openstack-dev was decomissioned this night in https://review.openstack.org/621258
Update openstack-dev to openstack-discuss
Change-Id: I739ec6a4984df396b11b29f2d55f0d24fecab6eb
This massively reduces the amount of time needed to install
dependencies and saves a lot of disk space to boot.
Modeled on Nova change, https://review.openstack.org/#/c/534382/
Change-Id: Icae3b6b2b0d014aec17b04b3b516b13b2fa47c5d
For agent such as linux bridge which allows creating trunk on
bound port, this patch provides a fix to allow deleting trunk
without unbound port first. And it will help to keep the port
(trunk's parent port) working while deleting the trunk.
Co-Authored-By: Allain Legacy <Allain.legacy@windriver.com>
Closes-Bug: #1794424
Story: 2003889
Change-Id: Iae2ae535bf3ba1548136bf3fe4306a42bad4e635
Added extra information (bridge name) when a bridge creation event
is received.
Trivial fix: changed BridgeCreateEvent __init__ argument to "agent",
as requested in [1].
[1] https://review.openstack.org/#/c/612153/
Partial-Bug: #1789592
Change-Id: I0bca7e71fb379febfe2131566bb8c1bf8f039183
This patch bumps the neutron-lib version to 1.21.0 in both the
requirements and lower-constraints.
Change-Id: I4489d98e7fa1ad1504132bd0a049903737b34547
The standards state that if a job is voting in the check queue, it
should also be voting in the gate queue. The tempest-slow job is voting
in check, so therefore this change adds it to the gate queue.
Change-Id: I4221e587f5afc40304e7efc2dd53e937085d691b
The ovs agent will install some basic drop flows first for the
physical bridge mappings during the init procedure. If message
queue is not connected, or neutron-servers are all down, real
traffic flows will not be refreshed anymore. This will cause
the data plane down if tenant network and provider network are
sharing the physical NICs.
This patch adds a RPC check during init L2 agent. When restart
the ovs-agent, if the MQ is OK and we have available neutron-server,
go next step. Otherwise, a rpc timeout will be raised. L2 agent
will start fail, physical bridge mapping drop flows will not be
installed. The original flows will not be replaced, so the traffic
can still work properly.
Closes-Bug: #1803919
Change-Id: Ie15cf625b3710eaf290d6aafecb3f65df664b9df
This patch implements an OVS bridge monitor based in the OVSDB
native implementation (OVSDB IDL, Open vSwitch Database Interface
Definition Language). This new implementation supersedes the CLI
OVSDB monitor.
Partial-Bug: #1789592
Change-Id: I9c512d4cbd4cebf94c339231f83bbe89b37650ba
When ovs-vswitchd process is restarted on host neutron-ovs-agent
can properly handle that and recover openflows and bridges config.
But when ovs firewall driver is used, it wasn't reinitialized
so there were missing some OF rules in br-int and connectivity
to/from instances was broken.
This patch adds reinitialization of firewall in such case so
all OF rules are properly reconfigured and connectivity is
restored.
Change-Id: I8d525bbe48216fef4da890582b8e198933a27833
Closes-Bug: 1805808
When fullstack tests are executed manually using a debugger
(e.g.: PyCharm integrated debugger), the "cmd" folder is imported
instead of "cmd" [1] module.
To solve this problem, this folder and the references to this path
must be changed.
[1] https://docs.python.org/3/library/cmd.html
Change-Id: I8e6b6995c10875a882a46ca3a0d779aafda124a3
Closes-Bug: #1805844
This patch implements the L3 agent side router gateway IP rate
limit. For routers in centralized snat node (network node),
the tc rules will be set on the corresponding device in router
namespace:
1. Legacy and HA router, qrouter-namespace and qg-device
2. Dvr (edge) router, snat namespace and qg-device
If gateway IP rate limit was set, then under the same router,
all the VMs without floating IP will share the bandwidth.
Partially-Implements blueprint: router-gateway-ip-qos
Closes-Bug: #1757044
Change-Id: Ie92ff0d4df0e85ce71c7d50f34ea6ff973812af8
This patch enables to bind a QoS policy to the router gateway,
then in L3 agent side SNAT traffic for the VMs without floating
IPs can be limited under the policy bandwidth rules. This is
suit for all kinds of L3 routers: DVR, DVR with SNAT HA, L3 HA
and Legacy.
API update router gateway json:
{
router": {
"external_gateway_info": {
...
"qos_policy_id": "policy-uuid"
}
}
}
Depends-On: https://review.openstack.org/#/c/567497/
Partially-Implements blueprint: router-gateway-ip-qos
Closes-Bug: #1757044
Related-Bug: #1596611
Change-Id: I26e22bce7edd1f93b2ac0048b61b14f858938537
Neutron makes call to nova for sending notifications but here no
context object user/admin available, so generated a request_id
and passed it as global_request_id during novaclient initialization
so that nova will log both global_request_id and it's own generated
request_id in the context formatter for traceability. As Notifier
class is used as singleton mode, need to create novaclient every time
events are sent from neutron to nova.
Modified unit tests wherever applicable.
Oslo spec I65de8261746b25d45e105394f4eeb95b9cb3bd42
Change-Id: I94257bd6ec9ec6b9a1f509c27c439e6305e43e63
Implement a new function called create_port_obj_bulk that optimizes
bulk port creation operations by streamlining ensuring network existence
and operates on an array of port data.
Change-Id: Ie819c215944514d0bb43c2ce87394825bda41e94
Partially-Implements: blueprint speed-up-neutron-bulk-creation
When ovs-vswitchd process is restarted neutron-ovs-agent will
handle it and reconfigure all ports and openflows in bridges.
Unfortunatelly when tunnel networks are used together with
L2pop mechanism driver, this driver will not notice that agent
lost all openflow config and will not send all fdb entries which
should be added on host.
In such case L2pop mechanism driver should behave in same way like
when neutron-ovs-agent is restarted and send all fdb_entries to
agent.
This patch adds "simulate" of agent start flag when ovs_restart is
handled thus neutron-server will send all fdb_entries to agent and
tunnels openflow rules can be reconfigured properly.
Change-Id: I5f1471e20bbad90c4cdcbc6c06d3a4412db55b2a
Closes-bug: #1804842
Currently any dhcp agent instance will work as an open resolver. For
deployments using publicly routed addresses for tenant networks, this
allows the agent being abused in dDoS attacks, see [1].
By setting the `--local-service` option dnsmasq will filter DNS queries
and reply only to queries from directly attached networks.
[1] https://bugs.launchpad.net/neutron/+bug/1501206
Closes-Bug: 1501206
Change-Id: I76d810aad2ce0f15a88bd798963012fa0efca74e
ZhongShengping