEST_DBAPI_ADMIN_CONNECTION override variable so that
oslo.db opportunistic detection will know to use PyMySQL until
I12b32dc097a121bd43991bc38dd4d289b65e86c1 makes it the default
behavior.
This change removes previous code[1] enabling PyMySQL use.
[1] Ic5c1d12ab75443e1cc290a7447eeb4b452b4a9dd
Change-Id: Ic39feee0248f2ffabdba26f3779ab40a8f3838e6 Co-Authored-By: Victor Sergeyev <vsergeyev@mirantis.com> Co-Authored-By: Cedric Brandily <zzelle@gmail.com>
Cedric Brandily [Tue, 23 Jun 2015 18:00:30 +0000 (20:00 +0200)]
Extend default setenv instead of replacing it in tox.ini
Some tox jobs[1] define their own setenv without extending/referencing
default setenv, it disallows to define environment variables shared by
all jobs. This change updates previous jobs[1] in order to extend
instead of replacing default setenv and enable global environement
variables (used in daughter change).
One remark, this change sets VIRTUAL_ENV environment variable in updated
jobs[1] but it has no effect on them.
[1] (dsvm-)functional, (dsvm-)fullstack and api jobs
Pavel Bondar [Tue, 23 Jun 2015 09:07:43 +0000 (12:07 +0300)]
Bulk move methods to ipam_backend_mixin.py
ipam_backend_mixin contains methods common for both backends:
pluggable and non-pluggable, so moving methods to make them accessible
by backends.
Next methods were moved from db_base_plugin_v2.py to
ipam_backend_mixin.py:
- _validate_subnet_cidr
- _validate_network_subnetpools
- _allocate_pools_for_subnet
- _save_subnet
This commit moves methods without any internal changes.
All future changes and decomposition of these methods will be handled in
next commits.
Rawlin Peters [Thu, 18 Jun 2015 17:22:13 +0000 (11:22 -0600)]
Optimize ipset usage in IptablesFirewallDriver
Currently, IptablesFirewallDriver._update_ipset_members() iterates
through a list of security group IDs and makes a call to
IpsetManager.set_members() for each security group ID in the list. The
problem is that set_members() is repeatedly called with the same
arguments over and over again because the list of security group IDs
contains duplicates. These duplicated calls are unnecessary because they
are idempotent.
For instance, with a security group of 50 rules created in this manner:
neutron security-group-rule-create $SECGRP --remote_group_id $SECGRP
--protocol tcp --port_range_min $i --port_range_max $i
Adding a server to that security group will cause 50 calls to
IpsetManager.set_members() because the list of security group IDs is 50 of
the same ID. Only one call to IpsetManager.set_members() is necessary
per security group ID.
This patch converts that list of security group IDs into a set, which
eliminates the duplicate idempotent calls to
IpsetManager.set_members() with the same arguments. This will affect
performance by reducing the amount of file locking around ipset when
adding servers to security groups.
Oleg Bondarev [Tue, 2 Jun 2015 13:14:40 +0000 (16:14 +0300)]
Fix callback registry notification for security group rule
Some housekeeping was done in
- SecurityGroupDbMixin:
- create_rule_bulk() calls to create_rule();
- registry notification is in create_rule();
- separate validation for a single rule and for a group of rules
- SecurityGroupServerRpcMixin:
- overriden methods call to corresponding super class methods;
David Edery [Sun, 21 Jun 2015 12:59:49 +0000 (15:59 +0300)]
Fix subnet creation failure on IPv6 valid gateway
Currently a valid IPv6 address gateway of the "*::ffff:ffff:ffff:ffff"
pattern is failing due to netaddr.broadcast returning value for both IPv6
and IPv4 addresses. IPv6 has no broadcast address so the fix checks if
the gateway is the subnet broadcast address only in the case of IPv4
subnet
Pavel Bondar [Fri, 19 Jun 2015 14:58:57 +0000 (17:58 +0300)]
Decompose _create_subnet_from_pool
Moved validations into separate methods:
- _validate_pools_with_subnetpool
Verifies that allocation pools are set only for specific subnet request.
For any subnet request allocation pools can not be set manually
- _validate_ip_version_with_subnetpool
Verifies that subnet has the same ip version as subnet pool
Pavel Bondar [Thu, 18 Jun 2015 12:24:44 +0000 (15:24 +0300)]
Move _delete_port
Pluggable ipam implementation will do additional actions on port
deletion (deallocate ip using ipam driver).
Existing _delete_port code will be resused.
Moving _delete_port to ipam_backend_mixin to make this code
accessible and extendable by both backends (pluggable and non
pluggable).
This commit is a preparation step before pluggable ipam implementation
can be used.
Pavel Bondar [Thu, 18 Jun 2015 11:52:24 +0000 (14:52 +0300)]
Decompose create_port and save_subnet
This commit is a preparation step for enabling pluggable ipam.
Some actions in create_port and save_subnet are specific for
non pluggable ipam implementation.
- create_port
Moved allocation ips for port and storing results into separate method
_allocate_ips_for_port_and_store.
Moved to ipam_non_pluggable_backend, since pluggable implementation will
be different due to rollback on failure logic included.
- save_subnet
Moved saving allocation pools into new method _save_allocation_pools.
Moved to ipam_non_pluggable_backend, since pluggable ipam implementation
does not need to save IPAvailabilityRange (availability ranges are
maintained by ipam driver for pluggable case)
Henry Gessau [Sun, 21 Jun 2015 05:30:05 +0000 (01:30 -0400)]
Allow setting Agents description to None
Fix the validator for the 'description' attribute of Agents, allowing
it to be set to None.
Fix an API test that had two problems:
1. It was not restoring the description to the agent it had updated
2. It was retoring the description to '' instead of None.
Gal Sagie [Mon, 25 May 2015 12:20:05 +0000 (15:20 +0300)]
Decompose DVR CSNAT L3 Agent from Compute Node L3 Agent
Currently the same dvr router class is used both by the L3 Agent
in the compute nodes that is responsible for the virtual routers
namespace and the fip namespace and also used by the centralized
SNAT L3 Agent in the network node.
This is the first step to decompose the two into different
classes.
The above means that we have one class of DVR router which is used
for two jobs (the virtual router namespace wiring and the fips wiring
in the compute node in one hand and the centralized snat wiring in the other)
The end goal of this patch is to separate the two into different classes
which will also help maintaining it and also help projects that want
to use one but not the other (for example only use the centralized
SNAT behaviour with there own DVR implementation)
Oleg Bondarev [Thu, 11 Jun 2015 10:38:55 +0000 (13:38 +0300)]
Fix l3 agent to not create already deleted router
In case router is deleted during l3 agent resync,
the "deleted" event is processed with higher priority, then
resync event for the router may be processed which will recreate
already deleted router.
This happens due to timestamp not being properly updated for deleted
router in router processor.
The fix adds timestamp update for deleted router.
Functional test will be updated in a follow-up patch
Logging was improved to make debugging a bit easier.
Jakub Libosvar [Fri, 19 Jun 2015 13:52:35 +0000 (15:52 +0200)]
Disable keepalived process in keepalived func test
Previously, keepalived process itself was disabled that lead to
respawning of keepalived by KeepalivedManager. This patch disables
KeepalivedManager in cleanup thus no respawn happens.
Pavel Bondar [Wed, 17 Jun 2015 12:48:09 +0000 (15:48 +0300)]
Add request factory for pluggable IPAM
Pluggable IPAM implementation requires separation between requesting
address/subnet and it's actual allocation, which can happen on
third-party IPAM servers. Request factory stands for simplifying
building right request from input.
Added AddressRequestFactory and SubnetRequestFactory.
AddressRequestFactory creates instance of AnyAddressRequest or
SpecificAddressRequest depending on presence of ip address in input.
SubnetRequestFactory creates instance of AnySubnetRequest or
SpecificSubnetRequest depending on input.
get_subnet_request_factory and get_address_request_factory can be
redefined on driver level to use custom request factories.
In Nova flavors it is ok to specify a decimal RXTX factor.
For this reason when applying QoS to a port Neutron should not
convert this factor to an integer value, but simply ensure
it's a valid float number and positive.
Pavel Bondar [Thu, 18 Jun 2015 11:17:58 +0000 (14:17 +0300)]
Move _add_auto_addrs_on_network_ports
Moved to ipam_non_pluggable_backend.py since implementation
is specific for non pluggable ipam backend.
Pluggable implementation will additionally include rollback on failure actions.
This commit is a preparation step for using pluggable ipam.
More changes in this methods are expected to be done by following
patches.
Ironic expects neutron to have an "ipxe" tag for the option 175 which is
sent by iPXE/gPXE when booting a node. The problem is that up to now this
tag was not created by Neutron, causing the nodes deployed with Ironic
+ iPXE to fail to boot. This patch is creating this tag when launching
the dnsmasq process.
Pavel Bondar [Wed, 17 Jun 2015 15:47:11 +0000 (18:47 +0300)]
Remove _check_ip_in_allocation_pool
_check_ip_in_allocation_pool is not used anywhere in neutron.
Cleaning up unused code from db_base_plugin_v2.py.
Caller was removed over a year ago in change
Ib31550fa9000fc75768a327cb6cc1c419e06568f
Code Review / openstack-build / neutron-build.git / log