Russell Bryant [Wed, 21 Jan 2015 18:40:18 +0000 (13:40 -0500)]
linuxbridge: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the linuxbridge agent.
This is required to be able to eventually move this API into
a messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as
a mixin.
Russell Bryant [Wed, 21 Jan 2015 19:34:12 +0000 (14:34 -0500)]
linuxbridge: untangle SecurityGroupAgentRpcMixin
This patch separates the use of SecurityGroupAgentRpcMixin out to its
own class. This matches most of the rest of the code base. This
separation is needed to be able to eventually move this rpc API into
its own messaging namespace. Now that it's separate, a future change
can pass the new class an instance of SecurityGroupServerRpcApi
instead of assuming that the LinuxBridgePluginApi includes
SecurityGroupServerRpcApiMixin.
Carl Baldwin [Fri, 16 Jan 2015 19:39:46 +0000 (19:39 +0000)]
Replace FLOATING_IP_CIDR_SUFFIX constant with utils
FLOATING_IP_CIDR_SUFFIX is a global constant used in manipulating ip
addresses and cidrs as string. This patch replaces that with
well-tested utilities for doing the conversions more safely and
readably.
Russell Bryant [Fri, 16 Jan 2015 15:29:04 +0000 (10:29 -0500)]
tests: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the unit tests.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 15:15:17 +0000 (10:15 -0500)]
ovs: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the ovs plugin.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 15:06:00 +0000 (10:06 -0500)]
oneconvergence: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the oneconvergence
plugin. This is required to be able to eventually move this API into
a messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 14:54:53 +0000 (09:54 -0500)]
ofagent: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the ofagent plugin.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 14:37:52 +0000 (09:37 -0500)]
nec: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the nec plugin.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 14:09:48 +0000 (09:09 -0500)]
hyperv: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the hyperv plugin.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Fri, 16 Jan 2015 13:52:40 +0000 (08:52 -0500)]
bigswitch: drop usage of SecurityGroupServerRpcApiMixin
Drop usage of SecurityGroupServerRpcApiMixin in the bigswitch plugin.
This is required to be able to eventually move this API into a
messaging namespace. It needs to use its own messaging client
instance, instead of a different one it gets after being used as a
mixin.
Russell Bryant [Tue, 13 Jan 2015 18:06:44 +0000 (13:06 -0500)]
Create SecurityGroupServerRpcApi and add some docs
Create SecurityGroupServerRpcApi, which is intended to replace
SecurityGroupServerRpcApiMixin over time. The new class is the same
code, but used as a standalone class. This is needed to be able to
eventually move this API into a messaging namespace.
In passing, add docstrings that show where to find the corresponding
other side of this interface in the code base.
Improve agent-based flat/vlan ml2 port binding failure logging
Port binding failure is an error and should be reported as such.
Additionally, if a port binding fails on a host due to missing
bridge mappings, it's currently quite a mystery to find out. This
should be logged instead of requiring users to debug code. Not
everyone enjoys debugging Python, as weird as that is!
I refactored out the common code in check_segment_for_agent
in order to make logging more robust for all agent-based mechanism
drivers. The OVS and LB mech drivers already log due to a bridge
mappings mismatch and the other agent based mech drivers
will now log as well.
Maru Newby [Tue, 20 Jan 2015 02:23:48 +0000 (02:23 +0000)]
Switch to using abc in the retargetable client
abc is preferable to raising NotImplementedError because it will
prevent instantiation of a subclass that doesn't implement the
required methods rather than failing only when a missing method is
called.
Change-Id: I1043eefde675dd3b653d5b508be22cfd52d2fe8f
Implements: bp retargetable-functional-testing
Simplfy register_model_query_hook() and register_dict_extend_funcs().
Move register_dict_extend_funcs() into CommonDbMixin attribute
because the related class attribute, _dict_extend_functions, is
defined in CommonDbMixin. They should be defined in same class.
Ihar Hrachyshka [Sun, 18 Jan 2015 11:59:39 +0000 (12:59 +0100)]
Drop _test_rootwrap_exec test
It's not a unit test and didn't participate in gating. The test would belong to
functional suite, though since it's pretty trivial, and rootwrap is already
tested as part of other functional tests, it's better to drop it then adopt to
new requirements.
Cedric Brandily [Fri, 16 Jan 2015 23:41:16 +0000 (23:41 +0000)]
Fix pylint unbalanced-tuple-unpacking warning
Pylint last version(1.4.1), at least, reports an
unbalanced-tuple-unpacking warning[1] in keepalived[2] module because
self.authentication is defined as an empty tuple in __init__ method and
unpacked in build_config method as if it was a 2-tuple.
self.authentication references an empty tuple (defined in __init__
method) or a 2-tuple (updated in set_authentication method). Such
warning is a false positive because the unpacking is only performed if
self.authentication is not evaluated to false which only appends if
self.authentication is a 2-tuple.
Defining self.authentication as None in __init__ avoids such warning
without disabling unbalanced-tuple-unpacking warning check.
[1]
W:252,12: Possible unbalanced tuple unpacking with sequence defined at
line 153: left side has 2 label(s), right side has 0 value(s)
(unbalanced-tuple-unpacking)
Carl Baldwin [Mon, 22 Dec 2014 21:01:45 +0000 (21:01 +0000)]
Create DvrRouter and HaRouter as a sub-class of Router
This commit creates them as simple sub-classes and instantiates them
when appropriate. It also moves the basic mixin classes from
RouterInfo. Since all of the properties and attributes from these
mixins are only used in the ha or dvr contexts, this is safe. Future
refactoring will further tease things out until they are properly
encapsulated.
They inherit everything else from their base class so that they all
still share the same code. Creating them up front provides a place
for dvr and ha specific logic to land as methods are moved from the L3
agent and mixins to the new router classes. Eventually, all of the
specific logic will be teased in to the specific classes.
Wrap dhcp agent into its own module and break out configurations and
entry point for better seperation. This lead to some test cleanup
that revealed that options were registered unnecessarily.
When/if the dhcp agent goes through a restructuring along the same
lines of the L3 agent's, this would be the step to start from.
Move Monkey patch back to being as early as possible
Commit 6ca8cb84fd8 moved the patching early in the loading process.
After some reshuffling in the agents, this might not be as early
as possible, so move them closer to their main()'s.
In order to run the API job successfully, must be installed and
configured. Today when using devstack-vm-gate.sh this means that
Tempest will run as well, which we do not want. To fix this problem
there are changes needed both in project-config and devstack-gate.
As a stop-gap solution, we bring in the scripts required and run
them directly within the gate hooks that we already have.
Once changes in devstack-gate and project-config will be accepted, this
solution can be dropped.
Eugene Nikanorov [Mon, 17 Nov 2014 07:00:49 +0000 (11:00 +0400)]
Change transaction isolation so retry logic could work properly
Lower isolation level from REPEATABLE READ to READ COMMITTED for
transaction that is used to create a network.
This allows retry logic to see changes done in other connections
while doing the same query.
Perform that only for mysql db backend.
Sylvain Afchain [Fri, 12 Dec 2014 09:52:43 +0000 (09:52 +0000)]
Refactor the _get_external_device_interface_name method
Currently this method does two things. It returns the
external interface name as its name indicates and
creates some interfaces in the case of the dvr mode.
This patch split these two things into two methods and
refactor a bit the code according to this change.
Miguel Lavalle [Thu, 18 Dec 2014 01:21:53 +0000 (19:21 -0600)]
Refactor of floating ip processing in L3 Agent
Breaks down the processing of floating ip processing in 3 methods. A key goal
is to make the handling of ip tables application deferal more logically cohesive
in the process_router method
Brian Haley [Thu, 18 Dec 2014 21:02:10 +0000 (16:02 -0500)]
Don't log a warning if an iptables chain doesn't exist
The iptables_manager remove_chain() function calls LOG.warn()
if asked to remove a chain that it doesn't know about. This
is spamming the neutron-full gate job pretty bad. Change to
LOG.debug() since reverting the change that caused it is
difficult since the FWaaS code has been split-out from the
tree.
Ihar Hrachyshka [Fri, 5 Dec 2014 17:17:15 +0000 (18:17 +0100)]
Migrate to oslo.concurrency
Namespaces are not used anymore, so imports are for oslo_concurrency,
not oslo.concurrency.
lockutils direct call is not supported anymore, so using shipped
lockutils-wrapper instead.
Use ExternalLockFixture to set lock_path for unit testing.
Updated cache and cache/_backends module from oslo-incubator to use
oslo.concurrency and not incubator version of lockutils module.
Dropped lockutils incubator module that is now moved to oslo.concurrency. Not
dropping fixture module that includes lockutils fixture since other fixtures
are still used in the tree.
Kevin Benton [Thu, 15 Jan 2015 07:45:14 +0000 (23:45 -0800)]
Clarify misleading iptables comment
Update the comment for the iptables rule matching the
conntrack INVALID state. The previous entry was misleading
because it sounded like it dropped all new connections.
mathieu-rohon [Thu, 15 Jan 2015 15:19:08 +0000 (16:19 +0100)]
make delete_router send delete_port to core_plugin
Have delete_router API call also delete the gateway port if needed.
Currently, the db_base_plugin_v2 method is called, bypassing the
core_plugin overload of this method. The consequence is that,
in ML2, mechanism drivers are not aware of the port deletion.
In this patch, tha gateway port is deleted through a common
method. This method checks if floating IP and VPN are attached
to the router, so those checks are removed from the delete_router
method.
Gary Kotton [Mon, 29 Dec 2014 09:38:25 +0000 (01:38 -0800)]
VMWare-NSXv: VMWare NSXv extensions
For Kilo, the vendor-specific code should be moved to stackforge repo,
excluding the extensions (https://review.openstack.org/#/c/134680/).
This patch adds the extensions VMWare NSXv plugin from
stackforge/vmware-nsx repo.
There are 2 new extensions:
1. advanced_service_providers - this is required to enabled the NSXv to provide
metadata support (there is no metadata agent)
2. vnic_index - the security group support for the NSXv requires the vNIC index
Currently the test assumes delete_ports_by_device_id deletes ports in
the order they were created but nothing ensures it. This change
updates _test_delete_ports_by_device_id_second_call_failure to avoid
such (incorrect) assumption. The assumption is in general broken in
daughter change which adds a unique constraint on Port table.
Code Review / openstack-build / neutron-build.git / log