355 Commits

Author SHA1 Message Date
Nguyen Phuong An
bb8954a228 [log]: implement logging agent extension
This patch introduces generic logging agent extension following
the spec [1].

[1] https://specs.openstack.org/openstack/neutron-specs/specs/pike/logging-API-for-security-group-rules.html

Co-Authored-By: Yushiro FURUKAWA <y.furukawa_2@jp.fujitsu.com>

Change-Id: I1a59367cf23060fb1a0cd9bab6772b22da15c9f0
Partially-implements: blueprint security-group-logging
Related-Bug: #1468366
2017-10-11 16:04:14 +07:00
Akihiro Motoki
d3c393ff6b Update the documentation link for doc migration
* Update the URLs affected by the doc-migration
  (/developer/<project>/ to <project>/latest/)
* Follow content rearrangement
* Convert links to local documents into :doc: or :ref:
* Use https instead of http for the updated links on docs.openstack.org.

Part of the doc-migration work.

Change-Id: I62e317d9198f175a43d73bbfd419b6878de90d5a
2017-07-22 18:46:13 +09:00
Jenkins
8c0bc37325 Merge "Add dns_domain attribute to ports in the API" 2017-07-21 00:00:15 +00:00
Miguel Lavalle
190b31e03a Add dns_domain attribute to ports in the API
This change adds a dns_domain attribute to ports in the API.

This patchset belongs to a series that adds dns_domain attribute
functionality to ports.

Change-Id: Ied1f2f0c1e96ae21c309b6e6fed9e3c602b0450b
Partial-Bug: #1650678
2017-07-13 16:51:54 -05:00
Nguyen Phuong An
913c9e78b9 [log]: implement logging plugin
This patch introduces the logging api definition and initial
implementation of LoggingApiPlugin. The api definition code will
be removed after [1] has been merged on neutron lib.

[1]https://review.openstack.org/#/c/415817/

Co-Authored-By: Yushiro FURUKAWA <y.furukawa_2@jp.fujitsu.com>

Partially-implements: blueprint security-group-logging
Related-Bug: #1468366
Change-Id: Iace31506502de25da9dce5fcfdbfe2c726bea27f
2017-07-12 13:30:50 +07:00
Jenkins
916bc96ee2 Merge "Expose neutron api application as a wsgi script" 2017-04-20 05:53:18 +00:00
Miguel Angel Ajo
6037e53f07 Remove deprecated support for QoS notification_drivers
In Ocata, notification_drivers were deprecated in favor of
the new QoSDriver architecture.

This patch removes backwards compatible support for notification
drivers along with its testing.

Change-Id: I5f747635be3fd66b70326d9f94c85a6736286bd2
2017-04-17 06:32:01 -07:00
Victor Morales
429703a9a8 Expose neutron api application as a wsgi script
This can then be loaded into a wsgi compatible web server like
apache2/httpd or nginx.

DocImpact A new neutron-api script is installed, and can be used to
start either a standalone wsgi server (calling the script directly),
or as a wsgi script loaded by a web server (e.g. by httpd/mod_wsgi).

Change-Id: Ie9bb8b33f6e1335219e574d832ac264b043d90e6
Partial-Bug: #1666779
Co-Authored-By: Brandon Logan <brandon.logan@rackspace.com>
Co-Authored-By: Ihar Hrachyshka <ihrachys@redhat.com>
2017-04-17 02:07:27 +00:00
Jenkins
f61955a74a Merge "Port data plane status extension implementation" 2017-04-16 04:15:17 +00:00
Carlos Goncalves
89de63de05 Port data plane status extension implementation
Implements the port data plane status extension. Third parties
can report via Neutron API issues in the underlying data plane
affecting connectivity from/to Neutron ports.

Supported statuses:
  - None: no status being reported; default value
  - ACTIVE: all is up and running
  - DOWN: no traffic can flow from/to the Neutron port

Setting attribute available to admin or any user with specific role
(default role: data_plane_integrator).

ML2 extension driver loaded on request via configuration:

  [ml2]
  extension_drivers = data_plane_status

Related-Bug: #1598081
Related-Bug: #1575146

DocImpact: users can get status of the underlying port data plane;
attribute writable by admin users and users granted the
'data-plane-integrator' role.
APIImpact: port now has data_plane_status attr, set on port update

Implements: blueprint port-data-plane-status

Depends-On: I04eef902b3310f799b1ce7ea44ed7cf77c74da04
Change-Id: Ic9e1e3ed9e3d4b88a4292114f4cb4192ac4b3502
2017-04-11 19:56:13 +00:00
Trevor McCasland
453e8064a5 Exit on failure to load mechanism drivers
By using the on_missing_entrypoints_callback and
on_load_failure_callback options[1] we can call a handler for the
missing driver error properly.

As the bug states, I logged it as a critical failure and terminated
the neutron server.

I used SystemExit, I wasn't sure if there was a more graceful way
of exiting.

[1] http://docs.openstack.org/developer/stevedore/managers.html

Change-Id: Id18afd159d0b0ada0cc36964dd9c1ebe7a1cd94b
Closes-Bug: #1659290
2017-04-11 09:56:08 -05:00
Jenkins
2dc0b20a87 Merge "Let setup.py compile_catalog process all language files" 2017-04-04 22:53:53 +00:00
Jenkins
e3ffe24b2c Merge "Update metering agent to use stevedore alias for driver" 2017-04-02 03:50:09 +00:00
Jean-Philippe Evrard
c9d4698409 Update metering agent to use stevedore alias for driver
Currently the metering agent is using the old import method,
use stevedore instead.

DocImpact

Two places in the networking guide should change to
'driver = iptables' from current format.

Partial-Bug: #1504536
Change-Id: I1e6d196a3ada8fbfc2b70d6a983984d8db09bbd0
2017-03-27 16:28:15 -04:00
Sven Anderson
cf42abc85e Let setup.py compile_catalog process all language files
Two years ago the translation files have been split into several
files, separating the log messages of different log levels from each
other, like X.pot, X-log-warning.pot, X-log-info.pot, and so on.
However, the setup.py command `compile_catalogs`, that comes from the
babel package and compiles the corresponding .po files into .mo
files, only supported one file per python package.  This means that
during packaging `compile_catalogs` never compiled the X-log-*.po
files, so the corresponding translations were always missing.

Since babel 2.3 the domain can be set to a space separated list of
domains.  This change adds the the additional log level files to the
domain list.

Change-Id: I436072d03f401240df6d7b8348616bc7c4731c4a
Closes-Bug: #1536226
2017-03-15 04:27:23 +00:00
Jenkins
26b8848a9e Merge "Switch ns-metadata-proxy to haproxy" 2017-03-14 17:32:13 +00:00
Daniel Alvarez
3b22541a2a Switch ns-metadata-proxy to haproxy
Due to the high memory footprint of current Python ns-metadata-proxy,
it has to be replaced with a lighter process to avoid OOM conditions in
large environments.

This patch spawns haproxy through a process monitor using a pidfile.
This allows tracking the process and respawn it if necessary as it was
done before. Also, it implements an upgrade path which consists of
detecting any running Python instance of ns-metadata-proxy and
replacing them by haproxy. Therefore, upgrades will take place by
simply restarting neutron-l3-agent and neutron-dhcp-agent.

According to /proc/<pid>/smaps, memory footprint goes down from ~50MB
to ~1.5MB.

Also, haproxy is added to bindep in order to ensure that it's installed.

UpgradeImpact

Depends-On: I36a5531cacc21c0d4bb7f20d4bec6da65d04c262
Depends-On: Ia37368a7ff38ea48c683a7bad76f87697e194b04

Closes-Bug: #1524916
Change-Id: I5a75cc582dca48defafb440207d10e2f7b4f218b
2017-03-08 15:20:50 +00:00
Andreas Jaeger
5c5fcaf528 Use Sphinx 1.5 warning-is-error
With pbr 2.0 and Sphinx 1.5, the setting for treat sphinx warnings as
errors is setting warning-is-error in build_sphinx section. Migrate
the setting from the old warnerrors one.

Change-Id: Ic4f2dd097137e4fa12acbdbfa47ea078d1b6d105
2017-03-04 02:30:10 +00:00
Jenkins
42747c03b4 Merge "Remove python 3.4 support" 2017-02-08 05:09:55 +00:00
Kevin Benton
1e1e7a842f Add Loki service plugin for optional DB havoc
This adds a service plugin to introduce random delays
and deadlocks to DB operations to make it easier for
us to see that retry decorators are correctly applied
and race conditions are handled.

Change-Id: I8e283c1b53165faee548d26b3560a2c883dfb977
2017-02-03 05:12:33 -08:00
Jianghua Wang
8047da17db XenAPI: Support daemon mode for rootwrap
For Neutron's compute agent in a XenServer's compute node, the commands
actually need run in Dom0. Currently XenServer only supports rootwrap
for that purpose by invoking a script which invokes XenAPI to execute
commands in dom0. There are much performance overhead due to it requires
parsing on the script and the configuration file every time running
commands.

This change is to support daemon mode with which each agent service will
call XenAPI directly to execute commands in dom0. And it will keep the
single XenAPI session.

DocImpact: Need update the following configuration.

file: /etc/neutron/plugins/ml2/openvswitch_agent.ini
[agent]
root_helper_daemon = xenapi_root_helper
[xenapi]
connection_url = http://169.254.0.1
connection_username = root
connection_password = xenroot

Closes-Bug: #1585510
Change-Id: I684034359fe0571bc92dbcf342a9821553b1da35
2017-01-19 07:33:43 +00:00
Gary Kotton
36f55b33f8 Remove python 3.4 support
The gating on python 3.4 is restricted to <= Mitaka. There is no
need to continue to keep these settings.

From Newton onwards we are gating on python 3.5.

Change-Id: Ib6e6c62212796f493bb99fb3c5e39ab4f2e45cfc
2017-01-08 05:37:48 -08:00
Daniel Alvarez
1d38f30555 Kill processes when cleaning up namespaces
This patch will kill processes that are listening on any port/UNIX
socket within the namespace to be cleaned up. To kill them it will
issue a SIGTERM to them (or to their parents if they were forked) and,
if they don't die after a few seconds, a SIGKILL to them and all their
children.

This is intended for those cases when there's no specific cleanup and
serves as a fallback method.

Change-Id: I4195f633ef4a1788496d1293846f19eef89416aa
Partial-Bug: #1403455
2016-12-20 10:52:41 +00:00
Henry Gessau
562b6380b8 Remove legacy oslo.messaging.notify.drivers
These were deprecated in https://review.openstack.org/247906

Now that Liberty is EOL we can remove these legacy entrypoints.

Closes-Bug: #1639103

Change-Id: I94e61cb219b23ce2f5d0f34dc9ae1c87650568bd
2016-11-23 16:07:57 +00:00
Jenkins
377a5c2362 Merge "Expose OVS bridge related options into metering agent config file" 2016-11-22 08:37:08 +00:00
Edan David
e8fd2505e2 SR-IOV: Remove deprecated supported_pci_vendor_devs option
The SR-IOV option supported_pci_vendor_devs has been deprecated in Newton
and This change removes it from Ocata.

Change-Id: I42dadfd0b62730ca2d34d37cb63f19f6fec75567
2016-10-31 18:33:26 +02:00
Ihar Hrachyshka
a8e1badbd2 Expose OVS bridge related options into metering agent config file
Agent state options (report_interval), or interface related options
(f.e. ovs_integration_bridge) should be exposed into all configuration
files for all agents that may report a state, or instantiate a bridge
object.

Since some of options that were previously considered 'base' don't apply
to metering agent (specifically, availability_zone), moved them into
separate lists and included them into relevant agents (l3 and dhcp).

The only glitch with the change is that log_agent_heartbeats option is
now exposed into metering agent configuration file, even though the
agent does not honour it. I think it's minor and we can live with it.

Change-Id: Ibceca20cec60e75a8c6ddd35f3f9cb8cca272a9e
2016-10-02 12:33:52 +00:00
Bernard Cafarelli
d1389dcc4b Install dibbler.filters rootwrap file
This file was added in https://review.openstack.org/#/c/185977, but was
not listed in setup.cfg
As a consequence, it is not installed in current RDO packages

Closes-Bug: #1626132
Change-Id: I1b87d89367ab534164394f9f18e81223ff4111ce
2016-09-21 16:41:05 +02:00
Kevin Benton
424a633fd9 Include timezone in timestamp fields
The Neutron 'created_at'/'updated_at' fields on API resources
were inconsistent with other OpenStack projects because we did
not include timezone information. This patch addressed that
problem by adding the zulu time indicator onto the end of the
fields.

Because this could break clients expecting no timezone, this patch
also eliminates the 'timestamp_core' and 'timestamp_ext' extensions
and consolidates them into a new 'timestamp' extension. This makes
the change discoverable via the API.

This is assuming the current API development paradigm where
extensions can come and go depending on the deployment and the client
is expected to handle this by checking the loaded extensions.
Once we decide extensions are permanent, this type of change will
no longer be possible.

Even though this is being proposed late in the cycle, it is better
to get this change in before the release where we expose even more
resources with incorrectly formatted timestamps.

APIImpact
Closes-Bug: #1561200
Change-Id: I2ee2ed4c713d88345adc55b022feb95653eec663
2016-09-14 12:04:15 -07:00
Ihar Hrachyshka
ffae42d730 Remove vpn service plugin stevedore aliases
The service plugin is maintained in a separate neutron-vpnaas repo, and
hence its aliases should be maintained there too.

The patch that introduces those aliases in neutron-vpnaas repo is:
Ieb4e9fce9f5cf9b5a60f1207ec38a59adfe400a8

Change-Id: I86b5b554ed9995a0d4538fb968526b370cad036b
2016-08-27 16:22:19 +00:00
Ihar Hrachyshka
6f475b4d78 Remove lbaas v1 service plugin stevedore aliases
The service plugin was removed from neutron-lbaas repo lately:
I506949e75bc62681412358ba689cb07b16311b68

We can now clean those remnants from neutron tree.

Change-Id: I2136a530a8351cc290418d9ae18af08b480707c5
2016-08-27 16:13:29 +00:00
Nate Johnston
15ca6b0dfc Remove FWaaS entries from neutron setup.cfg
Remove FWaaS directives from neutron's setup.cfg.  See [1] for the
change to add them to the FWaaS setup.cfg.

[1] https://review.openstack.org/362324

Change-Id: I94b224813c85b7e611e9681323a2f0d2806e0d41
2016-08-29 19:09:07 +00:00
lilintan
6e4fe008f5 Update the homepage with developer documentation page
Change-Id: Ic47206905eda90d62d7ce77235e6ba27c1f21433
2016-08-18 10:33:26 +08:00
Jenkins
4478987fbd Merge "Add support for Python 3.5" 2016-08-14 13:02:58 +00:00
Kevin Benton
4e8cc68349 Increment revision numbers on object changes
This adds the logic to increment the revision numbers
for objects whenever there are changes and it exposes
the revision number via a field in the API.

This is handled with a new default service plugin that
subscribes to DB events and bumps revision numbers for
any objects that were modified.

It also handles the logic for bumping the revision number
of a parent in a relationship where the children aren't
top-level neutron objects that would be tracked individually.
This is accomplished with a 'revises_on_change' attribute
on the child models that the service plugin will use to
find the parent and bump its revision.

API tests are included to test the revision numbers
added to each standard attribute enabled object.

Partially-Implements: bp/push-notifications
Change-Id: I476d3e03c8ee763cc4be6d679fe9f501eb3a19b5
2016-07-27 12:01:55 -07:00
Henry Gessau
345a4b28c1 Add support for Python 3.5
Depends-On: I1952f3247002fae73c2cfce294da91e5e013d68e

Change-Id: Ic2c880a48b3df4fe973b8a1737eb223048a4c47f
2016-07-14 22:07:59 -04:00
Jenkins
d4df22ae94 Merge "Enable CRUD for trunk ports" 2016-07-06 02:15:24 +00:00
Ryan Tidwell
9cda319687 Enable CRUD for trunk ports
This patch enables basic CRUD operations on trunk ports and defines
related API extensions. Trunk ports and sub-ports can be persisted
in the Neutron model and are made visible through the API, but the
L2 agent is not notified and no trunk ports or subports are actually
instantiated on compute hosts.

This one of the main patches in the series that implement the end
to end functionality.

Partially-implements: blueprint vlan-aware-vms

Co-Authored-By: Armando Migliaccio <armamig@gmail.com>
Change-Id: I26453eb9a1b25e116193417271400994ac57e4c1
2016-07-02 16:09:45 -07:00
Edan David
2c8f61b816 Adding FDB population agent extension
The purpose of this extension is updating the FDB table upon changes of
normal port instances thus enabling communication between direct port
SR-IOV instances and normal port instances.
Additionally enabling communication to direct port
instances with floating ips.
Support for OVS agent and linux bridge.

DocImpact
Change-Id: I61a8aacb1b21b2a6e452389633d7dcccf9964fea
Closes-Bug: #1492228
Closes-Bug: #1527991
2016-06-29 10:21:15 -04:00
Ihar Hrachyshka
7d111e827a Disable warnerrors=True in setup.cfg
This feature is not working for a while, which potentially allowed
errors to sneak into the tree. The next pbr release will fix the
feature, effectively re-enabling it for us. It may break our gate if at
that point we will have warnings in the documentation.

So just disable the flag for now, wait for the next pbr release, and
revert the patch back, fixing any warnings that may be present in the
tree at that time.

Change-Id: I117a458d2b4b043fa0238eebc061586761691841
2016-06-21 15:37:08 +02:00
Jakub Libosvar
60a8f96137 oslo.cache: Remove memory alias for cache
Current code replaces 'memory' backend with 'oslo_cache.dict' backend in
order to keep backward compatibility.

Related-Bug: 1517883
Change-Id: Ibcefa13eaf4b1021322eb5bd4320b8306aa0c510
2016-06-03 12:58:20 +02:00
Carl Baldwin
a34c3543d0 Basic Extension and CRUD for Segments
This patch enables CRUD on Segments by defining a new entity called
'Segment' with an extension definition and some DB code to read the
existing segments DB.  A basic framework for create, update, and
delete are provided.

For now, this is just the basic boiler-plate but I've got to start
somewhere.  It is implemented as a service plugin that is disabled by
default because it has not been fully tested with any plugin.
Follow-on patches will implement support for this new extension in
ML2 and OVN at least.

Change-Id: Ifc370fdd38f9a5b296334635fa85bd93d270b910
Partially-Implements: blueprint routed-networks
2016-05-05 13:58:34 -06:00
Armando Migliaccio
e8d3626d1c Remove BGP code from neutron
Once the spinout is undergoing we should perform the eviction.

Partially-implements: blueprint bgp-spinout

Depends-on: I8be510153edbc496575cde34943ca4c56645e0fb
Change-Id: I20b6ddd37d10eae70e8294d578e53137c0f866fe
2016-04-25 21:54:06 -07:00
Daniel Mellado
c56918027a Use tempest plugin interface
Make use of the Tempest plugin interface instead of copying Neutron
files into Tempest. This will remove the burden to port Neutron
tests onto Tempest master recurrently.

It uses neutron/tests/tempest/ as new top folder for all Tempest
tests. It follows the model of Heat [1].

[1]: https://github.com/openstack/heat/tree/master/heat_integrationtests

Partially implements bp external-plugin-interface

Change-Id: Ia233aa162746845f6ae08a8157dcd242dcd58eab
2016-04-14 15:19:14 +02:00
Doug Hellmann
5b0f348343 register the config generator default hook with the right name
No config generator hooks should ever be registered with a name that
belongs to another project. In this case, using oslo.middleware.cors
means that *every other project* that loads the middleware gets neutron's
defaults when the generator is run on a system with everything installed
(such as a dev box with devstack). Use the name neutron instead, to
ensure that the defaults are only set when neutron's sample config and
documentation are being generated.

Change-Id: I6a8c7d44b9db9325003ff2fdb667b0ced7739e96
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
2016-03-11 15:15:29 -05:00
Jenkins
2768da320d Merge "Moved CORS middleware configuration into oslo-config-generator" 2016-03-10 09:22:23 +00:00
ZhaoBo
4c2c983618 Add timestamp for neutron core resources
Currently, neutron core resources (like net, subnet, port and subnetpool)
do not save time-stamps upon their creation and updation. This
information can be critical for debugging purposes.

This patch introduces a new extension called "timestamp" extending existing
the neutron core resources to allow their creation and modification times
to be record. Now this patch add this resource schema and the functions which
listen db events to add timestamp fields.

APIImpact
DocImpact: Neutron core resources now contain 'timestamp' fields like
           'created_at' and 'updated_at'

Change-Id: I24114b464403435d9c1e1e123d2bc2f37c8fc6ea
Partially-Implements: blueprint add-port-timestamp
2016-03-05 02:17:35 +00:00
Hirofumi Ichihara
ec1457dd75 Add tag mechanism for network resources
Introduce a generic mechanism to allow the user to set tags
on Neutron resources. This patch adds the function for "network"
resource with tags.

APIImpact
DocImpact: allow users to set tags on network resources

Partial-Implements: blueprint add-tags-to-core-resources
Related-Bug: #1489291
Change-Id: I4d9e80d2c46d07fc22de8015eac4bd3dacf4c03a
2016-03-02 05:43:14 +09:00
Michael Krotscheck
aae181817e Moved CORS middleware configuration into oslo-config-generator
The default values needed for neutron's implementation of cors
middleware have been moved from paste.ini into the configuration
hooks provided by oslo.config. Furthermore, these values have been
added to neutron's default configuration parsing. This ensures
that if a value remains unset in neutron.conf, it will be set to use
sane defaults, and that an operator modifying the configuration
file will be presented with a default set of necessary sane headers.

Change-Id: I327d1d7ce50dd4a20d781e6251a5af81c57e6ca1
Closes-Bug: 1551836
2016-03-01 12:21:33 -08:00
Jenkins
49fa08969d Merge "Add API extension for reporting IP availability usage statistics" 2016-03-01 18:51:18 +00:00