This patch updates the requirements.txt and lower-constraints.txt to
use neutron-lib 1.18.0 that will be our Rocky GM candidate (assuming no
problems crop up).
Change-Id: I4ed5de9238800c59a8c505e8d94ee508fe193882
This patchset adds missing policy actions to the policy.json
file for several reasons:
1) It signals to operators all the policy actions that are
enforced in the system. With the governance spec [0]
urging projects toward policy in code documentation,
it makes sense to document all policy actions in the
policy.json as Neutron doesn't have policy in code.
2) It is consistent with Neutron's policy enforcement
documentation [1]:
"For each attribute which has been explicitly specified in the
request create a rule matching policy names in the form
<operation>_<resource>:<attribute> rule"
So it makes sense to capture each policy that is enforced,
including all those with these special attributes.
3) Why include "update_router:external_gateway_info" but not
"create_router:external_gateway_info"? This is inconsistent.
4) It makes it difficult to validate Neutron's policy via Patrole
if the policies aren't contained in the policy.json -- how else
is it possible to determine which policies to expect if they
aren't documented anywhere?
[0] https://governance.openstack.org/tc/goals/queens/policy-in-code.html
[1] https://docs.openstack.org/neutron/pike/contributor/internals/policy.html#authorization-workflow
Change-Id: I40f84134f0b56cfd574dfd69e5ebbf6a3fc2b3df
neutron CLI is deprecated and will be removed in the future. Use
openstack CLI instead.
Change-Id: I00fa6ee2e2ac19627a172ff49a55fe664e4f5c43
Closes-Bug: 1749801
There is no place in the documentation that explicitly lists the valid
DSCP marks, except for an incomplete hint in the DSCP spec in
neutron-specs. This provides an explicit list.
Change-Id: Ic350c88e59c33d98b54086707c9add05cf137dc2
Closes-Bug: #1781915
The externally consumed APIs from neutron.db.api were rehomed into
neutron-lib with https://review.openstack.org/#/c/557040/
This patch consumes the retry_db_errors function from lib by:
- Removing retry_db_errors from neutron.db.api
- Updating the imports for retry_db_errors to use it from lib
- Using the DB API retry fixture from lib in the UTs where applicable
- Removing the UTs for neutron.db.api as they are now covered in lib
NeutronLibImpact
Change-Id: I1feb842d3e0e92c945efb01ece29856335a398fe
This commit adds a binding_deactivate method to the Linux bridge agent
to receive messages from the ML2 plugin when a binding is de-activated
for a port. After receiving that message, the agent un-plugs the
corresponding tap interface from the port's network bridge.
To support this, a binding_deactivate method is also added to the agents
notifier. Finally, the activate method in the ML2 plugin is updated to
use the binding_deactivate method in the agents notifier.
Change-Id: I3f4e34766791c472a2c81842190094f697baa05c
Partial-Bug: #1580880
With the adoption of multiple port bindings, get_port_binding_host is
updated to select only the active binding
Change-Id: I57ee16aa970527de2c2d787ebf0df71241f01e74
Partial-Bug: #1580880
As a consequence of implementing multiple bindings for ports, [1] made
the following attributes lists:
- 'port_binding' in the in the SQLAlchemy Port model
- 'binding' in the Port OVO
This patch pluralizes their names to 'port_bindings' and 'bindings'
respectively
[1] Ie31d4e27e3f55edfe334c4029ca9ed685e684c39
Change-Id: I4ebe47cf9d51a700310aad8dcccc82fea3f00a16
Functionality is added to the ML2 plugin to handle multiple port
bindings
Co-Authored-By: Anindita Das <anindita.das@intel.com>
Co-Authored-By: Miguel Lavalle <miguel.lavalle@huawei.com>
Partial-Bug: #1580880
Change-Id: Ie31d4e27e3f55edfe334c4029ca9ed685e684c39
The remainder of the neutron.plugins.common.utils were rehomed into
neutron-lib with [1][2]. This patch consumes them by using the functions
from neutron-lib, and removing the neutron.plugins.common.utils module
all together as it's fully rehomed now.
NeutronLibImpact
[1] https://review.openstack.org/#/c/560950/
[2] https://review.openstack.org/#/c/554546/
Change-Id: Ic0f7b37861f078ce8c5ee92d97e977b8d2b468ad
The current "agent remove-add" method to reschedule a router is not
friendly for DVR. In DVR cases, the old agent may still need to keep the
router in a non-master role to service any VM ports that exit on that
host while the new agent handles the master role of the router.
This patch proposes to send "update" instead of "remove" notification
for DVR rescheduling, which aligns with the retain_router check in
remove_router_from_l3_agent as well.
Closes-Bug: #1781179
Change-Id: I23431f9f46f72e6bce91f3d1fb0ed328d55930fb
The transition of a router from distributed to centralized may
mistakenley get its 'ha' attribute updated at the same time. The
side-effect is that the router may become HA enabled unexpectedly.
This patch fixed the mismatched attribute in _update_router_provider
method which addressed the issue cited above.
Closes-Bug: #1780094
Change-Id: Ib00de137692979229d1b7ba033ecff04e9cc9db0
It was recently decided to uncap eventlet:
http://lists.openstack.org/pipermail/openstack-dev/2018-April/129096.html
So eventlet is now capped at 0.20 not by global requirements,
it is capped in upper-constraints, because currently not every
openstack project is able to work with a newer eventlet version,
mostly because of the caps in projects requirements.txt.
According to global-requirements, last allowed version of
eventlet is 0.22.1:
https://git.openstack.org/cgit/openstack/requirements/tree/global-requirements.txt
In an effort to support both eventlet<0.22 and eventlet>=0.22,
change the code to try and determine the correct number of
arguments to use in the call to initialize the parent class.
Change-Id: Ibe3dc8af6cf9f8bb4f8eababb7f4276e4db3f1f9
Closes-bug: #1777640