In L2 agent extensions, when the agent extension needed access to a
datastructure within the L2 agent, an agent extension API object was created.
This API object would be the interface permitting agent extensions to have
access to those objects internal to the L2 agent.
This change implements a similar agent extension API object for the L3 agent
extensions. This is necessary to allow L3 agent extensions to have access to
the RouterInfo class, so that they can do lookups on it, for example
determining the namespace for a specific router. Without this API object, the
L3 agent extension would not have access to this structure.
Co-Authored-By: Margaret Frances <margaret_frances@cable.comcast.com>
Partially-Implements: blueprint l3-agent-extensions
Change-Id: I85f89accbeefd820130335674fd56cb54f1449de
Remove number of vf validation from scan_vf_devices method
in the eswitch manager module, to allow the SR-IOV agent
to load when using PF passthrough.
Closes-Bug: #1614086
Change-Id: Iff5bf3a5542d5b19f45637e954a72a14402a30ae
This patch adds SR-IOV agent driver, which uses eswitch manager, to set
VF min_tx_rate parameter. This parameter defines the guaranteed minimum
bandwidth for egress traffic.
DocImpact
Partial-Bug: #1560963
Change-Id: Iefe5e698e99d186202d6ef170f84e93bfbba46dd
This patch introduces the front end implementation for QoS
minimum bandwidth rule.
APIImpact: New type of parameter for QoS rule in neutron API
DocImpact
Change-Id: I6b619a96a2bfde164646c71409b671352bc6ce7d
Partial-Bug: #1560963
There is no technical reason to disable sorting and pagination, except
maybe performance concerns. But there are other ways to DoS-attack
neutron-server services, like... any other type of request. So the
concern is moot.
Keeping those options available for configuration reduces compatibility
between Neutron installations. It's better to do the right thing, and do
it right, implementing the feature for the benefit of API users.
DocImpact Update configuration documentation to reflect deprecation.
Change-Id: Iad26221a58589b10381f1a0d69a88c92fb5adeee
Related-Bug: #1566514
This changes the way that IPAM decides which subnets to use when
assigning IPs to newly created ports. If the port has a defined
device_owner, this is used to filter available subnets to choose
from only those with a matching service_type or no service_type
at all.
If the given network has no service subnets, then the existing
behaviour is used.
A new IPAM exception is introduced to handle the following scenarios:
1. A port is created with a device_owner and only non-matching service
subnets exist.
2. A port is created without a device owner, and no subnets exist
without a service_type.
With this patch, service subnets are now usable.
Implements: blueprint service-subnets
APIImpact: subnet-create and subnet-update with service_types
DocImpact: IPs assigned to new ports will now come from a service subnet
matching the port device_owner, if one exists.
Closes-Bug: 1544768
Change-Id: If3dd94a46bdee24c13d1f17c4f2e69af0cb8af63
This patch does unconditional switch from non-pluggable IPAM to
pluggable IPAM for all deployments during upgrade to Neutron.
Pluggable IPAM is enabled by pointing ipam_driver default to reference
driver. User who manually set ipam_driver in neutron.conf will continue
to use ipam_driver of their choice.
During upgrade data is migrated from non-pluggable IPAM tables to
pluggable IPAM tables using alembic_migration. Availability ranges
(IPAvailabilityRange) is no longer used to calculate next available ip
address, so migration for this table is not included.
Migration is covered with functional tests. Dataset with subnets,
allocation pools and ip allocations is loaded prior to migration.
Once migration is completed ipam related tables are checked
if data is migrated properly.
Built-in IPAM implementation becomes obsolete and is planned to be
removed in upcoming commits.
UpgradeImpact
Closes-Bug: #1516156
Change-Id: I1d633810bd16f1bec7bbca57522e9ad3f7745ea2
Deprecate the supported_pci_vendor_devs option in order to reduce
complexity for configuring SR-IOV. Currently, neutron validates the pci
vendor and product id. However this check is already done by the
nova-scheduler when it selects a suitable hypervisor. More precisely,
the compute node validates this through the pci_passthrough_whitelist
option in nova.conf. Therefore this check in neutron is redundant.
This patch deprecates the supported_pci_vendor_devs in Newton release
and updates the supported_pci_vendor_devs default to None.
In case of None value the SR-IOV mechanism driver won't do
any pci vendor validation. In case this option is set
the SR-IOV mechanism driver will do the validaiton as it was
before.
DocImpact
Closes-bug: #1611302
Change-Id: Id5e2cef44da871965583abbae3e1140fd4f5786c
Using the generalized agent extension mechanism, create an agent extension
manager in the L3 agent, so that the L3 agent can load agent extensions.
Co-Authored-By: Margaret Frances <margaret_frances@cable.comcast.com>
Implements: blueprint l3-agent-extensions
Needed-By: Iff506bd11b83d396305e631f3dd95d44cf38fd63
Change-Id: I6da92cb8b9fcbb603e120eababcf4ce711da3e30
All occurences of ``tenant_id`` across the database are renamed
to ``project_id``. Both options are equally valid, but ``project_id``
is preferred.
To inform external users about the change, HasTenant class was
deprecated.
UpgradeImpact
Partially-Implements: blueprint keystone-v3
Change-Id: I87a8ef342ccea004731ba0192b23a8e79bc382dc
This changes the default for external_network_bridge to '' to
encourage operators to deploy L3 agents in the correct manner.
This patch also adds a functional test to ensure that namespaces
with an existing external gateway interface are not torn down and
rewired on change.
Closes-Bug: #1563070
Change-Id: If533cf7c4c379be78f5a15073accaff7f65973ab
These config options were deprecated in Mitaka.
They can now be removed in Newton.
Closes-Bug: #1594810
Related-Bug: #1501328
Change-Id: I6eea7d4465cf23df1d8dae26336633052dfab871
Now that we have a decent api test coverage for those features, as well
as a way to detect the features via REST API, we should be safe and
thrilled to enable them by default in all installations.
Depends-On: I0aaaa037a8ad52060a68dd75c0a1accc6add238e
Depends-On: I5e68f471a641a34100aba31cb2c4a815c7220014
Depends-On: I648851b48d0481c97054e1280b60a119b42dfd38
Depends-On: Ic04cd125dd715ae0694fbf24d8193abe3151ffd1
Depends-On: Ib3709d15fd87b93285dadf78cce73ee37e8898e2
Depends-On: Ie3a66d2a7c05143df3da1c56c8e8a5308d4bae91
DocImpact Update configuration documentation to cover new defaults.
UpgradeImpact To retain the original default behaviour, set
allow_sorting and allow_pagination to False.
Closes-Bug: #1566514
Change-Id: I3820bec029b3895913b034b718116c95b4942ed0
Those features are available only when allow_sorting and
allow_pagination options are enabled (the current default is False).
They don't depend on plugin support, because when plugins don't
implement them natively, emulated mode is applied by API router itself.
So to make it plugin agnostic, we introduce a way to register custom
per-extension checks to override support detection for cases like that
one.
Now that we have a way to detect support for those features via API,
there is little reason to keep tempest configuration options to enable
those features. Instead, just inspect [network-feature-enabled]
api_extensions option in tempest.conf.
Now that DEFAULT_ALLOW_SORTING/DEFAULT_ALLOW_PAGINATION constants are
used in a single place only (in allow_sorting/allow_pagination
definitions), removed them and replaced with a literal.
Added first in-tree API tests for /extensions entry point.
DocImpact Update API documentation to cover new extensions.
APIImpact Document the new extensions.
Related-Bug: #1566514
Change-Id: I0aaaa037a8ad52060a68dd75c0a1accc6add238e
The following patch adds the support for L2-Adjacency to indicate if
there is L2 adjacency between the ports on a network.
Partially-Implements: blueprint routed-networks
Change-Id: Id2d4331568886bee52e78e1c138f1475cc89342b
This feature is redundant, since it duplicates oslo.config functionality. If
neutron-server needs to load the configuration option from multiple files, it
should be achieved by passing multiple --config-dir/--config-file CLI
arguments, not by relying on implicit loading for files with names matching the
neutron_*.conf pattern.
The plan is to stop implicit loading in Ocata.
More details:
http://lists.openstack.org/pipermail/openstack-dev/2016-May/096033.html
Related-Bug: #1492069
Related-Bug: #1599936
Change-Id: I743e181532d285303c8d5c2a73f4fd674626b478
The right way to configure Neutron to work with infrastructure MTU is by
using plugin agnostic global_physnet_mtu and ml2 specific
path_mtu/physical_network_mtus options. The deprecated option is error
prone and does not allow to use different MTUs per network.
Closes-Bug: #1603493
Related-Bug: #1549470
Related-Bug: #1542108
Related-Bug: #1542475
DocImpact Remove all references to network_device_mtu option from
Neutron documentation. Note that Nova has a deprecated option
with the same name that will need a separate patch to be removed.
Depends-On: I8e6cc99fe70d0c41a705431fb3160e8fccacff10
Depends-On: I337b284076a794027fbd63796119d56bd1923cf2
Change-Id: I7287db9df25a78a59b2dfa28acfde7fe69d17f40
Today, existing networks may not reflect MTU configured for
neutron-server, if they were created when neutron-server was using
different MTU setup for its infrastructure, or when it was using bad
default values for network MTUs (specifically, before Mitaka, all networks
were getting MTU = 0 by default, disabling both advertisement and data
path MTU size enforcement).
This patch stops persisting MTU in the database on network create and
instead calculate it on every network resource fetch.
DocImpact Now changes to MTU configuration options immediately affect
existing network MTUs, not just new networks.
UpgradeImpact Existing networks with invalid MTU persisted in database
may change their MTU values to reflect configuration.
Change-Id: Iee4f5037bf10b73ba98464143b183aacb59c22f2
Closes-Bug: #1556182
Defaulting ovsdb/of_interface to native causes services to
listen on new ports. On systems using selinux, it is important
to make sure that permission is given to listen on these ports.
Change-Id: Ia6d906f1ecc1f64cb1d937a4dcfc9f63eda36f2e
- Changes RULE_TYPE_DSCP_MARK to RULE_TYPE_DSCP_MARKING to conform
with the rules name.
- Added object versioning to qos related objects.
- qos/rule: Throws a QosRuleVersionUnavailable exception when
the QosDscpMarkingRule version is < '1.1'.
- removed test object version incrementation TODO from test_policy.py
- Object versioning can not be used to increment the object version.
Change-Id: I4f10ef3c1cbaa2a868de2b8e3abc4c39eb1f44c7
Partial-Bug: #1468353
As was discussed in [1], we should not only allow setting
min_l3_agents_per_router to one [2], but deprecate this option
completely.
[1] https://bugs.launchpad.net/bugs/1555042
[2] https://review.openstack.org/289925
Related-Bug: 1555042
Closes-Bug: 1599275
Change-Id: I518e12edd4bfb7a036b278d5f108cf0fc3de0353
The IPv6 header is twice the size of the IPv4 header, 40 vs 20
bytes, but the tunnel overhead constants are static, only
accounting for an IPv4 header in all cases. In order to be
correct it needs to treat the tunnel overhead different from
the IP overhead at L3.
This required removing the 20 byte IP overhead from the tunnel
type overhead constants and creating a new option,
ml2.overlay_ip_version, in order for the server to know which
version will be used, since it calculates the MTU for the network.
A version mis-match will now cause a tunnel sync to fail on
the server.
Moved all MTU tests to a common location to remove duplication.
DocImpact
Change-Id: Ia2546c4c71ff48b9fe2817fbad22b1fbf85f325b
Closes-bug: #1584940
specfic => specific
In addition to this it rewords the release note following comments.
TrivialFix
Change-Id: Ic951544e37fb824fc3d850564a5674a965b8ca10
The purpose of this extension is updating the FDB table upon changes of
normal port instances thus enabling communication between direct port
SR-IOV instances and normal port instances.
Additionally enabling communication to direct port
instances with floating ips.
Support for OVS agent and linux bridge.
DocImpact
Change-Id: I61a8aacb1b21b2a6e452389633d7dcccf9964fea
Closes-Bug: #1492228
Closes-Bug: #1527991
- unit tests were fixed mainly by mocking
Connection class of native implementation.
- some ovs-lib tests rely on direct ovs-vsctl
output. Temporarily decorated with @vsctl_only.
UpgradeImpact
Change-Id: I2632b0e21edd61536867a9fc830a45d9899091e4
It was deprecated at [1], and quota of resource will be registered
at initialization of APIRouter. So, no need to use the config now.
[1] https://review.openstack.org/#/c/181593
DocImpact: All references of 'quota_items' configuration option
and its description should be removed from the docs.
UpgradeImpact: Remove 'quota_items' configuration option from
neutron.conf file.
Change-Id: I0698772a49f51d7c65f1f4cf1ea7660cd07113a0
Closes-Bug: #1593772