The ``neutron-ovn-db-sync-util`` replaces the ``ovn`` mechanism
driver with the ``ovn-sync`` mechanism driver. Subsequently it
makes calls into the OVN L3 service plugin.
At present the OVN L3 service plugin assumes the ``ovn`` mechanism
driver to be present and produces a Traceback when it is not.
This patch fixes that by testing for both of the supported
mechanism drivers.
Change-Id: I1ac685a12f49119f5ef1428cbc504b639d783803
Closes-Bug: #1882202
Signed-off-by: Frode Nordahl <frode.nordahl@canonical.com>
There are places where we need to use a metadata address
in different forms:
169.254.169.254
- when binding to an address, used with a port
169.254.169.254/32
- when configuring an address on an interface
- when adding a route
169.254.0.0/16
- when checking if a metadata subnet is present
We were not always using them correctly in either the
DHCP or OVN code, try and correct the usage. This will
make it easier to update the code when adding support
for metadata over IPv6.
Change-Id: I1780aa99204cc24e668d9798f4a5111eae83ecdb
There is a bug in OVN functional tests, where it looks for datapath binding
of just created network.
In rare conditions datapath binding entry could not be in place in time,
because it is a ovn-northd responsibility to create it and we don't lock
this process in neutron api.
Change-Id: Ice115623491ad5b50397a0338f0a7780dc05d24c
Closes-Bug: #1884986
In some cases it may be useful to log new vlan tag which is found
on the port when it losts old vlan tag which should is expected to
be there.
So this patch adds such value to the log message.
TrivialFix
Change-Id: I231e624f460510decc6d2237040c8bef207e2e8e
During rescheduling dvr router snat namespace may not be
created due to race between router added and router
updated updated notifications.
Verify that snat namespace exits or create one.
Partial-bug: 1881995
Change-Id: Ic28ce249d59264b0b882bd1cc3c9fb55854a6a47
OVN's API called get_port_groups is poorly named and has misleading docstring.
It returns only the OVN port groups that map to the security group in Neutron.
Therefore, it should be called get_sg_port_groups.
Closes-Bug: #1883716
Related-Bug: #1881316
Change-Id: Iae3f413dd1c4b0813b05d9bfd593c9e709540370
Signed-off-by: Flavio Fernandes <flaviof@redhat.com>
When retrieving a vacant L3 agent binding index, if
"is_manual_scheduling" is set, the method "get_vacant_binding_index"
should always return a valid binding index. If the existing binding
indexes are sequentially aligned, the method will return a new one
on top; if there is a gap in the binding indexes list, the first
free index will be returned.
Closes-Bug: #1884906
Change-Id: I0a89bca0734d3e735fb357e488f85589e81d709f
This patch is adding documentation about the router availability zones
feature in the OVN driver.
Change-Id: I6c8267100e1ee82c8b563528467b50b91f7700f6
Related-Bug: #1881095
Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
This was proposed to be deprecated long time ago already.
We have patch ports in Openvswitch to connect bridges together.
Change-Id: Ie343f83a886bb8c366873fd5e076bb7096e1a6ed
Related-bug: #1587296
In fullstack security group test, after fake VMs are created there
check if connectivity to some custom port is working fine with port
security disabled.
After that there is called "block_until_ping" method for each vms.
This patch changes that to first wait if we can ping vms and later do
netcat tests.
Even if that will not solve problems with failures of this test, we
may know more if the issue is caused by netcat or it's just no
ICMP connectivity between VMs at all.
Change-Id: Ie9e2170c761c9a10f3daa991c3fb77f304bb07e2
Related-Bug: #1742401
This patch is adding support for the router_availability_zone extension
for Neutron.
The OVN driver will now read from the router's availability_zone_hints
field and schedule the router ports onto OVN chassis belonging to those
AZs.
Since the OVN driver does not rely on the L3 agent, this patch does not
re-use the configuration option for the agent to configure the
availability zone that a Chassis belongs to (even because there's no
configuration file in nodes such as networker nodes). Instead, this
patch reuses the "ovn-cms-options" field from the local OVSDB to
configure the Chassis. The follow syntax has been used:
$ ovs-vsctl set Open_VSwitch .
external-ids:ovn-cms-options="enable-chassis-as-gw,availability-zones=az0:az1"
In the example above, the Chassis has been configured to belong to two
AZs: "az0" and "az1".
This patch also implements listing the availability zones:
$ openstack availability zone list
As well as validating the router's availability zone hints:
$ openstack router create --availability-zone-hint az0
--availability-zone-hint az1 test_router
The above command would fail if there's no "az0" and "az1" configured in
any OVN chassis.
Documentation for this feature is being written and will be submitted
in a separated patch.
Partial-Bug: #1881095
Change-Id: I4567f3d541d382b6432c1ab3d35276d81ce71d82
Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
WHen retrieving a vacant DHCP agent binding index, if
"force_scheduling" is set, the method should return a valid binding
index. If the existing binding indexes are sequentially aligned,
the method will return a new one on top; if there is a gap in the
binding indexes list, the first free index will be returned.
Change-Id: Ib4cbeb7c9f0c1e959ad53570320610925ff3d88f
Closes-Bug: #1883513
We have separate project now - OVN Octavia provider - and its gate
is responsible for testing OVN integration with Octavia.
Change-Id: I317b7ad54a2f5c5c99bf0bff9eba4d91a1a86491
When a Port is deleted, the QoS extension will reset any rule (QoS
and Queue registers) applied on this port or will reset the
related Interface policing parameters.
If the Port and the related Interface are deleted during the QoS
extension operation, those commands will fail. This patch makes those
operations more resiliant by not checking the errors when writing on
the Port or the Interface register.
Change-Id: I2cc4cdf5be25fab6adbc64acabb3fffebb693fa6
Closes-Bug: #1884512
Method _ensure_default_security_group wasn't atomic as it first tries to get
default SG and if that not exists in DB, it tries to create it.
It may happend, like e.g. in Calico plugin that between
get_default_sg_id method and create_security_group method, this default
SG will be created by other neutron worker. And in such case there will
be Duplicate entry exception raised.
So this patch is adding handling of such exception.
Change-Id: I515c310f221e7d9ae3be59a26260538d1bc591c2
Closes-Bug: #1883730
While the segments plugin is not loaded in neutron config, it should
be loaded anyways in OVN maintanance task, to operate on the first
default segment of each network.
Change-Id: Ideffacc2f478c95eeec881c82d1d5bae46ecdc74
Closes-Bug: 1883193
