Commit Graph

225 Commits

Author SHA1 Message Date
Vladimir Grevtsev
47a2b8fbb4 Enable support for security group logging
Add support to enable logging of security groups for
OpenStack Queens or later; this feature is enabled via
the neutron-api charm, with local configuration options
provided in the neutron-openvswitch charm.

The feature is only compatible with the openvswitch firewall
driver and will not be enabled if this configuration option
is not set in the neutron-openvswitch charm.

This change is removing unnecessary Neutron config
option "neutron_firewall_driver" since FW drivers are
being handled on agents side (not on API server) since
Mitaka release.

Change-Id: Icadb055b2c5c3216b6d086b44a4823595b2baffa
Closes-Bug: #1787397
2018-10-09 12:01:03 +03:00
James Page
49d377bfea py3: Switch to Python 3 for OpenStack Rocky
Switch neutron installation to use Python 3 for OpenStack Rocky.

Purge python- packages on upgrade.

Fix duplicate keystone entry in api-paste.ini for Rocky.

Change-Id: I9ead4d0b637f3067e0aa9a20604b2738221860df
2018-09-21 16:17:57 +02:00
David Ames
d86000271a Enable bgp dynamic routing for Ocata
Change-Id: I3bd3bc443d3007bceb80fafc6673d9c2a571975b
Needed-By: I00fd1d6098aee7f0e5287c8655dd9db843894a26
2018-07-10 11:51:24 -07:00
Anton Kremenetsky
ca9af5c842 Ability to enable VLAN trunking
This fix add ability to enable VLAN trunking in configuration.

Signed-off-by: Anton Kremenetsky <akremenetsky@dev.rtsoft.ru>

Change-Id: If80dc4750e6639bdc41bc62eede350019b4306c5
Closes-Bug: #1772979
2018-05-23 20:58:16 +03:00
David Ames
96581bdc50 Enable neutron dynamic routing agent
Support the neutron dynamic routing agent. A subsequent charm,
neutron-dynamic-routing, will implement the agent. Neutron-api
needs to enable the plugin and install the correct packages.

Change-Id: I2c58bae47f672fe285b7fc59cd13636475d57ed2
2018-02-16 17:14:53 +00:00
Zuul
892666557c Merge "add segments service_plugin to neutron-api" 2018-02-14 09:02:53 +00:00
Frode Nordahl
08e806f098 Add support for configuring individual physical network MTUs
This is needed if a subset of your flat or VLAN provider networks have a MTU
that differ with what is set in global-physnet-mtu.

Change-Id: Ifd348311b5c313fa95d6ed49c32d9b26b0f5e662
Closes-Bug: #1663533
2018-02-01 10:02:27 +01:00
sunyandi
39fa6f26d2 assertEquals is deprecated, use assertEqual
Change-Id: I5d557baee0601a31321d34c14da22d2babc9ea33
2018-01-22 16:18:37 +08:00
Dmitrii Shcherbakov
f131505576 add segments service_plugin to neutron-api
* adds a service_plugin called segments to enable routed provider
networks
* adds a nova placement api section and inclusion of that section to
neutron.conf
* routed provider networks can be used for setups with and without
charm-neutron-gateway - in both cases there should be a dhcp agent per
segment which can be achieved via charm-neutron-openvswitch
configuration option enable-local-dhcp-and-metadata in case of a setup
without charm-neutron-gateway

Change-Id: I78222b567c72c03ab2d861836172032d4d9a0b3f
Closes-Bug: 1743743
2018-01-20 23:14:26 +03:00
Ryan Beisner
c5a6a9d1b3 Sync charm-helpers
Notable issues resolved:

openstack_upgrade_available() broken for swift
https://bugs.launchpad.net/charm-swift-proxy/+bug/1743847

haproxy context doesn't consider bindings
https://bugs.launchpad.net/charm-helpers/+bug/1735421

regression in haproxy check
https://bugs.launchpad.net/charm-helpers/+bug/1743287

Change-Id: I43728e8cdeb65bd6f6f3c689bb7ef554980ff8d4
2018-01-19 16:24:51 +02:00
James Page
7eac81a36e Remove deploy from source support
Drop support for deployment from Git repositories, as deprecated
in the 17.02 charm release.  This feature is unmaintained and has
no known users.

Change-Id: I44f00afeee8623713055310b025f1e91af18b86a
2018-01-10 15:41:05 +00:00
James Page
852d1f2f3a Pass data to hacluster charm using JSON
Encode dicts passed to hacluster charm using JSON serialization,
supporting consistent data presentation under Python 3 where
dict key iteration is non-deterministic.

This is supported by prefixing json based data items with 'json_'
and encoding with keys sorted.

The charm will also clear any unprefixed based data items for
upgrades.

Change-Id: I21c6acff4a4a22cbcc5e6ea4e78394ce076e79d9
Closes-Bug: 1741304
Depends-On: I364a60ca7b91327fe88ee729cf49ff8ab3f5e2b6
2018-01-05 09:56:15 +00:00
Zuul
7a61202a9d Merge "Designate - Neutron integration" 2017-12-21 18:43:39 +00:00
Tytus Kurek
95c045d1ce Designate - Neutron integration
This patchset implements new relation ("external-dns") using new
interface ("designate") between designate and neutron-api charms.
The following charm options have been added:

* "reverse-dns-lookup"
* "ipv4-ptr-zone-prefix-size"
* "ipv6-ptr-zone-prefix-size"

The patchset contains changes to various items (config files, hooks,
template files and unit tests).

When neutron-api is related to designate, the notification topic
previously used to send notification events to designate will be
disabled (as the DNS driver method is preferred).

Change-Id: I13b2ab39bd1daac13112398762f2be06022594b0
Closes-Bug: #1704769
2017-12-21 07:58:30 -08:00
James Page
11bb8503d1 Drop postgresql support
Remove postgresql DB support; This feature is untested as part
of the charms, is not in use and was deprecated as part of
the 1708 charms release.

Change-Id: I5ebd4af9da38c03ca9952b8eed02fe5783692445
2017-12-21 12:04:34 +00:00
James Page
66b643524e Drop zeromq support
Support for the ZeroMQ messaging driver has bit-rotted over
the last few years across the OpenStack charms; drop support
for ZMQ inline with deprecation notices issued in 17.02 charm
release.

Change-Id: Ia11cd42eab112aa6dc609a5c15353ba98f6ae3ea
2017-12-15 16:47:22 +00:00
James Page
5f22e621c2 Update charm to use Python 3
Updates across the charm and unit tests to switch to
execution under Python 3.

Note that the changes are not backwards compatible
with Python 2.

Refactor use of neutronclient python module to simply
wrap the neutron binary, using the yaml output format
to avoid the requirement for a Python 3 module on
older OpenStack release versions.

Change-Id: Ic26b0dd19a76552481939325963a6c21585dee3c
2017-11-07 13:53:40 +11:00
James Page
c6513b0dc1 Resync charm-helpers for py3 fixes.
Change-Id: I4834bc43af33e9e9af82b5ecb176b5ce0c9278b5
2017-11-07 13:53:28 +11:00
Jenkins
569c9b6cd9 Merge "Block endpoint reg if cluster partially formed" 2017-10-11 12:41:33 +00:00
Liam Young
6cc620ab27 Block endpoint reg if cluster partially formed
When an existing cluster of the service is scaled out the new unit
will join with keystone before it is fully clustered. In identity
joined hook the charmhelpers function canonical_url is called which
in turn uses another charmhelpers function, resolve_address.
resolve_address will only return the vip if the vip is set in config
AND the unit is clustered. This means that the units local address
is returned and that is then registered with keystone.

This change gates registering an endpoint if the cluster is
partially formed.

Change-Id: I233e0cccb8ccd732080fd239df6d1e7db174eba5
Partial-Bug: #1544959
2017-10-06 13:12:07 +00:00
Jenkins
8e69a41368 Merge "Add QoS support" 2017-09-26 13:32:11 +00:00
Liam Young
a8e6824e3a Add QoS support
This patch adds the enable-qos option to the charm. If enable-qos is
set then neutron.services.qos.qos_plugin.QoSPlugin is added to
service_plugins in neutron.conf locally. The
neutron-plugin-api-relation has also been updated to send the
enable-qos option to charms connected over that relation (for
example neutron-openvswitch and neutron-gateway).

As part of this some of the logic for setting service_plugins was
removed from the neutron.conf and placed in the NeutronCCContext.

This patch is based on the steps in:
https://docs.openstack.org/mitaka/networking-guide/config-qos.html

Change-Id: I1beba9bebdb7766fd95d47bf13b6f4ad86e762b5
Partial-Bug: #1705358
2017-09-25 16:35:12 +00:00
zhangyangyang
df4040b541 change assert(Not)Equals to assert(Not)Equal
According to http://docs.python.org/2/library/unittest.html
assert(Not)Equals is a deprecated alias of assert(Not)Equal.

Change-Id: Ia5df59c1f59d022231a8575cd7bc7e9bd0013ac5
Closes-Bug: #1329757
2017-09-12 21:12:20 +08:00
Edward Hope-Morley
2c21ad14ab Add db initialised detection
Currently whenever the shared-db hook fires we call
migrate_neutron_database() which will always (unless unit
is paused) do a migration and restart the neutron-server
service. This is unnecessary and disruptive so we avoid
doing this by first checking whether we have already
initialised and and skipping migrate and restart if we
have already initialised. We also add support to override
this logic if an upgrade is in progress.

Change-Id: Ia4c104ff21d10a0d24ac3038bb75a5a9dc67ca94
Closes-Bug: 1708459
2017-08-23 15:45:47 +01:00
Zhang Hua
0e4def1939 Support polling-interval rpc-response-timeout and report-interval
This patch adds support for setting polling-interval rpc-response-timeout
and report-interval in neutron-api charm centrally, then other charms
need to continue doing:

1, polling_interval
   Just used by neutron l2 agents, so neutron-openvswitch charm
   gets it via its relations and set it in [agent] of ml2_conf.ini
   or openvswitch_agent.ini(>=Mitaka)

2, rpc_response_timeout
   Used by all neutron agents, so both neutron-gateway charm and
   neutron-openvswitch charm get it via its relations and set it
   in [default] of neutron.conf

3, report_interval
   Used by all neutron agents, so both neutron-gateway charm and
   neutron-openvswitch charm get it via its relations and set it
   in [agent] of neutron.conf

This patch also syncs charmhelpers.

Change-Id: I669e959a596b214acf486b0532c4ab31c2b82557
Partial-Bug: #1685788
2017-08-03 10:16:44 +01:00
Frode Nordahl
353d4a97eb Add support for setting sriov_supported_pci_vendor_devs
This is required for SR-IOV to work on OpenStack versions
Kilo, Liberty and Mitaka (unless you are the lucky owner of
NICs with the default vendor/product IDs '15b3:1004', '8086:10ca').

The option is deprecated in Newton and the default behaviour
onwards is to not perform the check (unless configured) and not
overrule Nova's scheduling decision. (See LP #1611302)

Re-work mechanism_driver templating. Current implementation
treats mechanism drivers 'hyperv' and 'sriovnicswitch' as
mutually exclusive for simplicity. This prohibits us from
adding functional test for verifying sriov statements in
configuration files.

Due to how neutron init scripts are laid out on various Linux
distributions put the [ml2_sriov] section in ml2_conf.ini instead
of its default ml2_conf_sriov.ini location.

Add a placeholder ml2_conf_sriov.ini with comment to point users
in the right direction.

Change-Id: I37da1c430a06417ff7f1bc9df2d984137688bba0
Closes-Bug: #1630387
2017-08-02 09:45:35 +01:00
Jenkins
ccda317d36 Merge "Enable internal DNS resolution" 2017-05-15 20:29:04 +00:00
David Ames
8f26788080 Network space aware address for cluster relation
Use the get_relation_ip function for selecting addresses for the
cluster relationship. Including overrides for the admin, internal,
and public config settings or extra bindings.

Change-Id: Ief31b5bf605e6fad0b5fc57cd048e3d8badfa2db
Partial-Bug: #1687439
2017-05-04 15:36:23 -07:00
Billy Olsen
9bbd2bad9c Enable internal DNS resolution
Add the dns-domain config and enable-ml2-dns options, allowing the
user to enable DNS integration between Neutron and Nova. This enables
the DNS integration between Nova and Neutron for internal DNS services
when the enable-ml2-dns option is set to True.

Change-Id: Id5f828da003e056a882297ffdbf3df22e856d14a
Implements: blueprint internal-dns
2017-04-30 22:19:29 -07:00
Jenkins
71e00c5c4e Merge "Add validation of *-l3-agents-per-router config" 2017-04-28 08:59:06 +00:00
David Ames
43e4f2124f Avoid shared-db change when using access-network
When the percona-cluster charm sets an access-network but the default
unit-get address is not on that network extra shared-db relations get
executed. This is specifically a problem when running upgrades and
trying to avoid API downtime.

The root cause is that the access-network is not checked until the
SharedDBContext is consulted. But then db_joined function will
change it back to the wrong ip on subsequent runs.

This change adds a check for access-network on the relation during
the db_joined function and pushes IP selection off to get_relation_ip.

Charm helpers sync to pull in changes to get_relation_ip.

Partial-bug: #1677647

Change-Id: I20f35dd7a12315ef61939feb5199680db128bc0b
2017-04-26 10:04:11 -07:00
Edward Hope-Morley
a741d105bc Add validation of *-l3-agents-per-router config
Change-Id: If426505b4a14115df3b918021aabf3ddef96c2c8
Closes-Bug: 1679008
2017-04-03 12:11:11 +01:00
Alex Kavanagh
750a3e2c13 Fix alphanumeric comparisons for openstack and ubuntu releases
- sync charmhelpers with fix-alpha helpers
- fix up code where the alpha comparisons are done
- fix tests which assumed mocks would just work on os_release()

Change-Id: I3d1a8993286f0e7a1037c03e6711015883f1b615
Related-Bug: #1659575
2017-03-28 17:30:14 +01:00
Dmitrii Shcherbakov
f3b655acdf add keystone middleware update logic
In order to support changes in the api-paste.ini file for the keystone
middleware of the neutron-api service by subordinates we need a generic
mechanism to pass wsgi middleware data via a relation.

The following approach is used in this change:

- relation data set by subordinates:
{'extra_middleware': [{
        'type': 'middleware_type',
        'name': 'middleware_name',
        'config': {
            'setting_1': 'value_1',
            'setting_2': 'value_2'}}]}
- there may be many subordinates each with their own set of middleware
all of which should be taken into account
- besides a factory method for middleware other settings can be
specified, therefore, a generic config dictionary is used
- neutron-server has to be restarted as api-paste.ini is read upon
startup of the service
- api-paste.ini rendering code is added along with a template code
containing loops over a list of middleware provided in a context to
construct the following entries:

keystone = [name-1 ... name-m] <default_middleware>

[type-1:name-1]
key-1 = value-1
...
key-n = value-n
...
[type-m:name-m]
key-1 = value-1
...
key-k = value-k

- api-paste.ini defaults are copied from their respective upstream
neutron branches

Change-Id: I9449aa2e85b1523f24acdcee11ca1f635dda47c0
2017-03-09 22:49:10 +03:00
Liam Young
446de085a0 Add default-tenant-network-type config option
- Add default-tenant-network-type config option to allow the default
  network type for a tenant network to be set

- Fix rendering of overlay-network-type so that an empty string is
  valid

Change-Id: Ib2325d273a0dd5e637f36113b951130387902777
Closes-Bug: 1533651
2016-12-06 08:59:53 +00:00
Jenkins
9ad4a28462 Merge "Support for etcd on Xenial" 2016-11-30 12:36:12 +00:00
Neil Jerram
b86b1aa35f Support for etcd on Xenial
Generate etcd config in form suitable for systemd init as well as for
upstart.

Change-Id: I78091d630e95d94e9b6effb077cce1fe63687474
2016-10-05 17:28:25 +01:00
Neil Jerram
fcdf2df065 Use new Calico 1.4 PPA
Change-Id: Ia79f7521bc0d12493222df66975f41f50cd029b7
2016-10-05 17:20:24 +01:00
James Page
fa1451445c Add support for application version
Juju 2.0 provides support for display of the version of
an application deployed by a charm in juju status.

Insert the os_application_version_set function into the
existing assess_status function - this gets called after
all hook executions, and periodically after that, so any
changes in package versions due to normal system updates
will also be reflected in the status output.

This review also includes a resync of charm-helpers to
pickup hookenv and contrib.openstack support for this
feature.

Change-Id: I33cce8efc03f9217552234a8e03133d360ce95e3
2016-09-20 12:25:54 +01:00
Jenkins
6ee476166b Merge "Added Hyper-V networking support" 2016-07-08 15:56:57 +00:00
Ionut Balutoiu
353ab6f9f8 Added Hyper-V networking support
This patch adds hyperv mechanism driver to ml2_conf.ini template
and the required python package to the list of packages to install.

Change-Id: If23f22aea53ba5549160f44442567d57b8077af6
2016-07-08 11:42:31 +03:00
Corey Bryant
731ca45e07 Add systemd init support for deploy from source
systemd is used instead of upstart by default since Ubuntu 15.10
(Wily).  This adds systemd init file support for nova services
that are deployed from source.

Change-Id: I45757fcd52426369b42916ad2195d2fe2f6a4c15
2016-07-07 10:58:51 +01:00
James Page
69faf85da3 Re-license charm as Apache-2.0
All contributors to this charm have agreed to the switch
from GPL v3 to Apache 2.0; switch to Apache-2.0 license
as agreed so we can move forward with official project status.

Change-Id: Ie7859853644fb819f1cd3062a2fea86766de0afb
2016-07-03 17:47:52 +01:00
Jenkins
101fd703f5 Merge "Add SR-IOV device support" 2016-06-23 09:58:36 +00:00
David Ames
592b8e0947 DNS HA
Implement DNS high availability. Pass the correct information to
hacluster to register a DNS entry with MAAS 2.0 or greater rather
than using a virtual IP.

Charm-helpers sync to bring in DNS HA helpers

Change-Id: Ifb27cc96b913f4fe315119477691936919684b62
2016-06-23 09:21:03 +01:00
Alex Kavanagh
638e06de08 Fix for multiple status-set - related to bug 1588462
This change fixes the obvious race for a status_set() between
check_optional_interfaces() and assess_status() as the later calls the former
which calls status_set(), returns the status, which is then potentially set
again by the assess_status() function.  This cleans up the code so that only a
single status_set() is performed when calling assess_status().

Change-Id: Ic5d0be6e1f7a2283e4dd0594c6465a99497dbbec
Related-Bug:#1588462
2016-06-16 10:35:37 +00:00
Timothy Kuhlman
0052948de1 Add SR-IOV device support
Add a new configuration option to enable SR-IOV support across Neutron and
Nova; this involves enabling the required mechanism driver, and informing
the nova-cloud-controller charm that SR-IOV has been enabled, so that Nova
can use the correct scheduler filters for PCI device management.

Change-Id: I8938c22c8f4dc27bb0816fd8e5e6154a1407e93f
2016-05-25 09:29:44 -06:00
Liam Young
7b6e6e9b6e Do not run db migration on Icehouse
The neutron-server process performs the db migration on icehouse so
check the Openstack version before running it

Closes-Bug: 1571782
Change-Id: Ib9a57eea296a3116c69551c057f1cf9093ac93a8
2016-04-19 08:51:37 +00:00
Liam Young
dd5bc11622 No db stamp for upgrade from Liberty
Stamping the Neutron db for Liberty fails and appears to be
unneccesary.

Change-Id: I93ff69db57bc3418a4c73e79e884f5c85d533f99
Closes-Bug: 1536675
2016-04-18 14:21:33 +00:00
James Page
c59e76217b Use network space binding for shared-db relation
To ensure that the charm presents the right IP address for
accessing the MySQL database over the shared-db relation,
ensure that any network space binding provided by the user
is preferred over the default of 'private-address'.

If network spaces is not supported (juju < 2.0), fallback to
using 'private-address'.

Change-Id: I8e70be47250c650e4b0135b0f2707f7eb1d46d1e
2016-04-12 14:50:54 +01:00