Add support to enable logging of security groups for
OpenStack Queens or later; this feature is enabled via
the neutron-api charm, with local configuration options
provided in the neutron-openvswitch charm.
The feature is only compatible with the openvswitch firewall
driver and will not be enabled if this configuration option
is not set in the neutron-openvswitch charm.
This change is removing unnecessary Neutron config
option "neutron_firewall_driver" since FW drivers are
being handled on agents side (not on API server) since
Mitaka release.
Change-Id: Icadb055b2c5c3216b6d086b44a4823595b2baffa
Closes-Bug: #1787397
Switch neutron installation to use Python 3 for OpenStack Rocky.
Purge python- packages on upgrade.
Fix duplicate keystone entry in api-paste.ini for Rocky.
Change-Id: I9ead4d0b637f3067e0aa9a20604b2738221860df
This fix add ability to enable VLAN trunking in configuration.
Signed-off-by: Anton Kremenetsky <akremenetsky@dev.rtsoft.ru>
Change-Id: If80dc4750e6639bdc41bc62eede350019b4306c5
Closes-Bug: #1772979
Support the neutron dynamic routing agent. A subsequent charm,
neutron-dynamic-routing, will implement the agent. Neutron-api
needs to enable the plugin and install the correct packages.
Change-Id: I2c58bae47f672fe285b7fc59cd13636475d57ed2
This is needed if a subset of your flat or VLAN provider networks have a MTU
that differ with what is set in global-physnet-mtu.
Change-Id: Ifd348311b5c313fa95d6ed49c32d9b26b0f5e662
Closes-Bug: #1663533
* adds a service_plugin called segments to enable routed provider
networks
* adds a nova placement api section and inclusion of that section to
neutron.conf
* routed provider networks can be used for setups with and without
charm-neutron-gateway - in both cases there should be a dhcp agent per
segment which can be achieved via charm-neutron-openvswitch
configuration option enable-local-dhcp-and-metadata in case of a setup
without charm-neutron-gateway
Change-Id: I78222b567c72c03ab2d861836172032d4d9a0b3f
Closes-Bug: 1743743
Drop support for deployment from Git repositories, as deprecated
in the 17.02 charm release. This feature is unmaintained and has
no known users.
Change-Id: I44f00afeee8623713055310b025f1e91af18b86a
Encode dicts passed to hacluster charm using JSON serialization,
supporting consistent data presentation under Python 3 where
dict key iteration is non-deterministic.
This is supported by prefixing json based data items with 'json_'
and encoding with keys sorted.
The charm will also clear any unprefixed based data items for
upgrades.
Change-Id: I21c6acff4a4a22cbcc5e6ea4e78394ce076e79d9
Closes-Bug: 1741304
Depends-On: I364a60ca7b91327fe88ee729cf49ff8ab3f5e2b6
This patchset implements new relation ("external-dns") using new
interface ("designate") between designate and neutron-api charms.
The following charm options have been added:
* "reverse-dns-lookup"
* "ipv4-ptr-zone-prefix-size"
* "ipv6-ptr-zone-prefix-size"
The patchset contains changes to various items (config files, hooks,
template files and unit tests).
When neutron-api is related to designate, the notification topic
previously used to send notification events to designate will be
disabled (as the DNS driver method is preferred).
Change-Id: I13b2ab39bd1daac13112398762f2be06022594b0
Closes-Bug: #1704769
Remove postgresql DB support; This feature is untested as part
of the charms, is not in use and was deprecated as part of
the 1708 charms release.
Change-Id: I5ebd4af9da38c03ca9952b8eed02fe5783692445
Support for the ZeroMQ messaging driver has bit-rotted over
the last few years across the OpenStack charms; drop support
for ZMQ inline with deprecation notices issued in 17.02 charm
release.
Change-Id: Ia11cd42eab112aa6dc609a5c15353ba98f6ae3ea
Updates across the charm and unit tests to switch to
execution under Python 3.
Note that the changes are not backwards compatible
with Python 2.
Refactor use of neutronclient python module to simply
wrap the neutron binary, using the yaml output format
to avoid the requirement for a Python 3 module on
older OpenStack release versions.
Change-Id: Ic26b0dd19a76552481939325963a6c21585dee3c
When an existing cluster of the service is scaled out the new unit
will join with keystone before it is fully clustered. In identity
joined hook the charmhelpers function canonical_url is called which
in turn uses another charmhelpers function, resolve_address.
resolve_address will only return the vip if the vip is set in config
AND the unit is clustered. This means that the units local address
is returned and that is then registered with keystone.
This change gates registering an endpoint if the cluster is
partially formed.
Change-Id: I233e0cccb8ccd732080fd239df6d1e7db174eba5
Partial-Bug: #1544959
This patch adds the enable-qos option to the charm. If enable-qos is
set then neutron.services.qos.qos_plugin.QoSPlugin is added to
service_plugins in neutron.conf locally. The
neutron-plugin-api-relation has also been updated to send the
enable-qos option to charms connected over that relation (for
example neutron-openvswitch and neutron-gateway).
As part of this some of the logic for setting service_plugins was
removed from the neutron.conf and placed in the NeutronCCContext.
This patch is based on the steps in:
https://docs.openstack.org/mitaka/networking-guide/config-qos.html
Change-Id: I1beba9bebdb7766fd95d47bf13b6f4ad86e762b5
Partial-Bug: #1705358
Currently whenever the shared-db hook fires we call
migrate_neutron_database() which will always (unless unit
is paused) do a migration and restart the neutron-server
service. This is unnecessary and disruptive so we avoid
doing this by first checking whether we have already
initialised and and skipping migrate and restart if we
have already initialised. We also add support to override
this logic if an upgrade is in progress.
Change-Id: Ia4c104ff21d10a0d24ac3038bb75a5a9dc67ca94
Closes-Bug: 1708459
This patch adds support for setting polling-interval rpc-response-timeout
and report-interval in neutron-api charm centrally, then other charms
need to continue doing:
1, polling_interval
Just used by neutron l2 agents, so neutron-openvswitch charm
gets it via its relations and set it in [agent] of ml2_conf.ini
or openvswitch_agent.ini(>=Mitaka)
2, rpc_response_timeout
Used by all neutron agents, so both neutron-gateway charm and
neutron-openvswitch charm get it via its relations and set it
in [default] of neutron.conf
3, report_interval
Used by all neutron agents, so both neutron-gateway charm and
neutron-openvswitch charm get it via its relations and set it
in [agent] of neutron.conf
This patch also syncs charmhelpers.
Change-Id: I669e959a596b214acf486b0532c4ab31c2b82557
Partial-Bug: #1685788
This is required for SR-IOV to work on OpenStack versions
Kilo, Liberty and Mitaka (unless you are the lucky owner of
NICs with the default vendor/product IDs '15b3:1004', '8086:10ca').
The option is deprecated in Newton and the default behaviour
onwards is to not perform the check (unless configured) and not
overrule Nova's scheduling decision. (See LP #1611302)
Re-work mechanism_driver templating. Current implementation
treats mechanism drivers 'hyperv' and 'sriovnicswitch' as
mutually exclusive for simplicity. This prohibits us from
adding functional test for verifying sriov statements in
configuration files.
Due to how neutron init scripts are laid out on various Linux
distributions put the [ml2_sriov] section in ml2_conf.ini instead
of its default ml2_conf_sriov.ini location.
Add a placeholder ml2_conf_sriov.ini with comment to point users
in the right direction.
Change-Id: I37da1c430a06417ff7f1bc9df2d984137688bba0
Closes-Bug: #1630387
Use the get_relation_ip function for selecting addresses for the
cluster relationship. Including overrides for the admin, internal,
and public config settings or extra bindings.
Change-Id: Ief31b5bf605e6fad0b5fc57cd048e3d8badfa2db
Partial-Bug: #1687439
Add the dns-domain config and enable-ml2-dns options, allowing the
user to enable DNS integration between Neutron and Nova. This enables
the DNS integration between Nova and Neutron for internal DNS services
when the enable-ml2-dns option is set to True.
Change-Id: Id5f828da003e056a882297ffdbf3df22e856d14a
Implements: blueprint internal-dns
When the percona-cluster charm sets an access-network but the default
unit-get address is not on that network extra shared-db relations get
executed. This is specifically a problem when running upgrades and
trying to avoid API downtime.
The root cause is that the access-network is not checked until the
SharedDBContext is consulted. But then db_joined function will
change it back to the wrong ip on subsequent runs.
This change adds a check for access-network on the relation during
the db_joined function and pushes IP selection off to get_relation_ip.
Charm helpers sync to pull in changes to get_relation_ip.
Partial-bug: #1677647
Change-Id: I20f35dd7a12315ef61939feb5199680db128bc0b
- sync charmhelpers with fix-alpha helpers
- fix up code where the alpha comparisons are done
- fix tests which assumed mocks would just work on os_release()
Change-Id: I3d1a8993286f0e7a1037c03e6711015883f1b615
Related-Bug: #1659575
In order to support changes in the api-paste.ini file for the keystone
middleware of the neutron-api service by subordinates we need a generic
mechanism to pass wsgi middleware data via a relation.
The following approach is used in this change:
- relation data set by subordinates:
{'extra_middleware': [{
'type': 'middleware_type',
'name': 'middleware_name',
'config': {
'setting_1': 'value_1',
'setting_2': 'value_2'}}]}
- there may be many subordinates each with their own set of middleware
all of which should be taken into account
- besides a factory method for middleware other settings can be
specified, therefore, a generic config dictionary is used
- neutron-server has to be restarted as api-paste.ini is read upon
startup of the service
- api-paste.ini rendering code is added along with a template code
containing loops over a list of middleware provided in a context to
construct the following entries:
keystone = [name-1 ... name-m] <default_middleware>
[type-1:name-1]
key-1 = value-1
...
key-n = value-n
...
[type-m:name-m]
key-1 = value-1
...
key-k = value-k
- api-paste.ini defaults are copied from their respective upstream
neutron branches
Change-Id: I9449aa2e85b1523f24acdcee11ca1f635dda47c0
- Add default-tenant-network-type config option to allow the default
network type for a tenant network to be set
- Fix rendering of overlay-network-type so that an empty string is
valid
Change-Id: Ib2325d273a0dd5e637f36113b951130387902777
Closes-Bug: 1533651
Juju 2.0 provides support for display of the version of
an application deployed by a charm in juju status.
Insert the os_application_version_set function into the
existing assess_status function - this gets called after
all hook executions, and periodically after that, so any
changes in package versions due to normal system updates
will also be reflected in the status output.
This review also includes a resync of charm-helpers to
pickup hookenv and contrib.openstack support for this
feature.
Change-Id: I33cce8efc03f9217552234a8e03133d360ce95e3
This patch adds hyperv mechanism driver to ml2_conf.ini template
and the required python package to the list of packages to install.
Change-Id: If23f22aea53ba5549160f44442567d57b8077af6
systemd is used instead of upstart by default since Ubuntu 15.10
(Wily). This adds systemd init file support for nova services
that are deployed from source.
Change-Id: I45757fcd52426369b42916ad2195d2fe2f6a4c15
All contributors to this charm have agreed to the switch
from GPL v3 to Apache 2.0; switch to Apache-2.0 license
as agreed so we can move forward with official project status.
Change-Id: Ie7859853644fb819f1cd3062a2fea86766de0afb
Implement DNS high availability. Pass the correct information to
hacluster to register a DNS entry with MAAS 2.0 or greater rather
than using a virtual IP.
Charm-helpers sync to bring in DNS HA helpers
Change-Id: Ifb27cc96b913f4fe315119477691936919684b62
This change fixes the obvious race for a status_set() between
check_optional_interfaces() and assess_status() as the later calls the former
which calls status_set(), returns the status, which is then potentially set
again by the assess_status() function. This cleans up the code so that only a
single status_set() is performed when calling assess_status().
Change-Id: Ic5d0be6e1f7a2283e4dd0594c6465a99497dbbec
Related-Bug:#1588462
Add a new configuration option to enable SR-IOV support across Neutron and
Nova; this involves enabling the required mechanism driver, and informing
the nova-cloud-controller charm that SR-IOV has been enabled, so that Nova
can use the correct scheduler filters for PCI device management.
Change-Id: I8938c22c8f4dc27bb0816fd8e5e6154a1407e93f
The neutron-server process performs the db migration on icehouse so
check the Openstack version before running it
Closes-Bug: 1571782
Change-Id: Ib9a57eea296a3116c69551c057f1cf9093ac93a8
To ensure that the charm presents the right IP address for
accessing the MySQL database over the shared-db relation,
ensure that any network space binding provided by the user
is preferred over the default of 'private-address'.
If network spaces is not supported (juju < 2.0), fallback to
using 'private-address'.
Change-Id: I8e70be47250c650e4b0135b0f2707f7eb1d46d1e