436 Commits

Author SHA1 Message Date
Zuul
c4f081d024 Merge "supported_vnic_type configurable for sriov" 2018-11-06 04:14:20 +00:00
Zuul
2a7079ddd1 Merge "notification: Add 'status' to agent after_create/update" 2018-11-05 21:25:10 +00:00
Lajos Katona
d860109bf6 supported_vnic_type configurable for sriov
Now supported_vnic_types is hardcoded to the mechanism drivers, but that
can depend on several factors, like type of the NIC, admin decision,
etc.
With this patch we put the right to decide which vnic types are
supported for ovs agent into the hands of the admin, by allowing
blacklisting items from the mechanism driver specific list.
Background: http://eavesdrop.openstack.org/meetings/neutron_qos/2018/
neutron_qos.2018-07-31-15.00.log.html#l-58

Change-Id: Iad9e2e966df53b4164d2a56a93215c69825b5241
Partial-Bug: #1578989
See-Also: https://review.openstack.org/502306 (nova spec)
See-Also: https://review.openstack.org/508149 (neutron spec)
2018-11-05 11:40:13 +01:00
Zuul
eb8759aa98 Merge "Introduce floating IP pool resource" 2018-10-30 06:54:59 +00:00
Zuul
03310bd9b0 Merge "Add neutron-status upgrade check command framework" 2018-10-30 04:57:24 +00:00
Kailun Qin
1d98f0a7d4 Event driven periodic resync task for DHCP agents
The DHCP agent will resync its state with Neutron to recover from any
transient notification or RPC errors. Currently, the periodic resync
task waits on a timer to determine whether a re-sync is necessary. The
interval between attempts by default is 5 seconds and can be longer
thru config. This may cause a potentially long delay before an agent
gets new work via an agent_updated RPC call.

The idea of this RFE is to change the timer based periodic resync task
into an event driven one. It also proposes a new DHCP agent config
option "resync_throttle" to ensure the minimum interval taken between
resync state events to avoid too frequent resyncing. In this way, we
could force the agent to act on the resync request immediately therefore
decreasing how much time is needed before DHCP services are available.

Co-authored-by: Allain Legacy <Allain.legacy@windriver.com>

Closes-Bug: #1780370
Change-Id: Ie9d758ba5f750a38dc19ea5ce8b2c6b414f9ef80
2018-10-26 01:24:24 +08:00
Bence Romsics
8bd5ecd4fc notification: Add 'status' to agent after_create/update
Make the same status information available to notification consumers
(resource==agent, event==after_create/after_update) as it was already
available where the notification is sent in class AgentDbMixin.

Change-Id: Ie74091da934c7e49fd29ae4c6f930a7eb47e14b2
Partial-Bug: #1578989
See-Also: https://review.openstack.org/502306 (nova spec)
See-Also: https://review.openstack.org/508149 (neutron spec)
2018-10-25 15:34:06 +02:00
Slawek Kaplonski
152364dbc8 Add neutron-status upgrade check command framework
This adds basic framework for neutron-status upgrade check commands.

For now it has only "check_nothing" check implemented.
Real checks can be added to this tool in the future.

Depends-On: https://review.openstack.org/#/c/610061/

Change-Id: Ib08119e1bb8de80856edb6a39769d4bc9d98c587
Story: 2003657
Task: 26144
2018-10-25 12:11:27 +02:00
Zuul
e5726c7bda Merge "sriov-agent: Report resource info in heartbeat" 2018-10-24 16:27:31 +00:00
Zuul
0fdec013de Merge "supported_vnic_type configurable for ovs" 2018-10-24 04:00:36 +00:00
Zuul
5273f85eec Merge "ovs-agent: Report resource info in heartbeat" 2018-10-22 20:03:06 +00:00
Lajos Katona
a85c5ed3fb supported_vnic_type configurable for ovs
Now supported_vnic_types is hardcoded to the mechanism drivers, but that
can depend on several factors, like type of the NIC, admin decision,
etc.
With this patch we put the right to decide which vnic types are
supported for ovs agent into the hands of the admin, by allowing
blacklisting items from the mechanism driver specific list.
Background: http://eavesdrop.openstack.org/meetings/neutron_qos/2018/
neutron_qos.2018-07-31-15.00.log.html#l-58

Change-Id: I63e562e2eccc5b02c1c767d6a2c28cb803131e99
Partial-Bug: #1578989
See-Also: https://review.openstack.org/502306 (nova spec)
See-Also: https://review.openstack.org/508149 (neutron spec)
2018-10-15 20:35:49 +02:00
Brian Haley
cf37563c83 Remove deprecated vsctl ovsdb_interface api
This was deprecated in https://review.openstack.org/#/c/503070/
so remove all the vsctl-related code, leaving just the native
ovsdb api.

Also removed renamed ovs_vsctl_timeout value, which was changed
to ovsdb_timeout in https://review.openstack.org/#/c/518391/

Change-Id: I50dfcea3deb41df1bd01fd06b76522453a6ba50b
2018-10-11 14:59:34 -04:00
Bence Romsics
d7d433f729 sriov-agent: Report resource info in heartbeat
Example config for sriov-agent:

sriov_agent.ini:
[sriov_nic]
physical_device_mappings = physnet0:ens5,physnet0:ens6
resource_provider_bandwidths = ens5:100000:100000,ens6:100000:100000

Agent configurations now includes 'resource_provider_bandwidths' and
'resource_provider_inventory_defaults'.

Change-Id: I1af798d404ed94cd30da3f92734bea911bbc3ac7
Co-Authored-By: Lajos Katona <lajos.katona@ericsson.com>
Depends-On: https://review.openstack.org/577220
Partial-Bug: #1578989
See-Also: https://review.openstack.org/502306 (nova spec)
See-Also: https://review.openstack.org/508149 (neutron spec)
2018-10-11 11:15:06 +02:00
Bence Romsics
f352f9faaa ovs-agent: Report resource info in heartbeat
Example config for ovs-agent:

ml2_conf.ini:
[ovs]
bridge_mappings = physnet0:br-test
resource_provider_bandwidths = br-test:100000:100000

Agent configurations now includes 'resource_provider_bandwidths' and
'resource_provider_inventory_defaults'.

Change-Id: Ib197573e5cdb60ef0db4e7a771c3179bf9d5bb95
Co-Authored-By: Lajos Katona <lajos.katona@ericsson.com>
Depends-On: https://review.openstack.org/577220
Partial-Bug: #1578989
See-Also: https://review.openstack.org/502306 (nova spec)
See-Also: https://review.openstack.org/508149 (neutron spec)
2018-10-11 11:08:07 +02:00
Hongbin Lu
4e3fb31919 Introduce floating IP pool resource
Add support for listing floating ip pools (subnets).
A new API resource ``floatingip-pools`` is introduced.
This API endpoint can return a list floating ip pools
which are essentially mappings between network UUIDs and
subnet CIDRs. Users can use this API to find out the pool
to create the floating IPs.

Related patches:
* neutron-lib: https://review.openstack.org/#/c/556674/
* tempest-plugin: https://review.openstack.org/#/c/562038/

APIImpact add floatingip pools api
Change-Id: Iaa995630645042520df67d95271e14f11ffcff8c
Partial-Bug: #1653932
2018-10-04 15:53:53 +00:00
Shashank Kumar Shankar
cfec395b8f Integration of Port Binding Level OVO
This patch integrates Port Binding Level OVO in /plugin/ml2/db.py
and introduces context instead of session for usage in object
operations.

Change-Id: Ifa779f5f70a7502bd96b34d64a84d272af2a6886
Partially-Implements: blueprint adopt-oslo-versioned-objects-for-db
Co-Authored-By: Anindita Das <anindita.das@intel.com>
Co-Authored-By: Slawek Kaplonski <slawek@kaplonski.pl>
2018-09-17 07:00:45 +00:00
Kim Bao Long
310bfa326f Fix incorrect log resources querying
This patch aims to fix a co-existence problem between security_group
and firewall_group log resources due to incorrect log querying from
database.

Change-Id: Ic60ad436e0fbb23cdae0e63eaeb73130ebf02089
Closes-Bug: #1787119
2018-08-29 08:12:56 +07:00
Zuul
b4b725ade9 Merge "Update metering driver to load interface driver" 2018-08-11 14:41:34 +00:00
Hongbin Lu
38309ca4dc Update metering driver to load interface driver
Currently the metering iptables driver is using the old method
to load the interface driver. This patch allows it to load
interface driver via stevedore aliases.

Change-Id: I9e3027c1ec695ec3a09db0c53a0388e406e4ced6
Related-Bug: #1504536
2018-08-10 15:44:50 +00:00
4d3e4542f4 Update reno for stable/rocky
Change-Id: I8e74912b46e7c8ebc1dec964f4598519d32c826e
2018-08-09 21:54:37 +00:00
Miguel Lavalle
66c8ed9c97 Add release note for port forwardings.
This patch adds a release note for the floating IPs port forwarding
functionality.

Change-Id: I2e0069148cd2551d4534d8a2fd8799f432ffb5e3
Partially-Implements: blueprint port-forwarding
Partial-Bug: #1491317
2018-08-05 19:54:59 -05:00
ZhaoBo
35d945e92f Add ext_parent policy check
Add common parent owner check for the resources which introduced by
service plugin.

Then port forwarding resource will share the same tenant_id with
floatingip. That means only the fip owner can create/update/get/delete
the associated port forwarding resource.

Partially-Implements: blueprint port-forwarding
Partial-Bug: #1491317
Change-Id: I450c674e55ca15e1d9a6a6224138f3305427da68
2018-08-01 02:45:42 +08:00
Zuul
ca13e651c9 Merge "Implement filter validation" 2018-07-24 15:11:07 +00:00
Miguel Lavalle
f7064f2b6c Add binding activation to the Linuxbridge agent
As part of the implementation of multiple port bindings [1], add binding
activation support to the linux bridge agent. This will enable the
execution with linux bridge agents of the complete sequence of steps
outlined in [1] during an instance migration:

1) Create inactive port bindings for destination host
2) Migrate the instance to the destination host and plug its VIFs
3) Activate the port bindings in the destination host
4) Delete the port bindings for the source host

[1] https://review.openstack.org/#/c/309416/

Change-Id: I2c937cc0a551e5ce0e8534c4dd4384ec2ca92da1
Partial-Bug: #1580880
2018-07-19 15:12:20 -05:00
Hongbin Lu
2b1d8ea4a2 Implement filter validation
Enforce validation on filter parameters on list requests.
If an API request contains an unknown or unsupported parameter,
the server will return a 400 response instead of silently ignoring
the invalid input.

In resource attributes map, all filter parameters are annotated by
the ``is_filter`` keyword. Attributes with is_filter set to True
are candidates for validation.

Enabling filter validation requires support from core plugin and
all service plugins so each plugin need to indicate if it supports
the validation by setting ``__filter_validation_support`` to True.
If this field is not set, the default is False and validation is
turned off. Right now, the ML2 plugin and all the in-tree service
plugin support filter validation. Out-of-tree plugins will have
filter validation disabled by default.

An API extension is introduced to allow API users to discover this
new API behavior. This feature can be disabled by cloud operators
if they choose to do that. If it is disabled, the extension won't
be presented.

Depends-On: Ic3ab5b3ffdc378d570678b9c967cb42b0c7a8a9b
Depends-On: I4397df1c35463a8b532afdc9c5d28b37224a37b4
Depends-On: I3f2e6e861adaeef81a1a5819a57b28f5c6281d80
Depends-On: I1189bc9a50308df5c7e18c329f3a1262c90b9e12
Depends-On: I057cd917628c77dd20c0ff7747936c3fec7b4844
Depends-On: I0b24a304cc3466a2c05426cdbb6f9d99f1797edd

Change-Id: I21bf8a752813802822fd9966dda6ab3b6c4abfdc
Partial-Bug: #1749820
2018-07-19 04:13:43 +00:00
Zuul
878ac9b463 Merge "Pass network's dns_domain to dnsmasq conf" 2018-07-02 16:53:43 +00:00
Zuul
f6ebd0c0ba Merge "Add support to regenerate port mac_address" 2018-06-29 23:36:14 +00:00
Harald Jensås
8361b8b5ae Routed Networks - peer-subnet/segment host-routes (2/2)
Ensure that host routes are maintained for each subnet within
a network. Subnets associated with different segments on the
same network get host_routes entries added/removed as subnets
are created, deleted or updated.

This change handle the host_routes for the peer subnets on the
same network when a subnet is created or deleted.

Also adds a shim api extension.

APIImpact: Host routes are now calculated for routed networks.
Closes-Bug: #1766380
Change-Id: Iafbabe6352283e7f1a535a7b147bd81fb32f0ed1
2018-06-28 10:48:06 +02:00
Harald Jensås
8f3a066b20 Add support to regenerate port mac_address
Passing 'null' (None) as the mac address in a port update
request causes the port's mac address to be re-generated
using the base MAC address Neutron uses for VIFs.

This change implementes a temporary lib api definition
with a new converter that will generate valid mac if the
data provided is None.

APIImpact: Port mac_addr regenerated if None passed on update.
Closes-Bug: #1768690
Change-Id: I7d04beea4810718c3b745de8ea97897b1323267e
2018-06-27 00:22:35 +02:00
Assaf Muller
137a6d6105 Pass network's dns_domain to dnsmasq conf
The Neutron API exposes the 'dns_domain' attribute on the
Network model. Presently, deployments using the DHCP
agent ignore this attribute when resolving DNS queries
between instances. This patch changes that so that
the DHCP agent will pass on the dns_domain to the
network's dnsmasq process, in turn passing it to
instances.

UpgradeImpact
Closes-Bug: 1774710
Change-Id: I6120d504959631f084d63458f6e9dada0dc5cbdf
2018-06-26 08:26:33 -04:00
Slawek Kaplonski
1f8378e0ac [OVS] Add mac-table-size to be set on each ovs bridge
By default number of MAC addresses which ovs stores in memory
is quite low - 2048.

Any eviction of a MAC learning table entry triggers revalidation.
Such revalidation is very costly so it cause high CPU usage by
ovs-vswitchd process.

To workaround this problem, higher value of mac-table-size
option can be set for bridge. Then this revalidation will happen
less often and CPU usage will be lower.
This patch adds config option for neutron-openvswitch-agent to allow
users tune this setting in bridges managed by agent.
By default this value is set to 50000 which should be enough for most
systems.

Change-Id: If628f52d75c2b5fec87ad61e0219b3286423468c
Closes-Bug: #1775797
2018-06-08 16:26:35 +02:00
Harald Jensas
b6d117fcd5 Allow setting network-segment on subnet update
To enable the possibility to migrate a non-routed network to a
routed network allow updating the segment_id of a subnet.

Only allow the operation if:
 - The network only has one segment
 - The network only has one subnet
 - The current segment_id == None

APIImpact: The segment_id attribute of subnets now allows put operation.
Closes-Bug: #1692490
Depends-On: Iffda823a149a1143f46ee9a05e9640b34bf42c51
Change-Id: I1aee29dfb59e9769ec0f1cb1f5d2933bc5dc0dc5
2018-05-24 01:09:02 +02:00
Hamdy Khader
59bc19c14a Use Param DHCP_OPT_CLIENT_ID_NUM
Ironic is sending 'client-id' as a number (61) to meet rfc4776 [1],
due to this change Neutron DHCP should support this option as well.

[1] 228a2a7885

Closes-Bug: #1770932
Change-Id: I9728354d5f9e08a0dc23900b2bc22b4a0aedb737
2018-05-17 10:25:28 +03:00
Hongbin Lu
a732bbf19e Support filter attribute with empty string
This will enable users to filter list of results with attributes
with empty value. For example, the request below will list
all unbound ports (unbound ports have blank device_id).

  GET "/ports?device_id="

APIImpact
Change-Id: I9001214de126eb888c2425b6a6275f59ec8478e7
Closes-Bug: #1749304
2018-05-02 20:05:11 +00:00
Zuul
fbdd2f3798 Merge "Add port_details to Floating IP" 2018-04-28 17:07:07 +00:00
Brian Haley
3ad91f61f2 Remove deprecated IVS interface driver
This was marked deprecated in Queens for removal in Rocky,
https://review.openstack.org/#/c/505401/

Change-Id: I77fa59ae1819e87ab8ccc1fa5f0db86de3b90e2e
2018-04-26 20:15:46 +00:00
Hongbin Lu
c760d4f26f Add port_details to Floating IP
If the floating IP is associated with a port, this attribute
will contain detailed information of the associated port. This allows
users to retrieve the floating IPs with information of its associated
port (if any) in one API call.

Other related patches:
* neutron-lib: https://review.openstack.org/#/c/534882/
* osc: https://review.openstack.org/#/c/533809/
* sdk: https://review.openstack.org/#/c/533811/
* tempest-plugin: https://review.openstack.org/#/c/561710/

APIImpact the API reference needs to be updated

Change-Id: I31e940d2986278d2fbee6fdfea4ff15f7c07ebaa
Partial-Bug: #1723026
2018-04-25 17:16:03 +00:00
Zuul
482a9ed880 Merge "Override ovsdb_timeout default value in ovs_cleanup tool" 2018-04-18 00:36:33 +00:00
Sławek Kapłoński
806d96cbbe Override ovsdb_timeout default value in ovs_cleanup tool
In case when there is a lot of ports to clean in bridge, default
ovsdb_timeout which is set for 10 seconds is not enough.
This patch overrides default 10 seconds timeout in neutron-ovs-cleanup
tool to 600 seconds.
600 seconds value was tested experimentally on my dev environment for
at least 10000 ports in bridge.

In case when user will have more ports to delete with this script,
it will be required to increase this ovsdb_timeout value in
configuration.

Change-Id: I79a554acdb1d6d61903be0c42d0215d302884e93
Closes-Bug: #1763604
2018-04-17 19:36:41 +00:00
Hongbin Lu
4d84c10ba4 Add standard attributes to segment resource
Standard attributes (i.e. revision_number, created_at, updated_at)
are missing in the segment resource. This is because the controller
doesn't process extensions on rendering the response. This patch
fixes it. In particular, this patch does the following:
* Process extensions when making the segment dict. This allows
  other extensions to add attributes to segment response.
* Make segment extension implement update_attributes_map.

Tempest test: https://review.openstack.org/#/c/558609/

APIImpact update api reference of segments

Closes-Bug: #1760902
Change-Id: I3c93818002c2d7753454547231ba08544b6fa1c0
2018-04-11 14:40:41 +00:00
Drew Thorstensen
b62d1bfdf7 Router should flip to standby if all L3 nodes down
A HA router should always be active unless all of the agents hosting
that router go down.  In that event, the router should switch to
standby.  This behavior changed with review:
  https://review.openstack.org/#/c/411784

That review seemed to be accounting for a flakey message bus.  This
change should account for that, but also revert to the original behavior
of the router state only changing when its backing agent hosts are down.

Change-Id: I89c3b2546382624f175f8de4de621c3e53adf527
Closes-Bug: 1682145
2018-04-04 23:43:00 +00:00
OpenStack Proposal Bot
f6179a8c7a Imported Translations from Zanata
For more information about this automatic import see:
https://docs.openstack.org/i18n/latest/reviewing-translation-import.html

Change-Id: Ia1ec4446c96b873564c77ed11f25f8b8f1e05288
2018-03-03 06:08:46 +00:00
YAMAMOTO Takashi
6f205a900b reno: Remove remote names from branch specifiers
Following the release script change. [1]
Copied from networking-midonet. [2]

[1] If85133edcc45d6fc9c7fcca6fc45c647ba5f20a1
[2] Idb5a5a31b60e67ec6ea9ec5bbf170d4147adc71d

Change-Id: Icb560f06d6945240e06d64d1cb67f936d0483680
2018-02-22 15:39:47 +09:00
Zuul
5d3abc524d Merge "Process conntrack updates in worker threads" 2018-02-16 23:44:16 +00:00
Zuul
91b07eabcc Merge "Imported Translations from Zanata" 2018-02-15 08:49:26 +00:00
Zuul
132e43bfc7 Merge "Filter port-list based on security_groups." 2018-02-12 14:03:40 +00:00
OpenStack Proposal Bot
ad17b599ab Imported Translations from Zanata
For more information about this automatic import see:
https://docs.openstack.org/i18n/latest/reviewing-translation-import.html

Change-Id: Iae96263f7ce96ccdc27f715c2cdb1a87ef35b98c
2018-02-11 07:29:12 +00:00
6b19f198ca Update reno for stable/queens
Change-Id: If9375e90a449855237d06c7696d1c20969c5a343
2018-02-09 16:36:32 +00:00
Tim Rozet
8806477abf Fixes using SSL OVSDB connection
When creating SSL OVSDB connection it is required to set the private
key, certificate, and the CA certificate in order to communicate with
OVSDB.  This patch configures these when an SSL connection URI is used.
The settings must be provided as part of neutron.conf under [ovs]
section.

Closes-Bug: 1745038

Change-Id: I19fd9dd0c72260835eb91e557a6029ec9d652179
Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-02-09 04:50:10 +00:00