The neutron-lib commit I360545b6ee4291547e0c5c8e668ad03d3efa4725 moved
the externally consumed globals from neutron.common.constants into lib.
With the exception of PROVISIONAL_IPV6_PD_PREFIX all other constants
in neutron.common.constants should only be used in neutron, and will
hopefully remain that way. External consumers needing access to other
common constants should move them into lib first.
Add support for QoS ingress bandwidth limiting in
It uses default ovs QoS policies on bandwidth limiting
DocImpact: Ingress bandwidth limit in QoS supported by
In some cases we would want to refrain from cleaning up specific
In Octavia, the health manager service is using a predefined
openvswitch port which will gets nuked by the ovs_cleanup script in the
That port is created by the operating system NIC configuration file
(by using OVS_EXTRA), but due to the order of actions in the boot
process, the ovs_cleanup script gets invoked by systemd only at a later
stage. As a result the port will be deleted each time and the Octavia
health manager service will fail to bind.
This patch takes advantage of the 'external_ids' column that already
exists for ovs ports, in order to filter out ports we would like to
skip. We filter those ports by adding 'skip_cleanup' to the
It is important to note that this will work if we append the following
to the port: -- set Interface o-hm0 external_ids:skip_cleanup=true"
Objects must use project_id and not tenant_id. The object framework
ensures that tenant_id is added as an extra field for backward
This patch reverts the workaround implemented in change
I4ec9340094bc51cd8aa6e5112bf8114aa26c2982 and implements a proper fix
by explicitly updating the objects.
Co-Authored-By: Artur Korzeniewski <email@example.com>
Co-Authored-By: Darek Smigiel <firstname.lastname@example.org>
Linuxbridge agent uses iptable rules in POSTROUTING chain
in the mangle table to mark outgoing packets with the
DSCP mark value configured by the user in QoS policy.
DocImpact: DSCP Marking rule support is extended to the
Linuxbridge L2 agent
Maintaining the context is important for keeping the request ID
and subsequently operator/developer sanity while debugging.
The resource_type is also helpful to have since a function could be
subscribed for multiple resources.
This maintains and deprecates the existing 'subscribe' method for
backwards compatibility with callbacks that don't support receiving
the context and resource type. A new 'register' method is added
for callbacks to use that are compatible with receiving the context.
There are usage patterns which would benefit from having
the capability to send a list of resources in bulk instead
of using individual fanout messages.
From now on, the rpc callback subscriber receives a list of
resources (single or multiple), and the pushers must always
push a list.
Backwards compatibility for QoSPolicy consumers in mitaka
is provided by calling push with "resource" parameter for
single item lists during one release cycle. That will be
dropped when Ocata opens.
Partially-implements: blueprint vlan-aware-vms
In the implementation of DSCP QoS rule, the QosOVSAgentDriver uses the
wrong method to modify br-int flows. It uses br_int.mod_flows() whilst
it should use br_int.mod_flow().
This patch fixes this and also adds verification of the updates of DSCP,
as we have for bandwidth here to trigger that code path and avoid
This patch adds the front end and back end implementation of QoS DSCP.
Associated patches that are dependent on this one:
* python-neutronclient: https://review.openstack.org/#/c/254280
* openstack-manuals: https://review.openstack.org/#/c/273638
* API Guide: https://review.openstack.org/#/c/275253
* Spec: https://review.openstack.org/#/c/272173
* QoSDscpMarkingRule resource: https://review.openstack.org/#/c/277567
* Fullstack tests: https://review.openstack.org/#/c/288392/
APIImpact - The API now supports marking traffic egressing from a VM's
dscp field with a valid dscp value.
Co-Authored-By: Nate Johnston <email@example.com>
Co-Authored-By: Victor Howard <firstname.lastname@example.org>
Co-Authored-By: Margaret Frances <email@example.com>
Co-Authored-By: James Reeves <firstname.lastname@example.org>
Co-Authored-By: John Schwarz <email@example.com>
Network devices, like internal router legs, or dhcp ports
should not be affected by bandwidth limiting rules.
This patch disables application of network attached policies
to network/neutron owned ports.
It seems that the Queue + QoS + linux-htb implementation was really
limiting ingress by default. So this patch switches the implementation
to the ovs ingress_policing_rate and ingress_policing_burst parameters
of the Interface table.
Later in time we may want to revise this, to make TC & queueing possible,
but this is good enough for egress limiting.
Also, removed the _update_bandwidth_limit del+set on OvS QoS driver for
the bandwidth limit rule update, since that's not needed anymore.
Creates a port in a policy, and subsequently modifies the
bandwidth limit rule in the policy, then verifies that the
new limits are assigned to the port.
This functional test spawns the OVS agent, with bandwidth limit rules in
a policy attached to ports. Then it asserts that the low level OVS
bandwidth limits are set for each port.
To make this possible we refactor and extract the base OVS agent test
framework into neutron.tests.functional.agent.l2.base.
Partially-Implements: blueprint ml2-qos