This patch removes the Neutron capability of creating database tables
from sqlalchemy models for all those model classes for which
a table is not found in the database schema.
Migrations should be the official and only solution for creating and
managing the Neutron db schema.
This patch also adapts unit tests in order to ensure test schemas
are still correctly created.
DocImpact
Update deployment documentation accordingly.
Closes-Bug: #1207402
Change-Id: Ie4ee5507888ecad5f6dc32ce7a029c43014687a2
Co-Authored-By: Henry Gessau <gessau@cisco.com>
The method for setting the floating IP status in the NSX plugin
has a flaw that causes in some cases the status to be reset.
This patch removes this bug and also protects against regression
adding status check in the unit test covering floating ip
creation.
This patch also moves the above mentioned unit test in a more
suitable place in the test same module.
Change-Id: Ib08c421ade20ce23b5c08145203a2df6a8f3efa5
Closes-Bug: #1357514
Method sync_routers is used by the L3 agent to query
routers it knows about. Routers and GW ports lists
are populated in two different times, which means that
they can be interleaved by a delete request which
results in gateway ports being missing in one of the
two data structures.
This patch takes care of the race condition.
Closes-bug: #1355409
Change-Id: Id3a6fe145058f690e107bfe7023980ede61cff90
This trace is observed when an L3 agent invokes
sync_routers right about the same time a port
interface is removed from a router.
Related-bug: #1355409
Change-Id: I825b25080cbf054462318fc01248692b9e0e4ecb
Git commit c3706fa2 introduced the force_gateway_on_subnet
option that verified that the defined gateway is in the CIDR
range of a newly created or updated subnet. However, the default
value was False for backwards compatability reasons. The default
will change to True and the option will be marked as deprecated.
For IPv6, the gateway must be in the CIDR only if the gateway
is not a link local address.
DocImpact
Change-Id: I04fd1caec6da5dceee3f736b3f91f2468150ba2a
Closes-Bug: #1304181
L3AgentDbInteTestCase and L3AgentDbSepTestCase fails when they are run
independently without other test case. something like
tox -e py27 neutron.tests.unit.test_l3_plugin
It's because necessary oslo.config options aren't properly initialized
when instantiating service plugin.
Initialize config before instantiating plugin.
Change-Id: Ic6dd28e3caf8b9e3322bf2df99e67adb138cb234
Closes-Bug: #1350252
Ensure that extension attributes are always used to
override the chosen defaults. This was not working
in the case of default boolean True, as the testing
condition was wrong.
Closes-bug: #1348479
Change-Id: I22bce82c6078a96c0eb4a67e6decb6e9205721a8
This patch introduces the model and extension
framework for implementing distributed virtual
routing on top of Open vSwitch.
A new admin-only 'distributed' (as opposed to a
'centralized' or legacy-mode) attribute is added
to the API router resource. It is possible to convert
an existing (centralized) router to a distributed
one; the opposite conversion, even though allowed by
the API, may not be honored by the underlying
plugin implementation and an appropriate error will
be reported.
When creating a router (regardless of the user role),
Neutron will rely on a system wide configuration, whose
default currently allows to create 'centralized' routers.
Tests are added for basic unit coverage; when the first
building blocks for neutron-testing-refactor
are complete, functional testing will be added.
This is because we should be moving away from how
extension tests have been done up until now.
Partially-implements: blueprint neutron-ovs-dvr
DocImpact
Change-Id: I7227fbe2718eba6665a5afb5dcaaaa77b341091f
Authored-by: Swaminathan Vasudevan <swaminathan.vasudevan@hp.com>
Co-Authored-By: Armando Migliaccio <armamig@gmail.com>
Previously, ports, networks and subnets had a do_delete=True
parameter. By default, these resources were deleted at the
end of the context manager scope. All other resources used
a different semantic: no_delete=False.
This caused confusing situations such as:
with self.subnet(network, do_delete=False) as subnet:
with self.security_group(no_delete=True) as sg:
pass
Now all resources use the same do_delete semantic.
Closes-Bug: #1336196
Change-Id: I4627481813f714819efe85831e2a55975ea71ed4
The add and remove router interface methods check that interface_info
is not empty but don't check if it contains any of expected parameters:
port_id and subnet_id
This patch adds a helper method to validate that interface_info contains
at least one of the expected parameters
Include a unit test for the empty port_id and subnet_id case
Closes-Bug: #1325982
Change-Id: Ia370565235a33a847704b972c875d8f1573306c0
db_base_plugin_v2 imports too much modules that are not necessary
usually, so extract CommonDBMixin in different file.
Plus using db_base_plugin_v2 for some types of modules can lead to
cycles in imports, this refactoring should resolve the issue.
Closes-Bug: #1340145
Change-Id: Idb027d7c5cee2d5bc7598f805c56c55fd4aca048
Now that all preparations are done, actually port the code to use
oslo.messaging. This patch does as little as possible. Follow up patches
that refactor and cleanup the code and configuration files, will be
merged later. The reason for this is to make the patch as slim as
possible, to make review process more smooth and concentrated.
Details:
* neutron/common/rpc.py:
- added init() and cleanup() to set global RPC layer state.
- added utility functions: get_server(), get_client(), get_notifier()
that wrap up oslo.messaging API a bit, enforcing eventlet executor
and setting serializer, among other things.
- removed PluginRpcDispatcher, instead introduced PluginRpcSerializer
to use as a default serializer for API callbacks.
* neutron/common/rpc_compat.py:
- emulated incubator RPC layer behaviour thru previously introduced
stub classes (RpcCallback, RpcProxy, ...) using new oslo.messaging
API.
- switched to using new oslo.messaging exception types.
* neutron/service.py:
- expect multiple RPC listeners that are of MessageHandlingServer
type, not GreenThread.
* neutron/common/config.py:
- initialize RPC layer in init()
* setup.cfg:
- added entry points for old notifier drivers to retain backward
compatibility.
* neutron/tests/...:
- introduced fake_notifier to replace impl_fake.
- faked out consume_in_thread() to avoid starting RPC listeners when
running unit tests.
- used 'fake' transport driver.
- made sure neutron.test.* exceptions are caught.
- initialize and clean up RPC layer for each test case.
* Ported all affected code from using neutron.openstack.common.notifier
API to oslo.messaging.Notifier.
* rpc.set_defaults() was renamed to rpc.set_transport_defaults()
* other changes not worth mentioning here.
blueprint oslo-messaging
DocImpact
Change-Id: I5a91c34df6e300f2dc46217b1b16352fcc3039fc
By changing the boolean flag, API extensions made to
the router model can be handled correctly: this means
that on router creation, the response body will
contain all the extension attributes being part of
the resource. Prior to this fix, it was only on GETs
or PUTs, leaving the user at loss as to whether
the flag was actually being processed.
Closes-bug: #1325608
Supports-blueprint: neutron-ovs-dvr
Change-Id: I6f913c8417676a789177e00f30eb5875e7aaa3ae
This is done in preparation for the distributed
router functionality. Breaking down and factoring
out some functionality helps the DVR work to come
as a more loosely coupled addition to the L3
centralized case. This also ensures that the two
code bases are kept separately to minimize chance
of regression, and simplify code coverage effort.
Partially-implements: blueprint neutron-ovs-dvr
Change-Id: Ide1bc193666ce03a3ae26b1869bde8093ed453ef
Removes usage of a MagicMock in a case where it's not needed.
Replaces a manual function replacement with a mock.patch call
so it's correctly cleaned up by mock.patch.stopall.
Partial-Bug: #1316401
Change-Id: I8f2f7e9eca2aeaa3b65be1b451e96ed2146950f4
H302 violation is reported by flake8 when importing separated objects from
modules instead of importing the whole module.
e.g. from package.module import function
function()
is changed to
from package import module
module.function()
Change-Id: Ic6975f39c755ded54149a9c01fcdcfaf78c596fc
Partial-Bug: #1291032
Ceilometer with MongoDB doesn't accept the key with dot.
The dot in 'router.interface' should be replaced with '_',
which is also the standard implementation of other keys in neutron.
Change-Id: If7fcf7658db9ee2d7d1248bb0b016b4389c32c77
Closes-Bug: #1310460
It is possible to associate multiple floating ip addresses with a single
port through the use of multiple *fixed* ip addresses, e.g.:
nova boot ... --nic net-id=my-net-id myserver
nova add-fixed-ip myserver my-net-id
nova add-floating-ip --fixed-address x.x.x.1 myserver y.y.y.y.1
nova add-floating-ip --fixed-address x.x.x.2 myserver y.y.y.y.2
In this situation, neutron.db.l3_db.disassociate_floatingips would throw
an exception:
Exception: Multiple floating IPs found for port <port-id>
This would prevent someone from deleting an instance that was associated
with multiple floating ips.
This patch corrects disassociate_floatingips so that it will
disassociate all floating ips associated with the port, allowing the
delete operation to proceed correctly.
Change-Id: I68a2131fa8ee80828354c9db4ac405c3f77c3b90
Closes-bug: 1302701
This patch fix the issue by changing the call to
find the plugin which handles the l3 which is now
the l3_router service plugin instead of the old mixin.
Also change the unit tests to use the l3 service plugin
instead of the l3 mixin and refactor the rpc callbacks
part.
Co-Authored-By: Ala Rezmerita <ala.rezmerita@cloudwatt.com>
Closes-bug: #1257354
Change-Id: Ide26f825005fa63cd3fcc75fa91fffb947e0be7a
An L3 agent may be associated with just one external network.
If router's new external gateway is on other network then the router
needs to be rescheduled to the proper l3 agent
Change-Id: Ia0ed924403137ac4578ca562b57988292c41c1fe
Closes-Bug: #1234750
Also remove redundant check for network in use in bigswitch plugin
Closes-Bug: #1238439
Closes-Bug: #1259144
Change-Id: I7586f43c2e99be9df491c68bf1e8658994ffd263
In unit tests, resource contextmanagers such as network(), subnet()
try to delete themselves after returning from yield even if an
exception occurs. However when an exception occurs, there is a case
where deletion fails. In this case original exception will be hidden
and it makes difficult to debug test failures.
Before each test starts, resources like database entries will be
recreated, so there is no need to try to delete resources even
when an exception occurs. This commit removes try-finally clause
from resource contextmanagers to make original errors visible.
Closes-Bug: #1295887
Change-Id: Ia844d2aa2c9fc036e643068c5284f64798963ee3
Previously, a tenant could plug an interface into another tenant's
router if he knew their router_id by creating a port with the correct
device_id and device_owner. This patch prevents this from occuring
by preventing non-admin users from creating ports with device_owner
network:router_interface with a device_id that matches another tenants router.
In addition, it prevents one from updating a ports device_owner and device_id
so that the device_id won't match another tenants router with device_owner
being network:router_interface.
NOTE: with this change it does open up the possiblity for a tenant to discover
router_id's of another tenant's by guessing them and updating a port till
a conflict occurs. That said, randomly guessing the router id would be hard
and in theory should not matter if exposed. We also need to allow a tenant
to update the device_id on network:router_interface ports as this would be
used for by anyone using a vm as a service router. This issue will be fixed in
another patch upstream as a db migration is required but since this needs
to be backported to all stable branches this is not possible.
NOTE: The only plugins affect by this are the ones that use the l3-agent.
NOTE: **One should perform and audit of the ports that are already
attached to routers after applying this patch and remove ports
that a tenant may have cross plugged.**
Change-Id: I8bc6241f537d937e5729072dcc76871bf407cdb3
Closes-bug: #1243327
Some tests doesn't cleanup notification driver. So some tests can
run against unintended notification driver depending on execution order
Change-Id: I7dbed47153be66684827b2693bbc995dddfb4c1b
Related-Bug: #1281481
Partial-Bug: #1284549
This patch replaces all occurences of the strings
prefixed by network:* by their constant equivalent.
Closes-bug: #1270863
Change-Id: I149cc0ab7bde08ea83057e6c0697f668edbe29db
The following patch renames the rest of q_exc to n_exc which were
left when quantum was renamed to neutron.
used: find . -name "*.py" -print | xargs sed -i 's/q_exc/n_exc/g'
Change-Id: I04041030694b28c400b6c9c552433f2eaa4a37ba
Closes-bug: #1287462
Old names are kept for backward compatibility.
Last references to the old NVP plugins are going
to be dropped in Juno.
Completes blueprint nicira-plugin-renaming
Change-Id: Ia1aa4f658891e7ce9469748432c338353195edfd
Add a new 'status' attribute to the floating IP resource.
Extend the plugin RPC interface for allowing status updates from agents,
and implement support for operational status in the L3 agent.
The default behaviour for all the plugins different from
neutron.services.l3_router.l3_router_plugin is to set the status of
a floating IP to ACTIVE upon creation.
Implements blueprint fip-op-status
Change-Id: Ib0176fbcde95b0db5dfdabd4fc297d1d29c0d604
In the process __init__.py involved have been emptied;
vim modelines and author lines have been dropped from
the license headers affected by the change as well.
Partial-implements blueprint nicira-plugin-renaming
Change-Id: I9c535b59bb2e83f275816472e0e32b41444d3bbe
Consolidate the duplicate code for extension api tests.
This will be also used by servicevm extensions later.
At the same time, a bug in test_extension_firewall.py is also fixed.
double call of super().setUp().
Closes-bug: #1275654
Change-Id: I72f185ef6e5af55729ced51fc0b72fae799d46ac
test_router_add_interface_subnet_with_port_from_other_tenant in
neutron.tests.unit.test_l3_plugin.L3NatTestCaseBase was mocking
neutron.context.Context thus performing multiple API requests
with the same context instance. As a context instance also has
a DB session attribute, this might cause unexpected side effects,
especially for plugins which process request asynchronously.
The plugin neutron.plugins.nicira.NeutronServicePlugin was being
affected.
This patch ensures each request has a different context object
without changing the unit test semantics.
It also refactors slightly test_edge_router.py in the nicira
unit test package to avoid executing twice the same unit tests.
Change-Id: I4895faa00ebd915eb9e259930db2d004a9e78a86
Closes-Bug: #1280035
The NSX plugin does not allow to reassociate a floating IP to
a different internal IP address on the same port where it's
currently associated.
This patch fixes this behaviour and adds a unit test to ensure
re-association on the same port with a different IP is possible.
A few tweaks to the unit test aux functions were necessary to
accomodate the newly introduced unit test.
Change-Id: Iafbc3c54ebc4509ca75155ef138cc6da869df7bd
Closes-Bug: #1278581
There are two ways to specify a core plugin and an extension manager
in the unit tests: test_config and arguments of the constructor.
Both are used and it sometimes makes it a bit difficult to debug.
This patch removes the way via test_config and makes constructor
arguments the only way to do it.
Also removes the default entries in test_config because they are
not used anywhere.
Change-Id: I491003f4246e62001e9b74743c8fbfa922088383
Closes-Bug: #1245335
Using assertEqual/assertNotEqual to test if an element
is or is not None is too python2.4.
Our unit testing framework supports assertIsNone and assertIsNotNone
which were created for these types of tests.
Partial-bug: #1230028
Change-Id: Ie0bddae642f7973ee8b0e00164415f8d87de387e
Closes-Bug: #1189671
Quota driver is now loaded in lazy mode, i.e. the driver is loaded
the first time the driver is accessed. This is to make unit tests
work. Some unit tests like extension test cases need to use Config
Quota driver (previous default) but QuotaEngine is initialized
when quota.py is imported. Thus the unit tests had no chance to
specify quota_driver.
Change-Id: I9e20961d5a6322361e3c0284b3c2a7ca86755c70
The patch adds advanced FWaaS service support for NVP with
VCNS:
* NVP FWaaS is an advanced Service of NVP depending on NVP
advanced service router
- Once an advanced router id created, one corresponding
vshield edge will be deployed, and then we can configure
FW service on the vshield edge
* NVP FWaaS service plugin still uses FWaaS DB service logic,
while finally calling vShield Edge to support FWaaS service
- When firewall object is created, we will attach the
object to the advanced router with routedserviceinsertion_db
service
* on driver part, the driver will first convert the object
to VSM known object input, and then send a synchronous JSON
calling to VSM, and receive the result
Implements: blueprint nvp-fwaas-plugin
Change-Id: Id43af8821f5c553356e3cc870993eef99ef7def3
Bug 1223902
This patch fixes the _update_fix_assoc routine in the Nicira plugin,
ensuring the association of a floating IP with a router is removed
when the floating IP is disassociated.
This patch also adds a unit test for validating behaviour when a floating
IP is associated to a port on a different router, which was an
uncovered use case. This new unit test required some refactoring in
test_l3_plugin.py.
Change-Id: Ibfd53a637f4d14a368b0aeff289c15f993df58dd
Jenkins