Kevin Benton [Sat, 21 Mar 2015 01:56:51 +0000 (18:56 -0700)]
Remove auto deletion of routers in unit tests
Remove the automatic deletion behavior of the router
context manager in the L3 unit tests. Any tests that
depend on the router being deleted should do so
explicitly.
It additionally removes the logic from the test_l3_plugin
unit tests that was just related to tearing down enough
stuff to allow the context managers to exit. It was code
that distracted from what the tests were actaully verifying.
All of the context managers for port, network, and subnet
do not auto delete by default and that will be extended to
the L3 constructs as well. The patch that did this for
ports/subnets/networks is here:
https://review.openstack.org/#/c/102465/
Ryan Tidwell [Thu, 19 Feb 2015 23:29:08 +0000 (15:29 -0800)]
Subnet allocation from a subnet pool
Contains API changes, model changes, and logic required to enable a subnet to
be allocated from a subnet pool. Users can request a subnet allocation by
supplying subnetpool_id and optionally prefixlen or cidr. If cidr is
specified, an attempt is made to allocate the given CIDR from the pool. If
prefixlen is specified, an attempt is made to allocate any CIDR with the
given prefix length from the pool. If neither is specified, a CIDR is chosen
from the pool using the default prefix length for the pool.
Maru Newby [Tue, 24 Mar 2015 01:30:11 +0000 (01:30 +0000)]
Simplify retargetable test framework
The retargetable testing prototype previously relied on each test case
defining the 'scenarios' attribute used to parametize testing with
testscenarios. Anticipating the requirement to retrofit the imported
tempest api test cases, this change moves scenario definition to a
base class since scenarios are common across all api tests.
This change also sets the retargetable test to skip when invoked
against rest. Tempest uses class-level setup for auth and this needs
to be broken out into fixtures before the retargetable testing will
work again.
Allow router-gateway-set to work even without an assigned
subnet with the net_id so as to enable IPv6 L3 routing
using the assigned LLA for the gateway.
The goal is to allow for IPv6 routing using just
the allocated LLA address for the gateway port to be
used as the external gateway to connect to the upstream
router. For this purpose router-gateway-set no
longer has a requirement of an assigned subnet.
A new config has also been added to the l3_agent.ini
to allow the user to set a valid ipv6_gateway address
to be used as the gateway for the default ::/0 route
If the ipv6_gateway config is not set and a gateway
is still created without a subnet, the gateway interface
will be configured to accept router advertisements (RAs)
from the upstream router so as to build the default route.
Unit test changes and additions reflect these changes.
Kevin Benton [Wed, 17 Sep 2014 03:36:42 +0000 (20:36 -0700)]
Set floating IP port status to "N/A"
The status of the port associated with a floating IP
would always show as DOWN. This caused confusion to
operators that weren't aware that this is expected behavior
since the port is only used for an IP allocation.
This commit sets the port status to "N/A" to reflect the fact
that the port associated with a floating IP has no operational
status.
Andrew Boik [Wed, 4 Mar 2015 03:39:57 +0000 (22:39 -0500)]
Auto-update gateway port after subnet-create
(Patch set #6 for the multiple-ipv6-prefixes blueprint)
In the multi-prefix scenario, one can add two subnets
to an external gateway port by adding the two subnets
to the external network and using router-gateway-set.
However, if there is only one subnet on the port and
the user wishes to add another later, it is desirable
to have the newly-created external subnet automatically
added to the port. This patch adds this functionality.
Andrew Boik [Fri, 27 Feb 2015 23:48:29 +0000 (18:48 -0500)]
Allow update of ext gateway IP's w/out port delete
(Patch set #5 for the multiple-ipv6-prefixes blueprint)
Updating an external gateway port currently triggers a port-delete
followed by a port-create. In the multi-prefix case, if a second
subnet is added to an external gateway port, the port will be
deleted, freeing the original IP allocation, and then the port will
be recreated with new IP allocations from the two subnets. This is
undesirable as the port can't keep the same IP address from the
original subnet.
This patch modifies the behavior so that a fixed-ip change on an
external gateway port will cause a port-update instead of a
delete/create. If the gateway port network id has changed, however,
the port will be deleted and recreated as before.
Dane LeBlanc [Wed, 18 Mar 2015 20:38:57 +0000 (16:38 -0400)]
Support Dual-Stack Gateway Ports on Neutron Routers
(Patch set #2 for multiple-ipv6-prefixes blueprint)
This patchset adds support for dual-stack gateway ports on Neutron
routers. Some background on the changes included in this patchset:
- The L3 driver's init_l3() method has been changed to accept a list
of gateway IPs, rather than a single gateway IP.
- The Neutron port dictionary's singular 'subnet' entry has been
replaced with a 'subnets' list, since ports can now be associated
with multiple subnets.
- The Neutron port dictionary no longer has a (singular) 'ip_cidr'
entry, since a port can now be associated with multiple IP CIDRs
(e.g. up to one IP CIDR per IP family on gateway ports).
Instead, a 'prefixlen' entry has been added to the Neutron
fixed_ips dictionary, so that the port's (multiple) IP CIDRs can
be derived from the matching 'ip_address' and 'prefixlen' pairs
in the port's fixed_ips.
Dane LeBlanc [Wed, 18 Mar 2015 16:41:25 +0000 (12:41 -0400)]
No allocation needed for specific IPv6 SLAAC addr assignment
(Patch set #7 for the multiple-ipv6-prefixes blueprint)
On internal router ports, Neutron allows for an address to
be assigned for an IPv6 SLAAC subnet that is not necessarily
EUI-64. This makes it easier for subnet create, since a
convenient address, e.g. one ending in ::1, can be used as
the subnet gateway IP address.
Currently, when an internal router port is created with a specific
(non-EUI-64) address for a SLAAC subnet, the call flow includes
a call to _allocate_specific_ip. This call is not necessary,
since we're not allocating an address from a pool (and
recalibrating availability ranges, etc.).
This patch set prevents the call to _allocate_specific_ip for
this scenario.
Co-Authored-By: Baodong (Robert) Li <baoli@cisco.com>
Change-Id: I2533ee82980bb602faa663b875787ca50b268b34
Partially-implements: blueprint multiple-ipv6-prefixes
Maru Newby [Fri, 27 Mar 2015 17:39:41 +0000 (17:39 +0000)]
Remove neutron.tests.sub_base
Change Ifca5615680217818b8c5e8fc2dee5d089fbd9532 was intended to
remove the neutron.tests.sub_base module, but a bad rebase means that
it was left in the tree.
Kevin Benton [Fri, 27 Mar 2015 15:13:58 +0000 (08:13 -0700)]
Fix test case for DHCP agent interface restart
One of the new test cases in the recent DHCP
interface patch[1] was supposed to confirm that
the driver wouldn't be restarted if the IP address
stayed the same. However, it wasn't matching the
device ID of the agent so it was never making it
to that conditional.
This patch just fixes that UT so it's exercising
the right code path.
abhishek60014726 [Wed, 25 Mar 2015 11:20:55 +0000 (04:20 -0700)]
Test to verify shared attribute of network
Add Funtion to create a shared network
Add function to create a shared network in bulk
Add a test to create and update a shared network
Add a test to create a port in a shared network using non admin tenant
Add test to create shared networks in bulk
Add function to list and show shared network
Add test to list and show the shared network by admin and non admin
Miguel Angel Ajo [Tue, 24 Mar 2015 13:10:37 +0000 (13:10 +0000)]
Enable Process Monitor by default.
Process monitor is enabled by default by this patch,
with a default 60 second monitoring interval, this
interval was calculated early in the development
process to scale to 1000s of processes with light load.
We believe it's important to have it enabled to get
user feedback as we release kilo.
Process monitor is sucessfully enabled and backported
to Red Hat D/S distributions from icehouse to juno
without any issue.
Specific process monitor functional tests provide
coverage, also keepalived checks that it can be
properly respawned.
We should follow up with dhcp and l3 agent functional
testing for killing and checking their processes
correctly respawned. Normal process start/stop is
already validated by other functional tests and tempest.
Kevin Benton [Fri, 27 Mar 2015 02:52:23 +0000 (19:52 -0700)]
Don't eagerly load ranges from IPAllocationPool
The subnet object eagerly loads the IPAllocationPools
associated with it. Each of these was eagerly loading
the IPAvailabilityRange objects associated with it.
On a large subnet with lots of churn, this could be
thousands of records. All of these records were being
loaded for every call to get_subnet, which means all
get_subnets, get_networks, and so-on. icky
This patch changes the relationship between IPAllocationPool
and available_ranges to a 'select' load, so they won't be
loaded until referenced. On my test system with a subnet
that contained 10k ports, this changed the subnet-show time
from 4.7 seconds to 0.56 seconds.
There is no performance downside to this in the upstream
code. At the time of this patch, there were no references
to 'available_ranges' on an IPAllocationPool result. The
logic that deals with the available ranges queries them
explicitly using join statements.
Itsuro Oda [Thu, 8 Jan 2015 23:47:56 +0000 (08:47 +0900)]
Enable services on agents with admin_state_up False
Previously when admin_state_up of an agent is turned to False,
all services on it will be disabled.
This fix makes existing services on agents with admin_state_up
False keep available.
To keep current behavior available the following configuration
parameter added.
* enable_services_on_agents_with_admin_state_down
If the parameter is True, existing services on agents with admin_state_up
False keep available. No more service will be scheduled to the agent
automatically. But adding a service to the agent manually is available.
i.e. admin_state_up: False means to stop automatic scheduling under the
parameter is True.
The default of the parameter is False (current behavior).
Maru Newby [Mon, 23 Mar 2015 23:18:44 +0000 (23:18 +0000)]
Simplify base test cases
Previous changes (Ifa270536481fcb19c476c9c62d89e6c5cae36ca1 and
I44251db399cd73390a9d1931a7f253662002ba10) separated out test setup
that had to import Neutron to allow the api tests to run. The api
tests previously imported Tempest, and errors would result if both
Neutron and Tempest were imported in the same test run. Now that the
api tests do not import Tempest, the base test cases can be simplified
by reversing the referenced changes.
A dependent change to neutron-fwaas removes reference to testlib
plugin: I0f2098cfd380fb6978d643cfd09bcc5cf8ddbdb9
Ilya Sokolov [Tue, 23 Dec 2014 13:22:20 +0000 (13:22 +0000)]
Send only one rule in queue on rule create/delete
Now we send all labels and rules per rule create/delete
and rebuild whole iptables chains.
In this patch we send only affected rule and create/
delete only this rule from iptables.
John Schwarz [Tue, 14 Oct 2014 11:09:14 +0000 (14:09 +0300)]
Add full-stack tests framework
This patch introduces the full-stack tests framework, as specified in
the blueprint. In short, this adds the neutron.tests.fullstack module,
which supports test-managed neutron daemons. Currently only
neutron-server is supported and follow-up patches will support for
multiple agents.
Miguel Angel Ajo [Tue, 24 Mar 2015 13:07:37 +0000 (13:07 +0000)]
Stop any spawned ProcessMonitor at test cleanup
Base test class adds a cleanup fixture to stop any
spawned process monitor via unit or functional tests,
which otherwise would keep running after the tests already
finished, and execution functions go unpatched.
Without this patch unit tests will randomly fail
when we enable process monitor by default at change:
I85fe31bee30714148168a293eea29fa0a37f9701
Assaf Muller [Tue, 24 Mar 2015 23:56:37 +0000 (19:56 -0400)]
Use router state in get_ha_device_name and ha_network_added
get_ha_device_name and ha_network_added were moved from the
agent to the router class, but they're not using the router
state. Rather, they're accepting arguments that they don't
need.
rajeev [Fri, 6 Mar 2015 15:02:30 +0000 (10:02 -0500)]
If configured, set the MTU for fpr/rfp intefaces
if network_device_mtu parameter is configured, set the MTU for
fpr and rfp interfaces to the value specified by the parameter
at the time of creation of these interfaces.
Enhanced DVR functional test to verify MTU gets
set for the fpr/rfp interfaces.
Adelina Tuvenie [Tue, 24 Mar 2015 16:29:45 +0000 (09:29 -0700)]
Moves ovs_lib to agent/common
This patch moves ovs_lib from agent/linux to agent/common
since it will be used by ovs_neutron_agent on both Linux
and Windows platforms. To provide compatibility with out of
tree code, a placeholder has been left in agent/linux.
Adelina Tuvenie [Tue, 24 Mar 2015 18:29:17 +0000 (11:29 -0700)]
OVS agent support on Hyper-V
This patch abstracts away platform specific differences in
agent/linux/utils.py and agent/linux/polling.py in order for
OVS neutron agent to work on Hyper-V.
agent.linux.utils uses fcntl that is not available on Windows and
also uses rootwrap which is no necessary on Windows.
ovsdb_monitor.SimpleInterfaceMonitor works only on GNU/Linux because
agent.linux.async_process uses platfom specific components like the
kill command.
Sandhya Dasu [Thu, 5 Feb 2015 17:21:05 +0000 (12:21 -0500)]
Cisco UCS Manager ML2 Mechanism Driver
Introduces a ML2 based Mechanism Driver for Cisco UCS Manager. The vendor
specific driver code referenced by this MD resides in stackforge repo
networking-cisco. This MD did not exist in the Neutron tree before so no files
have to be removed as part of this change.
Assaf Muller [Wed, 25 Mar 2015 00:27:29 +0000 (20:27 -0400)]
Rename/move/remove HaRouter methods
All of the methods that use verify_ha are now part of the HaRouter
class. The check has outlived its usefulness and may die
a peaceful yet horrifying death. At its point of death,
verify_ha is akin to a guy walking down the street and yelling:
'Am I me? Am I me?' - Yes, you're you, shut up. An HA router
is an HA router, there's no point in the class checking if
it's indeed an HA router.
* keepalived_manager._get_full_config_file_path was being used
outside of the keepalived_manager, removed the leading underscore
* _ha_get_existing_cidrs doesn't need an 'ha' prefix, it's already
a part of the HA router class. This patch renames the method to
a more descriptive name
* HARouter._get_ipv6_lladdr had nothing to do with HA routers, nor
did it use the HARouter state. Moved it to ip_lib
Darragh O'Reilly [Tue, 17 Mar 2015 16:03:51 +0000 (16:03 +0000)]
lb-agent: use 'replace' instead of 'add' with 'bridge fdb'
l2pop on the linuxbridge agent can fail to add permanent entries
because the 'bridge fdb add' command fails if a temporary entry
exists. This patch uses 'replace' which always works.
YAMAMOTO Takashi [Tue, 27 Jan 2015 06:32:19 +0000 (15:32 +0900)]
Fix a usage error of joinedload + filter in l3 scheduler
This commit fixes admin_state_up filtering in
get_l3_agents_hosting_routers. Also, adapt its callers
which rely on the current broken implementation.
Details:
With the current coding, joinedload() produces a JOIN and
the following filter() on the columns from the joined table
would create another JOIN of the same table. (As t1 in the
following example). It doesn't seem to be the intended
behaviour. As a consequence the filter (WHERE clause in
the following examples) doesn't work as expected.
Queries before this fix looked like the following,
where t1 and t2 are Agent and RouterL3AgentBinding respectively:
SELECT t2.aaa, t1_1.bbb, ...
FROM t1, t2 LEFT OUTER JOIN t1 AS t1_1 ON t1_1.ccc = t2.ddd
WHERE t1.eee = ...;
After the fix, it would be:
SELECT t2.aaa, t1.bbb, ...
FROM t2 JOIN t1 ON t1.ccc = t2.ddd
WHERE t1.eee = ...;
Assaf Muller [Tue, 24 Mar 2015 23:45:11 +0000 (19:45 -0400)]
Move process_ha_router_added/removed from HA agent to router
* Move process_ha_router_added/removed from ha.py to
ha_router.py, rename them initialize and terminate
* Remove _process_ha_router (Spawns/disables keepalived) from
process_router (Called when adding/updating and deleting
a router), move its content to process_router for add/update
and terminate for delete
* Rename ha_router.spawn_keepalived to enable_keepalived
(Consistent with disable_keepalived and process_manager
semantics)
Adelina Tuvenie [Tue, 24 Mar 2015 10:06:21 +0000 (03:06 -0700)]
Add eventlet monkey_patch helper
Eventlet monkey patching the os and thread modules causes subprocess.Popen
to fail on Windows when using pipes due to missing non-blocking IO support.
There is an reported bug on eventlet [1] with this issue. The solution
for this issue is to not monkey_patch os and thread.
This change is needed in order to run ovs_neutron_agent on Windows platforms.
Code Review / openstack-build / neutron-build.git / log