The neutron-lib commit I360545b6ee4291547e0c5c8e668ad03d3efa4725 moved
the externally consumed globals from neutron.common.constants into lib.
With the exception of PROVISIONAL_IPV6_PD_PREFIX all other constants
in neutron.common.constants should only be used in neutron, and will
hopefully remain that way. External consumers needing access to other
common constants should move them into lib first.
NeutronLibImpact
Change-Id: Ie4bcffccf626a6e1de84af01f3487feb825f8b65
This argument was marked deprecated in commit
I53fe014e80b507acf77a3c109179685e2e50200c,
Also there is no usage of argument watch_log in
other projects. It's safe to remove it now.
Change-Id: I49a6d9cf38957e661422f6175e86a5c3377d3b2d
This is an additional test for deleting csnat port when
migrating DVR router to HA router.
Change-Id: I4a2365fe3a64b65034280558ffe6312d8dabd600
Partial-Bug: #1714251
If we set environment for Neutron tests in tox.ini, we may get
type error like:
TypeError: %d format: a number is required, not str
os.environ.get method will get string, not integer. This patch
fix it.
Change-Id: Ie71302b8e33586082ae8334e6317e30d382e893a
ovs-firewall now scans ports on its bridge and stores those that have
prefix 'qvo', which means such ports use hybrid plugging. Because
ovs-agent makes a full-sync when it's started, all ports that reside on
the node are passed to firewall driver to refresh firewall, a new helper
was added.
In case the initial scan noticed hybrid plugged, an iptables firewall
driver is instantiated and each port is passed down to helper that
removes iptables rules for given port.
Once all ports are processed, a mark is added to ovsdb to avoid cleaning
iptables in the future. That means next time ovs-agent is started
iptables firewall will not be instantiated.
NOTE: Fullstack tests are a great candidate to cover the migration but
I'll leave it as TODO after we stabilize fullstack tests.
Closes-bug: #1721895
Change-Id: I662c310133a089bf29b734c539e57a8cff923074
As explained in the bug, tempest DVR and HA migration scenario
tests are failing intermittently, as we are not checking if the
new router interfaces are ready after migration and might try
to use the old dataplane if the pre-migration router resources
(like interfaces, namespaces, etc) still exist and are not yet
destroyed.
We need to check that the pre-migration router interfaces are
deleted and the new interfaces are created and active (as we
can't check namespace existence on other nodes, we rely on port
status set by L2 agent after wiring the port) before
attempting ssh connectivity.
Closes-Bug: 1714802
Change-Id: I2a933d4cdd6de4e5ff31c8e3f97477819ba27afa
This patch clarifies the routed network configuration doc with respect
to when a fixed IP is assigned to a port on a routed network. For
more details see related bug.
Change-Id: Id8e97afdfc488069ac3a910e017c34b085b4eb36
Closes-Bug: #1718320
This patch clarifies the agent file to update when configuring QoS as
the actual file name will depend which agent is being used.
Change-Id: Ie53e30c329e4b0bcaadc0b437ed783c7e0c00dbb
Closes-Bug: #1628533
Part of the work we did while rehoming the callback modules introduced
the notion of payload objects [1] to replace the unstructured kwargs
used today. When using payloads event sources need to use publish()
rather than notify() to trigger the callback(s) and pass along a payload
object (if needed).
This patch begins to move us onto the payload objects by updating
BEFORE_INIT and AFTER_INIT event types to use the payloads.
NB: This change needs to be in sync with consumers using the events
herein. Once publish() is used with payloads, callback functions must
also define the payload kwarg to follow suit. Therefore such consumers
need to depend on this patch.
NeutronLibImpact
[1] https://docs.openstack.org/neutron-lib/latest/contributor/callbacks.html#event-payloads
Change-Id: I9194c7857f10392149159071cda8e080e93adc10
The old (tempest.test.requires_ext) location is deprecated in Pike.
Somehow missed in a previous change.
Change-Id: I8e18732443b1f01649a0a98a4765dafc5dc9bb7a
This patch introduces two new options for dnsmasq in neutron-dhcp-agent:
* dhcp_renewal_time (T1): This option specifies the time interval from
address assignment until the client transitions to the RENEWING
state.
* dhcp_rebinding_time (T2): This option specifies the time interval
from address assignment until the client transitions to the REBINDING
state.
By allowing to set these timers we can configure both the renewal
and rebinding times (options 58 and 59 as per RFC2132) and, for example
allow to change some parameters (like MTU) on instances without having
to wait or the lease time. The advantage of changing T1 over the lease
time is that if the DHCP server becomes unreachable within the lease
time, instances won't drop their IP addresses and won't cause a
dataplane disruption.
Change-Id: I29d417d459e92f36c1077962b92fa4c43dfaa97d
Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
When HA is enabled with DVR routers the centralized floating
IPs are not configured properly in the DVR snat namespace
for the master router namespace.
The reason is we were not calling the add_centralized_floatingip
and the remove_centralized_floatingip in the DvrEdgeHaRouter
class.
This patch overrides the add_centralized_floatingip and
remove_centralized_floatingip in dvr_edge_ha_router.py file
to add the cidr to the vips.
Closes-Bug: #1716829
Change-Id: Icc8c5d4e22313448e2066a29dbe509e4345b364c
neutron-lib contains the synchronized lockutils decorator as well as
the SYNCHRONIZED_PREFIX global. This patch consumes them from
neutron-lib and removes them from neutron.
NeutronLibImpact
Change-Id: I729da348e340509f2d09f8a6436716e2398f1583
when a router is migrated from/to HA, router interface device_owner
in DB is updated in the AFTER_UPDATE event handler. Because of this
we see StaleDataError Trace as described in the bug report.
Instead, we follow DVR approach and update it in PRECOMMIT_UPDATE
handler, which only does DB changes. Here we update device_owner only
between legacy and HA router modes as migration involving DVR is
already handled in DVR code.
Also update distributed flag after all DB operations. Otherwise existing
code may affect router unbinding during retry as distributed flag
already updated before retry.
Testing is covered with scenario tempest test i.e
DVR HA migrations tests from gate job
"legacy-tempest-dsvm-neutron-dvr-multinode-scenario".
Closes-Bug: 1715163
Change-Id: I6e5783c44c77ec07371921e900ed45efd031ebdb
As port object is ready to use. this patch replaces
the direct use of port model with port object in
tests/unit/notifiers/test_nova.py
This patch removes also test "test_port_without_id_no_notify"
as Port object can't be created without ID field configured
or generated automatically by DB.
Co-Authored-By: Slawek Kaplonski <slawek@kaplonski.pl>
Partially-Implements: blueprint adopt-oslo-versioned-objects-for-db
Change-Id: If8d291e36a6c94441335afa98d146e3fc9975209
As ingres traffic to instance ports when using DVR uses same matching
openflow rule as openvswitch firewall driver, it happens that setting
admin_state_up of router deletes firewall rules.
This patch makes the deletion more strict because DVR and ovs-firewall
flows differ in priority. Thus using priority when removing DVR flows
won't affect ovs-firewall flows.
Closes-bug: #1721084
Change-Id: I4eb61b2824579a4f8ba219cd1b1dcf57d38ebc89
This was removed in I227ca60422545e40d3bbb8baf2b41a8ce14f4294 and
it is no longer being exercised.
TrivialFix
Change-Id: Idf9611675be871fac31d4cf9b4335c7ace911bb1
The LinuxBridgeManager class has already created a
local version of IPWrapper() at self.ip, just use it.
Trivialfix
Change-Id: I9524144c4762ab3f26c42c5dee967df5436e1a62