We already log the full object on the agent side
and other server methods log important parts of
the object so there isn't much to gain logging the full
OVO components passed to this function's args.
This adds a specific debug statement that just indicates
the types, IDs, and revision_numbers being pushed out so
they can still be correlated with received objects on the
agent side.
Partial-Bug: #1707307
Change-Id: I4499bb328f0aeb58fe583b83fb42cd2d26c1c4c1
Current gate runs with kernel 4.4.0-89. Creating conntrack entries fails
with this version and leaves conntrack in stuck state leading to
functional tests to hang.
This patch proposes to skip those tests that create conntrack entries so
we can enable back the functional job to voting to avoid new regressions
at this suite.
Change-Id: I9f883cea1d101efe6a7214c3a9b679fc32427365
Related-bug: #1709032
Firewall drivers check if port security is enabled. After ovo is sent
over the wire, the port_security_enabled is part of 'security' field.
The patch translates the RPC call from agent to server so the payload
containing port_security_enabled is at the same place.
We may consider implementing change of OVO field to contain boolean
directly.
Change-Id: I647343e84b41da63d7ffcc5a87f3dfa2036adc56
Closes-bug: #1605654
This patch is the agent side patch that takes care of configuring
the centralized floatingips for the unbound ports in the snat_namespace.
Change-Id: I595ce4d6520adfd57bacbdf20ed03ffefd0b190a
Closes-Bug: #1583694
Plugins may add attributes to subnets, in which case simple equality
check will fail. Instead of comparing bodies, compare just IDs. It
should be enough to achieve the goal of the test case.
Change-Id: Iebc22f99285777df7de499c713b2bc1e38e0bd62
Closes-Bug: #1706986
This patch added a validator to logging api for checking resource bound
(sg or port is exist or not, ...) and validating whether or not supporting
logging type on each port when we create a log object by specific port_id.
Co-Authored-By: Yushiro FURUKAWA <y.furukawa_2@jp.fujitsu.com>
Change-Id: I10f2441fc2c7bdbda51b05002549b235743a7deb
Partially-implements: blueprint security-group-logging
Related-Bug: #1468366
prelude section is prepared for general comments about a release [1].
At now neutron release notes use prelude section randomly.
Some rel notes use it and some do not.
This commit drop or move prelude section in Pike release notes.
In addition, some guideline on writing a release note
to the release notes howto page.
Change-Id: I53fefcc3eed30700d095c77d9e000319668097e8
reno includes release notes touched in a target release
even if they are added from past releases.
The recent release note cleanup I made as part of doc8 adoption
and some other cleanup touched release notes from past releases.
As a result, we see several number of release notes from past
release in the Pike release notes unexpectedly.
Also adds a warning note to the release notes howto page
Change-Id: I127f96896488e9992d9309d76055b4883f6a62f3
Closes-Bug: #1708560
This patch introduces a workaround on the Neutron side
for bug 1705351 that results in the Neutron server blocking
trying to send to topics the agents no longer subscribe to.
The workaround is to just subscribe to those topics and do
nothing with the messages that come in until oslo.messaging
can properly recover from loss of listeners.
Change-Id: I946a33dfd0c0da26bb47b524f75f53bf59d3fbd5
Closes-Bug: #1705351
In upgrade scenario, this is a regular case (no agents created the
exchange, so fanout is ineffective), so logging it using ERROR level is
misleading and against guidelines.
Change-Id: If098071c9c19490af7eb0863dbab83e488019bd7
Related-Bug: #1705351
Increment the revision number when RBAC policies are
changed since it impacts the calculation of the 'shared'
field.
Closes-Bug: #1708079
Change-Id: I4c7eeff8745eff3761d54ef6d3665cf3dc6e6222
This patch I3d0981fbe30f2436f00c200919b50aeb97491252
resolved custom kernel version, but introduced a bug
for the 3.x series. This patch avoids the replacement
in the case of the 3.x series.
Closes-Bug: #1704077
Co-Authored-By: Moshe Levi <moshele@mellanox.com>
Change-Id: Iff1c5a39fe4b0d9320910d0cfafdd36873825d03
This test has been disabled since [1].
But it seems the failure ratio is not so high with
the current code. Let's re-enable it now and see how it goes.
Note: This same test has been enabled on the gate jobs for
other implementation for a while. It doesn't fail much there
either. (networking-midonet)
[1] I37f1488db258f6a4d383fb472cb5433c65371ac5
Related-Bug: #1662109
Change-Id: Ia39c73189ad8a3331c1911989fe69428f064f7a6
Current ovsfw implementation does not take care of the different
MACs in allowed_address_pairs with the VM's MAC.
This patch use the following method to fix this issue:
1. Do not check dl_src in table=72 because table=71 has checked
dl_src for Egress.
2. Add all allowed MACs in table=0 and table=73 for Ingress.
3. Do not check dl_dst in table=82 because this check has done
in table=0 and table=73.
4. Delete allowed MACs in table=0 and table=73 when needed.
Change-Id: Iad59096f0c9855ebfd4a0d5b447e73b443d66c1d
Closes-Bug: #1697593
This is to eliminate the following messages that fill the
OVS agent logs:
ovsdbapp.backend.ovs_idl.vlog [-] [POLLIN]
Change-Id: I00010ef600a4185b7628318bb88971d978b9fe67
Partial-bug: #1707307
A regular gate run shows this was logged ~2500 times.
It doesn't provide any useful information since the
command executed successfully and we can see the
issued command in the debug statement before it.
Partial-Bug: #1707307
Change-Id: I431d6a59ce36deb9a5fb9deef39655d28d71f24d
We need to check if the results from a bulk_pull are stale because
the resource might have been updated and concurrently pushed from
the server while the bulk_pull query was being fulfilled.
Change-Id: I755a1cb2e0037ec2316161a09ad462bc4b09f397
Closes-Bug: #1707699
